| 1 | /* |
1 | /* |
| 2 | vpn_dns.C -- handle the dns tunnel part of the protocol. |
2 | vpn_dns.C -- handle the dns tunnel part of the protocol. |
| 3 | Copyright (C) 2003-2005 Marc Lehmann <gvpe@schmorp.de> |
3 | Copyright (C) 2003-2008 Marc Lehmann <gvpe@schmorp.de> |
| 4 | |
4 | |
| 5 | This file is part of GVPE. |
5 | This file is part of GVPE. |
| 6 | |
6 | |
| 7 | GVPE is free software; you can redistribute it and/or modify |
7 | GVPE is free software; you can redistribute it and/or modify it |
| 8 | it under the terms of the GNU General Public License as published by |
8 | under the terms of the GNU General Public License as published by the |
| 9 | the Free Software Foundation; either version 2 of the License, or |
9 | Free Software Foundation; either version 3 of the License, or (at your |
| 10 | (at your option) any later version. |
10 | option) any later version. |
| 11 | |
11 | |
| 12 | This program is distributed in the hope that it will be useful, |
12 | This program is distributed in the hope that it will be useful, but |
| 13 | but WITHOUT ANY WARRANTY; without even the implied warranty of |
13 | WITHOUT ANY WARRANTY; without even the implied warranty of |
| 14 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
14 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General |
| 15 | GNU General Public License for more details. |
15 | Public License for more details. |
| 16 | |
16 | |
| 17 | You should have received a copy of the GNU General Public License |
17 | You should have received a copy of the GNU General Public License along |
| 18 | along with gvpe; if not, write to the Free Software |
18 | with this program; if not, see <http://www.gnu.org/licenses/>. |
| 19 | Foundation, Inc. 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA |
19 | |
|
|
20 | Additional permission under GNU GPL version 3 section 7 |
|
|
21 | |
|
|
22 | If you modify this Program, or any covered work, by linking or |
|
|
23 | combining it with the OpenSSL project's OpenSSL library (or a modified |
|
|
24 | version of that library), containing parts covered by the terms of the |
|
|
25 | OpenSSL or SSLeay licenses, the licensors of this Program grant you |
|
|
26 | additional permission to convey the resulting work. Corresponding |
|
|
27 | Source for a non-source form of such a combination shall include the |
|
|
28 | source code for the parts of OpenSSL used as well as that of the |
|
|
29 | covered work. |
| 20 | */ |
30 | */ |
|
|
31 | |
|
|
32 | // TODO: EDNS0 option to increase dns mtu? |
|
|
33 | // TODO: re-write dns packet parsing/creation using a safe mem-buffer |
|
|
34 | // to ensure no buffer overflows or similar problems. |
| 21 | |
35 | |
| 22 | #include "config.h" |
36 | #include "config.h" |
| 23 | |
37 | |
| 24 | #if ENABLE_DNS |
38 | #if ENABLE_DNS |
| 25 | |
39 | |
| 26 | // dns processing is EXTREMELY ugly. For obvious(?) reasons. |
40 | // dns processing is EXTREMELY ugly. For obvious(?) reasons. |
| 27 | // it's a hack, use only in emergency situations please. |
41 | // it's a hack, use only in emergency situations please. |
| 28 | |
42 | |
| 29 | #include <cstring> |
43 | #include <cstring> |
|
|
44 | #include <cassert> |
| 30 | |
45 | |
| 31 | #include <sys/types.h> |
46 | #include <sys/types.h> |
| 32 | #include <sys/socket.h> |
47 | #include <sys/socket.h> |
| 33 | #include <sys/wait.h> |
48 | #include <sys/wait.h> |
| 34 | #include <sys/uio.h> |
49 | #include <sys/uio.h> |
| … | |
… | |
| 37 | #include <unistd.h> |
52 | #include <unistd.h> |
| 38 | #include <fcntl.h> |
53 | #include <fcntl.h> |
| 39 | |
54 | |
| 40 | #include <map> |
55 | #include <map> |
| 41 | |
56 | |
|
|
57 | #include <cstdio> /* bug in libgmp: gmp.h relies on cstdio being included */ |
| 42 | #include <gmp.h> |
58 | #include <gmp.h> |
| 43 | |
59 | |
| 44 | #include "netcompat.h" |
60 | #include "netcompat.h" |
| 45 | |
61 | |
| 46 | #include "vpn.h" |
62 | #include "vpn.h" |
| 47 | |
63 | |
| 48 | #define MIN_POLL_INTERVAL .02 // how often to poll minimally when the server has data |
|
|
| 49 | #define MAX_POLL_INTERVAL 6. // how often to poll minimally when the server has no data |
64 | #define MAX_POLL_INTERVAL 5. // how often to poll minimally when the server has no data |
| 50 | #define ACTIVITY_INTERVAL 5. |
65 | #define ACTIVITY_INTERVAL 5. |
| 51 | |
66 | |
| 52 | #define INITIAL_TIMEOUT 0.1 // retry timeouts |
67 | #define INITIAL_TIMEOUT 0.1 // retry timeouts |
| 53 | #define INITIAL_SYN_TIMEOUT 10. // retry timeout for initial syn |
68 | #define INITIAL_SYN_TIMEOUT 2. // retry timeout for initial syn |
| 54 | |
69 | |
| 55 | #define MIN_SEND_INTERVAL 0.01 // wait at least this time between sending requests |
|
|
| 56 | #define MAX_SEND_INTERVAL 0.5 // optimistic? |
70 | #define MAX_SEND_INTERVAL 2. // optimistic? |
| 57 | |
71 | |
| 58 | #define MAX_OUTSTANDING 10 // max. outstanding requests |
|
|
| 59 | #define MAX_WINDOW 1000 // max. for MAX_OUTSTANDING, and backlog |
72 | #define MAX_WINDOW 1000 // max. for MAX_OUTSTANDING, and backlog |
| 60 | #define MAX_BACKLOG (100*1024) // size of gvpe protocol backlog (bytes), must be > MAXSIZE |
73 | #define MAX_BACKLOG (64*1024) // size of gvpe protocol backlog (bytes), must be > MAXSIZE |
| 61 | |
74 | |
| 62 | #define MAX_DOMAIN_SIZE 220 // 255 is legal limit, but bind doesn't compress well |
75 | #define MAX_DOMAIN_SIZE 240 // 255 is legal limit, but bind doesn't compress well |
| 63 | // 240 leaves about 4 bytes of server reply data |
76 | // 240 leaves about 4 bytes of server reply data |
| 64 | // every two request bytes less give room for one reply byte |
77 | // every request byte less give room for two reply bytes |
| 65 | |
78 | |
| 66 | #define SEQNO_MASK 0x3fff |
79 | #define SEQNO_MASK 0x3fff |
| 67 | #define SEQNO_EQ(a,b) ( 0 == ( ((a) ^ (b)) & SEQNO_MASK) ) |
80 | #define SEQNO_EQ(a,b) ( 0 == ( ((a) ^ (b)) & SEQNO_MASK) ) |
| 68 | |
81 | |
| 69 | #define MAX_LBL_SIZE 63 |
82 | #define MAX_LBL_SIZE 63 |
| 70 | #define MAX_PKT_SIZE 512 |
83 | #define MAX_PKT_SIZE 512 |
| 71 | |
84 | |
| 72 | #define RR_TYPE_A 1 |
85 | #define RR_TYPE_A 1 |
| 73 | #define RR_TYPE_NULL 10 |
86 | #define RR_TYPE_NULL 10 |
| 74 | #define RR_TYPE_TXT 16 |
87 | #define RR_TYPE_TXT 16 |
|
|
88 | #define RR_TYPE_AAAA 28 |
| 75 | #define RR_TYPE_ANY 255 |
89 | #define RR_TYPE_ANY 255 |
| 76 | |
90 | |
| 77 | #define RR_CLASS_IN 1 |
91 | #define RR_CLASS_IN 1 |
| 78 | |
92 | |
| 79 | #define CMD_IP_1 207 |
93 | #define CMD_IP_1 207 |
| … | |
… | |
| 154 | enc_len [len] = n; |
168 | enc_len [len] = n; |
| 155 | dec_len [n] = len; |
169 | dec_len [n] = len; |
| 156 | } |
170 | } |
| 157 | } |
171 | } |
| 158 | |
172 | |
|
|
173 | unsigned int |
| 159 | unsigned int basecoder::encode_len (unsigned int len) |
174 | basecoder::encode_len (unsigned int len) |
| 160 | { |
175 | { |
| 161 | return enc_len [len]; |
176 | return enc_len [len]; |
| 162 | } |
177 | } |
| 163 | |
178 | |
|
|
179 | unsigned int |
| 164 | unsigned int basecoder::decode_len (unsigned int len) |
180 | basecoder::decode_len (unsigned int len) |
| 165 | { |
181 | { |
| 166 | while (len && !dec_len [len]) |
182 | while (len && !dec_len [len]) |
| 167 | --len; |
183 | --len; |
| 168 | |
184 | |
| 169 | return dec_len [len]; |
185 | return dec_len [len]; |
| 170 | } |
186 | } |
| 171 | |
187 | |
|
|
188 | unsigned int |
| 172 | unsigned int basecoder::encode (char *dst, u8 *src, unsigned int len) |
189 | basecoder::encode (char *dst, u8 *src, unsigned int len) |
| 173 | { |
190 | { |
| 174 | if (!len || len > MAX_DEC_LEN) |
191 | if (!len || len > MAX_DEC_LEN) |
| 175 | return 0; |
192 | return 0; |
| 176 | |
193 | |
| 177 | int elen = encode_len (len); |
194 | int elen = encode_len (len); |
| … | |
… | |
| 196 | *dst++ = cmap.encode [dst_ [i]]; |
213 | *dst++ = cmap.encode [dst_ [i]]; |
| 197 | |
214 | |
| 198 | return elen; |
215 | return elen; |
| 199 | } |
216 | } |
| 200 | |
217 | |
|
|
218 | unsigned int |
| 201 | unsigned int basecoder::decode (u8 *dst, char *src, unsigned int len) |
219 | basecoder::decode (u8 *dst, char *src, unsigned int len) |
| 202 | { |
220 | { |
| 203 | if (!len || len > MAX_ENC_LEN) |
221 | if (!len || len > MAX_ENC_LEN) |
| 204 | return 0; |
222 | return 0; |
| 205 | |
223 | |
| 206 | u8 src_ [MAX_ENC_LEN]; |
224 | u8 src_ [MAX_ENC_LEN]; |
| … | |
… | |
| 264 | static basecoder cdc26 ("dPhZrQmJkBtSvLxAeFwGyO"); |
282 | static basecoder cdc26 ("dPhZrQmJkBtSvLxAeFwGyO"); |
| 265 | |
283 | |
| 266 | ///////////////////////////////////////////////////////////////////////////// |
284 | ///////////////////////////////////////////////////////////////////////////// |
| 267 | |
285 | |
| 268 | #define HDRSIZE 6 |
286 | #define HDRSIZE 6 |
| 269 | |
287 | |
|
|
288 | inline void |
| 270 | inline void encode_header (char *data, int clientid, int seqno, int retry = 0) |
289 | encode_header (char *data, int clientid, int seqno, int retry = 0) |
| 271 | { |
290 | { |
| 272 | seqno &= SEQNO_MASK; |
291 | seqno &= SEQNO_MASK; |
| 273 | |
292 | |
| 274 | u8 hdr[3] = { |
293 | u8 hdr[3] = { |
| 275 | clientid, |
294 | clientid, |
| … | |
… | |
| 280 | assert (clientid < 256); |
299 | assert (clientid < 256); |
| 281 | |
300 | |
| 282 | cdc26.encode (data, hdr, 3); |
301 | cdc26.encode (data, hdr, 3); |
| 283 | } |
302 | } |
| 284 | |
303 | |
|
|
304 | inline void |
| 285 | inline void decode_header (char *data, int &clientid, int &seqno) |
305 | decode_header (char *data, int &clientid, int &seqno) |
| 286 | { |
306 | { |
| 287 | u8 hdr[3]; |
307 | u8 hdr[3]; |
| 288 | |
308 | |
| 289 | cdc26.decode (hdr, data, HDRSIZE); |
309 | cdc26.decode (hdr, data, HDRSIZE); |
| 290 | |
310 | |
| … | |
… | |
| 323 | byte_stream::~byte_stream () |
343 | byte_stream::~byte_stream () |
| 324 | { |
344 | { |
| 325 | delete data; |
345 | delete data; |
| 326 | } |
346 | } |
| 327 | |
347 | |
|
|
348 | void |
| 328 | void byte_stream::remove (int count) |
349 | byte_stream::remove (int count) |
| 329 | { |
350 | { |
| 330 | if (count > fill) |
351 | if (count > fill) |
| 331 | assert (count <= fill); |
352 | assert (count <= fill); |
| 332 | |
353 | |
| 333 | memmove (data, data + count, fill -= count); |
354 | memmove (data, data + count, fill -= count); |
| 334 | } |
355 | } |
| 335 | |
356 | |
|
|
357 | bool |
| 336 | bool byte_stream::put (u8 *data, unsigned int datalen) |
358 | byte_stream::put (u8 *data, unsigned int datalen) |
| 337 | { |
359 | { |
| 338 | if (maxsize - fill < datalen) |
360 | if (maxsize - fill < datalen) |
| 339 | return false; |
361 | return false; |
| 340 | |
362 | |
| 341 | memcpy (this->data + fill, data, datalen); fill += datalen; |
363 | memcpy (this->data + fill, data, datalen); fill += datalen; |
| 342 | |
364 | |
| 343 | return true; |
365 | return true; |
| 344 | } |
366 | } |
| 345 | |
367 | |
|
|
368 | bool |
| 346 | bool byte_stream::put (vpn_packet *pkt) |
369 | byte_stream::put (vpn_packet *pkt) |
| 347 | { |
370 | { |
| 348 | if (maxsize - fill < pkt->len + 2) |
371 | if (maxsize - fill < pkt->len + 2) |
| 349 | return false; |
372 | return false; |
| 350 | |
373 | |
| 351 | data [fill++] = pkt->len >> 8; |
374 | data [fill++] = pkt->len >> 8; |
| … | |
… | |
| 408 | struct dns_cfg |
431 | struct dns_cfg |
| 409 | { |
432 | { |
| 410 | static int next_uid; |
433 | static int next_uid; |
| 411 | |
434 | |
| 412 | u8 id1, id2, id3, id4; |
435 | u8 id1, id2, id3, id4; |
|
|
436 | |
| 413 | u8 version; |
437 | u8 version; |
|
|
438 | u8 flags; |
| 414 | u8 rrtype; |
439 | u8 rrtype; |
| 415 | u8 flags; |
|
|
| 416 | u8 def_ttl; |
440 | u8 def_ttl; |
| 417 | u8 rcv_cdc; |
441 | |
| 418 | u8 snd_cdc; |
|
|
| 419 | u16 max_size; |
|
|
| 420 | u16 client; |
442 | u16 client; |
| 421 | u16 uid; // to make request unique |
443 | u16 uid; // to make request unique |
| 422 | |
444 | |
| 423 | u8 reserved[8]; |
445 | u16 max_size; |
|
|
446 | u8 seq_cdc; |
|
|
447 | u8 req_cdc; |
|
|
448 | |
|
|
449 | u8 rep_cdc; |
|
|
450 | u8 delay; // time in 0.01s units that the server may delay replying packets |
|
|
451 | u8 r3, r4; |
|
|
452 | |
|
|
453 | u8 r5, r6, r7, r8; |
| 424 | |
454 | |
| 425 | void reset (int clientid); |
455 | void reset (int clientid); |
| 426 | bool valid (); |
456 | bool valid (); |
| 427 | }; |
457 | }; |
| 428 | |
458 | |
| 429 | int dns_cfg::next_uid; |
459 | int dns_cfg::next_uid; |
| 430 | |
460 | |
|
|
461 | void |
| 431 | void dns_cfg::reset (int clientid) |
462 | dns_cfg::reset (int clientid) |
| 432 | { |
463 | { |
| 433 | id1 = 'G'; |
464 | id1 = 'G'; |
| 434 | id2 = 'V'; |
465 | id2 = 'V'; |
| 435 | id3 = 'P'; |
466 | id3 = 'P'; |
| 436 | id4 = 'E'; |
467 | id4 = 'E'; |
| 437 | |
468 | |
| 438 | version = 1; |
469 | version = 1; |
| 439 | |
470 | |
| 440 | rrtype = RR_TYPE_TXT; |
471 | rrtype = RR_TYPE_TXT; |
| 441 | flags = 0; |
472 | flags = 0; |
| 442 | def_ttl = 1; |
473 | def_ttl = 0; |
|
|
474 | seq_cdc = 26; |
|
|
475 | req_cdc = 62; |
| 443 | rcv_cdc = 0; |
476 | rep_cdc = 0; |
| 444 | snd_cdc = 62; |
|
|
| 445 | max_size = ntohs (MAX_PKT_SIZE); |
477 | max_size = htons (MAX_PKT_SIZE); |
| 446 | client = ntohs (clientid); |
478 | client = htons (clientid); |
| 447 | uid = next_uid++; |
479 | uid = next_uid++; |
|
|
480 | delay = 0; |
| 448 | |
481 | |
| 449 | memset (reserved, 0, 8); |
482 | r3 = r4 = 0; |
|
|
483 | r4 = r5 = r6 = r7 = 0; |
| 450 | } |
484 | } |
| 451 | |
485 | |
|
|
486 | bool |
| 452 | bool dns_cfg::valid () |
487 | dns_cfg::valid () |
| 453 | { |
488 | { |
|
|
489 | // although the protocol itself allows for some configurability, |
|
|
490 | // only the following encoding/decoding settings are implemented. |
| 454 | return id1 == 'G' |
491 | return id1 == 'G' |
| 455 | && id2 == 'V' |
492 | && id2 == 'V' |
| 456 | && id3 == 'P' |
493 | && id3 == 'P' |
| 457 | && id4 == 'E' |
494 | && id4 == 'E' |
|
|
495 | && seq_cdc == 26 |
|
|
496 | && req_cdc == 62 |
|
|
497 | && rep_cdc == 0 |
| 458 | && version == 1 |
498 | && version == 1; |
| 459 | && flags == 0 |
|
|
| 460 | && rcv_cdc == 0 |
|
|
| 461 | && snd_cdc == 62 |
|
|
| 462 | && max_size == ntohs (MAX_PKT_SIZE); |
|
|
| 463 | } |
499 | } |
| 464 | |
500 | |
| 465 | struct dns_packet : net_packet |
501 | struct dns_packet : net_packet |
| 466 | { |
502 | { |
| 467 | u16 id; |
503 | u16 id; |
| 468 | u16 flags; // QR:1 Opcode:4 AA:1 TC:1 RD:1 RA:1 Z:3 RCODE:4 |
504 | u16 flags; // QR:1 Opcode:4 AA:1 TC:1 RD:1 RA:1 Z:3 RCODE:4 |
| 469 | u16 qdcount, ancount, nscount, arcount; |
505 | u16 qdcount, ancount, nscount, arcount; |
| 470 | |
506 | |
| 471 | u8 data[MAXSIZE - 6 * 2]; |
507 | u8 data [MAXSIZE - 6 * 2]; |
| 472 | |
508 | |
| 473 | int decode_label (char *data, int size, int &offs); |
509 | int decode_label (char *data, int size, int &offs); |
| 474 | }; |
510 | }; |
| 475 | |
511 | |
|
|
512 | int |
| 476 | int dns_packet::decode_label (char *data, int size, int &offs) |
513 | dns_packet::decode_label (char *data, int size, int &offs) |
| 477 | { |
514 | { |
| 478 | char *orig = data; |
515 | char *orig = data; |
| 479 | |
516 | |
| 480 | memset (data, 0, size); |
517 | memset (data, 0, size); |
| 481 | |
518 | |
| … | |
… | |
| 507 | return data - orig; |
544 | return data - orig; |
| 508 | } |
545 | } |
| 509 | |
546 | |
| 510 | ///////////////////////////////////////////////////////////////////////////// |
547 | ///////////////////////////////////////////////////////////////////////////// |
| 511 | |
548 | |
|
|
549 | static |
|
|
550 | u16 next_id () |
|
|
551 | { |
| 512 | static u16 dns_id = 0; // TODO: should be per-vpn |
552 | static u16 dns_id = 0; // TODO: should be per-vpn |
| 513 | |
553 | |
| 514 | static u16 next_id () |
|
|
| 515 | { |
|
|
| 516 | if (!dns_id) |
554 | if (!dns_id) |
| 517 | dns_id = time (0); |
555 | dns_id = time (0); |
| 518 | |
556 | |
| 519 | // the simplest lsfr with periodicity 65535 i could find |
557 | // the simplest lsfr with periodicity 65535 i could find |
| 520 | dns_id = (dns_id << 1) |
558 | dns_id = (dns_id << 1) |
| … | |
… | |
| 538 | |
576 | |
| 539 | bool established; |
577 | bool established; |
| 540 | |
578 | |
| 541 | tstamp last_received; |
579 | tstamp last_received; |
| 542 | tstamp last_sent; |
580 | tstamp last_sent; |
| 543 | double last_latency; |
581 | double min_latency; |
| 544 | double poll_interval, send_interval; |
582 | double poll_interval, send_interval; |
| 545 | |
583 | |
| 546 | vector<dns_rcv *> rcvpq; |
584 | vector<dns_rcv *> rcvpq; |
| 547 | |
585 | |
| 548 | byte_stream rcvdq; int rcvseq; |
586 | byte_stream rcvdq; int rcvseq; int repseq; |
| 549 | byte_stream snddq; int sndseq; |
587 | byte_stream snddq; int sndseq; |
| 550 | |
588 | |
| 551 | void time_cb (time_watcher &w); time_watcher tw; |
589 | inline void time_cb (ev::timer &w, int revents); ev::timer tw; |
| 552 | void receive_rep (dns_rcv *r); |
590 | void receive_rep (dns_rcv *r); |
| 553 | |
591 | |
| 554 | dns_connection (connection *c); |
592 | dns_connection (connection *c); |
| 555 | ~dns_connection (); |
593 | ~dns_connection (); |
| 556 | }; |
594 | }; |
| … | |
… | |
| 575 | : dns (dns) |
613 | : dns (dns) |
| 576 | { |
614 | { |
| 577 | timeout = 0; |
615 | timeout = 0; |
| 578 | retry = 0; |
616 | retry = 0; |
| 579 | seqno = 0; |
617 | seqno = 0; |
| 580 | sent = NOW; |
618 | sent = ev_now (); |
| 581 | stdhdr = false; |
619 | stdhdr = false; |
| 582 | |
620 | |
| 583 | pkt = new dns_packet; |
621 | pkt = new dns_packet; |
| 584 | |
622 | |
| 585 | pkt->id = next_id (); |
623 | pkt->id = next_id (); |
| … | |
… | |
| 588 | dns_snd::~dns_snd () |
626 | dns_snd::~dns_snd () |
| 589 | { |
627 | { |
| 590 | delete pkt; |
628 | delete pkt; |
| 591 | } |
629 | } |
| 592 | |
630 | |
|
|
631 | static void |
| 593 | static void append_domain (dns_packet &pkt, int &offs, const char *domain) |
632 | append_domain (dns_packet &pkt, int &offs, const char *domain) |
| 594 | { |
633 | { |
| 595 | // add tunnel domain |
634 | // add tunnel domain |
| 596 | for (;;) |
635 | for (;;) |
| 597 | { |
636 | { |
| 598 | const char *end = strchr (domain, '.'); |
637 | const char *end = strchr (domain, '.'); |
| … | |
… | |
| 611 | |
650 | |
| 612 | domain = end + 1; |
651 | domain = end + 1; |
| 613 | } |
652 | } |
| 614 | } |
653 | } |
| 615 | |
654 | |
|
|
655 | void |
| 616 | void dns_snd::gen_stream_req (int seqno, byte_stream &stream) |
656 | dns_snd::gen_stream_req (int seqno, byte_stream &stream) |
| 617 | { |
657 | { |
| 618 | stdhdr = true; |
658 | stdhdr = true; |
| 619 | this->seqno = seqno; |
659 | this->seqno = seqno; |
| 620 | |
660 | |
| 621 | timeout = NOW + INITIAL_TIMEOUT; |
661 | timeout = ev_now () + INITIAL_TIMEOUT; |
| 622 | |
662 | |
| 623 | pkt->flags = htons (DEFAULT_CLIENT_FLAGS); |
663 | pkt->flags = htons (DEFAULT_CLIENT_FLAGS); |
| 624 | pkt->qdcount = htons (1); |
664 | pkt->qdcount = htons (1); |
| 625 | |
665 | |
| 626 | int offs = 6*2; |
666 | int offs = 6*2; |
| … | |
… | |
| 659 | (*pkt)[offs++] = RR_CLASS_IN >> 8; (*pkt)[offs++] = RR_CLASS_IN; |
699 | (*pkt)[offs++] = RR_CLASS_IN >> 8; (*pkt)[offs++] = RR_CLASS_IN; |
| 660 | |
700 | |
| 661 | pkt->len = offs; |
701 | pkt->len = offs; |
| 662 | } |
702 | } |
| 663 | |
703 | |
|
|
704 | void |
| 664 | void dns_snd::gen_syn_req () |
705 | dns_snd::gen_syn_req () |
| 665 | { |
706 | { |
| 666 | timeout = NOW + INITIAL_SYN_TIMEOUT; |
707 | timeout = ev_now () + INITIAL_SYN_TIMEOUT; |
| 667 | |
|
|
| 668 | printf ("send syn\n");//D |
|
|
| 669 | |
708 | |
| 670 | pkt->flags = htons (DEFAULT_CLIENT_FLAGS); |
709 | pkt->flags = htons (DEFAULT_CLIENT_FLAGS); |
| 671 | pkt->qdcount = htons (1); |
710 | pkt->qdcount = htons (1); |
| 672 | |
711 | |
| 673 | int offs = 6 * 2; |
712 | int offs = 6 * 2; |
| … | |
… | |
| 712 | ///////////////////////////////////////////////////////////////////////////// |
751 | ///////////////////////////////////////////////////////////////////////////// |
| 713 | |
752 | |
| 714 | dns_connection::dns_connection (connection *c) |
753 | dns_connection::dns_connection (connection *c) |
| 715 | : c (c) |
754 | : c (c) |
| 716 | , rcvdq (MAX_BACKLOG * 2) |
755 | , rcvdq (MAX_BACKLOG * 2) |
| 717 | , snddq (MAX_BACKLOG * 2) |
756 | , snddq (MAX_BACKLOG) |
| 718 | , tw (this, &dns_connection::time_cb) |
|
|
| 719 | { |
757 | { |
|
|
758 | tw.set<dns_connection, &dns_connection::time_cb> (this); |
|
|
759 | |
| 720 | vpn = c->vpn; |
760 | vpn = c->vpn; |
| 721 | |
761 | |
| 722 | established = false; |
762 | established = false; |
| 723 | |
763 | |
| 724 | rcvseq = sndseq = 0; |
764 | rcvseq = repseq = sndseq = 0; |
| 725 | |
765 | |
| 726 | last_sent = last_received = 0; |
766 | last_sent = last_received = 0; |
| 727 | poll_interval = MIN_POLL_INTERVAL; |
767 | poll_interval = 0.5; // starting here |
| 728 | send_interval = 0.5; // starting rate |
768 | send_interval = 0.5; // starting rate |
| 729 | last_latency = INITIAL_TIMEOUT; |
769 | min_latency = INITIAL_TIMEOUT; |
| 730 | } |
770 | } |
| 731 | |
771 | |
| 732 | dns_connection::~dns_connection () |
772 | dns_connection::~dns_connection () |
| 733 | { |
773 | { |
| 734 | for (vector<dns_rcv *>::iterator i = rcvpq.begin (); |
774 | for (vector<dns_rcv *>::iterator i = rcvpq.begin (); |
| 735 | i != rcvpq.end (); |
775 | i != rcvpq.end (); |
| 736 | ++i) |
776 | ++i) |
| 737 | delete *i; |
777 | delete *i; |
| 738 | } |
778 | } |
| 739 | |
779 | |
|
|
780 | void |
| 740 | void dns_connection::receive_rep (dns_rcv *r) |
781 | dns_connection::receive_rep (dns_rcv *r) |
| 741 | { |
782 | { |
| 742 | if (r->datalen) |
783 | if (r->datalen) |
| 743 | { |
784 | { |
| 744 | last_received = NOW; |
785 | last_received = ev_now (); |
| 745 | tw.trigger (); |
786 | tw (); |
| 746 | |
787 | |
| 747 | poll_interval = send_interval; |
788 | poll_interval = send_interval; |
| 748 | } |
789 | } |
| 749 | else |
790 | else |
| 750 | { |
791 | { |
| 751 | poll_interval *= 1.5; |
792 | poll_interval *= 1.5; |
|
|
793 | |
| 752 | if (poll_interval > MAX_POLL_INTERVAL) |
794 | if (poll_interval > MAX_POLL_INTERVAL) |
| 753 | poll_interval = MAX_POLL_INTERVAL; |
795 | poll_interval = MAX_POLL_INTERVAL; |
| 754 | } |
796 | } |
| 755 | |
797 | |
| 756 | rcvpq.push_back (r); |
798 | rcvpq.push_back (r); |
| … | |
… | |
| 759 | |
801 | |
| 760 | // find next packet |
802 | // find next packet |
| 761 | for (vector<dns_rcv *>::iterator i = rcvpq.end (); i-- != rcvpq.begin (); ) |
803 | for (vector<dns_rcv *>::iterator i = rcvpq.end (); i-- != rcvpq.begin (); ) |
| 762 | if (SEQNO_EQ (rcvseq, (*i)->seqno)) |
804 | if (SEQNO_EQ (rcvseq, (*i)->seqno)) |
| 763 | { |
805 | { |
|
|
806 | //printf ("seqno eq %x %x\n", rcvseq, (*i)->seqno);//D |
| 764 | // enter the packet into our input stream |
807 | // enter the packet into our input stream |
| 765 | r = *i; |
808 | r = *i; |
| 766 | |
809 | |
| 767 | // remove the oldest packet, look forward, as it's oldest first |
810 | // remove the oldest packet, look forward, as it's oldest first |
| 768 | for (vector<dns_rcv *>::iterator j = rcvpq.begin (); j != rcvpq.end (); ++j) |
811 | for (vector<dns_rcv *>::iterator j = rcvpq.begin (); j != rcvpq.end (); ++j) |
| 769 | if (SEQNO_EQ ((*j)->seqno, rcvseq - MAX_WINDOW)) |
812 | if (SEQNO_EQ ((*j)->seqno, rcvseq - MAX_WINDOW)) |
| 770 | { |
813 | { |
|
|
814 | //printf ("seqno RR %x %x\n", (*j)->seqno, rcvseq - MAX_WINDOW);//D |
| 771 | delete *j; |
815 | delete *j; |
| 772 | rcvpq.erase (j); |
816 | rcvpq.erase (j); |
| 773 | break; |
817 | break; |
| 774 | } |
818 | } |
| 775 | |
819 | |
| … | |
… | |
| 782 | } |
826 | } |
| 783 | |
827 | |
| 784 | while (vpn_packet *pkt = rcvdq.get ()) |
828 | while (vpn_packet *pkt = rcvdq.get ()) |
| 785 | { |
829 | { |
| 786 | sockinfo si; |
830 | sockinfo si; |
| 787 | si.host = 0x01010101; si.port = htons (c->conf->id); si.prot = PROT_DNSv4; |
831 | si.host = htonl (c->conf->id); si.port = 0; si.prot = PROT_DNSv4; |
| 788 | |
832 | |
| 789 | vpn->recv_vpn_packet (pkt, si); |
833 | vpn->recv_vpn_packet (pkt, si); |
| 790 | |
834 | |
| 791 | delete pkt; |
835 | delete pkt; |
| 792 | } |
836 | } |
| … | |
… | |
| 806 | pkt.flags = htons (DEFAULT_SERVER_FLAGS | FLAG_RCODE_FORMERR); |
850 | pkt.flags = htons (DEFAULT_SERVER_FLAGS | FLAG_RCODE_FORMERR); |
| 807 | |
851 | |
| 808 | if (0 == (flags & (FLAG_RESPONSE | FLAG_OP_MASK)) |
852 | if (0 == (flags & (FLAG_RESPONSE | FLAG_OP_MASK)) |
| 809 | && pkt.qdcount == htons (1)) |
853 | && pkt.qdcount == htons (1)) |
| 810 | { |
854 | { |
| 811 | char qname[MAXSIZE]; |
855 | char qname [MAXSIZE]; |
| 812 | int qlen = pkt.decode_label ((char *)qname, MAXSIZE - offs, offs); |
856 | int qlen = pkt.decode_label ((char *)qname, MAXSIZE - offs, offs); |
| 813 | |
857 | |
| 814 | u16 qtype = pkt [offs++] << 8; qtype |= pkt [offs++]; |
858 | u16 qtype = pkt [offs++] << 8; qtype |= pkt [offs++]; |
| 815 | u16 qclass = pkt [offs++] << 8; qclass |= pkt [offs++]; |
859 | u16 qclass = pkt [offs++] << 8; qclass |= pkt [offs++]; |
| 816 | |
860 | |
| … | |
… | |
| 823 | |
867 | |
| 824 | int dlen = strlen (THISNODE->domain); |
868 | int dlen = strlen (THISNODE->domain); |
| 825 | |
869 | |
| 826 | if (qclass == RR_CLASS_IN |
870 | if (qclass == RR_CLASS_IN |
| 827 | && qlen > dlen + 1 |
871 | && qlen > dlen + 1 |
| 828 | && !memcmp (qname + qlen - dlen - 1, THISNODE->domain, dlen)) |
872 | && !memcmp (qname + qlen - (dlen + 1), THISNODE->domain, dlen)) |
| 829 | { |
873 | { |
| 830 | // now generate reply |
874 | // now generate reply |
| 831 | pkt.ancount = htons (1); // one answer RR |
875 | pkt.ancount = htons (1); // one answer RR |
| 832 | pkt.flags = htons (DEFAULT_SERVER_FLAGS | FLAG_RCODE_OK); |
876 | pkt.flags = htons (DEFAULT_SERVER_FLAGS | FLAG_RCODE_OK); |
| 833 | |
877 | |
| … | |
… | |
| 846 | if (0 < client && client <= conns.size ()) |
890 | if (0 < client && client <= conns.size ()) |
| 847 | { |
891 | { |
| 848 | connection *c = conns [client - 1]; |
892 | connection *c = conns [client - 1]; |
| 849 | dns_connection *dns = c->dns; |
893 | dns_connection *dns = c->dns; |
| 850 | dns_rcv *rcv; |
894 | dns_rcv *rcv; |
| 851 | bool in_seq; |
|
|
| 852 | |
895 | |
| 853 | if (dns) |
896 | if (dns) |
| 854 | { |
897 | { |
| 855 | for (vector<dns_rcv *>::iterator i = dns->rcvpq.end (); i-- != dns->rcvpq.begin (); ) |
898 | for (vector<dns_rcv *>::iterator i = dns->rcvpq.end (); i-- != dns->rcvpq.begin (); ) |
| 856 | if (SEQNO_EQ ((*i)->seqno, seqno)) |
899 | if (SEQNO_EQ ((*i)->seqno, seqno)) |
| … | |
… | |
| 867 | memcpy (pkt.at (0), r->pkt->at (0), offs = r->pkt->len); |
910 | memcpy (pkt.at (0), r->pkt->at (0), offs = r->pkt->len); |
| 868 | |
911 | |
| 869 | goto duplicate_request; |
912 | goto duplicate_request; |
| 870 | } |
913 | } |
| 871 | |
914 | |
| 872 | in_seq = dns->rcvseq == seqno; |
|
|
| 873 | |
|
|
| 874 | // new packet, queue |
915 | // new packet, queue |
| 875 | rcv = new dns_rcv (seqno, data, datalen); |
916 | rcv = new dns_rcv (seqno, data, datalen); |
| 876 | dns->receive_rep (rcv); |
917 | dns->receive_rep (rcv); |
| 877 | } |
918 | } |
| 878 | |
919 | |
|
|
920 | { |
| 879 | pkt [offs++] = 0xc0; pkt [offs++] = 6 * 2; // refer to name in query section |
921 | pkt [offs++] = 0xc0; pkt [offs++] = 6 * 2; // refer to name in query section |
| 880 | |
922 | |
| 881 | int rtype = dns ? dns->cfg.rrtype : RR_TYPE_A; |
923 | int rtype = dns ? dns->cfg.rrtype : RR_TYPE_A; |
| 882 | pkt [offs++] = rtype >> 8; pkt [offs++] = rtype; // type |
924 | pkt [offs++] = rtype >> 8; pkt [offs++] = rtype; // type |
| 883 | pkt [offs++] = RR_CLASS_IN >> 8; pkt [offs++] = RR_CLASS_IN; // class |
925 | pkt [offs++] = RR_CLASS_IN >> 8; pkt [offs++] = RR_CLASS_IN; // class |
| 884 | pkt [offs++] = 0; pkt [offs++] = 0; |
926 | pkt [offs++] = 0; pkt [offs++] = 0; |
| 885 | pkt [offs++] = 0; pkt [offs++] = dns ? dns->cfg.def_ttl : 0; // TTL |
927 | pkt [offs++] = 0; pkt [offs++] = dns ? dns->cfg.def_ttl : 0; // TTL |
| 886 | |
928 | |
| 887 | int rdlen_offs = offs += 2; |
929 | int rdlen_offs = offs += 2; |
| 888 | |
930 | |
|
|
931 | if (dns) |
|
|
932 | { |
| 889 | int dlen = (dns ? ntohs (dns->cfg.max_size) : MAX_PKT_SIZE) - offs; |
933 | int dlen = ntohs (dns->cfg.max_size) - offs; |
|
|
934 | |
| 890 | // bind doesn't compress well, so reduce further by one label length |
935 | // bind doesn't compress well, so reduce further by one label length |
| 891 | dlen -= qlen; |
936 | dlen -= qlen; |
| 892 | |
937 | |
| 893 | if (dns) |
|
|
| 894 | { |
|
|
| 895 | // only put data into in-order sequence packets, if |
938 | // only put data into in-order sequence packets, if |
| 896 | // we receive out-of-order packets we generate empty |
939 | // we receive out-of-order packets we generate empty |
| 897 | // replies |
940 | // replies |
| 898 | while (dlen > 1 && !dns->snddq.empty () && in_seq) |
941 | //printf ("%d - %d & %x (=%d) < %d\n", seqno, dns->repseq, SEQNO_MASK, (seqno - dns->repseq) & SEQNO_MASK, MAX_WINDOW);//D |
|
|
942 | if (((seqno - dns->repseq) & SEQNO_MASK) <= MAX_WINDOW) |
| 899 | { |
943 | { |
|
|
944 | dns->repseq = seqno; |
|
|
945 | |
|
|
946 | while (dlen > 1 && !dns->snddq.empty ()) |
|
|
947 | { |
| 900 | int txtlen = dlen <= 255 ? dlen - 1 : 255; |
948 | int txtlen = dlen <= 255 ? dlen - 1 : 255; |
| 901 | |
949 | |
| 902 | if (txtlen > dns->snddq.size ()) |
950 | if (txtlen > dns->snddq.size ()) |
| 903 | txtlen = dns->snddq.size (); |
951 | txtlen = dns->snddq.size (); |
| 904 | |
952 | |
| 905 | pkt[offs++] = txtlen; |
953 | pkt[offs++] = txtlen; |
| 906 | memcpy (pkt.at (offs), dns->snddq.begin (), txtlen); |
954 | memcpy (pkt.at (offs), dns->snddq.begin (), txtlen); |
| 907 | offs += txtlen; |
955 | offs += txtlen; |
| 908 | dns->snddq.remove (txtlen); |
956 | dns->snddq.remove (txtlen); |
| 909 | |
957 | |
| 910 | dlen -= txtlen + 1; |
958 | dlen -= txtlen + 1; |
|
|
959 | } |
| 911 | } |
960 | } |
| 912 | |
961 | |
| 913 | // avoid empty TXT rdata |
962 | // avoid completely empty TXT rdata |
| 914 | if (offs == rdlen_offs) |
963 | if (offs == rdlen_offs) |
| 915 | pkt[offs++] = 0; |
964 | pkt[offs++] = 0; |
| 916 | |
965 | |
| 917 | slog (L_NOISE, "DNS: snddq %d", dns->snddq.size ()); |
966 | slog (L_NOISE, "DNS: snddq %d", dns->snddq.size ()); |
| 918 | } |
967 | } |
| 919 | else |
968 | else |
| 920 | { |
969 | { |
| 921 | // send RST |
970 | // send RST |
| 922 | pkt [offs++] = CMD_IP_1; pkt [offs++] = CMD_IP_2; pkt [offs++] = CMD_IP_3; |
971 | pkt [offs++] = CMD_IP_1; pkt [offs++] = CMD_IP_2; pkt [offs++] = CMD_IP_3; |
| 923 | pkt [offs++] = CMD_IP_RST; |
972 | pkt [offs++] = CMD_IP_RST; |
| 924 | } |
973 | } |
| 925 | |
974 | |
| 926 | int rdlen = offs - rdlen_offs; |
975 | int rdlen = offs - rdlen_offs; |
| 927 | |
976 | |
| 928 | pkt [rdlen_offs - 2] = rdlen >> 8; |
977 | pkt [rdlen_offs - 2] = rdlen >> 8; |
| 929 | pkt [rdlen_offs - 1] = rdlen; |
978 | pkt [rdlen_offs - 1] = rdlen; |
| 930 | |
979 | |
| 931 | if (dns) |
980 | if (dns) |
| 932 | { |
981 | { |
| 933 | // now update dns_rcv copy |
982 | // now update dns_rcv copy |
| 934 | rcv->pkt->len = offs; |
983 | rcv->pkt->len = offs; |
| 935 | memcpy (rcv->pkt->at (0), pkt.at (0), offs); |
984 | memcpy (rcv->pkt->at (0), pkt.at (0), offs); |
| 936 | } |
985 | } |
|
|
986 | } |
| 937 | |
987 | |
| 938 | duplicate_request: ; |
988 | duplicate_request: ; |
| 939 | } |
989 | } |
| 940 | else |
990 | else |
| 941 | pkt.flags = htons (DEFAULT_SERVER_FLAGS | FLAG_RCODE_FORMERR); |
991 | pkt.flags = htons (DEFAULT_SERVER_FLAGS | FLAG_RCODE_FORMERR); |
| … | |
… | |
| 953 | pkt [offs++] = RR_CLASS_IN >> 8; pkt [offs++] = RR_CLASS_IN; // class |
1003 | pkt [offs++] = RR_CLASS_IN >> 8; pkt [offs++] = RR_CLASS_IN; // class |
| 954 | pkt [offs++] = 0; pkt [offs++] = 0; |
1004 | pkt [offs++] = 0; pkt [offs++] = 0; |
| 955 | pkt [offs++] = 0; pkt [offs++] = cfg.def_ttl; // TTL |
1005 | pkt [offs++] = 0; pkt [offs++] = cfg.def_ttl; // TTL |
| 956 | pkt [offs++] = 0; pkt [offs++] = 4; // rdlength |
1006 | pkt [offs++] = 0; pkt [offs++] = 4; // rdlength |
| 957 | |
1007 | |
| 958 | slog (L_INFO, _("DNS: client %d tries to connect"), client); |
1008 | slog (L_INFO, _("DNS: client %d connects"), client); |
| 959 | |
1009 | |
| 960 | pkt [offs++] = CMD_IP_1; pkt [offs++] = CMD_IP_2; pkt [offs++] = CMD_IP_3; |
1010 | pkt [offs++] = CMD_IP_1; pkt [offs++] = CMD_IP_2; pkt [offs++] = CMD_IP_3; |
| 961 | pkt [offs++] = CMD_IP_REJ; |
1011 | pkt [offs++] = CMD_IP_REJ; |
| 962 | |
1012 | |
| 963 | if (0 < client && client <= conns.size ()) |
1013 | if (0 < client && client <= conns.size ()) |
| … | |
… | |
| 997 | { |
1047 | { |
| 998 | dns_connection *dns = (*i)->dns; |
1048 | dns_connection *dns = (*i)->dns; |
| 999 | connection *c = dns->c; |
1049 | connection *c = dns->c; |
| 1000 | int seqno = (*i)->seqno; |
1050 | int seqno = (*i)->seqno; |
| 1001 | u8 data[MAXSIZE], *datap = data; |
1051 | u8 data[MAXSIZE], *datap = data; |
|
|
1052 | //printf ("rcv pkt %x\n", seqno);//D |
| 1002 | |
1053 | |
| 1003 | if ((*i)->retry) |
1054 | if ((*i)->retry) |
| 1004 | { |
1055 | { |
| 1005 | dns->send_interval *= 1.01; |
1056 | dns->send_interval *= 1.01; |
| 1006 | if (dns->send_interval > MAX_SEND_INTERVAL) |
1057 | if (dns->send_interval > MAX_SEND_INTERVAL) |
| 1007 | dns->send_interval = MAX_SEND_INTERVAL; |
1058 | dns->send_interval = MAX_SEND_INTERVAL; |
| 1008 | } |
1059 | } |
| 1009 | else |
1060 | else |
| 1010 | { |
1061 | { |
| 1011 | #if 1 |
1062 | #if 0 |
| 1012 | dns->send_interval *= 0.999; |
1063 | dns->send_interval *= 0.999; |
| 1013 | #endif |
1064 | #endif |
| 1014 | if (dns->send_interval < MIN_SEND_INTERVAL) |
|
|
| 1015 | dns->send_interval = MIN_SEND_INTERVAL; |
|
|
| 1016 | |
|
|
| 1017 | // the latency surely puts an upper bound on |
1065 | // the latency surely puts an upper bound on |
| 1018 | // the minimum send interval |
1066 | // the minimum send interval |
| 1019 | double latency = NOW - (*i)->sent; |
1067 | double latency = ev_now () - (*i)->sent; |
|
|
1068 | |
|
|
1069 | if (latency < dns->min_latency) |
| 1020 | dns->last_latency = latency; |
1070 | dns->min_latency = latency; |
| 1021 | |
1071 | |
| 1022 | if (dns->send_interval > latency) |
1072 | if (dns->send_interval > dns->min_latency * conf.dns_overlap_factor) |
|
|
1073 | dns->send_interval = dns->min_latency * conf.dns_overlap_factor; |
|
|
1074 | |
|
|
1075 | if (dns->send_interval < conf.dns_send_interval) |
| 1023 | dns->send_interval = latency; |
1076 | dns->send_interval = conf.dns_send_interval; |
| 1024 | } |
1077 | } |
| 1025 | |
1078 | |
| 1026 | delete *i; |
1079 | delete *i; |
| 1027 | dns_sndpq.erase (i); |
1080 | dns_sndpq.erase (i); |
| 1028 | |
1081 | |
| … | |
… | |
| 1133 | break; |
1186 | break; |
| 1134 | } |
1187 | } |
| 1135 | } |
1188 | } |
| 1136 | |
1189 | |
| 1137 | void |
1190 | void |
| 1138 | vpn::dnsv4_ev (io_watcher &w, short revents) |
1191 | vpn::dnsv4_ev (ev::io &w, int revents) |
| 1139 | { |
1192 | { |
| 1140 | if (revents & EVENT_READ) |
1193 | if (revents & EV_READ) |
| 1141 | { |
1194 | { |
| 1142 | dns_packet *pkt = new dns_packet; |
1195 | dns_packet *pkt = new dns_packet; |
| 1143 | struct sockaddr_in sa; |
1196 | struct sockaddr_in sa; |
| 1144 | socklen_t sa_len = sizeof (sa); |
1197 | socklen_t sa_len = sizeof (sa); |
| 1145 | |
1198 | |
| 1146 | pkt->len = recvfrom (w.fd, pkt->at (0), MAXSIZE, 0, (sockaddr *)&sa, &sa_len); |
1199 | pkt->len = recvfrom (w.fd, pkt->at (0), MAXSIZE, 0, (sockaddr *)&sa, &sa_len); |
| 1147 | |
1200 | |
| 1148 | if (pkt->len > 0) |
1201 | if (pkt->len > 0) |
| 1149 | { |
1202 | { |
| 1150 | if (THISNODE->dns_port) |
1203 | if (ntohs (pkt->flags) & FLAG_RESPONSE) |
|
|
1204 | dnsv4_client (*pkt); |
|
|
1205 | else |
| 1151 | { |
1206 | { |
| 1152 | dnsv4_server (*pkt); |
1207 | dnsv4_server (*pkt); |
| 1153 | sendto (w.fd, pkt->at (0), pkt->len, 0, (sockaddr *)&sa, sa_len); |
1208 | sendto (w.fd, pkt->at (0), pkt->len, 0, (sockaddr *)&sa, sa_len); |
| 1154 | } |
1209 | } |
| 1155 | else |
|
|
| 1156 | dnsv4_client (*pkt); |
|
|
| 1157 | |
1210 | |
| 1158 | delete pkt; |
1211 | delete pkt; |
| 1159 | } |
1212 | } |
| 1160 | } |
1213 | } |
| 1161 | } |
1214 | } |
| 1162 | |
1215 | |
| 1163 | bool |
1216 | bool |
| 1164 | vpn::send_dnsv4_packet (vpn_packet *pkt, const sockinfo &si, int tos) |
1217 | vpn::send_dnsv4_packet (vpn_packet *pkt, const sockinfo &si, int tos) |
| 1165 | { |
1218 | { |
| 1166 | int client = ntohs (si.port); |
1219 | int client = ntohl (si.host); |
| 1167 | |
1220 | |
| 1168 | assert (0 < client && client <= conns.size ()); |
1221 | assert (0 < client && client <= conns.size ()); |
| 1169 | |
1222 | |
| 1170 | connection *c = conns [client - 1]; |
1223 | connection *c = conns [client - 1]; |
| 1171 | |
1224 | |
| 1172 | if (!c->dns) |
1225 | if (!c->dns) |
| 1173 | c->dns = new dns_connection (c); |
1226 | c->dns = new dns_connection (c); |
| 1174 | |
1227 | |
| 1175 | if (!c->dns->snddq.put (pkt)) |
1228 | if (c->dns->snddq.put (pkt)) |
| 1176 | return false; |
|
|
| 1177 | |
|
|
| 1178 | c->dns->tw.trigger (); |
1229 | c->dns->tw (); |
| 1179 | |
1230 | |
|
|
1231 | // always return true even if the buffer overflows |
| 1180 | return true; |
1232 | return true; |
| 1181 | } |
1233 | } |
| 1182 | |
1234 | |
| 1183 | void |
1235 | void |
| 1184 | connection::dnsv4_reset_connection () |
1236 | connection::dnsv4_reset_connection () |
| … | |
… | |
| 1187 | } |
1239 | } |
| 1188 | |
1240 | |
| 1189 | #define NEXT(w) do { if (next > (w)) next = w; } while (0) |
1241 | #define NEXT(w) do { if (next > (w)) next = w; } while (0) |
| 1190 | |
1242 | |
| 1191 | void |
1243 | void |
| 1192 | dns_connection::time_cb (time_watcher &w) |
1244 | dns_connection::time_cb (ev::timer &w, int revents) |
| 1193 | { |
1245 | { |
| 1194 | // servers have to be polled |
1246 | // servers have to be polled |
| 1195 | if (THISNODE->dns_port) |
1247 | if (THISNODE->dns_port) |
| 1196 | return; |
1248 | return; |
| 1197 | |
1249 | |
| 1198 | // check for timeouts and (re)transmit |
1250 | // check for timeouts and (re)transmit |
| 1199 | tstamp next = NOW + poll_interval; |
1251 | tstamp next = ev::now () + poll_interval; |
| 1200 | dns_snd *send = 0; |
1252 | dns_snd *send = 0; |
| 1201 | |
1253 | |
| 1202 | for (vector<dns_snd *>::iterator i = vpn->dns_sndpq.begin (); |
1254 | for (vector<dns_snd *>::iterator i = vpn->dns_sndpq.begin (); |
| 1203 | i != vpn->dns_sndpq.end (); |
1255 | i != vpn->dns_sndpq.end (); |
| 1204 | ++i) |
1256 | ++i) |
| 1205 | { |
1257 | { |
| 1206 | dns_snd *r = *i; |
1258 | dns_snd *r = *i; |
| 1207 | |
1259 | |
| 1208 | if (r->timeout <= NOW) |
1260 | if (r->timeout <= ev_now ()) |
| 1209 | { |
1261 | { |
| 1210 | if (!send) |
1262 | if (!send) |
| 1211 | { |
1263 | { |
| 1212 | send = r; |
1264 | send = r; |
| 1213 | |
1265 | |
| 1214 | r->retry++; |
1266 | r->retry++; |
| 1215 | r->timeout = NOW + (r->retry * last_latency * 8.); |
1267 | r->timeout = ev_now () + (r->retry * min_latency * conf.dns_timeout_factor); |
|
|
1268 | //printf ("RETRY %x (%d, %f)\n", r->seqno, r->retry, r->timeout - ev_now ());//D |
| 1216 | |
1269 | |
| 1217 | // the following code changes the query section a bit, forcing |
1270 | // the following code changes the query section a bit, forcing |
| 1218 | // the forwarder to generate a new request |
1271 | // the forwarder to generate a new request |
| 1219 | if (r->stdhdr) |
1272 | if (r->stdhdr) |
| 1220 | { |
|
|
| 1221 | //printf ("reencoded header for ID %d retry %d:%d:%d\n", htons (r->pkt->id), THISNODE->id, r->seqno, r->retry);printf ("reencoded header for ID %d retry %d:%d:%d\n", htons (r->pkt->id), THISNODE->id, r->seqno, r->retry); |
|
|
| 1222 | //encode_header ((char *)r->pkt->at (6 * 2 + 1), THISNODE->id, r->seqno, r->retry); |
1273 | encode_header ((char *)r->pkt->at (6 * 2 + 1), THISNODE->id, r->seqno, r->retry); |
| 1223 | } |
|
|
| 1224 | } |
1274 | } |
| 1225 | } |
1275 | } |
| 1226 | else |
1276 | else |
| 1227 | NEXT (r->timeout); |
1277 | NEXT (r->timeout); |
| 1228 | } |
1278 | } |
| 1229 | |
1279 | |
| 1230 | if (last_sent + send_interval <= NOW) |
|
|
| 1231 | { |
|
|
| 1232 | if (!send) |
1280 | if (!send) |
|
|
1281 | { |
|
|
1282 | // generate a new packet, if wise |
|
|
1283 | |
|
|
1284 | if (!established) |
| 1233 | { |
1285 | { |
| 1234 | // generate a new packet, if wise |
1286 | if (vpn->dns_sndpq.empty ()) |
| 1235 | |
|
|
| 1236 | if (!established) |
|
|
| 1237 | { |
1287 | { |
| 1238 | if (vpn->dns_sndpq.empty ()) |
|
|
| 1239 | { |
|
|
| 1240 | send = new dns_snd (this); |
1288 | send = new dns_snd (this); |
| 1241 | |
1289 | |
| 1242 | printf ("new conn %p %d\n", this, c->conf->id);//D |
|
|
| 1243 | cfg.reset (THISNODE->id); |
1290 | cfg.reset (THISNODE->id); |
| 1244 | send->gen_syn_req (); |
1291 | send->gen_syn_req (); |
| 1245 | } |
|
|
| 1246 | } |
1292 | } |
| 1247 | else if (vpn->dns_sndpq.size () < MAX_OUTSTANDING |
1293 | } |
|
|
1294 | else if (vpn->dns_sndpq.size () < conf.dns_max_outstanding |
| 1248 | && !SEQNO_EQ (rcvseq, sndseq - (MAX_WINDOW - 1))) |
1295 | && !SEQNO_EQ (rcvseq, sndseq - (MAX_WINDOW - 1))) |
|
|
1296 | { |
|
|
1297 | if (last_sent + send_interval <= ev_now ()) |
| 1249 | { |
1298 | { |
| 1250 | //printf ("sending data request etc.\n"); //D |
1299 | //printf ("sending data request etc.\n"); //D |
| 1251 | if (!snddq.empty ()) |
1300 | if (!snddq.empty () || last_received + 1. > ev_now ()) |
| 1252 | { |
1301 | { |
| 1253 | poll_interval = send_interval; |
1302 | poll_interval = send_interval; |
| 1254 | NEXT (NOW + send_interval); |
1303 | NEXT (ev_now () + send_interval); |
| 1255 | } |
1304 | } |
| 1256 | |
1305 | |
| 1257 | send = new dns_snd (this); |
1306 | send = new dns_snd (this); |
| 1258 | send->gen_stream_req (sndseq, snddq); |
1307 | send->gen_stream_req (sndseq, snddq); |
| 1259 | send->timeout = NOW + last_latency * 8.; |
1308 | send->timeout = ev_now () + min_latency * conf.dns_timeout_factor; |
|
|
1309 | //printf ("SEND %x (%f)\n", send->seqno, send->timeout - ev_now (), min_latency, conf.dns_timeout_factor);//D |
| 1260 | |
1310 | |
| 1261 | sndseq = (sndseq + 1) & SEQNO_MASK; |
1311 | sndseq = (sndseq + 1) & SEQNO_MASK; |
| 1262 | } |
1312 | } |
| 1263 | |
1313 | else |
| 1264 | if (send) |
1314 | NEXT (last_sent + send_interval); |
| 1265 | vpn->dns_sndpq.push_back (send); |
|
|
| 1266 | } |
1315 | } |
| 1267 | |
1316 | |
| 1268 | if (send) |
1317 | if (send) |
| 1269 | { |
1318 | vpn->dns_sndpq.push_back (send); |
| 1270 | last_sent = NOW; |
1319 | } |
|
|
1320 | |
|
|
1321 | if (send) |
|
|
1322 | { |
|
|
1323 | last_sent = ev_now (); |
| 1271 | sendto (vpn->dnsv4_fd, |
1324 | sendto (vpn->dnsv4_fd, |
| 1272 | send->pkt->at (0), send->pkt->len, 0, |
1325 | send->pkt->at (0), send->pkt->len, 0, |
| 1273 | vpn->dns_forwarder.sav4 (), vpn->dns_forwarder.salenv4 ()); |
1326 | vpn->dns_forwarder.sav4 (), vpn->dns_forwarder.salenv4 ()); |
| 1274 | } |
|
|
| 1275 | } |
1327 | } |
| 1276 | else |
|
|
| 1277 | NEXT (last_sent + send_interval); |
|
|
| 1278 | |
1328 | |
| 1279 | slog (L_NOISE, "DNS: pi %f si %f N %f (%d:%d)", |
1329 | slog (L_NOISE, "DNS: pi %f si %f N %f (%d:%d %d)", |
| 1280 | poll_interval, send_interval, next - NOW, |
1330 | poll_interval, send_interval, next - ev_now (), |
| 1281 | vpn->dns_sndpq.size (), snddq.size ()); |
1331 | vpn->dns_sndpq.size (), snddq.size (), |
|
|
1332 | rcvpq.size ()); |
| 1282 | |
1333 | |
| 1283 | // TODO: no idea when this happens, but when next < NOW, we have a problem |
1334 | // TODO: no idea when this happens, but when next < ev_now (), we have a problem |
|
|
1335 | // doesn't seem to happen anymore |
| 1284 | if (next < NOW + 0.0001) |
1336 | if (next < ev_now () + 0.001) |
| 1285 | next = NOW + 0.1; |
1337 | next = ev_now () + 0.1; |
| 1286 | |
1338 | |
| 1287 | w.start (next); |
1339 | w.start (next - ev_now ()); |
| 1288 | } |
1340 | } |
| 1289 | |
1341 | |
| 1290 | #endif |
1342 | #endif |
| 1291 | |
1343 | |
