tor  0.4.0.0-alpha-dev
Macros | Functions | Variables
dns.c File Reference
#include "core/or/or.h"
#include "app/config/config.h"
#include "core/mainloop/connection.h"
#include "core/mainloop/mainloop.h"
#include "core/mainloop/netstatus.h"
#include "core/or/circuitlist.h"
#include "core/or/circuituse.h"
#include "core/or/connection_edge.h"
#include "core/or/policies.h"
#include "core/or/relay.h"
#include "feature/control/control.h"
#include "feature/relay/dns.h"
#include "feature/relay/router.h"
#include "feature/relay/routermode.h"
#include "lib/crypt_ops/crypto_rand.h"
#include "lib/evloop/compat_libevent.h"
#include "lib/sandbox/sandbox.h"
#include "core/or/edge_connection_st.h"
#include "core/or/or_circuit_st.h"
#include "ht.h"
#include <event2/event.h>
#include <event2/dns.h>

Go to the source code of this file.

Macros

#define DNS_PRIVATE
 
#define RESOLVE_MAX_TIMEOUT   300
 
#define assert_cache_ok()   STMT_NIL
 
#define RESOLVED_TYPE_AUTO   0xff
 
#define SET(k, v)   evdns_base_set_option(the_evdns_base, (k), (v))
 
#define N_WILDCARD_CHECKS   2
 

Functions

static void purge_expired_resolves (time_t now)
 
static void dns_found_answer (const char *address, uint8_t query_type, int dns_answer, const tor_addr_t *addr, const char *hostname, uint32_t ttl)
 
static void add_wildcarded_test_address (const char *address)
 
static int configure_nameservers (int force)
 
static int answer_is_wildcarded (const char *ip)
 
static int evdns_err_is_transient (int err)
 
static void inform_pending_connections (cached_resolve_t *resolve)
 
static void make_pending_resolve_cached (cached_resolve_t *cached)
 
static void assert_resolve_ok (cached_resolve_t *resolve)
 
static HT_HEAD (cache_map, cached_resolve_t)
 
static unsigned int cached_resolve_hash (cached_resolve_t *a)
 
 HT_PROTOTYPE (HT_GENERATE2(cache_map, HT_GENERATE2(cached_resolve_t, HT_GENERATE2(node, HT_GENERATE2(cached_resolve_hash, HT_GENERATE2(cached_resolves_eq)
 
static void evdns_log_cb (int warn, const char *msg)
 
static void dns_randfn_ (char *b, size_t n)
 
int dns_init (void)
 
int dns_reset (void)
 
int has_dns_init_failed (void)
 
uint32_t dns_clip_ttl (uint32_t ttl)
 
static void free_cached_resolve_ (cached_resolve_t *r)
 
static int compare_cached_resolves_by_expiry_ (const void *_a, const void *_b)
 
static void cached_resolve_add_answer (cached_resolve_t *resolve, int query_type, int dns_result, const tor_addr_t *answer_addr, const char *answer_hostname, uint32_t ttl)
 
static int cached_resolve_have_all_answers (const cached_resolve_t *resolve)
 
static void set_expiry (cached_resolve_t *resolve, time_t expires)
 
void dns_free_all (void)
 
 MOCK_IMPL (STATIC void, send_resolved_cell,(edge_connection_t *conn, uint8_t answer_type, const cached_resolve_t *resolved))
 
 MOCK_IMPL (STATIC void, send_resolved_hostname_cell,(edge_connection_t *conn, const char *hostname))
 
int dns_resolve (edge_connection_t *exitconn)
 
 MOCK_IMPL (STATIC int, dns_resolve_impl,(edge_connection_t *exitconn, int is_resolve, or_circuit_t *oncirc, char **hostname_out, int *made_connection_pending_out, cached_resolve_t **resolve_out))
 
 MOCK_IMPL (STATIC int, set_exitconn_info_from_resolve,(edge_connection_t *exitconn, const cached_resolve_t *resolve, char **hostname_out))
 
void assert_connection_edge_not_dns_pending (edge_connection_t *conn)
 
void assert_all_pending_dns_resolves_ok (void)
 
void connection_dns_remove (edge_connection_t *conn)
 
 MOCK_IMPL (void, dns_cancel_pending_resolve,(const char *address))
 
static int is_test_address (const char *address)
 
size_t number_of_configured_nameservers (void)
 
static void evdns_callback (int result, char type, int count, int ttl, void *addresses, void *arg)
 
static int launch_one_resolve (const char *address, uint8_t query_type, const tor_addr_t *ptr_address)
 
 MOCK_IMPL (STATIC int, launch_resolve,(cached_resolve_t *resolve))
 
static void wildcard_increment_answer (const char *id)
 
static void evdns_wildcard_check_callback (int result, char type, int count, int ttl, void *addresses, void *arg)
 
static void launch_wildcard_check (int min_len, int max_len, int is_ipv6, const char *suffix)
 
static void launch_test_addresses (evutil_socket_t fd, short event, void *args)
 
static void dns_launch_wildcard_checks (void)
 
void dns_launch_correctness_checks (void)
 
int dns_seems_to_be_broken (void)
 
int dns_seems_to_be_broken_for_ipv6 (void)
 
void dns_reset_correctness_checks (void)
 
static int dns_cache_entry_count (void)
 
size_t dns_cache_total_allocation (void)
 
void dump_dns_mem_usage (int severity)
 
size_t dns_cache_handle_oom (time_t now, size_t min_remove_bytes)
 
cached_resolve_tdns_get_cache_entry (cached_resolve_t *query)
 
void dns_insert_cache_entry (cached_resolve_t *new_entry)
 

Variables

static struct evdns_base * the_evdns_base = NULL
 
static int nameservers_configured = 0
 
static int nameserver_config_failed = 0
 
static char * resolv_conf_fname = NULL
 
static time_t resolv_conf_mtime = 0
 
static smartlist_tcached_resolve_pqueue = NULL
 
static int n_wildcard_requests = 0
 
static strmap_t * dns_wildcard_response_count = NULL
 
static smartlist_tdns_wildcard_list = NULL
 
static int dns_wildcard_one_notice_given = 0
 
static int dns_wildcard_notice_given = 0
 
static smartlist_tdns_wildcarded_test_address_list = NULL
 
static int dns_wildcarded_test_address_notice_given = 0
 
static int dns_is_completely_invalid = 0
 

Detailed Description

Implements a local cache for DNS results for Tor servers. This is implemented as a wrapper around Adam Langley's eventdns.c code. (We can't just use gethostbyname() and friends because we really need to be nonblocking.)

There are three main cases when a Tor relay uses dns.c to launch a DNS request:

  1. To check whether the DNS server is working more or less correctly. This happens via dns_launch_correctness_checks(). The answer is reported in the return value from later calls to dns_seems_to_be_broken().
  2. When a client has asked the relay, in a RELAY_BEGIN cell, to connect to a given server by hostname. This happens via dns_resolve().
  3. When a client has asked the relay, in a RELAY_RESOLVE cell, to look up a given server's IP address(es) by hostname. This also happens via dns_resolve().

Each of these gets handled a little differently.

To check for correctness, we look up some hostname we expect to exist and have real entries, some hostnames which we expect to definitely not exist, and some hostnames that we expect to probably not exist. If too many of the hostnames that shouldn't exist do exist, that's a DNS hijacking attempt. If too many of the hostnames that should exist have the same addresses as the ones that shouldn't exist, that's a very bad DNS hijacking attempt, or a very naughty captive portal. And if the hostnames that should exist simply don't exist, we probably have a broken nameserver.

To handle client requests, we first check our cache for answers. If there isn't something up-to-date, we've got to launch A or AAAA requests as appropriate. How we handle responses to those in particular is a bit complex; see dns_lookup() and set_exitconn_info_from_resolve().

When a lookup is finally complete, the inform_pending_connections() function will tell all of the streams that have been waiting for the resolve, by calling connection_exit_connect() if the client sent a RELAY_BEGIN cell, and by calling send_resolved_cell() or send_hostname_cell() if the client sent a RELAY_RESOLVE cell.

Definition in file dns.c.

Macro Definition Documentation

◆ RESOLVE_MAX_TIMEOUT

#define RESOLVE_MAX_TIMEOUT   300

How long will we wait for an answer from the resolver before we decide that the resolver is wedged?

Definition at line 84 of file dns.c.

Function Documentation

◆ add_wildcarded_test_address()

static void add_wildcarded_test_address ( const char *  address)
static

Note that a single test address (one believed to be good) seems to be getting redirected to the same IP as failures are.

Definition at line 1863 of file dns.c.

References dns_wildcarded_test_address_list, and smartlist_contains_string_case().

◆ answer_is_wildcarded()

static int answer_is_wildcarded ( const char *  ip)
static

Return true iff we have noticed that the dotted-quad ip has been returned in response to requests for nonexistent hostnames.

Definition at line 2106 of file dns.c.

References dns_wildcard_list, and smartlist_contains_string().

◆ assert_all_pending_dns_resolves_ok()

void assert_all_pending_dns_resolves_ok ( void  )

Log an error and abort if any connection waiting for a DNS resolve is corrupted.

Definition at line 993 of file dns.c.

References assert_connection_ok(), connection_in_array(), connection_t::s, SOCKET_OK, TO_CONN, and tor_assert().

◆ assert_connection_edge_not_dns_pending()

void assert_connection_edge_not_dns_pending ( edge_connection_t conn)

Log an error and abort if conn is waiting for a DNS resolve.

Definition at line 966 of file dns.c.

Referenced by connection_unlink().

◆ assert_resolve_ok()

static void assert_resolve_ok ( cached_resolve_t resolve)
static

◆ cached_resolve_hash()

static unsigned int cached_resolve_hash ( cached_resolve_t a)
inlinestatic

Hash function for cached_resolve objects

Definition at line 143 of file dns.c.

References cached_resolve_t::address.

◆ cached_resolve_have_all_answers()

static int cached_resolve_have_all_answers ( const cached_resolve_t resolve)
static

Return true iff there are no in-flight requests for resolve.

Definition at line 376 of file dns.c.

References RES_STATUS_INFLIGHT.

◆ compare_cached_resolves_by_expiry_()

static int compare_cached_resolves_by_expiry_ ( const void *  _a,
const void *  _b 
)
static

Compare two cached_resolve_t pointers by expiry time, and return less-than-zero, zero, or greater-than-zero as appropriate. Used for the priority queue implementation.

Definition at line 308 of file dns.c.

References cached_resolve_t::expire.

Referenced by set_expiry().

◆ configure_nameservers()

static int configure_nameservers ( int  force)
static

Configure eventdns nameservers if force is true, or if the configuration has changed since the last time we called this function, or if we failed on our last attempt. On Unix, this reads from /etc/resolv.conf or options->ServerDNSResolvConfFile; on Windows, this reads from options->ServerDNSResolvConfFile or the registry. Return 0 on success or -1 on failure.

Definition at line 1406 of file dns.c.

References or_options_t::ServerDNSResolvConfFile, and the_evdns_base.

Referenced by dns_init().

◆ connection_dns_remove()

void connection_dns_remove ( edge_connection_t conn)

Remove conn from the list of connections waiting for conn->address.

Definition at line 1012 of file dns.c.

References CONN_TYPE_EXIT, EXIT_CONN_STATE_RESOLVING, connection_t::state, tor_assert(), and connection_t::type.

Referenced by connection_exit_about_to_close().

◆ dns_cache_entry_count()

static int dns_cache_entry_count ( void  )
static

Return the number of DNS cache entries as an int

Definition at line 2137 of file dns.c.

Referenced by dump_dns_mem_usage().

◆ dns_clip_ttl()

uint32_t dns_clip_ttl ( uint32_t  ttl)

Helper: Given a TTL from a DNS response, determine what TTL to give the OP that asked us to resolve it, and how long to cache that record ourselves.

Definition at line 275 of file dns.c.

References MAX_DNS_TTL_AT_EXIT, and MIN_DNS_TTL_AT_EXIT.

◆ dns_found_answer()

static void dns_found_answer ( const char *  address,
uint8_t  query_type,
int  dns_answer,
const tor_addr_t addr,
const char *  hostname,
uint32_t  ttl 
)
static

Called on the OR side when the eventdns library tells us the outcome of a single DNS resolve: remember the answer, and tell all pending connections about the result of the lookup if the lookup is now done. (address is a NUL-terminated string containing the address to look up; query_type is one of DNS_{IPv4_A,IPv6_AAAA,PTR}; dns_answer is DNS_OK or one of DNS_ERR_*, addr is an IPv4 or IPv6 address if we got one; hostname is a hostname fora PTR request if we got one, and ttl is the time-to-live of this answer, in seconds.)

Definition at line 1157 of file dns.c.

◆ dns_free_all()

void dns_free_all ( void  )

Free all storage held in the DNS cache and related structures.

Definition at line 400 of file dns.c.

◆ dns_init()

int dns_init ( void  )

Initialize the DNS subsystem; called by the OR process.

Definition at line 224 of file dns.c.

References configure_nameservers(), and dns_randfn_().

Referenced by retry_dns_callback().

◆ dns_launch_correctness_checks()

void dns_launch_correctness_checks ( void  )

If appropriate, start testing whether our DNS servers tend to lie to us.

Definition at line 2044 of file dns.c.

References dns_launch_wildcard_checks().

◆ dns_launch_wildcard_checks()

static void dns_launch_wildcard_checks ( void  )
static

Launch DNS requests for a few nonexistent hostnames and a few well-known hostnames, and see if we can catch our nameserver trying to hijack them and map them to a stupid "I couldn't find ggoogle.com but maybe you'd like to buy these lovely encyclopedias" page.

Definition at line 2013 of file dns.c.

Referenced by dns_launch_correctness_checks().

◆ dns_randfn_()

static void dns_randfn_ ( char *  b,
size_t  n 
)
static

Helper: passed to eventdns.c as a callback so it can generate random numbers for transaction IDs and 0x20-hack coding.

Definition at line 217 of file dns.c.

Referenced by dns_init().

◆ dns_reset()

int dns_reset ( void  )

Called when DNS-related options change (or may have changed). Returns -1 on failure, 0 on success.

Definition at line 238 of file dns.c.

References the_evdns_base.

◆ dns_reset_correctness_checks()

void dns_reset_correctness_checks ( void  )

Forget what we've previously learned about our DNS servers' correctness.

Definition at line 2080 of file dns.c.

Referenced by dns_servers_relaunch_checks().

◆ dns_resolve()

int dns_resolve ( edge_connection_t exitconn)

See if we have a cache entry for exitconn->address. If so, if resolve valid, put it into exitconn->addr and return 1. If resolve failed, free exitconn and return -1.

(For EXIT_PURPOSE_RESOLVE connections, send back a RESOLVED error cell on returning -1. For EXIT_PURPOSE_CONNECT connections, there's no need to send back an END cell, since connection_exit_begin_conn will do that for us.)

If we have a cached answer, send the answer back along exitconn's circuit.

Else, if seen before and pending, add conn to the pending list, and return 0.

Else, if not seen before, add conn to pending list, hand to dns farm, and return 0.

Exitconn's on_circuit field must be set, but exitconn should not yet be linked onto the n_streams/resolving_streams list of that circuit. On success, link the connection to n_streams if it's an exit connection. On "pending", link the connection to resolving streams. Otherwise, clear its on_circuit field.

Definition at line 634 of file dns.c.

References EXIT_PURPOSE_RESOLVE, edge_connection_t::on_circuit, connection_t::purpose, and TO_OR_CIRCUIT().

◆ dns_seems_to_be_broken()

int dns_seems_to_be_broken ( void  )

Return true iff our DNS servers lie to us too much to be trusted.

Definition at line 2066 of file dns.c.

References dns_is_completely_invalid.

◆ dns_seems_to_be_broken_for_ipv6()

int dns_seems_to_be_broken_for_ipv6 ( void  )

Return true iff we think that IPv6 hostname lookup is broken

Definition at line 2073 of file dns.c.

◆ dump_dns_mem_usage()

void dump_dns_mem_usage ( int  severity)

Log memory information about our internal DNS cache at level 'severity'.

Definition at line 2152 of file dns.c.

References dns_cache_entry_count().

Referenced by dumpmemusage().

◆ evdns_callback()

static void evdns_callback ( int  result,
char  type,
int  count,
int  ttl,
void *  addresses,
void *  arg 
)
static

For eventdns: Called when we get an answer for a request we launched. See eventdns.h for arguments; 'arg' holds the address we tried to resolve.

Definition at line 1573 of file dns.c.

◆ evdns_err_is_transient()

static int evdns_err_is_transient ( int  err)
static

Eventdns helper: return true iff the eventdns result err is a transient failure.

Definition at line 1350 of file dns.c.

◆ evdns_log_cb()

static void evdns_log_cb ( int  warn,
const char *  msg 
)
static

Helper: called by eventdns when eventdns wants to log something.

Definition at line 162 of file dns.c.

References LOG_INFO, LOG_WARN, and strcmpstart().

◆ evdns_wildcard_check_callback()

static void evdns_wildcard_check_callback ( int  result,
char  type,
int  count,
int  ttl,
void *  addresses,
void *  arg 
)
static

Callback function when we get an answer (possibly failing) for a request for a (hopefully) nonexistent domain.

Definition at line 1897 of file dns.c.

◆ free_cached_resolve_()

static void free_cached_resolve_ ( cached_resolve_t r)
static

Helper: free storage held by an entry in the DNS cache.

Definition at line 289 of file dns.c.

References cached_resolve_t::magic, cached_resolve_t::pending_connections, RES_STATUS_DONE_OK, and tor_free.

◆ has_dns_init_failed()

int has_dns_init_failed ( void  )

Return true iff the most recent attempt to initialize the DNS subsystem failed.

Definition at line 266 of file dns.c.

References nameserver_config_failed.

Referenced by retry_dns_callback().

◆ HT_HEAD()

static HT_HEAD ( cache_map  ,
cached_resolve_t   
)
static

Hash table of cached_resolve objects.

Definition at line 122 of file dns.c.

References cached_resolve_t::address, assert_resolve_ok(), and MAX_ADDRESSLEN.

◆ HT_PROTOTYPE()

HT_PROTOTYPE ( HT_GENERATE2(  cache_map,
HT_GENERATE2(  cached_resolve_t,
HT_GENERATE2(  node,
HT_GENERATE2(  cached_resolve_hash,
HT_GENERATE2(  cached_resolves_eq 
)

Initialize the DNS cache.

Definition at line 148 of file dns.c.

◆ inform_pending_connections()

static void inform_pending_connections ( cached_resolve_t resolve)
static

Given a pending cached_resolve_t that we just finished resolving, inform every connection that was waiting for the outcome of that resolution.

Do this by sending a RELAY_RESOLVED cell (if the pending stream had sent us RELAY_RESOLVE cell), or by launching an exit connection (if the pending stream had send us a RELAY_BEGIN cell).

Definition at line 1210 of file dns.c.

References assert_connection_ok(), connection_edge_end(), EXIT_CONN_STATE_RESOLVEFAILED, EXIT_PURPOSE_CONNECT, connection_t::marked_for_close, cached_resolve_t::pending_connections, connection_t::purpose, connection_t::state, TO_CONN, and tor_free.

◆ is_test_address()

static int is_test_address ( const char *  address)
inlinestatic

Return true iff address is one of the addresses we use to verify that well-known sites aren't being hijacked by our DNS servers.

Definition at line 1140 of file dns.c.

References or_options_t::ServerDNSTestAddresses, and smartlist_contains_string_case().

◆ launch_one_resolve()

static int launch_one_resolve ( const char *  address,
uint8_t  query_type,
const tor_addr_t ptr_address 
)
static

Start a single DNS resolve for address (if query_type is DNS_IPv4_A or DNS_IPv6_AAAA) ptr_address (if query_type is DNS_PTR). Return 0 if we launched the request, -1 otherwise.

Definition at line 1688 of file dns.c.

◆ launch_test_addresses()

static void launch_test_addresses ( evutil_socket_t  fd,
short  event,
void *  args 
)
static

Launch attempts to resolve a bunch of known-good addresses (configured in ServerDNSTestAddresses). [Callback for a libevent timer]

Definition at line 1973 of file dns.c.

◆ launch_wildcard_check()

static void launch_wildcard_check ( int  min_len,
int  max_len,
int  is_ipv6,
const char *  suffix 
)
static

Launch a single request for a nonexistent hostname consisting of between min_len and max_len random (plausible) characters followed by suffix

Definition at line 1939 of file dns.c.

References crypto_random_hostname().

◆ make_pending_resolve_cached()

static void make_pending_resolve_cached ( cached_resolve_t resolve)
static

Remove a pending cached_resolve_t from the hashtable, and add a corresponding cached cached_resolve_t.

This function is only necessary because of the perversity of our cache timeout code; see inline comment for ideas on eliminating it.

Definition at line 1294 of file dns.c.

References CACHE_STATE_DONE, and cached_resolve_t::state.

◆ MOCK_IMPL() [1/6]

MOCK_IMPL ( STATIC  void,
send_resolved_cell  ,
(edge_connection_t *conn, uint8_t answer_type, const cached_resolve_t *resolved)   
)

Send a response to the RESOLVE request of a connection. answer_type must be one of RESOLVED_TYPE_(AUTO|ERROR|ERROR_TRANSIENT|).

If circ is provided, and we have a cached answer, send the answer back along circ; otherwise, send the answer back along conn's attached circuit.

Definition at line 515 of file dns.c.

◆ MOCK_IMPL() [2/6]

MOCK_IMPL ( STATIC  void,
send_resolved_hostname_cell  ,
(edge_connection_t *conn, const char *hostname)   
)

Send a response to the RESOLVE request of a connection for an in-addr.arpa address on connection conn which yielded the result hostname. The answer type will be RESOLVED_HOSTNAME.

If circ is provided, and we have a cached answer, send the answer back along circ; otherwise, send the answer back along conn's attached circuit.

Definition at line 582 of file dns.c.

◆ MOCK_IMPL() [3/6]

MOCK_IMPL ( STATIC  int,
dns_resolve_impl  ,
(edge_connection_t *exitconn, int is_resolve, or_circuit_t *oncirc, char **hostname_out, int *made_connection_pending_out, cached_resolve_t **resolve_out)   
)

Helper function for dns_resolve: same functionality, but does not handle:

  • marking connections on error and clearing their on_circuit
  • linking connections to n_streams/resolving_streams,
  • sending resolved cells if we have an answer/error right away,

Return -2 on a transient error. If it's a reverse resolve and it's successful, sets *hostname_out to a newly allocated string holding the cached reverse DNS value.

Set *made_connection_pending_out to true if we have placed exitconn on the list of pending connections for some resolve; set it to false otherwise.

Set *resolve_out to a cached resolve, if we found one.

Definition at line 715 of file dns.c.

◆ MOCK_IMPL() [4/6]

MOCK_IMPL ( STATIC  int,
set_exitconn_info_from_resolve  ,
(edge_connection_t *exitconn, const cached_resolve_t *resolve, char **hostname_out)   
)

Given an exit connection exitconn, and a cached_resolve_t resolve whose DNS lookups have all either succeeded or failed, update the appropriate fields (address_ttl and addr) of exitconn.

The logic can be complicated here, since we might have launched both an A lookup and an AAAA lookup, and since either of those might have succeeded or failed, and since we want to answer a RESOLVE cell with a full answer but answer a BEGIN cell with whatever answer the client would accept and we could still connect to.

If this is a reverse lookup, set *hostname_out to a newly allocated copy of the name resulting hostname.

Return -2 on a transient error, -1 on a permenent error, and 1 on a successful lookup.

Definition at line 868 of file dns.c.

◆ MOCK_IMPL() [5/6]

MOCK_IMPL ( void  ,
dns_cancel_pending_resolve  ,
(const char *address)   
)

Mark all connections waiting for address for close. Then cancel the resolve for address itself, and remove any cached results for address from the cache.

Definition at line 1066 of file dns.c.

◆ MOCK_IMPL() [6/6]

MOCK_IMPL ( STATIC  int,
launch_resolve  ,
(cached_resolve_t *resolve)   
)

For eventdns: start resolving as necessary to find the target for exitconn. Returns -1 on error, -2 on transient error, 0 on "resolve launched."

Definition at line 1739 of file dns.c.

◆ number_of_configured_nameservers()

size_t number_of_configured_nameservers ( void  )

Return number of configured nameservers in the_evdns_base.

Definition at line 1367 of file dns.c.

References the_evdns_base.

◆ purge_expired_resolves()

static void purge_expired_resolves ( time_t  now)
static

Remove every cached_resolve whose expire time is before or equal to now from the cache.

Definition at line 425 of file dns.c.

◆ set_expiry()

static void set_expiry ( cached_resolve_t resolve,
time_t  expires 
)
static

Set an expiry time for a cached_resolve_t, and add it to the expiry priority queue

Definition at line 386 of file dns.c.

References cached_resolve_pqueue, compare_cached_resolves_by_expiry_(), cached_resolve_t::expire, smartlist_pqueue_add(), and tor_assert().

◆ wildcard_increment_answer()

static void wildcard_increment_answer ( const char *  id)
static

Called when we see id (a dotted quad or IPv6 address) in response to a request for a hopefully bogus address.

Definition at line 1831 of file dns.c.

References dns_wildcard_response_count.

Variable Documentation

◆ cached_resolve_pqueue

smartlist_t* cached_resolve_pqueue = NULL
static

Priority queue of cached_resolve_t objects to let us know when they will expire.

Definition at line 321 of file dns.c.

Referenced by set_expiry().

◆ dns_is_completely_invalid

int dns_is_completely_invalid = 0
static

True iff all addresses seem to be getting wildcarded.

Definition at line 1826 of file dns.c.

Referenced by dns_seems_to_be_broken().

◆ dns_wildcard_list

smartlist_t* dns_wildcard_list = NULL
static

If present, a list of dotted-quad IP addresses that we are pretty sure our nameserver wants to return in response to requests for nonexistent domains.

Definition at line 1812 of file dns.c.

Referenced by answer_is_wildcarded().

◆ dns_wildcard_notice_given

int dns_wildcard_notice_given = 0
static

True iff we've warned that our DNS server is wildcarding too many failures.

Definition at line 1818 of file dns.c.

◆ dns_wildcard_one_notice_given

int dns_wildcard_one_notice_given = 0
static

True iff we've logged about a single address getting wildcarded. Subsequent warnings will be less severe.

Definition at line 1815 of file dns.c.

◆ dns_wildcard_response_count

strmap_t* dns_wildcard_response_count = NULL
static

Map from dotted-quad IP address in response to an int holding how many times we've seen it for a randomly generated (hopefully bogus) address. It would be easier to use definitely-invalid addresses (as specified by RFC2606), but see comment in dns_launch_wildcard_checks().

Definition at line 1807 of file dns.c.

Referenced by wildcard_increment_answer().

◆ dns_wildcarded_test_address_list

smartlist_t* dns_wildcarded_test_address_list = NULL
static

List of supposedly good addresses that are getting wildcarded to the same addresses as nonexistent addresses.

Definition at line 1822 of file dns.c.

Referenced by add_wildcarded_test_address().

◆ dns_wildcarded_test_address_notice_given

int dns_wildcarded_test_address_notice_given = 0
static

True iff we've warned about a test address getting wildcarded

Definition at line 1824 of file dns.c.

◆ n_wildcard_requests

int n_wildcard_requests = 0
static

How many requests for bogus addresses have we launched so far?

Definition at line 1801 of file dns.c.

◆ nameserver_config_failed

int nameserver_config_failed = 0
static

Did our most recent attempt to configure nameservers with eventdns fail?

Definition at line 92 of file dns.c.

Referenced by has_dns_init_failed().

◆ nameservers_configured

int nameservers_configured = 0
static

Have we currently configured nameservers with eventdns?

Definition at line 90 of file dns.c.

◆ resolv_conf_fname

char* resolv_conf_fname = NULL
static

What was the resolv_conf fname we last used when configuring the nameservers? Used to check whether we need to reconfigure.

Definition at line 95 of file dns.c.

◆ resolv_conf_mtime

time_t resolv_conf_mtime = 0
static

What was the mtime on the resolv.conf file we last used when configuring the nameservers? Used to check whether we need to reconfigure.

Definition at line 98 of file dns.c.

◆ the_evdns_base

struct evdns_base* the_evdns_base = NULL
static

Our evdns_base; this structure handles all our name lookups.

Definition at line 87 of file dns.c.

Referenced by configure_nameservers(), dns_reset(), and number_of_configured_nameservers().