40 #include <event2/dns.h>
41 #include <event2/dns_compat.h>
43 #include <event2/dns_struct.h>
55 struct evdns_server_question *q = NULL, *supported_q = NULL;
56 struct sockaddr_storage addr;
61 int err = DNS_ERR_NONE;
66 log_info(
LD_APP,
"Got a new DNS request!");
74 if ((addrlen = evdns_server_request_get_requesting_addr(req,
75 (
struct sockaddr*)&addr, (socklen_t)
sizeof(addr))) < 0) {
76 log_warn(
LD_APP,
"Couldn't get requesting address.");
77 evdns_server_request_respond(req, DNS_ERR_SERVERFAILED);
81 sa = (
struct sockaddr*) &addr;
83 log_warn(
LD_APP,
"Requesting address wasn't recognized.");
84 evdns_server_request_respond(req, DNS_ERR_SERVERFAILED);
89 log_warn(
LD_APP,
"Rejecting DNS request from disallowed IP.");
90 evdns_server_request_respond(req, DNS_ERR_REFUSED);
98 if (req->nquestions == 0) {
99 log_info(
LD_APP,
"No questions in DNS request; sending back nil reply.");
100 evdns_server_request_respond(req, 0);
103 if (req->nquestions > 1) {
104 log_info(
LD_APP,
"Got a DNS request with more than one question; I only "
105 "handle one question at a time for now. Skipping the extras.");
107 for (i = 0; i < req->nquestions; ++i) {
108 if (req->questions[i]->dns_question_class != EVDNS_CLASS_INET)
110 switch (req->questions[i]->type) {
112 case EVDNS_TYPE_AAAA:
117 supported_q = req->questions[i];
126 log_info(
LD_APP,
"None of the questions we got were ones we're willing "
127 "to support. Sending NOTIMPL.");
128 evdns_server_request_respond(req, DNS_ERR_NOTIMPL);
133 if (err == DNS_ERR_NONE && strlen(q->name) > MAX_SOCKS_ADDR_LEN-1)
134 err = DNS_ERR_FORMAT;
136 if (err != DNS_ERR_NONE || !supported_q) {
139 evdns_server_request_respond(req, err);
146 CONNECTION_AP_EXPECT_NONPENDING(entry_conn);
154 if (q->type == EVDNS_TYPE_A || q->type == EVDNS_TYPE_AAAA ||
155 q->type == EVDNS_QTYPE_ALL) {
163 entry_conn->entry_cfg.dns_request = 1;
164 if (q->type == EVDNS_TYPE_A || q->type == EVDNS_QTYPE_ALL) {
165 entry_conn->entry_cfg.ipv4_traffic = 1;
166 entry_conn->entry_cfg.ipv6_traffic = 0;
167 entry_conn->entry_cfg.prefer_ipv6 = 0;
168 }
else if (q->type == EVDNS_TYPE_AAAA) {
169 entry_conn->entry_cfg.ipv4_traffic = 0;
170 entry_conn->entry_cfg.ipv6_traffic = 1;
171 entry_conn->entry_cfg.prefer_ipv6 = 1;
184 log_warn(
LD_APP,
"Couldn't register dummy connection for DNS request");
185 evdns_server_request_respond(req, DNS_ERR_SERVERFAILED);
196 log_info(
LD_APP,
"Passing request for %s to rewrite_and_attach.",
198 q_name = tor_strdup(q->name);
202 log_info(
LD_APP,
"Passed request for %s to rewrite_and_attach_if_allowed.",
225 entry_conn->entry_cfg.dns_request = 1;
227 CONNECTION_AP_EXPECT_NONPENDING(entry_conn);
239 TO_CONN(conn)->address = tor_strdup(
"(Tor_internal)");
265 if (connection_add(
TO_CONN(conn))<0) {
266 log_warn(
LD_APP,
"Couldn't register dummy connection for RESOLVE request");
277 log_info(
LD_APP,
"Passing request for %s to rewrite_and_attach.",
279 q_name = tor_strdup(
name);
283 log_info(
LD_APP,
"Passed request for %s to rewrite_and_attach_if_allowed.",
296 DNS_ERR_SERVERFAILED);
306 int rtype,
const char *addr)
311 case RESOLVED_TYPE_IPV4:
314 case RESOLVED_TYPE_HOSTNAME:
315 type = EVDNS_TYPE_PTR;
317 case RESOLVED_TYPE_IPV6:
318 type = EVDNS_TYPE_AAAA;
320 case RESOLVED_TYPE_ERROR:
321 case RESOLVED_TYPE_ERROR_TRANSIENT:
329 for (i = 0; i < req->nquestions; ++i) {
330 const struct evdns_server_question *q = req->questions[i];
331 if (q->type == type && !strcasecmp(q->name, addr))
350 int err = DNS_ERR_NONE;
363 if (answer_type == RESOLVED_TYPE_IPV6) {
364 evdns_server_request_add_aaaa_reply(req,
367 }
else if (answer_type == RESOLVED_TYPE_IPV4 && answer_len == 4 &&
369 evdns_server_request_add_a_reply(req,
372 }
else if (answer_type == RESOLVED_TYPE_HOSTNAME &&
375 char *ans = tor_strndup(answer, answer_len);
376 evdns_server_request_add_ptr_reply(req, NULL,
380 }
else if (answer_type == RESOLVED_TYPE_ERROR) {
381 err = DNS_ERR_NOTEXIST;
383 err = DNS_ERR_SERVERFAILED;
386 evdns_server_request_respond(req, err);
void tor_addr_copy(tor_addr_t *dest, const tor_addr_t *src)
char * tor_addr_to_str_dup(const tor_addr_t *addr)
int tor_addr_from_sockaddr(tor_addr_t *a, const struct sockaddr *sa, uint16_t *port_out)
Header for compat_libevent.c.
const char * escaped_safe_str_client(const char *address)
Header file for config.c.
listener_connection_t * TO_LISTENER_CONN(connection_t *c)
entry_connection_t * entry_connection_new(int type, int socket_family)
void connection_free_(connection_t *conn)
Header file for connection.c.
#define CONN_TYPE_CONTROL_LISTENER
#define CONN_TYPE_AP_DNS_LISTENER
int connection_ap_rewrite_and_attach_if_allowed(entry_connection_t *conn, origin_circuit_t *circ, crypt_path_t *cpath)
Header file for connection_edge.c.
#define AP_CONN_STATE_RESOLVE_WAIT
Controller connection structure.
int control_event_stream_status(entry_connection_t *conn, stream_status_event_t tp, int reason_code)
Header file for control_events.c.
void dnsserv_configure_listener(connection_t *conn)
static const char * evdns_get_orig_address(const struct evdns_server_request *req, int rtype, const char *addr)
void dnsserv_reject_request(entry_connection_t *conn)
static void evdns_server_callback(struct evdns_server_request *req, void *data_)
int dnsserv_launch_request(const char *name, int reverse, control_connection_t *control_conn)
void dnsserv_resolved(entry_connection_t *conn, int answer_type, size_t answer_len, const char *answer, int ttl)
void dnsserv_close_listener(connection_t *conn)
Header file for dnsserv.c.
Entry connection structure.
#define ENTRY_TO_EDGE_CONN(c)
Listener connection structure.
unsigned get_signewnym_epoch(void)
Header file for mainloop.c.
void note_user_activity(time_t now)
Master header file for Tor-specific functionality.
#define SESSION_GROUP_CONTROL_RESOLVE
int socks_policy_permits_address(const tor_addr_t *addr)
Header file for policies.c.
Client request structure.
#define SOCKS_COMMAND_RESOLVE_PTR
#define SOCKS_COMMAND_RESOLVE
unsigned int is_dns_request
socks_request_t * socks_request
struct evdns_server_request * dns_server_request
char * original_dest_address
struct evdns_server_port * dns_server_port
char address[MAX_SOCKS_ADDR_LEN]
#define tor_fragile_assert()