40 #include <event2/dns.h>
41 #include <event2/dns_compat.h>
43 #include <event2/dns_struct.h>
55 struct evdns_server_question *q = NULL, *supported_q = NULL;
56 struct sockaddr_storage addr;
61 int err = DNS_ERR_NONE;
66 log_info(
LD_APP,
"Got a new DNS request!");
71 if ((addrlen = evdns_server_request_get_requesting_addr(req,
72 (
struct sockaddr*)&addr, (socklen_t)
sizeof(addr))) < 0) {
73 log_warn(
LD_APP,
"Couldn't get requesting address.");
74 evdns_server_request_respond(req, DNS_ERR_SERVERFAILED);
78 sa = (
struct sockaddr*) &addr;
80 log_warn(
LD_APP,
"Requesting address wasn't recognized.");
81 evdns_server_request_respond(req, DNS_ERR_SERVERFAILED);
86 log_warn(
LD_APP,
"Rejecting DNS request from disallowed IP.");
87 evdns_server_request_respond(req, DNS_ERR_REFUSED);
95 if (req->nquestions == 0) {
96 log_info(
LD_APP,
"No questions in DNS request; sending back nil reply.");
97 evdns_server_request_respond(req, 0);
100 if (req->nquestions > 1) {
101 log_info(
LD_APP,
"Got a DNS request with more than one question; I only "
102 "handle one question at a time for now. Skipping the extras.");
104 for (i = 0; i < req->nquestions; ++i) {
105 if (req->questions[i]->dns_question_class != EVDNS_CLASS_INET)
107 switch (req->questions[i]->type) {
109 case EVDNS_TYPE_AAAA:
114 supported_q = req->questions[i];
123 log_info(
LD_APP,
"None of the questions we got were ones we're willing "
124 "to support. Sending NOTIMPL.");
125 evdns_server_request_respond(req, DNS_ERR_NOTIMPL);
130 if (err == DNS_ERR_NONE && strlen(q->name) > MAX_SOCKS_ADDR_LEN-1)
131 err = DNS_ERR_FORMAT;
133 if (err != DNS_ERR_NONE || !supported_q) {
136 evdns_server_request_respond(req, err);
143 CONNECTION_AP_EXPECT_NONPENDING(entry_conn);
151 if (q->type == EVDNS_TYPE_A || q->type == EVDNS_TYPE_AAAA ||
152 q->type == EVDNS_QTYPE_ALL) {
160 entry_conn->entry_cfg.dns_request = 1;
161 if (q->type == EVDNS_TYPE_A || q->type == EVDNS_QTYPE_ALL) {
162 entry_conn->entry_cfg.ipv4_traffic = 1;
163 entry_conn->entry_cfg.ipv6_traffic = 0;
164 entry_conn->entry_cfg.prefer_ipv6 = 0;
165 }
else if (q->type == EVDNS_TYPE_AAAA) {
166 entry_conn->entry_cfg.ipv4_traffic = 0;
167 entry_conn->entry_cfg.ipv6_traffic = 1;
168 entry_conn->entry_cfg.prefer_ipv6 = 1;
181 log_warn(
LD_APP,
"Couldn't register dummy connection for DNS request");
182 evdns_server_request_respond(req, DNS_ERR_SERVERFAILED);
193 log_info(
LD_APP,
"Passing request for %s to rewrite_and_attach.",
195 q_name = tor_strdup(q->name);
199 log_info(
LD_APP,
"Passed request for %s to rewrite_and_attach_if_allowed.",
222 entry_conn->entry_cfg.dns_request = 1;
224 CONNECTION_AP_EXPECT_NONPENDING(entry_conn);
236 TO_CONN(conn)->address = tor_strdup(
"(Tor_internal)");
262 if (connection_add(
TO_CONN(conn))<0) {
263 log_warn(
LD_APP,
"Couldn't register dummy connection for RESOLVE request");
274 log_info(
LD_APP,
"Passing request for %s to rewrite_and_attach.",
276 q_name = tor_strdup(
name);
280 log_info(
LD_APP,
"Passed request for %s to rewrite_and_attach_if_allowed.",
293 DNS_ERR_SERVERFAILED);
303 int rtype,
const char *addr)
308 case RESOLVED_TYPE_IPV4:
311 case RESOLVED_TYPE_HOSTNAME:
312 type = EVDNS_TYPE_PTR;
314 case RESOLVED_TYPE_IPV6:
315 type = EVDNS_TYPE_AAAA;
317 case RESOLVED_TYPE_ERROR:
318 case RESOLVED_TYPE_ERROR_TRANSIENT:
326 for (i = 0; i < req->nquestions; ++i) {
327 const struct evdns_server_question *q = req->questions[i];
328 if (q->type == type && !strcasecmp(q->name, addr))
347 int err = DNS_ERR_NONE;
360 if (answer_type == RESOLVED_TYPE_IPV6) {
361 evdns_server_request_add_aaaa_reply(req,
364 }
else if (answer_type == RESOLVED_TYPE_IPV4 && answer_len == 4 &&
366 evdns_server_request_add_a_reply(req,
369 }
else if (answer_type == RESOLVED_TYPE_HOSTNAME &&
372 char *ans = tor_strndup(answer, answer_len);
373 evdns_server_request_add_ptr_reply(req, NULL,
377 }
else if (answer_type == RESOLVED_TYPE_ERROR) {
378 err = DNS_ERR_NOTEXIST;
380 err = DNS_ERR_SERVERFAILED;
383 evdns_server_request_respond(req, err);
void tor_addr_copy(tor_addr_t *dest, const tor_addr_t *src)
char * tor_addr_to_str_dup(const tor_addr_t *addr)
int tor_addr_from_sockaddr(tor_addr_t *a, const struct sockaddr *sa, uint16_t *port_out)
Header for compat_libevent.c.
const char * escaped_safe_str_client(const char *address)
Header file for config.c.
listener_connection_t * TO_LISTENER_CONN(connection_t *c)
entry_connection_t * entry_connection_new(int type, int socket_family)
void connection_free_(connection_t *conn)
Header file for connection.c.
#define CONN_TYPE_CONTROL_LISTENER
#define CONN_TYPE_AP_DNS_LISTENER
int connection_ap_rewrite_and_attach_if_allowed(entry_connection_t *conn, origin_circuit_t *circ, crypt_path_t *cpath)
Header file for connection_edge.c.
#define AP_CONN_STATE_RESOLVE_WAIT
Controller connection structure.
int control_event_stream_status(entry_connection_t *conn, stream_status_event_t tp, int reason_code)
Header file for control_events.c.
void dnsserv_configure_listener(connection_t *conn)
static const char * evdns_get_orig_address(const struct evdns_server_request *req, int rtype, const char *addr)
void dnsserv_reject_request(entry_connection_t *conn)
static void evdns_server_callback(struct evdns_server_request *req, void *data_)
int dnsserv_launch_request(const char *name, int reverse, control_connection_t *control_conn)
void dnsserv_resolved(entry_connection_t *conn, int answer_type, size_t answer_len, const char *answer, int ttl)
void dnsserv_close_listener(connection_t *conn)
Header file for dnsserv.c.
Entry connection structure.
#define ENTRY_TO_EDGE_CONN(c)
Listener connection structure.
unsigned get_signewnym_epoch(void)
Header file for mainloop.c.
void note_user_activity(time_t now)
Master header file for Tor-specific functionality.
#define SESSION_GROUP_CONTROL_RESOLVE
int socks_policy_permits_address(const tor_addr_t *addr)
Header file for policies.c.
Client request structure.
#define SOCKS_COMMAND_RESOLVE_PTR
#define SOCKS_COMMAND_RESOLVE
unsigned int is_dns_request
socks_request_t * socks_request
struct evdns_server_request * dns_server_request
char * original_dest_address
struct evdns_server_port * dns_server_port
char address[MAX_SOCKS_ADDR_LEN]
#define tor_fragile_assert()