interesting
/
getdns
mirror of https://github.com/getdnsapi/getdns.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Merge branch 'develop' into devel/codebase-maintenance

This commit is contained in:
Willem Toorop 2016-03-22 13:22:13 +01:00
parent 091d41dfe0 17ba786cea
commit e934c100a2
6 changed files with 260 additions and 124 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
README.md
View File

@ -239,18 +239,31 @@ As of the 0.2.0 release, when installing via Homebrew, the trust anchor is expec
This section has some Windows specific build instructions. This section has some Windows specific build instructions.
Build tested using [Mingw(3.21.0) and Msys 1.0](http://www.mingw.org/) on Windows 8.1 Build tested using the following:
32 bit only Mingw: [Mingw(3.21.0) and Msys 1.0](http://www.mingw.org/) on Windows 8.1
32 bit build on a 64 bit Mingw [Download latest from: http://mingw-w64.org/doku.php/download/mingw-builds and http://msys2.github.io/]. IMPORTANT: Install tested ONLY on the "x86_64" for 64-bit installer of msys2.
Dependencies: Dependencies:
The following dependencies are built from source on Mingw The following dependencies are
openssl1.0.2a openssl-1.0.2e
libidn libidn
The windows version of getdns currently only is supported in the stub only mode. Instructions to build openssl-1.0.2e:
Open the mingw32_shell.bat from msys2 in order to build:
If necessary, install the following using pacman:
pacman -S pkg-config libtool automake
pacman -S autoconf automake-wrapper
tar -xvf openssl-1.0.2e.tar
cd openssl-1.0.2e/
./Configure --prefix=${LOCALDESTDIR} --openssldir=${LOCALDESTDIR}/etc/ssl --libdir=lib shared zlib-dynamic mingw
make
make install
To configure: To configure:
./configure --enable-stub-only --with-trust-anchor="c:\\\MinGW\\\msys\\\1.0\\\etc\\\unbound\\\getdns-root.key" --with-ssl=/c/OpenSSL --with-getdns_query ./configure --enable-stub-only --with-trust-anchor="c:\\\MinGW\\\msys\\\1.0\\\etc\\\unbound\\\getdns-root.key" --with-ssl=<location of openssl from above> --with-getdns_query
The trust anchor is also installed by unbound on c:\program Files (X86)\unbound\root.key and can be referenced from there The trust anchor is also installed by unbound on c:\program Files (X86)\unbound\root.key and can be referenced from there
or anywhere else that the user chooses to configure it. or anywhere else that the user chooses to configure it.

81
src/context.c
View File

@ -152,6 +152,9 @@ add_WIN_cacerts_to_openssl_store(SSL_CTX* tls_ctx)
HCERTSTORE hSystemStore; HCERTSTORE hSystemStore;
PCCERT_CONTEXT pTargetCert = NULL; PCCERT_CONTEXT pTargetCert = NULL;
DEBUG_STUB("%s %-35s: %s\n", STUB_DEBUG_SETUP_TLS, __FUNCTION__,
"Adding Windows certificates to CA store");
/* load just once per context lifetime for this version of getdns /* load just once per context lifetime for this version of getdns
TODO: dynamically update CA trust changes as they are available */ TODO: dynamically update CA trust changes as they are available */
if (!tls_ctx) if (!tls_ctx)
@ -178,7 +181,7 @@ add_WIN_cacerts_to_openssl_store(SSL_CTX* tls_ctx)
/* failure if the CA store is empty or the call fails */ /* failure if the CA store is empty or the call fails */
if ((pTargetCert = CertEnumCertificatesInStore( if ((pTargetCert = CertEnumCertificatesInStore(
hSystemStore, pTargetCert)) == 0) { hSystemStore, pTargetCert)) == 0) {
DEBUG_STUB("*** %s(%s %d:%s)\n", __FUNCTION__, DEBUG_STUB("%s %-35s: %s\n", STUB_DEBUG_SETUP_TLS, __FUNCTION__,
"CA certificate store for Windows is empty."); "CA certificate store for Windows is empty.");
return 0; return 0;
} }
@ -190,16 +193,16 @@ add_WIN_cacerts_to_openssl_store(SSL_CTX* tls_ctx)
pTargetCert->cbCertEncoded); pTargetCert->cbCertEncoded);
if (!cert1) { if (!cert1) {
/* return error if a cert fails */ /* return error if a cert fails */
DEBUG_STUB("*** %s(%s %d:%s)\n", __FUNCTION__, DEBUG_STUB("%s %-35s: %s %d:%s\n", STUB_DEBUG_SETUP_TLS, __FUNCTION__,
"unable to parse certificate in memory", "Unable to parse certificate in memory",
ERR_get_error(), ERR_error_string(ERR_get_error(), NULL)); ERR_get_error(), ERR_error_string(ERR_get_error(), NULL));
return 0; return 0;
} }
else { else {
/* return error if a cert add to store fails */ /* return error if a cert add to store fails */
if (X509_STORE_add_cert(store, cert1) == 0) { if (X509_STORE_add_cert(store, cert1) == 0) {
DEBUG_STUB("*** %s(%s %d:%s)\n", __FUNCTION__, DEBUG_STUB("%s %-35s: %s %d:%s\n", STUB_DEBUG_SETUP_TLS, __FUNCTION__,
"error adding certificate", ERR_get_error(), "Error adding certificate", ERR_get_error(),
ERR_error_string(ERR_get_error(), NULL)); ERR_error_string(ERR_get_error(), NULL));
return 0; return 0;
} }
@ -823,6 +826,59 @@ upstream_init(getdns_upstream *upstream,
} }
#ifdef USE_WINSOCK #ifdef USE_WINSOCK
/*
Read the Windows search suffix and add to context
*/
static int get_dns_suffix_windows(getdns_list *suffix)
{
char *parse, *token, prev_ch;
char lszValue[255];
HKEY hKey;
LONG returnStatus;
DWORD dwType=REG_SZ;
DWORD dwSize=255;
returnStatus = RegOpenKeyEx(HKEY_LOCAL_MACHINE,
"SYSTEM\\CurrentControlSet\\Services\\TcpIp\\Parameters",
0, KEY_READ, &hKey);
if (returnStatus != ERROR_SUCCESS)
{
/* try windows 9x/me */
returnStatus = RegOpenKeyEx(HKEY_LOCAL_MACHINE,
"SYSTEM\\CurrentControlSet\\Services\\VxD\\MSTCP",
0, KEY_READ, &hKey);
}
if (returnStatus == ERROR_SUCCESS)
{
returnStatus = RegQueryValueEx(hKey,
TEXT("SearchList"), 0, &dwType,(LPBYTE)&lszValue, &dwSize);
if (returnStatus == ERROR_SUCCESS)
{
parse = lszValue;
do {
parse += strspn(parse, ",");
token = parse + strcspn(parse, ",");
prev_ch = *token;
*token = 0;
_getdns_list_append_string(suffix, parse);
*token = prev_ch;
parse = token;
} while (*parse);
} else {
return 0; /* no DNS suffixes keys */
}
RegCloseKey(hKey);
} else {
return 0; /* no DNS keys or suffixes */
}
return 1;
}
static getdns_return_t static getdns_return_t
set_os_defaults_windows(struct getdns_context *context) set_os_defaults_windows(struct getdns_context *context)
{ {
@ -830,7 +886,9 @@ set_os_defaults_windows(struct getdns_context *context)
size_t upstreams_limit = 10; size_t upstreams_limit = 10;
struct addrinfo hints; struct addrinfo hints;
struct addrinfo *result; struct addrinfo *result;
getdns_list *suffix;
getdns_upstream *upstream; getdns_upstream *upstream;
size_t length;
int s; int s;
if (context->fchg_resolvconf == NULL) { if (context->fchg_resolvconf == NULL) {
@ -893,9 +951,22 @@ set_os_defaults_windows(struct getdns_context *context)
} }
free(info); free(info);
} }
suffix = getdns_list_create_with_context(context);
if (get_dns_suffix_windows(suffix)) {
(void) getdns_list_get_length(suffix, &length);
if (length > 0)
(void )getdns_context_set_suffix(context, suffix);
}
getdns_list_destroy(suffix);
return GETDNS_RETURN_GOOD; return GETDNS_RETURN_GOOD;
} /* set_os_defaults_windows */ } /* set_os_defaults_windows */
#else #else
static getdns_return_t static getdns_return_t
set_os_defaults(struct getdns_context *context) set_os_defaults(struct getdns_context *context)
{ {

9
src/debug.h
View File

@ -37,6 +37,15 @@
#include "config.h" #include "config.h"
#define STUB_DEBUG_ENTRY "-> ENTRY: "
#define STUB_DEBUG_SETUP "--- SETUP: "
#define STUB_DEBUG_SETUP_TLS "--- SETUP(TLS): "
#define STUB_DEBUG_TSIG "--- TSIG: "
#define STUB_DEBUG_SCHEDULE "----- SCHEDULE: "
#define STUB_DEBUG_READ "------- READ: "
#define STUB_DEBUG_WRITE "------- WRITE: "
#define STUB_DEBUG_CLEANUP "--- CLEANUP: "
#define DEBUG_ON(...) do { \ #define DEBUG_ON(...) do { \
struct timeval tv; \ struct timeval tv; \
struct tm tm; \ struct tm tm; \

21
src/pubkey-pinning.c
View File

@ -396,9 +396,10 @@ _getdns_verify_pinset_match(const sha256_pin_t *pinset,
if (x->cert_info == NULL) if (x->cert_info == NULL)
continue; continue;
#if defined(STUB_DEBUG) && STUB_DEBUG #if defined(STUB_DEBUG) && STUB_DEBUG
DEBUG_STUB("--- %s: name of cert %d:\n", __FUNCTION__, i); DEBUG_STUB("%s %-35s: Name of cert: %d ",
STUB_DEBUG_SETUP_TLS, __FUNCTION__, i);
if (x->cert_info->subject != NULL) if (x->cert_info->subject != NULL)
X509_NAME_print_ex_fp(stderr, x->cert_info->subject, 4, XN_FLAG_ONELINE); X509_NAME_print_ex_fp(stderr, x->cert_info->subject, 1, XN_FLAG_ONELINE);
fprintf(stderr, "\n"); fprintf(stderr, "\n");
#endif #endif
if (x->cert_info->key == NULL) if (x->cert_info->key == NULL)
@ -407,14 +408,14 @@ _getdns_verify_pinset_match(const sha256_pin_t *pinset,
/* digest the cert with sha256 */ /* digest the cert with sha256 */
len = i2d_X509_PUBKEY(X509_get_X509_PUBKEY(x), NULL); len = i2d_X509_PUBKEY(X509_get_X509_PUBKEY(x), NULL);
if (len > sizeof(raw)) { if (len > sizeof(raw)) {
DEBUG_STUB("--- %s: pubkey %d is larger than "PRIsz" octets\n", DEBUG_STUB("%s %-35s: Pubkey %d is larger than "PRIsz" octets\n",
__FUNCTION__, i, sizeof(raw)); STUB_DEBUG_SETUP_TLS, __FUNCTION__, i, sizeof(raw));
continue; continue;
} }
i2d_X509_PUBKEY(X509_get_X509_PUBKEY(x), &next); i2d_X509_PUBKEY(X509_get_X509_PUBKEY(x), &next);
if (next - raw != len) { if (next - raw != len) {
DEBUG_STUB("--- %s: pubkey %d claimed it needed %d octets, really needed "PRIsz"\n", DEBUG_STUB("%s %-35s: Pubkey %d claimed it needed %d octets, really needed "PRIsz"\n",
__FUNCTION__, i, len, next - raw); STUB_DEBUG_SETUP_TLS, __FUNCTION__, i, len, next - raw);
continue; continue;
} }
SHA256(raw, len, buf); SHA256(raw, len, buf);
@ -422,12 +423,12 @@ _getdns_verify_pinset_match(const sha256_pin_t *pinset,
/* compare it */ /* compare it */
for (p = pinset; p; p = p->next) for (p = pinset; p; p = p->next)
if (0 == memcmp(buf, p->pin, sizeof(p->pin))) { if (0 == memcmp(buf, p->pin, sizeof(p->pin))) {
DEBUG_STUB("--- %s: pubkey %d matched pin %p ("PRIsz")!\n", DEBUG_STUB("%s %-35s: Pubkey %d matched pin %p ("PRIsz")\n",
__FUNCTION__, i, p, sizeof(p->pin)); STUB_DEBUG_SETUP_TLS, __FUNCTION__, i, p, sizeof(p->pin));
return GETDNS_RETURN_GOOD; return GETDNS_RETURN_GOOD;
} else } else
DEBUG_STUB("--- %s: pubkey %d did not match pin %p!\n", DEBUG_STUB("%s %-35s: Pubkey %d did not match pin %p\n",
__FUNCTION__, i, p); STUB_DEBUG_SETUP_TLS, __FUNCTION__, i, p);
} }
return ret; return ret;

15
src/request-internal.c
View File

@ -461,7 +461,7 @@ _getdns_network_validate_tsig(getdns_network_req *req)
const EVP_MD *digester; const EVP_MD *digester;
HMAC_CTX ctx; HMAC_CTX ctx;
DEBUG_STUB("Validate TSIG\n"); DEBUG_STUB("%s %-35s: Validate TSIG\n", STUB_DEBUG_TSIG, __FUNCTION__);
for ( rr = _getdns_rr_iter_init(&rr_spc, req->query, for ( rr = _getdns_rr_iter_init(&rr_spc, req->query,
(req->response - req->query)) (req->response - req->query))
; rr ; rr
@ -477,7 +477,9 @@ _getdns_network_validate_tsig(getdns_network_req *req)
request_mac_len = gldns_read_uint16(rdf->pos); request_mac_len = gldns_read_uint16(rdf->pos);
if (request_mac_len != rdf->nxt - rdf->pos - 2) if (request_mac_len != rdf->nxt - rdf->pos - 2)
return; return;
DEBUG_STUB("Request MAC found length: %d\n", (int)(request_mac_len)); DEBUG_STUB("%s %-35s: Request MAC found length %d\n",
STUB_DEBUG_TSIG, __FUNCTION__, (int)(request_mac_len));
request_mac = rdf->pos + 2; request_mac = rdf->pos + 2;
/* Now we expect a TSIG on the response! */ /* Now we expect a TSIG on the response! */
@ -532,7 +534,8 @@ _getdns_network_validate_tsig(getdns_network_req *req)
response_mac_len = gldns_read_uint16(rdf->pos); response_mac_len = gldns_read_uint16(rdf->pos);
if (response_mac_len != rdf->nxt - rdf->pos - 2) if (response_mac_len != rdf->nxt - rdf->pos - 2)
return; return;
DEBUG_STUB("Response MAC found length: %d\n", (int)(response_mac_len)); DEBUG_STUB("%s %-35s: Response MAC found length: %d\n",
STUB_DEBUG_TSIG, __FUNCTION__, (int)(response_mac_len));
response_mac = rdf->pos + 2; response_mac = rdf->pos + 2;
if (!(rdf = _getdns_rdf_iter_next(rdf)) || if (!(rdf = _getdns_rdf_iter_next(rdf)) ||
@ -556,7 +559,8 @@ _getdns_network_validate_tsig(getdns_network_req *req)
gldns_buffer_write(&gbuf, rdf->pos, other_len); gldns_buffer_write(&gbuf, rdf->pos, other_len);
/* TSIG found */ /* TSIG found */
DEBUG_STUB("TSIG found, original ID: %d\n", (int)original_id); DEBUG_STUB("%s %-35s: TSIG found, original ID: %d\n",
STUB_DEBUG_TSIG, __FUNCTION__, (int)original_id);
gldns_write_uint16(req->response + 10, gldns_write_uint16(req->response + 10,
gldns_read_uint16(req->response + 10) - 1); gldns_read_uint16(req->response + 10) - 1);
@ -592,7 +596,8 @@ _getdns_network_validate_tsig(getdns_network_req *req)
(void) HMAC_Update(&ctx, tsig_vars, gldns_buffer_position(&gbuf)); (void) HMAC_Update(&ctx, tsig_vars, gldns_buffer_position(&gbuf));
HMAC_Final(&ctx, result_mac, &result_mac_len); HMAC_Final(&ctx, result_mac, &result_mac_len);
DEBUG_STUB("Result MAC length: %d\n", (int)(result_mac_len)); DEBUG_STUB("%s %-35s: Result MAC length: %d\n",
STUB_DEBUG_TSIG, __FUNCTION__, (int)(result_mac_len));
if (result_mac_len == response_mac_len && if (result_mac_len == response_mac_len &&
memcmp(result_mac, response_mac, result_mac_len) == 0) memcmp(result_mac, response_mac, result_mac_len) == 0)
req->tsig_status = GETDNS_DNSSEC_SECURE; req->tsig_status = GETDNS_DNSSEC_SECURE;

161
src/stub.c
View File

@ -246,7 +246,8 @@ match_edns_opt_rr(uint16_t code, uint8_t *response, size_t response_len,
size_t data_len = rr_iter->nxt - rr_iter->pos; size_t data_len = rr_iter->nxt - rr_iter->pos;
(void) gldns_wire2str_rr_scan( (void) gldns_wire2str_rr_scan(
&data, &data_len, &str, &str_len, (uint8_t *)rr_iter->pkt, rr_iter->pkt_end - rr_iter->pkt); &data, &data_len, &str, &str_len, (uint8_t *)rr_iter->pkt, rr_iter->pkt_end - rr_iter->pkt);
DEBUG_STUB("OPT RR: %s", str_spc); DEBUG_STUB("%s %-35s: OPT RR: %s\n",
STUB_DEBUG_CLEANUP, __FUNCTION__, str_spc);
#endif #endif
/* OPT found, now search for the specified option */ /* OPT found, now search for the specified option */
@ -335,8 +336,9 @@ process_keepalive(
upstream->keepalive_timeout = netreq->owner->context->idle_timeout; upstream->keepalive_timeout = netreq->owner->context->idle_timeout;
else { else {
upstream->keepalive_timeout = server_keepalive; upstream->keepalive_timeout = server_keepalive;
DEBUG_STUB("*** %s: SERVER KEEPALIVE USED : %d ms\n", DEBUG_STUB("%s %-35s: FD: %d Server Keepalive used: %d ms\n",
__FUNCTION__, (int)server_keepalive); STUB_DEBUG_CLEANUP, __FUNCTION__, upstream->fd,
(int)server_keepalive);
} }
return 0; return 0;
} }
@ -365,6 +367,8 @@ static int
tcp_connect(getdns_upstream *upstream, getdns_transport_list_t transport) tcp_connect(getdns_upstream *upstream, getdns_transport_list_t transport)
{ {
int fd = -1; int fd = -1;
DEBUG_STUB("%s %-35s: Creating TCP connection: %p\n", STUB_DEBUG_SETUP,
__FUNCTION__, upstream);
if ((fd = socket(upstream->addr.ss_family, SOCK_STREAM, IPPROTO_TCP)) == -1) if ((fd = socket(upstream->addr.ss_family, SOCK_STREAM, IPPROTO_TCP)) == -1)
return -1; return -1;
@ -451,7 +455,8 @@ stub_next_upstream(getdns_network_req *netreq)
static void static void
stub_cleanup(getdns_network_req *netreq) stub_cleanup(getdns_network_req *netreq)
{ {
DEBUG_STUB("*** %s(%p)\n", __FUNCTION__, netreq); DEBUG_STUB("%s %-35s: MSG: %p\n",
STUB_DEBUG_CLEANUP, __FUNCTION__, netreq);
getdns_dns_req *dnsreq = netreq->owner; getdns_dns_req *dnsreq = netreq->owner;
getdns_network_req *r, *prev_r; getdns_network_req *r, *prev_r;
getdns_upstream *upstream; getdns_upstream *upstream;
@ -492,7 +497,8 @@ stub_cleanup(getdns_network_req *netreq)
static int static int
tls_cleanup(getdns_upstream *upstream) tls_cleanup(getdns_upstream *upstream)
{ {
DEBUG_STUB("*** %s\n", __FUNCTION__); DEBUG_STUB("%s %-35s: FD: %d\n",
STUB_DEBUG_CLEANUP, __FUNCTION__, upstream->fd);
if (upstream->tls_obj != NULL) if (upstream->tls_obj != NULL)
SSL_free(upstream->tls_obj); SSL_free(upstream->tls_obj);
upstream->tls_obj = NULL; upstream->tls_obj = NULL;
@ -557,9 +563,9 @@ stub_erred(getdns_network_req *netreq)
static void static void
stub_timeout_cb(void *userarg) stub_timeout_cb(void *userarg)
{ {
DEBUG_STUB("*** %s(%p)\n", __FUNCTION__, userarg);
getdns_network_req *netreq = (getdns_network_req *)userarg; getdns_network_req *netreq = (getdns_network_req *)userarg;
DEBUG_STUB("%s %-35s: MSG: %p\n",
STUB_DEBUG_CLEANUP, __FUNCTION__, netreq);
stub_next_upstream(netreq); stub_next_upstream(netreq);
stub_cleanup(netreq); stub_cleanup(netreq);
if (netreq->fd >= 0) close(netreq->fd); if (netreq->fd >= 0) close(netreq->fd);
@ -576,9 +582,8 @@ static void
upstream_idle_timeout_cb(void *userarg) upstream_idle_timeout_cb(void *userarg)
{ {
getdns_upstream *upstream = (getdns_upstream *)userarg; getdns_upstream *upstream = (getdns_upstream *)userarg;
DEBUG_STUB("*** %s: **Closing connection %d**\n", DEBUG_STUB("%s %-35s: FD: %d Closing connection\n",
__FUNCTION__, upstream->fd); STUB_DEBUG_CLEANUP, __FUNCTION__, upstream->fd);
GETDNS_CLEAR_EVENT(upstream->loop, &upstream->event); GETDNS_CLEAR_EVENT(upstream->loop, &upstream->event);
upstream->event.timeout_cb = NULL; upstream->event.timeout_cb = NULL;
upstream->event.read_cb = NULL; upstream->event.read_cb = NULL;
@ -589,8 +594,9 @@ upstream_idle_timeout_cb(void *userarg)
static void static void
upstream_tls_timeout_cb(void *userarg) upstream_tls_timeout_cb(void *userarg)
{ {
DEBUG_STUB("*** %s\n", __FUNCTION__);
getdns_upstream *upstream = (getdns_upstream *)userarg; getdns_upstream *upstream = (getdns_upstream *)userarg;
DEBUG_STUB("%s %-35s: FD: %d\n",
STUB_DEBUG_CLEANUP, __FUNCTION__, upstream->fd);
/* Clean up and trigger a write to let the fallback code to its job */ /* Clean up and trigger a write to let the fallback code to its job */
tls_cleanup(upstream); tls_cleanup(upstream);
@ -615,9 +621,10 @@ upstream_tls_timeout_cb(void *userarg)
static void static void
stub_tls_timeout_cb(void *userarg) stub_tls_timeout_cb(void *userarg)
{ {
DEBUG_STUB("*** %s\n", __FUNCTION__);
getdns_network_req *netreq = (getdns_network_req *)userarg; getdns_network_req *netreq = (getdns_network_req *)userarg;
getdns_upstream *upstream = netreq->upstream; getdns_upstream *upstream = netreq->upstream;
DEBUG_STUB("%s %-35s: MSG: %p\n",
STUB_DEBUG_CLEANUP, __FUNCTION__, netreq);
/* Clean up and trigger a write to let the fallback code to its job */ /* Clean up and trigger a write to let the fallback code to its job */
tls_cleanup(upstream); tls_cleanup(upstream);
@ -751,7 +758,8 @@ stub_tcp_write(int fd, getdns_tcp_state *tcp, getdns_network_req *netreq)
if (netreq->upstream->writes_done == 0 && if (netreq->upstream->writes_done == 0 &&
netreq->owner->context->idle_timeout != 0) { netreq->owner->context->idle_timeout != 0) {
/* Add the keepalive option to the first query on this connection*/ /* Add the keepalive option to the first query on this connection*/
DEBUG_STUB("# %s: Requesting keepalive\n", __FUNCTION__); DEBUG_STUB("%s %-35s: FD: %d Requesting keepalive \n",
STUB_DEBUG_WRITE, __FUNCTION__, fd);
if (attach_edns_keepalive(netreq)) if (attach_edns_keepalive(netreq))
return STUB_OUT_OF_OPTIONS; return STUB_OUT_OF_OPTIONS;
netreq->keepalive_sent = 1; netreq->keepalive_sent = 1;
@ -871,29 +879,33 @@ tls_verify_callback(int preverify_ok, X509_STORE_CTX *ctx)
{ {
getdns_upstream *upstream; getdns_upstream *upstream;
getdns_return_t pinset_ret = GETDNS_RETURN_GOOD; getdns_return_t pinset_ret = GETDNS_RETURN_GOOD;
upstream = _getdns_upstream_from_x509_store(ctx);
#if defined(STUB_DEBUG) && STUB_DEBUG || defined(X509_V_ERR_HOSTNAME_MISMATCH) #if defined(STUB_DEBUG) && STUB_DEBUG || defined(X509_V_ERR_HOSTNAME_MISMATCH)
int err = X509_STORE_CTX_get_error(ctx); int err = X509_STORE_CTX_get_error(ctx);
DEBUG_STUB("--- %s, VERIFY RESULT: (%d) \"%s\"\n", __FUNCTION__, DEBUG_STUB("%s %-35s: FD: %d Verify result: (%d) \"%s\"\n",
err, X509_verify_cert_error_string(err)); STUB_DEBUG_SETUP_TLS, __FUNCTION__, upstream->fd, err,
X509_verify_cert_error_string(err));
#endif #endif
upstream = _getdns_upstream_from_x509_store(ctx);
#ifdef X509_V_ERR_HOSTNAME_MISMATCH #ifdef X509_V_ERR_HOSTNAME_MISMATCH
/*Report if error is hostname mismatch*/ /*Report if error is hostname mismatch*/
if (upstream && upstream->tls_fallback_ok && err == X509_V_ERR_HOSTNAME_MISMATCH) if (upstream && upstream->tls_fallback_ok && err == X509_V_ERR_HOSTNAME_MISMATCH)
DEBUG_STUB("--- %s, PROCEEDING EVEN THOUGH HOSTNAME VALIDATION FAILED!!\n", __FUNCTION__); DEBUG_STUB("%s %-35s: FD: %d WARNING: Proceeding even though hostname validation failed!\n",
STUB_DEBUG_SETUP_TLS, __FUNCTION__, upstream->fd);
#endif #endif
if (upstream && upstream->tls_pubkey_pinset) if (upstream && upstream->tls_pubkey_pinset)
pinset_ret = _getdns_verify_pinset_match(upstream->tls_pubkey_pinset, ctx); pinset_ret = _getdns_verify_pinset_match(upstream->tls_pubkey_pinset, ctx);
if (pinset_ret != GETDNS_RETURN_GOOD) { if (pinset_ret != GETDNS_RETURN_GOOD) {
DEBUG_STUB("--- %s, PINSET VALIDATION FAILURE!!\n", __FUNCTION__); DEBUG_STUB("%s %-35s: FD: %d, WARNING: Pinset validation failure!\n",
STUB_DEBUG_SETUP_TLS, __FUNCTION__, upstream->fd);
preverify_ok = 0; preverify_ok = 0;
upstream->tls_auth_failed = 1; upstream->tls_auth_failed = 1;
if (upstream->tls_fallback_ok) if (upstream->tls_fallback_ok)
DEBUG_STUB("--- %s, PROCEEDING EVEN THOUGH PINSET VALIDATION FAILED!!\n", __FUNCTION__); DEBUG_STUB("%s %-35s: FD: %d, WARNING: Proceeding even though pinset validation failed!\n",
STUB_DEBUG_SETUP_TLS, __FUNCTION__, upstream->fd);
} }
/* If fallback is allowed, proceed regardless of what the auth error is /* If fallback is allowed, proceed regardless of what the auth error is
(might not be hostname or pinset related) */ (might not be hostname or pinset related) */
@ -929,8 +941,8 @@ tls_create_object(getdns_dns_req *dnsreq, int fd, getdns_upstream *upstream)
/* If we have a hostname, always use it */ /* If we have a hostname, always use it */
if (upstream->tls_auth_name[0] != '\0') { if (upstream->tls_auth_name[0] != '\0') {
/*Request certificate for the auth_name*/ /*Request certificate for the auth_name*/
DEBUG_STUB("--- %s, HOSTNAME VERIFICATION REQUESTED for: %s\n" DEBUG_STUB("%s %-35s: Hostname verification requested for: %s\n",
, __FUNCTION__, upstream->tls_auth_name); STUB_DEBUG_SETUP_TLS, __FUNCTION__, upstream->tls_auth_name);
SSL_set_tlsext_host_name(ssl, upstream->tls_auth_name); SSL_set_tlsext_host_name(ssl, upstream->tls_auth_name);
#ifdef HAVE_SSL_HN_AUTH #ifdef HAVE_SSL_HN_AUTH
/* Set up native OpenSSL hostname verification*/ /* Set up native OpenSSL hostname verification*/
@ -941,7 +953,8 @@ tls_create_object(getdns_dns_req *dnsreq, int fd, getdns_upstream *upstream)
#else #else
if (dnsreq->netreqs[0]->tls_auth_min == GETDNS_AUTHENTICATION_REQUIRED) { if (dnsreq->netreqs[0]->tls_auth_min == GETDNS_AUTHENTICATION_REQUIRED) {
/* TODO: Trigger post-handshake custom validation*/ /* TODO: Trigger post-handshake custom validation*/
DEBUG_STUB("--- %s, ERROR: TLS Authentication functionality not available\n", __FUNCTION__); DEBUG_STUB("%s %-35s: ERROR: TLS Authentication functionality not available\n",
STUB_DEBUG_SETUP_TLS, __FUNCTION__);
upstream->tls_hs_state = GETDNS_HS_FAILED; upstream->tls_hs_state = GETDNS_HS_FAILED;
upstream->tls_auth_failed = 1; upstream->tls_auth_failed = 1;
return NULL; return NULL;
@ -955,25 +968,30 @@ tls_create_object(getdns_dns_req *dnsreq, int fd, getdns_upstream *upstream)
* TLS is specified and we have no pubkey_pinset */ * TLS is specified and we have no pubkey_pinset */
if (dnsreq->netreqs[0]->tls_auth_min == GETDNS_AUTHENTICATION_REQUIRED) { if (dnsreq->netreqs[0]->tls_auth_min == GETDNS_AUTHENTICATION_REQUIRED) {
if (upstream->tls_pubkey_pinset) { if (upstream->tls_pubkey_pinset) {
DEBUG_STUB("--- %s, PROCEEDING WITH ONLY PUBKEY PINNING AUTHENTICATION\n", __FUNCTION__); DEBUG_STUB("%s %-35s: Proceeding with only pubkey pinning authentication\n",
STUB_DEBUG_SETUP_TLS, __FUNCTION__);
} else { } else {
DEBUG_STUB("--- %s, ERROR: No host name or pubkey pinset provided for TLS authentication\n", __FUNCTION__); DEBUG_STUB("%s %-35s: ERROR: No host name or pubkey pinset provided for TLS authentication\n",
STUB_DEBUG_SETUP_TLS, __FUNCTION__);
upstream->tls_hs_state = GETDNS_HS_FAILED; upstream->tls_hs_state = GETDNS_HS_FAILED;
upstream->tls_auth_failed = 1; upstream->tls_auth_failed = 1;
return NULL; return NULL;
} }
} else { } else {
/* no hostname verification, so we will make opportunistic connections */ /* no hostname verification, so we will make opportunistic connections */
DEBUG_STUB("--- %s, PROCEEDING EVEN THOUGH NO HOSTNAME PROVIDED!!\n", __FUNCTION__); DEBUG_STUB("%s %-35s: Proceeding even though no hostname provided!\n",
STUB_DEBUG_SETUP_TLS, __FUNCTION__);
upstream->tls_auth_failed = 1; upstream->tls_auth_failed = 1;
upstream->tls_fallback_ok = 1; upstream->tls_fallback_ok = 1;
} }
} }
if (upstream->tls_fallback_ok) { if (upstream->tls_fallback_ok) {
SSL_set_cipher_list(ssl, "DEFAULT"); SSL_set_cipher_list(ssl, "DEFAULT");
DEBUG_STUB("--- %s, PROCEEDING WITH OPPOTUNISTIC TLS CONNECTION (FALLBACK ALLOWED)!!\n", __FUNCTION__); DEBUG_STUB("%s %-35s: WARNING: Using Oppotunistic TLS (fallback allowed)!\n",
STUB_DEBUG_SETUP_TLS, __FUNCTION__);
} else } else
DEBUG_STUB("--- %s, PROCEEDING WITH STRICT TLS CONNECTION!!\n", __FUNCTION__); DEBUG_STUB("%s %-35s: Using Strict TLS \n", STUB_DEBUG_SETUP_TLS,
__FUNCTION__);
SSL_set_verify(ssl, SSL_VERIFY_PEER, tls_verify_callback); SSL_set_verify(ssl, SSL_VERIFY_PEER, tls_verify_callback);
SSL_set_connect_state(ssl); SSL_set_connect_state(ssl);
@ -984,7 +1002,8 @@ tls_create_object(getdns_dns_req *dnsreq, int fd, getdns_upstream *upstream)
static int static int
tls_do_handshake(getdns_upstream *upstream) tls_do_handshake(getdns_upstream *upstream)
{ {
DEBUG_STUB("--- %s\n", __FUNCTION__); DEBUG_STUB("%s %-35s: FD: %d \n", STUB_DEBUG_SETUP_TLS,
__FUNCTION__, upstream->fd);
int r; int r;
int want; int want;
ERR_clear_error(); ERR_clear_error();
@ -1030,11 +1049,15 @@ tls_do_handshake(getdns_upstream *upstream)
upstream->tls_hs_state = GETDNS_HS_WRITE; upstream->tls_hs_state = GETDNS_HS_WRITE;
return STUB_TCP_AGAIN; return STUB_TCP_AGAIN;
default: default:
DEBUG_STUB("--- %s %s %d\n", __FUNCTION__, "Handshake failed: ", want); DEBUG_STUB("%s %-35s: FD: %d Handshake failed %d\n",
STUB_DEBUG_SETUP_TLS, __FUNCTION__, upstream->fd,
want);
return tls_cleanup(upstream); return tls_cleanup(upstream);
} }
} }
upstream->tls_hs_state = GETDNS_HS_DONE; upstream->tls_hs_state = GETDNS_HS_DONE;
DEBUG_STUB("%s %-35s: FD: %d Handshake succeeded\n",
STUB_DEBUG_SETUP_TLS, __FUNCTION__, upstream->fd);
r = SSL_get_verify_result(upstream->tls_obj); r = SSL_get_verify_result(upstream->tls_obj);
if (upstream->tls_auth_name[0]) if (upstream->tls_auth_name[0])
#ifdef X509_V_ERR_HOSTNAME_MISMATCH #ifdef X509_V_ERR_HOSTNAME_MISMATCH
@ -1228,7 +1251,8 @@ stub_tls_write(getdns_upstream *upstream, getdns_tcp_state *tcp,
netreq->owner->context->idle_timeout != 0) { netreq->owner->context->idle_timeout != 0) {
/* Add the keepalive option to every nth query on this /* Add the keepalive option to every nth query on this
connection */ connection */
DEBUG_STUB("# %s: Requesting keepalive\n", __FUNCTION__); DEBUG_STUB("%s %-35s: FD: %d Requesting keepalive \n",
STUB_DEBUG_SETUP, __FUNCTION__, upstream->fd);
if (attach_edns_keepalive(netreq)) if (attach_edns_keepalive(netreq))
return STUB_OUT_OF_OPTIONS; return STUB_OUT_OF_OPTIONS;
netreq->keepalive_sent = 1; netreq->keepalive_sent = 1;
@ -1284,12 +1308,12 @@ _getdns_get_time_as_uintt64() {
static void static void
stub_udp_read_cb(void *userarg) stub_udp_read_cb(void *userarg)
{ {
DEBUG_STUB("%s\n", __FUNCTION__);
getdns_network_req *netreq = (getdns_network_req *)userarg; getdns_network_req *netreq = (getdns_network_req *)userarg;
getdns_dns_req *dnsreq = netreq->owner; getdns_dns_req *dnsreq = netreq->owner;
getdns_upstream *upstream = netreq->upstream; getdns_upstream *upstream = netreq->upstream;
ssize_t read; ssize_t read;
DEBUG_STUB("%s %-35s: MSG: %p \n", STUB_DEBUG_READ,
__FUNCTION__, netreq);
GETDNS_CLEAR_EVENT(dnsreq->loop, &netreq->event); GETDNS_CLEAR_EVENT(dnsreq->loop, &netreq->event);
@ -1316,7 +1340,8 @@ stub_udp_read_cb(void *userarg)
close(netreq->fd); close(netreq->fd);
while (GLDNS_TC_WIRE(netreq->response)) { while (GLDNS_TC_WIRE(netreq->response)) {
DEBUG_STUB("TC bit set\n"); DEBUG_STUB("%s %-35s: MSG: %p TC bit set in response \n", STUB_DEBUG_READ,
__FUNCTION__, netreq);
if (!(netreq->transport_current < netreq->transport_count)) if (!(netreq->transport_current < netreq->transport_count))
break; break;
getdns_transport_list_t next_transport = getdns_transport_list_t next_transport =
@ -1347,10 +1372,11 @@ stub_udp_read_cb(void *userarg)
static void static void
stub_udp_write_cb(void *userarg) stub_udp_write_cb(void *userarg)
{ {
DEBUG_STUB("%s\n", __FUNCTION__);
getdns_network_req *netreq = (getdns_network_req *)userarg; getdns_network_req *netreq = (getdns_network_req *)userarg;
getdns_dns_req *dnsreq = netreq->owner; getdns_dns_req *dnsreq = netreq->owner;
size_t pkt_len; size_t pkt_len;
DEBUG_STUB("%s %-35s: MSG: %p \n", STUB_DEBUG_WRITE,
__FUNCTION__, netreq);
GETDNS_CLEAR_EVENT(dnsreq->loop, &netreq->event); GETDNS_CLEAR_EVENT(dnsreq->loop, &netreq->event);
@ -1393,8 +1419,9 @@ stub_udp_write_cb(void *userarg)
static void static void
upstream_read_cb(void *userarg) upstream_read_cb(void *userarg)
{ {
DEBUG_STUB("--- READ: %s\n", __FUNCTION__);
getdns_upstream *upstream = (getdns_upstream *)userarg; getdns_upstream *upstream = (getdns_upstream *)userarg;
DEBUG_STUB("%s %-35s: FD: %d \n", STUB_DEBUG_READ, __FUNCTION__,
upstream->fd);
getdns_network_req *netreq; getdns_network_req *netreq;
int q; int q;
uint16_t query_id; uint16_t query_id;
@ -1432,6 +1459,8 @@ upstream_read_cb(void *userarg)
return; return;
} }
DEBUG_STUB("%s %-35s: MSG: %p (read)\n", STUB_DEBUG_READ, __FUNCTION__,
netreq);
netreq->state = NET_REQ_FINISHED; netreq->state = NET_REQ_FINISHED;
netreq->response = upstream->tcp.read_buf; netreq->response = upstream->tcp.read_buf;
netreq->response_len = netreq->response_len =
@ -1473,7 +1502,8 @@ upstream_read_cb(void *userarg)
static void static void
netreq_upstream_read_cb(void *userarg) netreq_upstream_read_cb(void *userarg)
{ {
DEBUG_STUB("--- READ: %s\n", __FUNCTION__); DEBUG_STUB("%s %-35s: FD: %d \n", STUB_DEBUG_READ,
__FUNCTION__, ((getdns_network_req *)userarg)->upstream->fd);
upstream_read_cb(((getdns_network_req *)userarg)->upstream); upstream_read_cb(((getdns_network_req *)userarg)->upstream);
} }
@ -1493,9 +1523,9 @@ upstream_write_cb(void *userarg)
dnsreq = netreq->owner; dnsreq = netreq->owner;
/* TODO: think about TCP AGAIN */ /* TODO: think about TCP AGAIN */
netreq->debug_start_time = _getdns_get_time_as_uintt64(); netreq->debug_start_time = _getdns_get_time_as_uintt64();
DEBUG_STUB("%s %-35s: MSG: %p (writing)\n", STUB_DEBUG_WRITE,
__FUNCTION__, netreq);
DEBUG_STUB("--- WRITE: %s: %p TYPE: %d\n", __FUNCTION__, netreq,
netreq->request_type);
if (tls_requested(netreq) && tls_should_write(upstream)) if (tls_requested(netreq) && tls_should_write(upstream))
q = stub_tls_write(upstream, &upstream->tcp, netreq); q = stub_tls_write(upstream, &upstream->tcp, netreq);
else else
@ -1511,7 +1541,8 @@ upstream_write_cb(void *userarg)
case STUB_TCP_ERROR: case STUB_TCP_ERROR:
/* Problem with the TCP connection itself. Need to fallback.*/ /* Problem with the TCP connection itself. Need to fallback.*/
DEBUG_STUB("--- WRITE: Setting write error\n"); DEBUG_STUB("%s %-35s: MSG: %p ERROR!\n", STUB_DEBUG_WRITE,
__FUNCTION__, ((getdns_network_req *)userarg));
upstream->tcp.write_error = 1; upstream->tcp.write_error = 1;
/* Use policy of trying next upstream in this case. Need more work on /* Use policy of trying next upstream in this case. Need more work on
* TCP connection re-use.*/ * TCP connection re-use.*/
@ -1570,9 +1601,8 @@ upstream_write_cb(void *userarg)
static void static void
netreq_upstream_write_cb(void *userarg) netreq_upstream_write_cb(void *userarg)
{ {
DEBUG_STUB("--- WRITE: %s: %p TYPE: %d\n", __FUNCTION__, DEBUG_STUB("%s %-35s: MSG: %p (catch event)\n", STUB_DEBUG_WRITE,
((getdns_network_req *)userarg), __FUNCTION__, ((getdns_network_req *)userarg));
((getdns_network_req *)userarg)->request_type);
upstream_write_cb(((getdns_network_req *)userarg)->upstream); upstream_write_cb(((getdns_network_req *)userarg)->upstream);
} }
@ -1606,7 +1636,6 @@ upstream_transport_valid(getdns_upstream *upstream,
static getdns_upstream * static getdns_upstream *
upstream_select(getdns_network_req *netreq, getdns_transport_list_t transport) upstream_select(getdns_network_req *netreq, getdns_transport_list_t transport)
{ {
DEBUG_STUB(" %s\n", __FUNCTION__);
getdns_upstream *upstream; getdns_upstream *upstream;
getdns_upstreams *upstreams = netreq->owner->upstreams; getdns_upstreams *upstreams = netreq->owner->upstreams;
size_t i; size_t i;
@ -1623,12 +1652,15 @@ upstream_select(getdns_network_req *netreq, getdns_transport_list_t transport)
/* TODO[TLS]: Should we create a tmp array of upstreams with correct*/ /* TODO[TLS]: Should we create a tmp array of upstreams with correct*/
/* transport type and/or maintain separate current for transports?*/ /* transport type and/or maintain separate current for transports?*/
i = upstreams->current; i = upstreams->current;
DEBUG_STUB(" current upstream: %d of %d \n",(int)i, (int)upstreams->count); DEBUG_STUB("%s %-35s: Starting from upstream: %d of %d available \n", STUB_DEBUG_SETUP,
__FUNCTION__, (int)i, (int)upstreams->count);
do { do {
if (upstreams->upstreams[i].to_retry > 0 && if (upstreams->upstreams[i].to_retry > 0 &&
upstream_transport_valid(&upstreams->upstreams[i], transport, netreq)) { upstream_transport_valid(&upstreams->upstreams[i], transport, netreq)) {
upstreams->current = i; upstreams->current = i;
DEBUG_STUB(" selected upstream: %d\n",(int)i); DEBUG_STUB("%s %-35s: Selected upstream: %d %p transport: %d\n",
STUB_DEBUG_SETUP, __FUNCTION__, (int)i,
&upstreams->upstreams[i], transport);
return &upstreams->upstreams[i]; return &upstreams->upstreams[i];
} }
if (++i >= upstreams->count) if (++i >= upstreams->count)
@ -1643,7 +1675,8 @@ upstream_select(getdns_network_req *netreq, getdns_transport_list_t transport)
/* Need to check again that the transport is valid */ /* Need to check again that the transport is valid */
if (!upstream_transport_valid(upstream, transport, netreq)) { if (!upstream_transport_valid(upstream, transport, netreq)) {
DEBUG_STUB(" ! No valid upstream available\n"); DEBUG_STUB("%s %-35s: No valid upstream available for transport %d!\n",
STUB_DEBUG_SETUP, __FUNCTION__, transport);
return NULL; return NULL;
} }
upstream->back_off++; upstream->back_off++;
@ -1657,6 +1690,8 @@ int
upstream_connect(getdns_upstream *upstream, getdns_transport_list_t transport, upstream_connect(getdns_upstream *upstream, getdns_transport_list_t transport,
getdns_dns_req *dnsreq) getdns_dns_req *dnsreq)
{ {
DEBUG_STUB("%s %-35s: Checking upstream connection: %p\n", STUB_DEBUG_SETUP,
__FUNCTION__, upstream);
int fd = -1; int fd = -1;
switch(transport) { switch(transport) {
case GETDNS_TRANSPORT_UDP: case GETDNS_TRANSPORT_UDP:
@ -1698,7 +1733,7 @@ upstream_connect(getdns_upstream *upstream, getdns_transport_list_t transport,
} }
static getdns_upstream* static getdns_upstream*
find_upstream_for_specific_transport(getdns_network_req *netreq, upstream_find_for_transport(getdns_network_req *netreq,
getdns_transport_list_t transport, getdns_transport_list_t transport,
int *fd) int *fd)
{ {
@ -1707,19 +1742,19 @@ find_upstream_for_specific_transport(getdns_network_req *netreq,
if (!upstream) if (!upstream)
return NULL; return NULL;
*fd = upstream_connect(upstream, transport, netreq->owner); *fd = upstream_connect(upstream, transport, netreq->owner);
DEBUG_STUB(" %s: Found: %d %p fd:%d\n", __FUNCTION__, DEBUG_STUB("%s %-35s: FD: %d Connected for upstream: %p\n",
transport, upstream, upstream->fd); STUB_DEBUG_SETUP, __FUNCTION__, *fd, upstream);
return upstream; return upstream;
} }
static int static int
find_upstream_for_netreq(getdns_network_req *netreq) upstream_find_for_netreq(getdns_network_req *netreq)
{ {
int fd = -1; int fd = -1;
getdns_upstream *upstream; getdns_upstream *upstream;
for (size_t i = netreq->transport_current; for (size_t i = netreq->transport_current;
i < netreq->transport_count; i++) { i < netreq->transport_count; i++) {
upstream = find_upstream_for_specific_transport(netreq, upstream = upstream_find_for_transport(netreq,
netreq->transports[i], netreq->transports[i],
&fd); &fd);
if (fd == -1 || !upstream) if (fd == -1 || !upstream)
@ -1742,7 +1777,7 @@ fallback_on_write(getdns_network_req *netreq)
/* Deal with UDP and change error code*/ /* Deal with UDP and change error code*/
DEBUG_STUB("#-----> %s: %p TYPE: %d\n", __FUNCTION__, netreq, netreq->request_type); DEBUG_STUB("%s %-35s: MSG: %p FALLING BACK \n", STUB_DEBUG_SCHEDULE, __FUNCTION__, netreq);
getdns_upstream *upstream = netreq->upstream; getdns_upstream *upstream = netreq->upstream;
/* Try to find a fallback transport*/ /* Try to find a fallback transport*/
@ -1764,7 +1799,8 @@ fallback_on_write(getdns_network_req *netreq)
static void static void
upstream_reschedule_events(getdns_upstream *upstream, size_t idle_timeout) { upstream_reschedule_events(getdns_upstream *upstream, size_t idle_timeout) {
DEBUG_STUB("# %s: %p %d\n", __FUNCTION__, upstream, upstream->fd); DEBUG_STUB("%s %-35s: FD: %d \n", STUB_DEBUG_SCHEDULE,
__FUNCTION__, upstream->fd);
GETDNS_CLEAR_EVENT(upstream->loop, &upstream->event); GETDNS_CLEAR_EVENT(upstream->loop, &upstream->event);
if (!upstream->write_queue && upstream->event.write_cb) { if (!upstream->write_queue && upstream->event.write_cb) {
upstream->event.write_cb = NULL; upstream->event.write_cb = NULL;
@ -1782,8 +1818,8 @@ upstream_reschedule_events(getdns_upstream *upstream, size_t idle_timeout) {
GETDNS_SCHEDULE_EVENT(upstream->loop, GETDNS_SCHEDULE_EVENT(upstream->loop,
upstream->fd, TIMEOUT_FOREVER, &upstream->event); upstream->fd, TIMEOUT_FOREVER, &upstream->event);
else { else {
DEBUG_STUB("# %s: *Idle connection %d* \n", DEBUG_STUB("%s %-35s: FD: %d Connection idle \n",
__FUNCTION__, upstream->fd); STUB_DEBUG_SCHEDULE, __FUNCTION__, upstream->fd);
upstream->event.timeout_cb = upstream_idle_timeout_cb; upstream->event.timeout_cb = upstream_idle_timeout_cb;
if (upstream->tcp.write_error != 0) if (upstream->tcp.write_error != 0)
idle_timeout = 0; idle_timeout = 0;
@ -1796,8 +1832,8 @@ static void
upstream_reschedule_netreq_events(getdns_upstream *upstream, upstream_reschedule_netreq_events(getdns_upstream *upstream,
getdns_network_req *netreq) { getdns_network_req *netreq) {
if (netreq) { if (netreq) {
DEBUG_STUB("# %s: %p: TYPE: %d\n", __FUNCTION__, DEBUG_STUB("%s %-35s: MSG: %p \n", STUB_DEBUG_SCHEDULE, __FUNCTION__,
netreq, netreq->request_type); netreq);
getdns_dns_req *dnsreq = netreq->owner; getdns_dns_req *dnsreq = netreq->owner;
GETDNS_CLEAR_EVENT(dnsreq->loop, &netreq->event); GETDNS_CLEAR_EVENT(dnsreq->loop, &netreq->event);
if (upstream->netreq_by_query_id.count || upstream->write_queue) if (upstream->netreq_by_query_id.count || upstream->write_queue)
@ -1818,8 +1854,8 @@ upstream_reschedule_netreq_events(getdns_upstream *upstream,
* req the conneciton is no longer idle so probably better to re-use * req the conneciton is no longer idle so probably better to re-use
* than shut and immediately open a new one! * than shut and immediately open a new one!
* So we will have to be aggressive and shut the connection....*/ * So we will have to be aggressive and shut the connection....*/
DEBUG_STUB("# %s: **Closing connection %d**\n", DEBUG_STUB("%s %-35s: FD: %d Closing connection!\n",
__FUNCTION__, upstream->fd); STUB_DEBUG_CLEANUP, __FUNCTION__, upstream->fd);
_getdns_upstream_shutdown(upstream); _getdns_upstream_shutdown(upstream);
} }
} }
@ -1827,7 +1863,7 @@ upstream_reschedule_netreq_events(getdns_upstream *upstream,
static void static void
upstream_schedule_netreq(getdns_upstream *upstream, getdns_network_req *netreq) upstream_schedule_netreq(getdns_upstream *upstream, getdns_network_req *netreq)
{ {
DEBUG_STUB("# %s: %p TYPE: %d\n", __FUNCTION__, netreq, netreq->request_type); DEBUG_STUB("%s %-35s: MSG: %p (schedule event)\n", STUB_DEBUG_SCHEDULE, __FUNCTION__, netreq);
/* We have a connected socket and a global event loop */ /* We have a connected socket and a global event loop */
assert(upstream->fd >= 0); assert(upstream->fd >= 0);
assert(upstream->loop); assert(upstream->loop);
@ -1859,13 +1895,14 @@ upstream_schedule_netreq(getdns_upstream *upstream, getdns_network_req *netreq)
getdns_return_t getdns_return_t
_getdns_submit_stub_request(getdns_network_req *netreq) _getdns_submit_stub_request(getdns_network_req *netreq)
{ {
DEBUG_STUB("--> %s\n", __FUNCTION__); DEBUG_STUB("%s %-35s: MSG: %p TYPE: %d\n", STUB_DEBUG_ENTRY, __FUNCTION__,
netreq, netreq->request_type);
int fd = -1; int fd = -1;
getdns_dns_req *dnsreq = netreq->owner; getdns_dns_req *dnsreq = netreq->owner;
/* This does a best effort to get a initial fd. /* This does a best effort to get a initial fd.
* All other set up is done async*/ * All other set up is done async*/
fd = find_upstream_for_netreq(netreq); fd = upstream_find_for_netreq(netreq);
if (fd == -1) if (fd == -1)
return GETDNS_RETURN_GENERIC_ERROR; return GETDNS_RETURN_GENERIC_ERROR;