--- gvpe/src/vpn_dns.C 2007/11/10 05:14:22 1.42 +++ gvpe/src/vpn_dns.C 2011/03/06 13:49:50 1.50 @@ -1,22 +1,32 @@ /* vpn_dns.C -- handle the dns tunnel part of the protocol. - Copyright (C) 2003-2005 Marc Lehmann + Copyright (C) 2003-2008 Marc Lehmann This file is part of GVPE. - GVPE is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with gvpe; if not, write to the Free Software - Foundation, Inc. 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA + GVPE is free software; you can redistribute it and/or modify it + under the terms of the GNU General Public License as published by the + Free Software Foundation; either version 3 of the License, or (at your + option) any later version. + + This program is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General + Public License for more details. + + You should have received a copy of the GNU General Public License along + with this program; if not, see . + + Additional permission under GNU GPL version 3 section 7 + + If you modify this Program, or any covered work, by linking or + combining it with the OpenSSL project's OpenSSL library (or a modified + version of that library), containing parts covered by the terms of the + OpenSSL or SSLeay licenses, the licensors of this Program grant you + additional permission to convey the resulting work. Corresponding + Source for a non-source form of such a combination shall include the + source code for the parts of OpenSSL used as well as that of the + covered work. */ // TODO: EDNS0 option to increase dns mtu? @@ -44,6 +54,7 @@ #include +#include /* bug in libgmp: gmp.h relies on cstdio being included */ #include #include "netcompat.h" @@ -74,6 +85,7 @@ #define RR_TYPE_A 1 #define RR_TYPE_NULL 10 #define RR_TYPE_TXT 16 +#define RR_TYPE_AAAA 28 #define RR_TYPE_ANY 255 #define RR_CLASS_IN 1 @@ -107,8 +119,14 @@ for (size = 0; cmap [size]; size++) { - enc [size] = cmap [size]; - dec [(u8)enc [size]] = size; + char c = cmap [size]; + + enc [size] = c; + dec [(u8)c] = size; + + // allow lowercase/uppercase aliases if possible + if (c >= 'A' && c <= 'Z' && dec [c + ('a' - 'A')] == INVALID) dec [c + ('a' - 'A')] = size; + if (c >= 'a' && c <= 'z' && dec [c - ('a' - 'A')] == INVALID) dec [c - ('a' - 'A')] = size; } assert (size < 256); @@ -158,12 +176,14 @@ } } -unsigned int basecoder::encode_len (unsigned int len) +unsigned int +basecoder::encode_len (unsigned int len) { return enc_len [len]; } -unsigned int basecoder::decode_len (unsigned int len) +unsigned int +basecoder::decode_len (unsigned int len) { while (len && !dec_len [len]) --len; @@ -171,7 +191,8 @@ return dec_len [len]; } -unsigned int basecoder::encode (char *dst, u8 *src, unsigned int len) +unsigned int +basecoder::encode (char *dst, u8 *src, unsigned int len) { if (!len || len > MAX_DEC_LEN) return 0; @@ -200,7 +221,8 @@ return elen; } -unsigned int basecoder::decode (u8 *dst, char *src, unsigned int len) +unsigned int +basecoder::decode (u8 *dst, char *src, unsigned int len) { if (!len || len > MAX_ENC_LEN) return 0; @@ -269,7 +291,8 @@ #define HDRSIZE 6 -inline void encode_header (char *data, int clientid, int seqno, int retry = 0) +inline void +encode_header (char *data, int clientid, int seqno, int retry = 0) { seqno &= SEQNO_MASK; @@ -284,7 +307,8 @@ cdc26.encode (data, hdr, 3); } -inline void decode_header (char *data, int &clientid, int &seqno) +inline void +decode_header (char *data, int &clientid, int &seqno) { u8 hdr[3]; @@ -327,7 +351,8 @@ delete data; } -void byte_stream::remove (int count) +void +byte_stream::remove (int count) { if (count > fill) assert (count <= fill); @@ -335,7 +360,8 @@ memmove (data, data + count, fill -= count); } -bool byte_stream::put (u8 *data, unsigned int datalen) +bool +byte_stream::put (u8 *data, unsigned int datalen) { if (maxsize - fill < datalen) return false; @@ -345,7 +371,8 @@ return true; } -bool byte_stream::put (vpn_packet *pkt) +bool +byte_stream::put (vpn_packet *pkt) { if (maxsize - fill < pkt->len + 2) return false; @@ -437,7 +464,8 @@ int dns_cfg::next_uid; -void dns_cfg::reset (int clientid) +void +dns_cfg::reset (int clientid) { id1 = 'G'; id2 = 'V'; @@ -461,7 +489,8 @@ r4 = r5 = r6 = r7 = 0; } -bool dns_cfg::valid () +bool +dns_cfg::valid () { // although the protocol itself allows for some configurability, // only the following encoding/decoding settings are implemented. @@ -486,7 +515,8 @@ int decode_label (char *data, int size, int &offs); }; -int dns_packet::decode_label (char *data, int size, int &offs) +int +dns_packet::decode_label (char *data, int size, int &offs) { char *orig = data; @@ -522,10 +552,11 @@ ///////////////////////////////////////////////////////////////////////////// -static u16 dns_id = 0; // TODO: should be per-vpn - -static u16 next_id () +static +u16 next_id () { + static u16 dns_id = 0; // TODO: should be per-vpn + if (!dns_id) dns_id = time (0); @@ -561,7 +592,7 @@ byte_stream rcvdq; int rcvseq; int repseq; byte_stream snddq; int sndseq; - void time_cb (ev::timer &w, int revents); ev::timer tw; + inline void time_cb (ev::timer &w, int revents); ev::timer tw; void receive_rep (dns_rcv *r); dns_connection (connection *c); @@ -590,7 +621,7 @@ timeout = 0; retry = 0; seqno = 0; - sent = ev::ev_now (); + sent = ev_now (); stdhdr = false; pkt = new dns_packet; @@ -603,7 +634,8 @@ delete pkt; } -static void append_domain (dns_packet &pkt, int &offs, const char *domain) +static void +append_domain (dns_packet &pkt, int &offs, const char *domain) { // add tunnel domain for (;;) @@ -626,12 +658,13 @@ } } -void dns_snd::gen_stream_req (int seqno, byte_stream &stream) +void +dns_snd::gen_stream_req (int seqno, byte_stream &stream) { stdhdr = true; this->seqno = seqno; - timeout = ev::ev_now () + INITIAL_TIMEOUT; + timeout = ev_now () + INITIAL_TIMEOUT; pkt->flags = htons (DEFAULT_CLIENT_FLAGS); pkt->qdcount = htons (1); @@ -674,9 +707,10 @@ pkt->len = offs; } -void dns_snd::gen_syn_req () +void +dns_snd::gen_syn_req () { - timeout = ev::ev_now () + INITIAL_SYN_TIMEOUT; + timeout = ev_now () + INITIAL_SYN_TIMEOUT; pkt->flags = htons (DEFAULT_CLIENT_FLAGS); pkt->qdcount = htons (1); @@ -726,8 +760,9 @@ : c (c) , rcvdq (MAX_BACKLOG * 2) , snddq (MAX_BACKLOG) -, tw (this, &dns_connection::time_cb) { + tw.set (this); + vpn = c->vpn; established = false; @@ -748,11 +783,12 @@ delete *i; } -void dns_connection::receive_rep (dns_rcv *r) +void +dns_connection::receive_rep (dns_rcv *r) { if (r->datalen) { - last_received = ev::ev_now (); + last_received = ev_now (); tw (); poll_interval = send_interval; @@ -791,8 +827,10 @@ if (!rcvdq.put (r->data, r->datalen)) { - slog (L_ERR, "DNS: !rcvdq.put (r->data, r->datalen)"); - abort (); // MUST never overflow, can be caused by data corruption, TODO + // MUST never overflow, can be caused by data corruption, TODO + slog (L_CRIT, "DNS: !rcvdq.put (r->data, r->datalen)"); + c->dnsv4_reset_connection (); + return; } while (vpn_packet *pkt = rcvdq.get ()) @@ -801,7 +839,6 @@ si.host = htonl (c->conf->id); si.port = 0; si.prot = PROT_DNSv4; vpn->recv_vpn_packet (pkt, si); - delete pkt; } @@ -1034,7 +1071,7 @@ #endif // the latency surely puts an upper bound on // the minimum send interval - double latency = ev::ev_now () - (*i)->sent; + double latency = ev_now () - (*i)->sent; if (latency < dns->min_latency) dns->min_latency = latency; @@ -1109,9 +1146,7 @@ { slog (L_DEBUG, _("DNS: got tunnel RST request")); - delete dns; c->dns = 0; - - return; + c->dnsv4_reset_connection (); } else if (ip [3] == CMD_IP_SYN) { @@ -1119,10 +1154,7 @@ dns->established = true; } else if (ip [3] == CMD_IP_REJ) - { - slog (L_DEBUG, _("DNS: got tunnel REJ reply, server does not like us, aborting.")); - abort (); - } + slog (L_ERR, _("DNS: got tunnel REJ reply, server does not like us.")); else slog (L_INFO, _("DNS: got unknown meta command %02x"), ip [3]); } @@ -1227,15 +1259,15 @@ { dns_snd *r = *i; - if (r->timeout <= ev::ev_now ()) + if (r->timeout <= ev_now ()) { if (!send) { send = r; r->retry++; - r->timeout = ev::ev_now () + (r->retry * min_latency * conf.dns_timeout_factor); - //printf ("RETRY %x (%d, %f)\n", r->seqno, r->retry, r->timeout - ev::ev_now ());//D + r->timeout = ev_now () + (r->retry * min_latency * conf.dns_timeout_factor); + //printf ("RETRY %x (%d, %f)\n", r->seqno, r->retry, r->timeout - ev_now ());//D // the following code changes the query section a bit, forcing // the forwarder to generate a new request @@ -1264,19 +1296,19 @@ else if (vpn->dns_sndpq.size () < conf.dns_max_outstanding && !SEQNO_EQ (rcvseq, sndseq - (MAX_WINDOW - 1))) { - if (last_sent + send_interval <= ev::ev_now ()) + if (last_sent + send_interval <= ev_now ()) { //printf ("sending data request etc.\n"); //D - if (!snddq.empty () || last_received + 1. > ev::ev_now ()) + if (!snddq.empty () || last_received + 1. > ev_now ()) { poll_interval = send_interval; - NEXT (ev::ev_now () + send_interval); + NEXT (ev_now () + send_interval); } send = new dns_snd (this); send->gen_stream_req (sndseq, snddq); - send->timeout = ev::ev_now () + min_latency * conf.dns_timeout_factor; - //printf ("SEND %x (%f)\n", send->seqno, send->timeout - ev::ev_now (), min_latency, conf.dns_timeout_factor);//D + send->timeout = ev_now () + min_latency * conf.dns_timeout_factor; + //printf ("SEND %x (%f)\n", send->seqno, send->timeout - ev_now (), min_latency, conf.dns_timeout_factor);//D sndseq = (sndseq + 1) & SEQNO_MASK; } @@ -1290,23 +1322,23 @@ if (send) { - last_sent = ev::ev_now (); + last_sent = ev_now (); sendto (vpn->dnsv4_fd, send->pkt->at (0), send->pkt->len, 0, vpn->dns_forwarder.sav4 (), vpn->dns_forwarder.salenv4 ()); } slog (L_NOISE, "DNS: pi %f si %f N %f (%d:%d %d)", - poll_interval, send_interval, next - ev::ev_now (), + poll_interval, send_interval, next - ev_now (), vpn->dns_sndpq.size (), snddq.size (), rcvpq.size ()); - // TODO: no idea when this happens, but when next < ev::ev_now (), we have a problem + // TODO: no idea when this happens, but when next < ev_now (), we have a problem // doesn't seem to happen anymore - if (next < ev::ev_now () + 0.001) - next = ev::ev_now () + 0.1; + if (next < ev_now () + 0.001) + next = ev_now () + 0.1; - w.start (next - ev::ev_now ()); + w.start (next - ev_now ()); } #endif