| 1 | /* |
1 | /* |
| 2 | vpn_dns.C -- handle the dns tunnel part of the protocol. |
2 | vpn_dns.C -- handle the dns tunnel part of the protocol. |
| 3 | Copyright (C) 2003-2008 Marc Lehmann <gvpe@schmorp.de> |
3 | Copyright (C) 2003-2011 Marc Lehmann <gvpe@schmorp.de> |
| 4 | |
4 | |
| 5 | This file is part of GVPE. |
5 | This file is part of GVPE. |
| 6 | |
6 | |
| 7 | GVPE is free software; you can redistribute it and/or modify it |
7 | GVPE is free software; you can redistribute it and/or modify it |
| 8 | under the terms of the GNU General Public License as published by the |
8 | under the terms of the GNU General Public License as published by the |
| … | |
… | |
| 59 | |
59 | |
| 60 | #include "netcompat.h" |
60 | #include "netcompat.h" |
| 61 | |
61 | |
| 62 | #include "vpn.h" |
62 | #include "vpn.h" |
| 63 | |
63 | |
|
|
64 | #define MIN_POLL_INTERVAL 0.1 // poll at most this often when no data received |
| 64 | #define MAX_POLL_INTERVAL 5. // how often to poll minimally when the server has no data |
65 | #define MAX_POLL_INTERVAL 1. // how often to poll minimally when the server has no data |
| 65 | #define ACTIVITY_INTERVAL 5. |
|
|
| 66 | |
66 | |
| 67 | #define INITIAL_TIMEOUT 0.1 // retry timeouts |
67 | #define INITIAL_TIMEOUT 0.1 // retry timeouts |
| 68 | #define INITIAL_SYN_TIMEOUT 2. // retry timeout for initial syn |
68 | #define INITIAL_SYN_TIMEOUT 2. // retry timeout for initial syn |
| 69 | |
69 | |
| 70 | #define MAX_SEND_INTERVAL 2. // optimistic? |
70 | #define MAX_SEND_INTERVAL 2. // optimistic? |
| … | |
… | |
| 91 | #define RR_CLASS_IN 1 |
91 | #define RR_CLASS_IN 1 |
| 92 | |
92 | |
| 93 | #define CMD_IP_1 207 |
93 | #define CMD_IP_1 207 |
| 94 | #define CMD_IP_2 46 |
94 | #define CMD_IP_2 46 |
| 95 | #define CMD_IP_3 236 |
95 | #define CMD_IP_3 236 |
| 96 | #define CMD_IP_RST 29 |
96 | |
| 97 | #define CMD_IP_SYN 113 |
97 | #define CMD_IP_RST 29 // some error, reset and retry |
| 98 | #define CMD_IP_REJ 32 |
98 | #define CMD_IP_REJ 32 // do not want you |
|
|
99 | #define CMD_IP_SYN 113 // connection established |
|
|
100 | #define CMD_IP_CSE 213 // connection established, but likely case mismatch |
|
|
101 | |
|
|
102 | static bool |
|
|
103 | is_uc (char c) |
|
|
104 | { |
|
|
105 | return 'A' <= c && c <= 'Z'; |
|
|
106 | } |
|
|
107 | |
|
|
108 | static bool |
|
|
109 | is_lc (char c) |
|
|
110 | { |
|
|
111 | return 'a' <= c && c <= 'z'; |
|
|
112 | } |
| 99 | |
113 | |
| 100 | // works for cmaps up to 255 (not 256!) |
114 | // works for cmaps up to 255 (not 256!) |
| 101 | struct charmap |
115 | struct charmap |
| 102 | { |
116 | { |
| 103 | enum { INVALID = (u8)255 }; |
117 | enum { INVALID = (u8)255 }; |
| … | |
… | |
| 117 | memset (enc, (char) 0, 256); |
131 | memset (enc, (char) 0, 256); |
| 118 | memset (dec, (char)INVALID, 256); |
132 | memset (dec, (char)INVALID, 256); |
| 119 | |
133 | |
| 120 | for (size = 0; cmap [size]; size++) |
134 | for (size = 0; cmap [size]; size++) |
| 121 | { |
135 | { |
|
|
136 | char c = cmap [size]; |
|
|
137 | |
| 122 | enc [size] = cmap [size]; |
138 | enc [size] = c; |
| 123 | dec [(u8)enc [size]] = size; |
139 | dec [(u8)c] = size; |
|
|
140 | |
|
|
141 | // allow lowercase/uppercase aliases if possible |
|
|
142 | if (is_uc (c) && dec [c + ('a' - 'A')] == INVALID) dec [c + ('a' - 'A')] = size; |
|
|
143 | if (is_lc (c) && dec [c - ('a' - 'A')] == INVALID) dec [c - ('a' - 'A')] = size; |
| 124 | } |
144 | } |
| 125 | |
145 | |
| 126 | assert (size < 256); |
146 | assert (size < 256); |
| 127 | } |
147 | } |
| 128 | |
148 | |
| … | |
… | |
| 135 | { |
155 | { |
| 136 | charmap cmap; |
156 | charmap cmap; |
| 137 | unsigned int enc_len [MAX_DEC_LEN]; |
157 | unsigned int enc_len [MAX_DEC_LEN]; |
| 138 | unsigned int dec_len [MAX_ENC_LEN]; |
158 | unsigned int dec_len [MAX_ENC_LEN]; |
| 139 | |
159 | |
| 140 | unsigned int encode_len (unsigned int len); |
160 | unsigned int encode_len (unsigned int len) const; |
| 141 | unsigned int decode_len (unsigned int len); |
161 | unsigned int decode_len (unsigned int len) const; |
| 142 | |
162 | |
| 143 | unsigned int encode (char *dst, u8 *src, unsigned int len); |
163 | unsigned int encode (char *dst, u8 *src, unsigned int len) const; |
| 144 | unsigned int decode (u8 *dst, char *src, unsigned int len); |
164 | unsigned int decode (u8 *dst, char *src, unsigned int len) const; |
| 145 | |
165 | |
| 146 | basecoder (const char *cmap); |
166 | basecoder (const char *cmap); |
| 147 | }; |
167 | }; |
| 148 | |
168 | |
| 149 | basecoder::basecoder (const char *cmap) |
169 | basecoder::basecoder (const char *cmap) |
| … | |
… | |
| 169 | dec_len [n] = len; |
189 | dec_len [n] = len; |
| 170 | } |
190 | } |
| 171 | } |
191 | } |
| 172 | |
192 | |
| 173 | unsigned int |
193 | unsigned int |
| 174 | basecoder::encode_len (unsigned int len) |
194 | basecoder::encode_len (unsigned int len) const |
| 175 | { |
195 | { |
| 176 | return enc_len [len]; |
196 | return enc_len [len]; |
| 177 | } |
197 | } |
| 178 | |
198 | |
| 179 | unsigned int |
199 | unsigned int |
| 180 | basecoder::decode_len (unsigned int len) |
200 | basecoder::decode_len (unsigned int len) const |
| 181 | { |
201 | { |
| 182 | while (len && !dec_len [len]) |
202 | while (len && !dec_len [len]) |
| 183 | --len; |
203 | --len; |
| 184 | |
204 | |
| 185 | return dec_len [len]; |
205 | return dec_len [len]; |
| 186 | } |
206 | } |
| 187 | |
207 | |
| 188 | unsigned int |
208 | unsigned int |
| 189 | basecoder::encode (char *dst, u8 *src, unsigned int len) |
209 | basecoder::encode (char *dst, u8 *src, unsigned int len) const |
| 190 | { |
210 | { |
| 191 | if (!len || len > MAX_DEC_LEN) |
211 | if (!len || len > MAX_DEC_LEN) |
| 192 | return 0; |
212 | return 0; |
| 193 | |
213 | |
| 194 | int elen = encode_len (len); |
214 | int elen = encode_len (len); |
| … | |
… | |
| 214 | |
234 | |
| 215 | return elen; |
235 | return elen; |
| 216 | } |
236 | } |
| 217 | |
237 | |
| 218 | unsigned int |
238 | unsigned int |
| 219 | basecoder::decode (u8 *dst, char *src, unsigned int len) |
239 | basecoder::decode (u8 *dst, char *src, unsigned int len) const |
| 220 | { |
240 | { |
| 221 | if (!len || len > MAX_ENC_LEN) |
241 | if (!len || len > MAX_ENC_LEN) |
| 222 | return 0; |
242 | return 0; |
| 223 | |
243 | |
| 224 | u8 src_ [MAX_ENC_LEN]; |
244 | u8 src_ [MAX_ENC_LEN]; |
| … | |
… | |
| 273 | } |
293 | } |
| 274 | abort (); |
294 | abort (); |
| 275 | } |
295 | } |
| 276 | #endif |
296 | #endif |
| 277 | |
297 | |
| 278 | //static basecoder cdc64 ("_dDpPhHzZrR06QqMmjJkKBb34TtSsvVlL81xXaAeEFf92WwGgYyoO57UucCNniI-"); |
|
|
| 279 | //static basecoder cdc63 ("_dDpPhHzZrR06QqMmjJkKBb34TtSsvVlL81xXaAeEFf92WwGgYyoO57UucCNniI"); |
|
|
| 280 | static basecoder cdc62 ("dDpPhHzZrR06QqMmjJkKBb34TtSsvVlL81xXaAeEFf92WwGgYyoO57UucCNniI"); |
298 | static basecoder cdc62 ("dDpPhHzZrR06QqMmjJkKBb34TtSsvVlL81xXaAeEFf92WwGgYyoO57UucCNniI"); // a-zA-Z0-9 |
| 281 | //static basecoder cdc36 ("dphzr06qmjkb34tsvl81xaef92wgyo57ucni"); // unused as of yet |
299 | static basecoder cdc36 ("dPhZr06QmJkB34tSvL81xAeF92wGyO57uCnI"); // a-z0-9 for case-changers |
| 282 | static basecoder cdc26 ("dPhZrQmJkBtSvLxAeFwGyO"); |
300 | static basecoder cdc26 ("dPhZrQmJkBtSvLxAeFwGyOuCnI"); // a-z |
| 283 | |
301 | |
| 284 | ///////////////////////////////////////////////////////////////////////////// |
302 | ///////////////////////////////////////////////////////////////////////////// |
| 285 | |
303 | |
| 286 | #define HDRSIZE 6 |
304 | #define HDRSIZE 5 |
| 287 | |
305 | |
| 288 | inline void |
306 | inline void |
| 289 | encode_header (char *data, int clientid, int seqno, int retry = 0) |
307 | encode_header (char *data, int clientid, int seqno, int retry = 0) |
| 290 | { |
308 | { |
|
|
309 | assert (clientid < 256); |
|
|
310 | |
| 291 | seqno &= SEQNO_MASK; |
311 | seqno &= SEQNO_MASK; |
| 292 | |
312 | |
| 293 | u8 hdr[3] = { |
313 | u8 hdr[3] = { |
|
|
314 | seqno, |
|
|
315 | (seqno >> 8) | (retry << 6), |
| 294 | clientid, |
316 | clientid, |
| 295 | (seqno >> 8) | (retry << 6), |
|
|
| 296 | seqno, |
|
|
| 297 | }; |
317 | }; |
| 298 | |
318 | |
| 299 | assert (clientid < 256); |
|
|
| 300 | |
|
|
| 301 | cdc26.encode (data, hdr, 3); |
319 | cdc36.encode (data, hdr, 3); |
| 302 | } |
320 | } |
| 303 | |
321 | |
| 304 | inline void |
322 | inline void |
| 305 | decode_header (char *data, int &clientid, int &seqno) |
323 | decode_header (char *data, int &clientid, int &seqno) |
| 306 | { |
324 | { |
| 307 | u8 hdr[3]; |
325 | u8 hdr[3]; |
| 308 | |
326 | |
| 309 | cdc26.decode (hdr, data, HDRSIZE); |
327 | cdc36.decode (hdr, data, HDRSIZE); |
| 310 | |
328 | |
| 311 | clientid = hdr[0]; |
329 | clientid = hdr[2]; |
| 312 | seqno = ((hdr[1] << 8) | hdr[2]) & SEQNO_MASK; |
330 | seqno = ((hdr[1] << 8) | hdr[0]) & SEQNO_MASK; |
| 313 | } |
331 | } |
| 314 | |
332 | |
| 315 | ///////////////////////////////////////////////////////////////////////////// |
333 | ///////////////////////////////////////////////////////////////////////////// |
| 316 | |
334 | |
| 317 | struct byte_stream |
335 | struct byte_stream |
| … | |
… | |
| 430 | |
448 | |
| 431 | struct dns_cfg |
449 | struct dns_cfg |
| 432 | { |
450 | { |
| 433 | static int next_uid; |
451 | static int next_uid; |
| 434 | |
452 | |
| 435 | u8 id1, id2, id3, id4; |
453 | u8 chksum; |
|
|
454 | u8 rrtype; |
|
|
455 | u16 uid; // to make request unique |
| 436 | |
456 | |
| 437 | u8 version; |
457 | u8 version; |
| 438 | u8 flags; |
458 | u8 flags; |
| 439 | u8 rrtype; |
459 | u16 max_size; |
|
|
460 | |
|
|
461 | u8 id1, id2, id3, id4; |
|
|
462 | |
|
|
463 | u16 client; |
| 440 | u8 def_ttl; |
464 | u8 def_ttl; |
|
|
465 | u8 r0; |
| 441 | |
466 | |
| 442 | u16 client; |
467 | u8 syn_cdc; // cdc en/decoder for syn (A?) requests |
| 443 | u16 uid; // to make request unique |
468 | u8 hdr_cdc; // cdc en/decoder for regular request headers |
|
|
469 | u8 req_cdc; // cdc en/decoder for regular (ANY?) request data |
|
|
470 | u8 rep_cdc; // cdc en/decoder for regular (TXT) replies, 0 == 8 bit encoding |
| 444 | |
471 | |
| 445 | u16 max_size; |
|
|
| 446 | u8 seq_cdc; |
|
|
| 447 | u8 req_cdc; |
|
|
| 448 | |
|
|
| 449 | u8 rep_cdc; |
|
|
| 450 | u8 delay; // time in 0.01s units that the server may delay replying packets |
|
|
| 451 | u8 r3, r4; |
|
|
| 452 | |
|
|
| 453 | u8 r5, r6, r7, r8; |
472 | u8 r1, r2, r3, r4; |
| 454 | |
473 | |
| 455 | void reset (int clientid); |
474 | void reset (int clientid); |
| 456 | bool valid (); |
475 | bool valid (); |
|
|
476 | u8 get_chksum (); |
| 457 | }; |
477 | }; |
| 458 | |
478 | |
| 459 | int dns_cfg::next_uid; |
479 | int dns_cfg::next_uid; |
| 460 | |
480 | |
| 461 | void |
481 | void |
| 462 | dns_cfg::reset (int clientid) |
482 | dns_cfg::reset (int clientid) |
| 463 | { |
483 | { |
|
|
484 | // this ID must result in some mixed-case characters in cdc26-encoding |
| 464 | id1 = 'G'; |
485 | id1 = 'G'; |
| 465 | id2 = 'V'; |
486 | id2 = 'V'; |
| 466 | id3 = 'P'; |
487 | id3 = 'P'; |
| 467 | id4 = 'E'; |
488 | id4 = 'E'; |
| 468 | |
489 | |
| 469 | version = 1; |
490 | version = 2; |
| 470 | |
491 | |
| 471 | rrtype = RR_TYPE_TXT; |
492 | rrtype = RR_TYPE_TXT; |
| 472 | flags = 0; |
493 | flags = 0; |
| 473 | def_ttl = 0; |
494 | def_ttl = 0; |
| 474 | seq_cdc = 26; |
495 | syn_cdc = 26; |
| 475 | req_cdc = 62; |
496 | hdr_cdc = 36; |
|
|
497 | req_cdc = conf.dns_case_preserving ? 62 : 36; |
| 476 | rep_cdc = 0; |
498 | rep_cdc = 0; |
| 477 | max_size = htons (MAX_PKT_SIZE); |
499 | max_size = htons (MAX_PKT_SIZE); |
| 478 | client = htons (clientid); |
500 | client = htons (clientid); |
| 479 | uid = next_uid++; |
501 | uid = ++next_uid; |
| 480 | delay = 0; |
|
|
| 481 | |
502 | |
| 482 | r3 = r4 = 0; |
503 | r0 = r1 = r2 = r3 = r4 = 0; |
| 483 | r4 = r5 = r6 = r7 = 0; |
504 | |
|
|
505 | chksum = get_chksum (); |
|
|
506 | } |
|
|
507 | |
|
|
508 | // simple but not trivial chksum |
|
|
509 | u8 |
|
|
510 | dns_cfg::get_chksum () |
|
|
511 | { |
|
|
512 | unsigned int sum = 0xff00; // only 16 bits required |
|
|
513 | |
|
|
514 | u8 old_chksum = chksum; |
|
|
515 | chksum = 0; |
|
|
516 | |
|
|
517 | for (unsigned int i = 0; i < sizeof (*this); ++i) |
|
|
518 | sum += ((u8 *)this)[i] * (i + 1); |
|
|
519 | |
|
|
520 | chksum = old_chksum; |
|
|
521 | |
|
|
522 | return sum + (sum >> 8); |
| 484 | } |
523 | } |
| 485 | |
524 | |
| 486 | bool |
525 | bool |
| 487 | dns_cfg::valid () |
526 | dns_cfg::valid () |
| 488 | { |
527 | { |
| … | |
… | |
| 490 | // only the following encoding/decoding settings are implemented. |
529 | // only the following encoding/decoding settings are implemented. |
| 491 | return id1 == 'G' |
530 | return id1 == 'G' |
| 492 | && id2 == 'V' |
531 | && id2 == 'V' |
| 493 | && id3 == 'P' |
532 | && id3 == 'P' |
| 494 | && id4 == 'E' |
533 | && id4 == 'E' |
|
|
534 | && version == 2 |
| 495 | && seq_cdc == 26 |
535 | && syn_cdc == 26 |
| 496 | && req_cdc == 62 |
536 | && hdr_cdc == 36 |
|
|
537 | && (req_cdc == 36 || req_cdc == 62) |
| 497 | && rep_cdc == 0 |
538 | && rep_cdc == 0 |
| 498 | && version == 1; |
539 | && chksum == get_chksum (); |
| 499 | } |
540 | } |
| 500 | |
541 | |
| 501 | struct dns_packet : net_packet |
542 | struct dns_packet : net_packet |
| 502 | { |
543 | { |
| 503 | u16 id; |
544 | u16 id; |
| … | |
… | |
| 573 | struct vpn *vpn; |
614 | struct vpn *vpn; |
| 574 | |
615 | |
| 575 | dns_cfg cfg; |
616 | dns_cfg cfg; |
| 576 | |
617 | |
| 577 | bool established; |
618 | bool established; |
|
|
619 | const basecoder *cdc; |
| 578 | |
620 | |
| 579 | tstamp last_received; |
621 | tstamp last_received; |
| 580 | tstamp last_sent; |
622 | tstamp last_sent; |
| 581 | double min_latency; |
623 | double min_latency; |
| 582 | double poll_interval, send_interval; |
624 | double poll_interval, send_interval; |
| … | |
… | |
| 586 | byte_stream rcvdq; int rcvseq; int repseq; |
628 | byte_stream rcvdq; int rcvseq; int repseq; |
| 587 | byte_stream snddq; int sndseq; |
629 | byte_stream snddq; int sndseq; |
| 588 | |
630 | |
| 589 | inline void time_cb (ev::timer &w, int revents); ev::timer tw; |
631 | inline void time_cb (ev::timer &w, int revents); ev::timer tw; |
| 590 | void receive_rep (dns_rcv *r); |
632 | void receive_rep (dns_rcv *r); |
|
|
633 | |
|
|
634 | void reset (); // quite like tcp RST |
|
|
635 | void set_cfg (); // to be called after any cfg changes |
| 591 | |
636 | |
| 592 | dns_connection (connection *c); |
637 | dns_connection (connection *c); |
| 593 | ~dns_connection (); |
638 | ~dns_connection (); |
| 594 | }; |
639 | }; |
| 595 | |
640 | |
| … | |
… | |
| 669 | // so we need to have space for 2*MAX_DOMAIN_SIZE + header + extra |
714 | // so we need to have space for 2*MAX_DOMAIN_SIZE + header + extra |
| 670 | |
715 | |
| 671 | char enc[256], *encp = enc; |
716 | char enc[256], *encp = enc; |
| 672 | encode_header (enc, THISNODE->id, seqno); |
717 | encode_header (enc, THISNODE->id, seqno); |
| 673 | |
718 | |
| 674 | int datalen = cdc62.decode_len (dlen - (dlen + MAX_LBL_SIZE - 1) / MAX_LBL_SIZE - HDRSIZE); |
719 | int datalen = dns->cdc->decode_len (dlen - (dlen + MAX_LBL_SIZE - 1) / MAX_LBL_SIZE - HDRSIZE); |
| 675 | |
720 | |
| 676 | if (datalen > stream.size ()) |
721 | if (datalen > stream.size ()) |
| 677 | datalen = stream.size (); |
722 | datalen = stream.size (); |
| 678 | |
723 | |
| 679 | int enclen = cdc62.encode (enc + HDRSIZE, stream.begin (), datalen) + HDRSIZE; |
724 | int enclen = dns->cdc->encode (enc + HDRSIZE, stream.begin (), datalen) + HDRSIZE; |
| 680 | stream.remove (datalen); |
725 | stream.remove (datalen); |
| 681 | |
726 | |
| 682 | while (enclen) |
727 | while (enclen) |
| 683 | { |
728 | { |
| 684 | int lbllen = enclen < MAX_LBL_SIZE ? enclen : MAX_LBL_SIZE; |
729 | int lbllen = enclen < MAX_LBL_SIZE ? enclen : MAX_LBL_SIZE; |
| … | |
… | |
| 757 | { |
802 | { |
| 758 | tw.set<dns_connection, &dns_connection::time_cb> (this); |
803 | tw.set<dns_connection, &dns_connection::time_cb> (this); |
| 759 | |
804 | |
| 760 | vpn = c->vpn; |
805 | vpn = c->vpn; |
| 761 | |
806 | |
|
|
807 | reset (); |
|
|
808 | } |
|
|
809 | |
|
|
810 | dns_connection::~dns_connection () |
|
|
811 | { |
|
|
812 | reset (); |
|
|
813 | } |
|
|
814 | |
|
|
815 | void |
|
|
816 | dns_connection::reset () |
|
|
817 | { |
|
|
818 | while (!rcvpq.empty ()) |
|
|
819 | { |
|
|
820 | delete rcvpq.back (); |
|
|
821 | rcvpq.pop_back (); |
|
|
822 | } |
|
|
823 | |
|
|
824 | for (int i = vpn->dns_sndpq.size (); i--; ) |
|
|
825 | if (vpn->dns_sndpq [i]->dns == this) |
|
|
826 | { |
|
|
827 | vpn->dns_sndpq [i] = vpn->dns_sndpq.back (); |
|
|
828 | vpn->dns_sndpq.pop_back (); |
|
|
829 | } |
|
|
830 | |
| 762 | established = false; |
831 | established = false; |
| 763 | |
832 | |
| 764 | rcvseq = repseq = sndseq = 0; |
833 | rcvseq = repseq = sndseq = 0; |
| 765 | |
834 | |
| 766 | last_sent = last_received = 0; |
835 | last_sent = last_received = 0; |
| 767 | poll_interval = 0.5; // starting here |
836 | poll_interval = 0.5; // starting here |
| 768 | send_interval = 0.5; // starting rate |
837 | send_interval = 0.5; // starting rate |
| 769 | min_latency = INITIAL_TIMEOUT; |
838 | min_latency = INITIAL_TIMEOUT; |
| 770 | } |
839 | } |
| 771 | |
840 | |
| 772 | dns_connection::~dns_connection () |
841 | void |
|
|
842 | dns_connection::set_cfg () |
| 773 | { |
843 | { |
| 774 | for (vector<dns_rcv *>::iterator i = rcvpq.begin (); |
844 | cdc = cfg.req_cdc == 36 ? &cdc36 : &cdc62; |
| 775 | i != rcvpq.end (); |
|
|
| 776 | ++i) |
|
|
| 777 | delete *i; |
|
|
| 778 | } |
845 | } |
| 779 | |
846 | |
| 780 | void |
847 | void |
| 781 | dns_connection::receive_rep (dns_rcv *r) |
848 | dns_connection::receive_rep (dns_rcv *r) |
| 782 | { |
849 | { |
| … | |
… | |
| 819 | |
886 | |
| 820 | rcvseq = (rcvseq + 1) & SEQNO_MASK; |
887 | rcvseq = (rcvseq + 1) & SEQNO_MASK; |
| 821 | |
888 | |
| 822 | if (!rcvdq.put (r->data, r->datalen)) |
889 | if (!rcvdq.put (r->data, r->datalen)) |
| 823 | { |
890 | { |
|
|
891 | // MUST never overflow, can be caused by data corruption, TODO |
| 824 | slog (L_ERR, "DNS: !rcvdq.put (r->data, r->datalen)"); |
892 | slog (L_CRIT, "DNS: !rcvdq.put (r->data, r->datalen)"); |
| 825 | abort (); // MUST never overflow, can be caused by data corruption, TODO |
893 | reset (); |
|
|
894 | return; |
| 826 | } |
895 | } |
| 827 | |
896 | |
| 828 | while (vpn_packet *pkt = rcvdq.get ()) |
897 | while (vpn_packet *pkt = rcvdq.get ()) |
| 829 | { |
898 | { |
| 830 | sockinfo si; |
899 | sockinfo si; |
| 831 | si.host = htonl (c->conf->id); si.port = 0; si.prot = PROT_DNSv4; |
900 | si.host = htonl (c->conf->id); si.port = 0; si.prot = PROT_DNSv4; |
| 832 | |
901 | |
| 833 | vpn->recv_vpn_packet (pkt, si); |
902 | vpn->recv_vpn_packet (pkt, si); |
| 834 | |
|
|
| 835 | delete pkt; |
903 | delete pkt; |
| 836 | } |
904 | } |
| 837 | |
905 | |
| 838 | // check for further packets |
906 | // check for further packets |
| 839 | goto redo; |
907 | goto redo; |
| … | |
… | |
| 882 | { |
950 | { |
| 883 | // correct class, domain: parse |
951 | // correct class, domain: parse |
| 884 | int client, seqno; |
952 | int client, seqno; |
| 885 | decode_header (qname, client, seqno); |
953 | decode_header (qname, client, seqno); |
| 886 | |
954 | |
| 887 | u8 data[MAXSIZE]; |
|
|
| 888 | int datalen = cdc62.decode (data, qname + HDRSIZE, qlen - (dlen + 1 + HDRSIZE)); |
|
|
| 889 | |
|
|
| 890 | if (0 < client && client <= conns.size ()) |
955 | if (0 < client && client <= conns.size ()) |
| 891 | { |
956 | { |
| 892 | connection *c = conns [client - 1]; |
957 | connection *c = conns [client - 1]; |
| 893 | dns_connection *dns = c->dns; |
958 | dns_connection *dns = c->dns; |
| 894 | dns_rcv *rcv; |
959 | dns_rcv *rcv; |
| 895 | |
960 | |
| 896 | if (dns) |
961 | if (dns) |
| 897 | { |
962 | { |
|
|
963 | u8 data[MAXSIZE]; |
|
|
964 | int datalen = dns->cdc->decode (data, qname + HDRSIZE, qlen - (dlen + 1 + HDRSIZE)); |
|
|
965 | |
| 898 | for (vector<dns_rcv *>::iterator i = dns->rcvpq.end (); i-- != dns->rcvpq.begin (); ) |
966 | for (vector<dns_rcv *>::iterator i = dns->rcvpq.end (); i-- != dns->rcvpq.begin (); ) |
| 899 | if (SEQNO_EQ ((*i)->seqno, seqno)) |
967 | if (SEQNO_EQ ((*i)->seqno, seqno)) |
| 900 | { |
968 | { |
| 901 | // already seen that request: simply reply with the cached reply |
969 | // already seen that request: simply reply with the cached reply |
| 902 | dns_rcv *r = *i; |
970 | dns_rcv *r = *i; |
| … | |
… | |
| 1003 | pkt [offs++] = RR_CLASS_IN >> 8; pkt [offs++] = RR_CLASS_IN; // class |
1071 | pkt [offs++] = RR_CLASS_IN >> 8; pkt [offs++] = RR_CLASS_IN; // class |
| 1004 | pkt [offs++] = 0; pkt [offs++] = 0; |
1072 | pkt [offs++] = 0; pkt [offs++] = 0; |
| 1005 | pkt [offs++] = 0; pkt [offs++] = cfg.def_ttl; // TTL |
1073 | pkt [offs++] = 0; pkt [offs++] = cfg.def_ttl; // TTL |
| 1006 | pkt [offs++] = 0; pkt [offs++] = 4; // rdlength |
1074 | pkt [offs++] = 0; pkt [offs++] = 4; // rdlength |
| 1007 | |
1075 | |
| 1008 | slog (L_INFO, _("DNS: client %d connects"), client); |
|
|
| 1009 | |
|
|
| 1010 | pkt [offs++] = CMD_IP_1; pkt [offs++] = CMD_IP_2; pkt [offs++] = CMD_IP_3; |
1076 | pkt [offs++] = CMD_IP_1; pkt [offs++] = CMD_IP_2; pkt [offs++] = CMD_IP_3; |
| 1011 | pkt [offs++] = CMD_IP_REJ; |
1077 | pkt [offs++] = CMD_IP_REJ; |
| 1012 | |
1078 | |
| 1013 | if (0 < client && client <= conns.size ()) |
1079 | if (0 < client && client <= conns.size ()) |
| 1014 | { |
1080 | { |
| 1015 | connection *c = conns [client - 1]; |
1081 | connection *c = conns [client - 1]; |
| 1016 | |
1082 | |
| 1017 | if (cfg.valid ()) |
1083 | if (cfg.valid ()) |
| 1018 | { |
1084 | { |
| 1019 | pkt [offs - 1] = CMD_IP_SYN; |
1085 | slog (L_INFO, _("DNS: client %d connects (version %d, req_cdc %d)"), client, cfg.version, cfg.req_cdc); |
|
|
1086 | |
|
|
1087 | // check for any encoding mismatches - hints at a case problem |
|
|
1088 | char qname2 [MAX_ENC_LEN]; |
|
|
1089 | cdc26.encode (qname2, (u8 *)&cfg, sizeof (dns_cfg)); |
| 1020 | |
1090 | |
| 1021 | delete c->dns; |
1091 | delete c->dns; |
|
|
1092 | |
|
|
1093 | pkt [offs - 1] = memcmp (qname, qname2, cdc26.encode_len (sizeof (dns_cfg))) |
|
|
1094 | ? CMD_IP_CSE : CMD_IP_SYN; |
|
|
1095 | |
| 1022 | c->dns = new dns_connection (c); |
1096 | c->dns = new dns_connection (c); |
| 1023 | c->dns->cfg = cfg; |
1097 | c->dns->cfg = cfg; |
|
|
1098 | c->dns->set_cfg (); |
| 1024 | } |
1099 | } |
| 1025 | } |
1100 | } |
| 1026 | } |
1101 | } |
| 1027 | } |
1102 | } |
| 1028 | |
1103 | |
| … | |
… | |
| 1048 | dns_connection *dns = (*i)->dns; |
1123 | dns_connection *dns = (*i)->dns; |
| 1049 | connection *c = dns->c; |
1124 | connection *c = dns->c; |
| 1050 | int seqno = (*i)->seqno; |
1125 | int seqno = (*i)->seqno; |
| 1051 | u8 data[MAXSIZE], *datap = data; |
1126 | u8 data[MAXSIZE], *datap = data; |
| 1052 | //printf ("rcv pkt %x\n", seqno);//D |
1127 | //printf ("rcv pkt %x\n", seqno);//D |
|
|
1128 | bool back_off = (*i)->retry; |
| 1053 | |
1129 | |
| 1054 | if ((*i)->retry) |
1130 | if (back_off) |
| 1055 | { |
1131 | { |
| 1056 | dns->send_interval *= 1.01; |
1132 | dns->send_interval *= 1.01; |
| 1057 | if (dns->send_interval > MAX_SEND_INTERVAL) |
1133 | if (dns->send_interval > MAX_SEND_INTERVAL) |
| 1058 | dns->send_interval = MAX_SEND_INTERVAL; |
1134 | dns->send_interval = MAX_SEND_INTERVAL; |
| 1059 | } |
1135 | } |
| … | |
… | |
| 1099 | ttl |= pkt [offs++] << 16; |
1175 | ttl |= pkt [offs++] << 16; |
| 1100 | ttl |= pkt [offs++] << 8; |
1176 | ttl |= pkt [offs++] << 8; |
| 1101 | ttl |= pkt [offs++]; |
1177 | ttl |= pkt [offs++]; |
| 1102 | u16 rdlen = pkt [offs++] << 8; rdlen |= pkt [offs++]; |
1178 | u16 rdlen = pkt [offs++] << 8; rdlen |= pkt [offs++]; |
| 1103 | |
1179 | |
| 1104 | if (qtype == RR_TYPE_NULL || qtype == RR_TYPE_TXT) |
1180 | if (qtype == RR_TYPE_NULL || qtype == RR_TYPE_TXT || qtype == dns->cfg.rrtype) |
| 1105 | { |
1181 | { |
| 1106 | if (rdlen <= MAXSIZE - offs) |
1182 | if (rdlen <= MAXSIZE - offs) |
| 1107 | { |
1183 | { |
| 1108 | // decode bytes, finally |
1184 | // decode bytes, finally |
| 1109 | |
1185 | |
| … | |
… | |
| 1135 | { |
1211 | { |
| 1136 | slog (L_TRACE, _("DNS: got tunnel meta command %02x"), ip [3]); |
1212 | slog (L_TRACE, _("DNS: got tunnel meta command %02x"), ip [3]); |
| 1137 | |
1213 | |
| 1138 | if (ip [3] == CMD_IP_RST) |
1214 | if (ip [3] == CMD_IP_RST) |
| 1139 | { |
1215 | { |
| 1140 | slog (L_DEBUG, _("DNS: got tunnel RST request")); |
1216 | slog (L_DEBUG, _("DNS: got tunnel RST request.")); |
| 1141 | |
1217 | |
| 1142 | delete dns; c->dns = 0; |
1218 | dns->reset (); |
| 1143 | |
|
|
| 1144 | return; |
1219 | return; |
| 1145 | } |
1220 | } |
| 1146 | else if (ip [3] == CMD_IP_SYN) |
1221 | else if (ip [3] == CMD_IP_SYN) |
| 1147 | { |
1222 | { |
| 1148 | slog (L_DEBUG, _("DNS: got tunnel SYN reply, server likes us.")); |
1223 | slog (L_DEBUG, _("DNS: got tunnel SYN reply, server likes us.")); |
| 1149 | dns->established = true; |
1224 | dns->established = true; |
| 1150 | } |
1225 | } |
|
|
1226 | else if (ip [3] == CMD_IP_CSE) |
|
|
1227 | { |
|
|
1228 | if (conf.dns_case_preserving) |
|
|
1229 | { |
|
|
1230 | slog (L_INFO, _("DNS: got tunnel CSE reply, globally downgrading to case-insensitive protocol.")); |
|
|
1231 | conf.dns_case_preserving = false; |
|
|
1232 | dns->reset (); |
|
|
1233 | return; |
|
|
1234 | } |
|
|
1235 | else |
|
|
1236 | { |
|
|
1237 | slog (L_DEBUG, _("DNS: got tunnel CSE reply, server likes us.")); |
|
|
1238 | dns->established = true; |
|
|
1239 | } |
|
|
1240 | } |
| 1151 | else if (ip [3] == CMD_IP_REJ) |
1241 | else if (ip [3] == CMD_IP_REJ) |
| 1152 | { |
1242 | { |
| 1153 | slog (L_DEBUG, _("DNS: got tunnel REJ reply, server does not like us, aborting.")); |
1243 | slog (L_ERR, _("DNS: got tunnel REJ reply, server does not like us.")); |
| 1154 | abort (); |
1244 | dns->tw.start (60.); |
| 1155 | } |
1245 | } |
| 1156 | else |
1246 | else |
|
|
1247 | { |
| 1157 | slog (L_INFO, _("DNS: got unknown meta command %02x"), ip [3]); |
1248 | slog (L_INFO, _("DNS: got unknown meta command %02x"), ip [3]); |
|
|
1249 | dns->tw.start (60.); |
|
|
1250 | } |
| 1158 | } |
1251 | } |
| 1159 | else |
1252 | else |
| 1160 | slog (L_INFO, _("DNS: got spurious a record %d.%d.%d.%d"), |
1253 | slog (L_INFO, _("DNS: got spurious a record %d.%d.%d.%d"), |
| 1161 | ip [0], ip [1], ip [2], ip [3]); |
1254 | ip [0], ip [1], ip [2], ip [3]); |
| 1162 | |
1255 | |
| … | |
… | |
| 1180 | } |
1273 | } |
| 1181 | |
1274 | |
| 1182 | // todo: pkt now used |
1275 | // todo: pkt now used |
| 1183 | if (datap) |
1276 | if (datap) |
| 1184 | dns->receive_rep (new dns_rcv (seqno, data, datap - data)); |
1277 | dns->receive_rep (new dns_rcv (seqno, data, datap - data)); |
|
|
1278 | else if (dns_sndpq.empty ()) // no data received, and nothing to send - idle |
|
|
1279 | { |
|
|
1280 | dns->send_interval *= 1.1; |
|
|
1281 | |
|
|
1282 | if (dns->send_interval < MIN_POLL_INTERVAL) |
|
|
1283 | dns->send_interval = MIN_POLL_INTERVAL; |
|
|
1284 | |
|
|
1285 | if (dns->send_interval > MAX_POLL_INTERVAL && !back_off) |
|
|
1286 | dns->send_interval = MAX_POLL_INTERVAL; |
|
|
1287 | } |
| 1185 | |
1288 | |
| 1186 | break; |
1289 | break; |
| 1187 | } |
1290 | } |
| 1188 | } |
1291 | } |
| 1189 | |
1292 | |
| … | |
… | |
| 1230 | |
1333 | |
| 1231 | // always return true even if the buffer overflows |
1334 | // always return true even if the buffer overflows |
| 1232 | return true; |
1335 | return true; |
| 1233 | } |
1336 | } |
| 1234 | |
1337 | |
| 1235 | void |
|
|
| 1236 | connection::dnsv4_reset_connection () |
|
|
| 1237 | { |
|
|
| 1238 | //delete dns; dns = 0; //TODO |
|
|
| 1239 | } |
|
|
| 1240 | |
|
|
| 1241 | #define NEXT(w) do { if (next > (w)) next = w; } while (0) |
1338 | #define NEXT(w) do { if (next > (w)) next = w; } while (0) |
| 1242 | |
1339 | |
| 1243 | void |
1340 | void |
| 1244 | dns_connection::time_cb (ev::timer &w, int revents) |
1341 | dns_connection::time_cb (ev::timer &w, int revents) |
| 1245 | { |
1342 | { |
| … | |
… | |
| 1286 | if (vpn->dns_sndpq.empty ()) |
1383 | if (vpn->dns_sndpq.empty ()) |
| 1287 | { |
1384 | { |
| 1288 | send = new dns_snd (this); |
1385 | send = new dns_snd (this); |
| 1289 | |
1386 | |
| 1290 | cfg.reset (THISNODE->id); |
1387 | cfg.reset (THISNODE->id); |
|
|
1388 | set_cfg (); |
| 1291 | send->gen_syn_req (); |
1389 | send->gen_syn_req (); |
| 1292 | } |
1390 | } |
| 1293 | } |
1391 | } |
| 1294 | else if (vpn->dns_sndpq.size () < conf.dns_max_outstanding |
1392 | else if (vpn->dns_sndpq.size () < conf.dns_max_outstanding |
| 1295 | && !SEQNO_EQ (rcvseq, sndseq - (MAX_WINDOW - 1))) |
1393 | && !SEQNO_EQ (rcvseq, sndseq - (MAX_WINDOW - 1))) |
