ViewVC Help
View File | Revision Log | Show Annotations | Download File
/cvs/gvpe/src/vpn_dns.C
(Generate patch)

Comparing gvpe/src/vpn_dns.C (file contents):
Revision 1.48 by pcg, Tue Jul 28 00:42:14 2009 UTC vs.
Revision 1.53 by root, Tue Oct 18 10:54:17 2011 UTC

1/* 1/*
2 vpn_dns.C -- handle the dns tunnel part of the protocol. 2 vpn_dns.C -- handle the dns tunnel part of the protocol.
3 Copyright (C) 2003-2008 Marc Lehmann <gvpe@schmorp.de> 3 Copyright (C) 2003-2011 Marc Lehmann <gvpe@schmorp.de>
4 4
5 This file is part of GVPE. 5 This file is part of GVPE.
6 6
7 GVPE is free software; you can redistribute it and/or modify it 7 GVPE is free software; you can redistribute it and/or modify it
8 under the terms of the GNU General Public License as published by the 8 under the terms of the GNU General Public License as published by the
59 59
60#include "netcompat.h" 60#include "netcompat.h"
61 61
62#include "vpn.h" 62#include "vpn.h"
63 63
64#define MIN_POLL_INTERVAL 0.025 // poll at most this often when no data received
64#define MAX_POLL_INTERVAL 5. // how often to poll minimally when the server has no data 65#define MAX_POLL_INTERVAL 1. // how often to poll minimally when the server has no data
65#define ACTIVITY_INTERVAL 5.
66 66
67#define INITIAL_TIMEOUT 0.1 // retry timeouts 67#define INITIAL_TIMEOUT 0.1 // retry timeouts
68#define INITIAL_SYN_TIMEOUT 2. // retry timeout for initial syn 68#define INITIAL_SYN_TIMEOUT 2. // retry timeout for initial syn
69 69
70#define MAX_SEND_INTERVAL 2. // optimistic? 70#define MAX_SEND_INTERVAL 5. // optimistic?
71 71
72#define MAX_WINDOW 1000 // max. for MAX_OUTSTANDING, and backlog 72#define MAX_WINDOW 1000 // max. for MAX_OUTSTANDING, and backlog
73#define MAX_BACKLOG (64*1024) // size of gvpe protocol backlog (bytes), must be > MAXSIZE 73#define MAX_BACKLOG (64*1024) // size of gvpe protocol backlog (bytes), must be > MAXSIZE
74 74
75#define MAX_DOMAIN_SIZE 240 // 255 is legal limit, but bind doesn't compress well 75#define MAX_DOMAIN_SIZE 235 // 255 is legal limit, but bind doesn't compress well
76// 240 leaves about 4 bytes of server reply data 76// 240 leaves about 4 bytes of server reply data
77// every request byte less give room for two reply bytes 77// every request byte less give room for two reply bytes
78 78
79#define SEQNO_MASK 0x3fff 79#define SEQNO_MASK 0x3fff
80#define SEQNO_EQ(a,b) ( 0 == ( ((a) ^ (b)) & SEQNO_MASK) ) 80#define SEQNO_EQ(a,b) ( 0 == ( ((a) ^ (b)) & SEQNO_MASK) )
91#define RR_CLASS_IN 1 91#define RR_CLASS_IN 1
92 92
93#define CMD_IP_1 207 93#define CMD_IP_1 207
94#define CMD_IP_2 46 94#define CMD_IP_2 46
95#define CMD_IP_3 236 95#define CMD_IP_3 236
96#define CMD_IP_RST 29 96
97#define CMD_IP_SYN 113 97#define CMD_IP_RST 29 // some error, reset and retry
98#define CMD_IP_REJ 32 98#define CMD_IP_REJ 32 // do not want you
99#define CMD_IP_SYN 113 // connection established
100#define CMD_IP_CSE 213 // connection established, but likely case mismatch
101
102static bool
103is_uc (char c)
104{
105 return 'A' <= c && c <= 'Z';
106}
107
108static bool
109is_lc (char c)
110{
111 return 'a' <= c && c <= 'z';
112}
99 113
100// works for cmaps up to 255 (not 256!) 114// works for cmaps up to 255 (not 256!)
101struct charmap 115struct charmap
102{ 116{
103 enum { INVALID = (u8)255 }; 117 enum { INVALID = (u8)255 };
117 memset (enc, (char) 0, 256); 131 memset (enc, (char) 0, 256);
118 memset (dec, (char)INVALID, 256); 132 memset (dec, (char)INVALID, 256);
119 133
120 for (size = 0; cmap [size]; size++) 134 for (size = 0; cmap [size]; size++)
121 { 135 {
136 char c = cmap [size];
137
122 enc [size] = cmap [size]; 138 enc [size] = c;
123 dec [(u8)enc [size]] = size; 139 dec [(u8)c] = size;
140
141 // allow lowercase/uppercase aliases if possible
142 if (is_uc (c) && dec [c + ('a' - 'A')] == INVALID) dec [c + ('a' - 'A')] = size;
143 if (is_lc (c) && dec [c - ('a' - 'A')] == INVALID) dec [c - ('a' - 'A')] = size;
124 } 144 }
125 145
126 assert (size < 256); 146 assert (size < 256);
127} 147}
128 148
135{ 155{
136 charmap cmap; 156 charmap cmap;
137 unsigned int enc_len [MAX_DEC_LEN]; 157 unsigned int enc_len [MAX_DEC_LEN];
138 unsigned int dec_len [MAX_ENC_LEN]; 158 unsigned int dec_len [MAX_ENC_LEN];
139 159
140 unsigned int encode_len (unsigned int len); 160 unsigned int encode_len (unsigned int len) const;
141 unsigned int decode_len (unsigned int len); 161 unsigned int decode_len (unsigned int len) const;
142 162
143 unsigned int encode (char *dst, u8 *src, unsigned int len); 163 unsigned int encode (char *dst, u8 *src, unsigned int len) const;
144 unsigned int decode (u8 *dst, char *src, unsigned int len); 164 unsigned int decode (u8 *dst, char *src, unsigned int len) const;
145 165
146 basecoder (const char *cmap); 166 basecoder (const char *cmap);
147}; 167};
148 168
149basecoder::basecoder (const char *cmap) 169basecoder::basecoder (const char *cmap)
168 enc_len [len] = n; 188 enc_len [len] = n;
169 dec_len [n] = len; 189 dec_len [n] = len;
170 } 190 }
171} 191}
172 192
193unsigned int
173unsigned int basecoder::encode_len (unsigned int len) 194basecoder::encode_len (unsigned int len) const
174{ 195{
175 return enc_len [len]; 196 return enc_len [len];
176} 197}
177 198
199unsigned int
178unsigned int basecoder::decode_len (unsigned int len) 200basecoder::decode_len (unsigned int len) const
179{ 201{
180 while (len && !dec_len [len]) 202 while (len && !dec_len [len])
181 --len; 203 --len;
182 204
183 return dec_len [len]; 205 return dec_len [len];
184} 206}
185 207
208unsigned int
186unsigned int basecoder::encode (char *dst, u8 *src, unsigned int len) 209basecoder::encode (char *dst, u8 *src, unsigned int len) const
187{ 210{
188 if (!len || len > MAX_DEC_LEN) 211 if (!len || len > MAX_DEC_LEN)
189 return 0; 212 return 0;
190 213
191 int elen = encode_len (len); 214 int elen = encode_len (len);
210 *dst++ = cmap.encode [dst_ [i]]; 233 *dst++ = cmap.encode [dst_ [i]];
211 234
212 return elen; 235 return elen;
213} 236}
214 237
238unsigned int
215unsigned int basecoder::decode (u8 *dst, char *src, unsigned int len) 239basecoder::decode (u8 *dst, char *src, unsigned int len) const
216{ 240{
217 if (!len || len > MAX_ENC_LEN) 241 if (!len || len > MAX_ENC_LEN)
218 return 0; 242 return 0;
219 243
220 u8 src_ [MAX_ENC_LEN]; 244 u8 src_ [MAX_ENC_LEN];
269 } 293 }
270 abort (); 294 abort ();
271} 295}
272#endif 296#endif
273 297
274//static basecoder cdc64 ("_dDpPhHzZrR06QqMmjJkKBb34TtSsvVlL81xXaAeEFf92WwGgYyoO57UucCNniI-");
275//static basecoder cdc63 ("_dDpPhHzZrR06QqMmjJkKBb34TtSsvVlL81xXaAeEFf92WwGgYyoO57UucCNniI");
276static basecoder cdc62 ("dDpPhHzZrR06QqMmjJkKBb34TtSsvVlL81xXaAeEFf92WwGgYyoO57UucCNniI"); 298static basecoder cdc62 ("dDpPhHzZrR06QqMmjJkKBb34TtSsvVlL81xXaAeEFf92WwGgYyoO57UucCNniI"); // a-zA-Z0-9
277//static basecoder cdc36 ("dphzr06qmjkb34tsvl81xaef92wgyo57ucni"); // unused as of yet 299static basecoder cdc36 ("dPhZr06QmJkB34tSvL81xAeF92wGyO57uCnI"); // a-z0-9 for case-changers
278static basecoder cdc26 ("dPhZrQmJkBtSvLxAeFwGyO"); 300static basecoder cdc26 ("dPhZrQmJkBtSvLxAeFwGyOuCnI"); // a-z
279 301
280///////////////////////////////////////////////////////////////////////////// 302/////////////////////////////////////////////////////////////////////////////
281 303
282#define HDRSIZE 6 304#define HDRSIZE 5
283 305
306inline void
284inline void encode_header (char *data, int clientid, int seqno, int retry = 0) 307encode_header (char *data, int clientid, int seqno, int retry = 0)
285{ 308{
309 assert (clientid < 256);
310
286 seqno &= SEQNO_MASK; 311 seqno &= SEQNO_MASK;
287 312
288 u8 hdr[3] = { 313 u8 hdr[3] = {
314 seqno,
315 (seqno >> 8) | (retry << 6),
289 clientid, 316 clientid,
290 (seqno >> 8) | (retry << 6),
291 seqno,
292 }; 317 };
293 318
294 assert (clientid < 256);
295
296 cdc26.encode (data, hdr, 3); 319 cdc36.encode (data, hdr, 3);
297} 320}
298 321
322inline void
299inline void decode_header (char *data, int &clientid, int &seqno) 323decode_header (char *data, int &clientid, int &seqno)
300{ 324{
301 u8 hdr[3]; 325 u8 hdr[3];
302 326
303 cdc26.decode (hdr, data, HDRSIZE); 327 cdc36.decode (hdr, data, HDRSIZE);
304 328
305 clientid = hdr[0]; 329 clientid = hdr[2];
306 seqno = ((hdr[1] << 8) | hdr[2]) & SEQNO_MASK; 330 seqno = ((hdr[1] << 8) | hdr[0]) & SEQNO_MASK;
307} 331}
308 332
309///////////////////////////////////////////////////////////////////////////// 333/////////////////////////////////////////////////////////////////////////////
310 334
311struct byte_stream 335struct byte_stream
337byte_stream::~byte_stream () 361byte_stream::~byte_stream ()
338{ 362{
339 delete data; 363 delete data;
340} 364}
341 365
366void
342void byte_stream::remove (int count) 367byte_stream::remove (int count)
343{ 368{
344 if (count > fill) 369 if (count > fill)
345 assert (count <= fill); 370 assert (count <= fill);
346 371
347 memmove (data, data + count, fill -= count); 372 memmove (data, data + count, fill -= count);
348} 373}
349 374
375bool
350bool byte_stream::put (u8 *data, unsigned int datalen) 376byte_stream::put (u8 *data, unsigned int datalen)
351{ 377{
352 if (maxsize - fill < datalen) 378 if (maxsize - fill < datalen)
353 return false; 379 return false;
354 380
355 memcpy (this->data + fill, data, datalen); fill += datalen; 381 memcpy (this->data + fill, data, datalen); fill += datalen;
356 382
357 return true; 383 return true;
358} 384}
359 385
386bool
360bool byte_stream::put (vpn_packet *pkt) 387byte_stream::put (vpn_packet *pkt)
361{ 388{
362 if (maxsize - fill < pkt->len + 2) 389 if (maxsize - fill < pkt->len + 2)
363 return false; 390 return false;
364 391
365 data [fill++] = pkt->len >> 8; 392 data [fill++] = pkt->len >> 8;
421 448
422struct dns_cfg 449struct dns_cfg
423{ 450{
424 static int next_uid; 451 static int next_uid;
425 452
426 u8 id1, id2, id3, id4; 453 u8 chksum;
454 u8 rrtype;
455 u16 uid; // to make request unique
427 456
428 u8 version; 457 u8 version;
429 u8 flags; 458 u8 flags;
430 u8 rrtype; 459 u16 max_size;
460
461 u8 id1, id2, id3, id4;
462
463 u16 client;
431 u8 def_ttl; 464 u8 def_ttl;
465 u8 r0;
432 466
433 u16 client; 467 u8 syn_cdc; // cdc en/decoder for syn (A?) requests
434 u16 uid; // to make request unique 468 u8 hdr_cdc; // cdc en/decoder for regular request headers
469 u8 req_cdc; // cdc en/decoder for regular (ANY?) request data
470 u8 rep_cdc; // cdc en/decoder for regular (TXT) replies, 0 == 8 bit encoding
435 471
436 u16 max_size;
437 u8 seq_cdc;
438 u8 req_cdc;
439
440 u8 rep_cdc;
441 u8 delay; // time in 0.01s units that the server may delay replying packets
442 u8 r3, r4;
443
444 u8 r5, r6, r7, r8; 472 u8 r1, r2, r3, r4;
445 473
446 void reset (int clientid); 474 void reset (int clientid);
447 bool valid (); 475 bool valid ();
476 u8 get_chksum ();
448}; 477};
449 478
450int dns_cfg::next_uid; 479int dns_cfg::next_uid;
451 480
481void
452void dns_cfg::reset (int clientid) 482dns_cfg::reset (int clientid)
453{ 483{
484 // this ID must result in some mixed-case characters in cdc26-encoding
454 id1 = 'G'; 485 id1 = 'G';
455 id2 = 'V'; 486 id2 = 'V';
456 id3 = 'P'; 487 id3 = 'P';
457 id4 = 'E'; 488 id4 = 'E';
458 489
459 version = 1; 490 version = 2;
460 491
461 rrtype = RR_TYPE_TXT; 492 rrtype = RR_TYPE_TXT;
462 flags = 0; 493 flags = 0;
463 def_ttl = 0; 494 def_ttl = 0;
464 seq_cdc = 26; 495 syn_cdc = 26;
465 req_cdc = 62; 496 hdr_cdc = 36;
497 req_cdc = conf.dns_case_preserving ? 62 : 36;
466 rep_cdc = 0; 498 rep_cdc = 0;
467 max_size = htons (MAX_PKT_SIZE); 499 max_size = htons (MAX_PKT_SIZE);
468 client = htons (clientid); 500 client = htons (clientid);
469 uid = next_uid++; 501 uid = ++next_uid;
470 delay = 0;
471 502
472 r3 = r4 = 0; 503 r0 = r1 = r2 = r3 = r4 = 0;
473 r4 = r5 = r6 = r7 = 0;
474}
475 504
505 chksum = get_chksum ();
506}
507
508// simple but not trivial chksum
509u8
510dns_cfg::get_chksum ()
511{
512 unsigned int sum = 0xff00; // only 16 bits required
513
514 u8 old_chksum = chksum;
515 chksum = 0;
516
517 for (unsigned int i = 0; i < sizeof (*this); ++i)
518 sum += ((u8 *)this)[i] * (i + 1);
519
520 chksum = old_chksum;
521
522 return sum + (sum >> 8);
523}
524
525bool
476bool dns_cfg::valid () 526dns_cfg::valid ()
477{ 527{
478 // although the protocol itself allows for some configurability, 528 // although the protocol itself allows for some configurability,
479 // only the following encoding/decoding settings are implemented. 529 // only the following encoding/decoding settings are implemented.
480 return id1 == 'G' 530 return id1 == 'G'
481 && id2 == 'V' 531 && id2 == 'V'
482 && id3 == 'P' 532 && id3 == 'P'
483 && id4 == 'E' 533 && id4 == 'E'
534 && version == 2
484 && seq_cdc == 26 535 && syn_cdc == 26
485 && req_cdc == 62 536 && hdr_cdc == 36
537 && (req_cdc == 36 || req_cdc == 62)
486 && rep_cdc == 0 538 && rep_cdc == 0
487 && version == 1; 539 && chksum == get_chksum ();
488} 540}
489 541
490struct dns_packet : net_packet 542struct dns_packet : net_packet
491{ 543{
492 u16 id; 544 u16 id;
496 u8 data [MAXSIZE - 6 * 2]; 548 u8 data [MAXSIZE - 6 * 2];
497 549
498 int decode_label (char *data, int size, int &offs); 550 int decode_label (char *data, int size, int &offs);
499}; 551};
500 552
553int
501int dns_packet::decode_label (char *data, int size, int &offs) 554dns_packet::decode_label (char *data, int size, int &offs)
502{ 555{
503 char *orig = data; 556 char *orig = data;
504 557
505 memset (data, 0, size); 558 memset (data, 0, size);
506 559
532 return data - orig; 585 return data - orig;
533} 586}
534 587
535///////////////////////////////////////////////////////////////////////////// 588/////////////////////////////////////////////////////////////////////////////
536 589
590static
591u16 next_id ()
592{
537static u16 dns_id = 0; // TODO: should be per-vpn 593 static u16 dns_id = 0; // TODO: should be per-vpn
538 594
539static u16 next_id () 595#if 1
540{
541 if (!dns_id) 596 if (!dns_id)
542 dns_id = time (0); 597 dns_id = time (0);
543 598
544 // the simplest lsfr with periodicity 65535 i could find 599 // the simplest lsfr with periodicity 65535 i could find
545 dns_id = (dns_id << 1) 600 dns_id = (dns_id << 1)
547 ^ (dns_id >> 2) 602 ^ (dns_id >> 2)
548 ^ (dns_id >> 4) 603 ^ (dns_id >> 4)
549 ^ (dns_id >> 15)) & 1); 604 ^ (dns_id >> 15)) & 1);
550 605
551 return dns_id; 606 return dns_id;
607#else
608 dns_id++;//D
609
610 return htons (dns_id);
611#endif
552} 612}
553 613
554struct dns_rcv; 614struct dns_rcv;
555struct dns_snd; 615struct dns_snd;
556 616
560 struct vpn *vpn; 620 struct vpn *vpn;
561 621
562 dns_cfg cfg; 622 dns_cfg cfg;
563 623
564 bool established; 624 bool established;
625 const basecoder *cdc;
565 626
566 tstamp last_received; 627 tstamp last_received;
567 tstamp last_sent; 628 tstamp last_sent;
568 double min_latency; 629 double min_latency;
569 double poll_interval, send_interval; 630 double poll_interval, send_interval;
573 byte_stream rcvdq; int rcvseq; int repseq; 634 byte_stream rcvdq; int rcvseq; int repseq;
574 byte_stream snddq; int sndseq; 635 byte_stream snddq; int sndseq;
575 636
576 inline void time_cb (ev::timer &w, int revents); ev::timer tw; 637 inline void time_cb (ev::timer &w, int revents); ev::timer tw;
577 void receive_rep (dns_rcv *r); 638 void receive_rep (dns_rcv *r);
639
640 void reset (); // quite like tcp RST
641 void set_cfg (); // to be called after any cfg changes
578 642
579 dns_connection (connection *c); 643 dns_connection (connection *c);
580 ~dns_connection (); 644 ~dns_connection ();
581}; 645};
582 646
613dns_snd::~dns_snd () 677dns_snd::~dns_snd ()
614{ 678{
615 delete pkt; 679 delete pkt;
616} 680}
617 681
682static void
618static void append_domain (dns_packet &pkt, int &offs, const char *domain) 683append_domain (dns_packet &pkt, int &offs, const char *domain)
619{ 684{
620 // add tunnel domain 685 // add tunnel domain
621 for (;;) 686 for (;;)
622 { 687 {
623 const char *end = strchr (domain, '.'); 688 const char *end = strchr (domain, '.');
636 701
637 domain = end + 1; 702 domain = end + 1;
638 } 703 }
639} 704}
640 705
706void
641void dns_snd::gen_stream_req (int seqno, byte_stream &stream) 707dns_snd::gen_stream_req (int seqno, byte_stream &stream)
642{ 708{
643 stdhdr = true; 709 stdhdr = true;
644 this->seqno = seqno; 710 this->seqno = seqno;
645 711
646 timeout = ev_now () + INITIAL_TIMEOUT; 712 timeout = ev_now () + INITIAL_TIMEOUT;
654 // so we need to have space for 2*MAX_DOMAIN_SIZE + header + extra 720 // so we need to have space for 2*MAX_DOMAIN_SIZE + header + extra
655 721
656 char enc[256], *encp = enc; 722 char enc[256], *encp = enc;
657 encode_header (enc, THISNODE->id, seqno); 723 encode_header (enc, THISNODE->id, seqno);
658 724
659 int datalen = cdc62.decode_len (dlen - (dlen + MAX_LBL_SIZE - 1) / MAX_LBL_SIZE - HDRSIZE); 725 int datalen = dns->cdc->decode_len (dlen - (dlen + MAX_LBL_SIZE - 1) / MAX_LBL_SIZE - HDRSIZE);
660 726
661 if (datalen > stream.size ()) 727 if (datalen > stream.size ())
662 datalen = stream.size (); 728 datalen = stream.size ();
663 729
664 int enclen = cdc62.encode (enc + HDRSIZE, stream.begin (), datalen) + HDRSIZE; 730 int enclen = dns->cdc->encode (enc + HDRSIZE, stream.begin (), datalen) + HDRSIZE;
665 stream.remove (datalen); 731 stream.remove (datalen);
666 732
667 while (enclen) 733 while (enclen)
668 { 734 {
669 int lbllen = enclen < MAX_LBL_SIZE ? enclen : MAX_LBL_SIZE; 735 int lbllen = enclen < MAX_LBL_SIZE ? enclen : MAX_LBL_SIZE;
684 (*pkt)[offs++] = RR_CLASS_IN >> 8; (*pkt)[offs++] = RR_CLASS_IN; 750 (*pkt)[offs++] = RR_CLASS_IN >> 8; (*pkt)[offs++] = RR_CLASS_IN;
685 751
686 pkt->len = offs; 752 pkt->len = offs;
687} 753}
688 754
755void
689void dns_snd::gen_syn_req () 756dns_snd::gen_syn_req ()
690{ 757{
691 timeout = ev_now () + INITIAL_SYN_TIMEOUT; 758 timeout = ev_now () + INITIAL_SYN_TIMEOUT;
692 759
693 pkt->flags = htons (DEFAULT_CLIENT_FLAGS); 760 pkt->flags = htons (DEFAULT_CLIENT_FLAGS);
694 pkt->qdcount = htons (1); 761 pkt->qdcount = htons (1);
741{ 808{
742 tw.set<dns_connection, &dns_connection::time_cb> (this); 809 tw.set<dns_connection, &dns_connection::time_cb> (this);
743 810
744 vpn = c->vpn; 811 vpn = c->vpn;
745 812
813 reset ();
814}
815
816dns_connection::~dns_connection ()
817{
818 reset ();
819}
820
821void
822dns_connection::reset ()
823{
824 while (!rcvpq.empty ())
825 {
826 delete rcvpq.back ();
827 rcvpq.pop_back ();
828 }
829
830 for (int i = vpn->dns_sndpq.size (); i--; )
831 if (vpn->dns_sndpq [i]->dns == this)
832 {
833 vpn->dns_sndpq [i] = vpn->dns_sndpq.back ();
834 vpn->dns_sndpq.pop_back ();
835 }
836
746 established = false; 837 established = false;
747 838
748 rcvseq = repseq = sndseq = 0; 839 rcvseq = repseq = sndseq = 0;
749 840
750 last_sent = last_received = 0; 841 last_sent = 0;
751 poll_interval = 0.5; // starting here 842 poll_interval = 0.5; // starting here
752 send_interval = 0.5; // starting rate 843 send_interval = 0.5; // starting rate
753 min_latency = INITIAL_TIMEOUT; 844 min_latency = INITIAL_TIMEOUT;
754} 845}
755 846
756dns_connection::~dns_connection () 847void
848dns_connection::set_cfg ()
757{ 849{
758 for (vector<dns_rcv *>::iterator i = rcvpq.begin (); 850 cdc = cfg.req_cdc == 36 ? &cdc36 : &cdc62;
759 i != rcvpq.end ();
760 ++i)
761 delete *i;
762} 851}
763 852
853void
764void dns_connection::receive_rep (dns_rcv *r) 854dns_connection::receive_rep (dns_rcv *r)
765{ 855{
766 if (r->datalen) 856 if (r->datalen)
767 { 857 poll_interval = max (poll_interval * (1. / 1.2), MIN_POLL_INTERVAL);
768 last_received = ev_now ();
769 tw ();
770
771 poll_interval = send_interval;
772 }
773 else 858 else
774 { 859 poll_interval = min (poll_interval * 1.1, MAX_POLL_INTERVAL);
775 poll_interval *= 1.5;
776
777 if (poll_interval > MAX_POLL_INTERVAL)
778 poll_interval = MAX_POLL_INTERVAL;
779 }
780 860
781 rcvpq.push_back (r); 861 rcvpq.push_back (r);
782 862
783 redo: 863 redo:
784 864
802 882
803 rcvseq = (rcvseq + 1) & SEQNO_MASK; 883 rcvseq = (rcvseq + 1) & SEQNO_MASK;
804 884
805 if (!rcvdq.put (r->data, r->datalen)) 885 if (!rcvdq.put (r->data, r->datalen))
806 { 886 {
887 // MUST never overflow, can be caused by data corruption, TODO
807 slog (L_ERR, "DNS: !rcvdq.put (r->data, r->datalen)"); 888 slog (L_CRIT, "DNS: !rcvdq.put (r->data, r->datalen)");
808 abort (); // MUST never overflow, can be caused by data corruption, TODO 889 reset ();
890 return;
809 } 891 }
810 892
811 while (vpn_packet *pkt = rcvdq.get ()) 893 while (vpn_packet *pkt = rcvdq.get ())
812 { 894 {
813 sockinfo si; 895 sockinfo si;
814 si.host = htonl (c->conf->id); si.port = 0; si.prot = PROT_DNSv4; 896 si.host = htonl (c->conf->id); si.port = 0; si.prot = PROT_DNSv4;
815 897
816 vpn->recv_vpn_packet (pkt, si); 898 vpn->recv_vpn_packet (pkt, si);
817
818 delete pkt; 899 delete pkt;
819 } 900 }
820 901
821 // check for further packets 902 // check for further packets
822 goto redo; 903 goto redo;
865 { 946 {
866 // correct class, domain: parse 947 // correct class, domain: parse
867 int client, seqno; 948 int client, seqno;
868 decode_header (qname, client, seqno); 949 decode_header (qname, client, seqno);
869 950
870 u8 data[MAXSIZE];
871 int datalen = cdc62.decode (data, qname + HDRSIZE, qlen - (dlen + 1 + HDRSIZE));
872
873 if (0 < client && client <= conns.size ()) 951 if (0 < client && client <= conns.size ())
874 { 952 {
875 connection *c = conns [client - 1]; 953 connection *c = conns [client - 1];
876 dns_connection *dns = c->dns; 954 dns_connection *dns = c->dns;
877 dns_rcv *rcv; 955 dns_rcv *rcv;
878 956
879 if (dns) 957 if (dns)
880 { 958 {
959 u8 data[MAXSIZE];
960 int datalen = dns->cdc->decode (data, qname + HDRSIZE, qlen - (dlen + 1 + HDRSIZE));
961
881 for (vector<dns_rcv *>::iterator i = dns->rcvpq.end (); i-- != dns->rcvpq.begin (); ) 962 for (vector<dns_rcv *>::iterator i = dns->rcvpq.end (); i-- != dns->rcvpq.begin (); )
882 if (SEQNO_EQ ((*i)->seqno, seqno)) 963 if (SEQNO_EQ ((*i)->seqno, seqno))
883 { 964 {
884 // already seen that request: simply reply with the cached reply 965 // already seen that request: simply reply with the cached reply
885 dns_rcv *r = *i; 966 dns_rcv *r = *i;
986 pkt [offs++] = RR_CLASS_IN >> 8; pkt [offs++] = RR_CLASS_IN; // class 1067 pkt [offs++] = RR_CLASS_IN >> 8; pkt [offs++] = RR_CLASS_IN; // class
987 pkt [offs++] = 0; pkt [offs++] = 0; 1068 pkt [offs++] = 0; pkt [offs++] = 0;
988 pkt [offs++] = 0; pkt [offs++] = cfg.def_ttl; // TTL 1069 pkt [offs++] = 0; pkt [offs++] = cfg.def_ttl; // TTL
989 pkt [offs++] = 0; pkt [offs++] = 4; // rdlength 1070 pkt [offs++] = 0; pkt [offs++] = 4; // rdlength
990 1071
991 slog (L_INFO, _("DNS: client %d connects"), client);
992
993 pkt [offs++] = CMD_IP_1; pkt [offs++] = CMD_IP_2; pkt [offs++] = CMD_IP_3; 1072 pkt [offs++] = CMD_IP_1; pkt [offs++] = CMD_IP_2; pkt [offs++] = CMD_IP_3;
994 pkt [offs++] = CMD_IP_REJ; 1073 pkt [offs++] = CMD_IP_REJ;
995 1074
996 if (0 < client && client <= conns.size ()) 1075 if (0 < client && client <= conns.size ())
997 { 1076 {
998 connection *c = conns [client - 1]; 1077 connection *c = conns [client - 1];
999 1078
1000 if (cfg.valid ()) 1079 if (cfg.valid ())
1001 { 1080 {
1002 pkt [offs - 1] = CMD_IP_SYN; 1081 slog (L_INFO, _("DNS: client %d connects (version %d, req_cdc %d)"), client, cfg.version, cfg.req_cdc);
1082
1083 // check for any encoding mismatches - hints at a case problem
1084 char qname2 [MAX_ENC_LEN];
1085 cdc26.encode (qname2, (u8 *)&cfg, sizeof (dns_cfg));
1003 1086
1004 delete c->dns; 1087 delete c->dns;
1088
1089 pkt [offs - 1] = memcmp (qname, qname2, cdc26.encode_len (sizeof (dns_cfg)))
1090 ? CMD_IP_CSE : CMD_IP_SYN;
1091
1005 c->dns = new dns_connection (c); 1092 c->dns = new dns_connection (c);
1006 c->dns->cfg = cfg; 1093 c->dns->cfg = cfg;
1094 c->dns->set_cfg ();
1007 } 1095 }
1008 } 1096 }
1009 } 1097 }
1010 } 1098 }
1011 1099
1082 ttl |= pkt [offs++] << 16; 1170 ttl |= pkt [offs++] << 16;
1083 ttl |= pkt [offs++] << 8; 1171 ttl |= pkt [offs++] << 8;
1084 ttl |= pkt [offs++]; 1172 ttl |= pkt [offs++];
1085 u16 rdlen = pkt [offs++] << 8; rdlen |= pkt [offs++]; 1173 u16 rdlen = pkt [offs++] << 8; rdlen |= pkt [offs++];
1086 1174
1087 if (qtype == RR_TYPE_NULL || qtype == RR_TYPE_TXT) 1175 if (qtype == RR_TYPE_NULL || qtype == RR_TYPE_TXT || qtype == dns->cfg.rrtype)
1088 { 1176 {
1089 if (rdlen <= MAXSIZE - offs) 1177 if (rdlen <= MAXSIZE - offs)
1090 { 1178 {
1091 // decode bytes, finally 1179 // decode bytes, finally
1092 1180
1118 { 1206 {
1119 slog (L_TRACE, _("DNS: got tunnel meta command %02x"), ip [3]); 1207 slog (L_TRACE, _("DNS: got tunnel meta command %02x"), ip [3]);
1120 1208
1121 if (ip [3] == CMD_IP_RST) 1209 if (ip [3] == CMD_IP_RST)
1122 { 1210 {
1123 slog (L_DEBUG, _("DNS: got tunnel RST request")); 1211 slog (L_DEBUG, _("DNS: got tunnel RST request."));
1124 1212
1125 delete dns; c->dns = 0; 1213 dns->reset ();
1126
1127 return; 1214 return;
1128 } 1215 }
1129 else if (ip [3] == CMD_IP_SYN) 1216 else if (ip [3] == CMD_IP_SYN)
1130 { 1217 {
1131 slog (L_DEBUG, _("DNS: got tunnel SYN reply, server likes us.")); 1218 slog (L_DEBUG, _("DNS: got tunnel SYN reply, server likes us."));
1132 dns->established = true; 1219 dns->established = true;
1133 } 1220 }
1221 else if (ip [3] == CMD_IP_CSE)
1222 {
1223 if (conf.dns_case_preserving)
1224 {
1225 slog (L_INFO, _("DNS: got tunnel CSE reply, globally downgrading to case-insensitive protocol."));
1226 conf.dns_case_preserving = false;
1227 dns->reset ();
1228 return;
1229 }
1230 else
1231 {
1232 slog (L_DEBUG, _("DNS: got tunnel CSE reply, server likes us."));
1233 dns->established = true;
1234 }
1235 }
1134 else if (ip [3] == CMD_IP_REJ) 1236 else if (ip [3] == CMD_IP_REJ)
1135 { 1237 {
1136 slog (L_DEBUG, _("DNS: got tunnel REJ reply, server does not like us, aborting.")); 1238 slog (L_ERR, _("DNS: got tunnel REJ reply, server does not like us."));
1137 abort (); 1239 dns->tw.start (60.);
1138 } 1240 }
1139 else 1241 else
1242 {
1140 slog (L_INFO, _("DNS: got unknown meta command %02x"), ip [3]); 1243 slog (L_INFO, _("DNS: got unknown meta command %02x"), ip [3]);
1244 dns->tw.start (60.);
1245 }
1141 } 1246 }
1142 else 1247 else
1143 slog (L_INFO, _("DNS: got spurious a record %d.%d.%d.%d"), 1248 slog (L_INFO, _("DNS: got spurious a record %d.%d.%d.%d"),
1144 ip [0], ip [1], ip [2], ip [3]); 1249 ip [0], ip [1], ip [2], ip [3]);
1145 1250
1207 1312
1208 if (!c->dns) 1313 if (!c->dns)
1209 c->dns = new dns_connection (c); 1314 c->dns = new dns_connection (c);
1210 1315
1211 if (c->dns->snddq.put (pkt)) 1316 if (c->dns->snddq.put (pkt))
1317 {
1318 min_it (c->dns->poll_interval, 0.25);
1212 c->dns->tw (); 1319 c->dns->tw ();
1320 }
1213 1321
1214 // always return true even if the buffer overflows 1322 // always return true even if the buffer overflows
1215 return true; 1323 return true;
1216} 1324}
1217
1218void
1219connection::dnsv4_reset_connection ()
1220{
1221 //delete dns; dns = 0; //TODO
1222}
1223
1224#define NEXT(w) do { if (next > (w)) next = w; } while (0)
1225 1325
1226void 1326void
1227dns_connection::time_cb (ev::timer &w, int revents) 1327dns_connection::time_cb (ev::timer &w, int revents)
1228{ 1328{
1229 // servers have to be polled 1329 // servers have to be polled
1230 if (THISNODE->dns_port) 1330 if (THISNODE->dns_port)
1231 return; 1331 return;
1232 1332
1233 // check for timeouts and (re)transmit 1333 // check for timeouts and (re)transmit
1234 tstamp next = ev::now () + poll_interval; 1334 tstamp next = 86400 * 365;
1235 dns_snd *send = 0; 1335 dns_snd *send = 0;
1236 1336
1237 for (vector<dns_snd *>::iterator i = vpn->dns_sndpq.begin (); 1337 for (vector<dns_snd *>::iterator i = vpn->dns_sndpq.begin ();
1238 i != vpn->dns_sndpq.end (); 1338 i != vpn->dns_sndpq.end ();
1239 ++i) 1339 ++i)
1245 if (!send) 1345 if (!send)
1246 { 1346 {
1247 send = r; 1347 send = r;
1248 1348
1249 r->retry++; 1349 r->retry++;
1250 r->timeout = ev_now () + (r->retry * min_latency * conf.dns_timeout_factor); 1350 r->timeout = ev_now () + r->retry * min_latency * conf.dns_timeout_factor;
1251 //printf ("RETRY %x (%d, %f)\n", r->seqno, r->retry, r->timeout - ev_now ());//D 1351 //printf ("RETRY %x (%d, %f)\n", r->seqno, r->retry, r->timeout - ev_now ());//D
1252 1352
1253 // the following code changes the query section a bit, forcing 1353 // the following code changes the query section a bit, forcing
1254 // the forwarder to generate a new request 1354 // the forwarder to generate a new request
1255 if (r->stdhdr) 1355 if (r->stdhdr)
1256 encode_header ((char *)r->pkt->at (6 * 2 + 1), THISNODE->id, r->seqno, r->retry); 1356 encode_header ((char *)r->pkt->at (6 * 2 + 1), THISNODE->id, r->seqno, r->retry);
1257 } 1357 }
1258 } 1358 }
1259 else 1359 else
1260 NEXT (r->timeout); 1360 min_it (next, r->timeout - ev_now ());
1261 } 1361 }
1262 1362
1263 if (!send) 1363 if (!send)
1264 { 1364 {
1265 // generate a new packet, if wise 1365 // generate a new packet, if wise
1269 if (vpn->dns_sndpq.empty ()) 1369 if (vpn->dns_sndpq.empty ())
1270 { 1370 {
1271 send = new dns_snd (this); 1371 send = new dns_snd (this);
1272 1372
1273 cfg.reset (THISNODE->id); 1373 cfg.reset (THISNODE->id);
1374 set_cfg ();
1274 send->gen_syn_req (); 1375 send->gen_syn_req ();
1275 } 1376 }
1276 } 1377 }
1277 else if (vpn->dns_sndpq.size () < conf.dns_max_outstanding 1378 else if (vpn->dns_sndpq.size () < conf.dns_max_outstanding
1278 && !SEQNO_EQ (rcvseq, sndseq - (MAX_WINDOW - 1))) 1379 && !SEQNO_EQ (rcvseq, sndseq - (MAX_WINDOW - 1)))
1279 { 1380 {
1280 if (last_sent + send_interval <= ev_now ()) 1381 if (last_sent + send_interval <= ev_now ())
1281 { 1382 {
1282 //printf ("sending data request etc.\n"); //D 1383 //printf ("sending data request etc.\n"); //D
1283 if (!snddq.empty () || last_received + 1. > ev_now ()) 1384 if (!snddq.empty ())
1284 {
1285 poll_interval = send_interval; 1385 min_it (next, send_interval);
1286 NEXT (ev_now () + send_interval);
1287 }
1288 1386
1289 send = new dns_snd (this); 1387 send = new dns_snd (this);
1290 send->gen_stream_req (sndseq, snddq); 1388 send->gen_stream_req (sndseq, snddq);
1291 send->timeout = ev_now () + min_latency * conf.dns_timeout_factor; 1389 send->timeout = ev_now () + min_latency * conf.dns_timeout_factor;
1292 //printf ("SEND %x (%f)\n", send->seqno, send->timeout - ev_now (), min_latency, conf.dns_timeout_factor);//D 1390 //printf ("SEND %x (%f)\n", send->seqno, send->timeout - ev_now (), min_latency, conf.dns_timeout_factor);//D
1293 1391
1294 sndseq = (sndseq + 1) & SEQNO_MASK; 1392 sndseq = (sndseq + 1) & SEQNO_MASK;
1295 } 1393 }
1296 else 1394 else
1297 NEXT (last_sent + send_interval); 1395 min_it (next, last_sent + send_interval - ev_now ());
1298 } 1396 }
1299 1397
1300 if (send) 1398 if (send)
1301 vpn->dns_sndpq.push_back (send); 1399 vpn->dns_sndpq.push_back (send);
1302 } 1400 }
1307 sendto (vpn->dnsv4_fd, 1405 sendto (vpn->dnsv4_fd,
1308 send->pkt->at (0), send->pkt->len, 0, 1406 send->pkt->at (0), send->pkt->len, 0,
1309 vpn->dns_forwarder.sav4 (), vpn->dns_forwarder.salenv4 ()); 1407 vpn->dns_forwarder.sav4 (), vpn->dns_forwarder.salenv4 ());
1310 } 1408 }
1311 1409
1410 min_it (next, last_sent + max (poll_interval, send_interval) - ev_now ());
1411
1312 slog (L_NOISE, "DNS: pi %f si %f N %f (%d:%d %d)", 1412 slog (L_NOISE, "DNS: pi %f si %f N %f (%d:%d %d)",
1313 poll_interval, send_interval, next - ev_now (), 1413 poll_interval, send_interval, next - ev_now (),
1314 vpn->dns_sndpq.size (), snddq.size (), 1414 vpn->dns_sndpq.size (), snddq.size (),
1315 rcvpq.size ()); 1415 rcvpq.size ());
1316 1416
1317 // TODO: no idea when this happens, but when next < ev_now (), we have a problem 1417 w.start (next);
1318 // doesn't seem to happen anymore
1319 if (next < ev_now () + 0.001)
1320 next = ev_now () + 0.1;
1321
1322 w.start (next - ev_now ());
1323} 1418}
1324 1419
1325#endif 1420#endif
1326 1421

Diff Legend

Removed lines
+ Added lines
< Changed lines
> Changed lines