]> git.saurik.com Git - apple/mdnsresponder.git/blob - mDNSMacOSX/DNSProxySupport.c
projects / apple / mdnsresponder.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
mDNSResponder-522.1.11.tar.gz
[apple/mdnsresponder.git] / mDNSMacOSX / DNSProxySupport.c
1 /* -*- Mode: C; tab-width: 4 -*-
2 *
3 * Copyright (c) 2011 Apple Computer, Inc. All rights reserved.
4 *
5 * Licensed under the Apache License, Version 2.0 (the "License");
6 * you may not use this file except in compliance with the License.
7 * You may obtain a copy of the License at
8 *
9 * http://www.apache.org/licenses/LICENSE-2.0
10 *
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
16 */
17 #include "mDNSEmbeddedAPI.h"
18 #include "mDNSMacOSX.h"
19
20 #include <sys/types.h>
21 #include <sys/time.h>
22 #include <sys/event.h>
23
24 #define ValidSocket(s) ((s) >= 0)
25
26 // Global to store the 4 DNS Proxy Listeners (UDPv4/6, TCPv4/6)
27 static int dp_listener[4];
28
29 #define NUM_PROXY_TCP_CONNS 100
30
31 typedef struct
32 {
33 TCPSocket sock;
34 DNSMessage *reply;
35 mDNSu16 replyLen;
36 mDNSu32 nread;
37 } ProxyTCPInfo_t;
38
39 // returns -1 for failures including the other end closing the socket
40 // returns 0 if successful in reading data, but still not read the data fully
41 // returns 1 if successful in reading all the data
42 mDNSlocal int ProxyTCPRead(ProxyTCPInfo_t *tcpInfo)
43 {
44 long n;
45 mDNSBool closed;
46
47 if (tcpInfo->nread < 2) // First read the two-byte length preceeding the DNS message
48 {
49 mDNSu8 *lenptr = (mDNSu8 *)&tcpInfo->replyLen;
50 n = mDNSPlatformReadTCP(&tcpInfo->sock, lenptr + tcpInfo->nread, 2 - tcpInfo->nread, &closed);
51 if (n < 0 || closed)
52 {
53 LogMsg("ProxyTCPRead: attempt to read message length failed");
54 return -1;
55 }
56
57 tcpInfo->nread += n;
58 if (tcpInfo->nread < 2)
59 {
60 LogMsg("ProxyTCPRead: nread %d, n %d", tcpInfo->nread, n);
61 return 0;
62 }
63
64 tcpInfo->replyLen = (mDNSu16)((mDNSu16)lenptr[0] << 8 | lenptr[1]);
65 if (tcpInfo->replyLen < sizeof(DNSMessageHeader))
66 {
67 LogMsg("ProxyTCPRead: Message length too short (%d bytes)", tcpInfo->replyLen);
68 return -1;
69 }
70
71 tcpInfo->reply = mallocL("ProxyTCPInfo", tcpInfo->replyLen);
72 if (!tcpInfo->reply)
73 {
74 LogMsg("ProxyTCPRead: Memory failure");
75 return -1;
76 }
77 }
78
79 n = mDNSPlatformReadTCP(&tcpInfo->sock, ((char *)tcpInfo->reply) + (tcpInfo->nread - 2), tcpInfo->replyLen - (tcpInfo->nread - 2), &closed);
80
81 if (n < 0 || closed)
82 {
83 LogMsg("ProxyTCPRead: read failure n %d, closed %d", n, closed);
84 return -1;
85 }
86 tcpInfo->nread += n;
87 if ((tcpInfo->nread - 2) != tcpInfo->replyLen)
88 return 0;
89 else
90 return 1;
91 }
92
93 mDNSlocal void ProxyTCPSocketCallBack(int s1, short filter, void *context)
94 {
95 int ret;
96 struct sockaddr_storage from;
97 struct sockaddr_storage to;
98 mDNSAddr senderAddr, destAddr;
99 mDNSIPPort senderPort;
100 ProxyTCPInfo_t *ti = (ProxyTCPInfo_t *)context;
101 TCPSocket *sock = &ti->sock;
102 KQSocketSet *kq = &sock->ss;
103
104 (void) filter;
105
106 ret = ProxyTCPRead(ti);
107 if (ret == -1)
108 {
109 mDNSPlatformDisposeProxyContext(ti);
110 return;
111 }
112 else if (!ret)
113 {
114 debugf("ProxyTCPReceive: Not yet read completely Actual length %d, Read length %d", ti->replyLen, ti->nread);
115 return;
116 }
117 // We read all the data and hence not interested in read events anymore
118 KQueueSet(s1, EV_DELETE, EVFILT_READ, sock->kqEntry);
119
120 mDNSPlatformMemZero(&to, sizeof(to));
121 mDNSPlatformMemZero(&from, sizeof(from));
122 socklen_t len = sizeof(to);
123 ret = getsockname(s1, (struct sockaddr*) &to, &len);
124 if (ret < 0)
125 {
126 LogMsg("ProxyTCPReceive: getsockname(fd=%d) errno %d", s1, errno);
127 mDNSPlatformDisposeProxyContext(ti);
128 return;
129 }
130 ret = getpeername(s1, (struct sockaddr*) &from, &len);
131 if (ret < 0)
132 {
133 LogMsg("ProxyTCPReceive: getpeername(fd=%d) errno %d", s1, errno);
134 mDNSPlatformDisposeProxyContext(ti);
135 return;
136 }
137
138 if (from.ss_family == AF_INET)
139 {
140 struct sockaddr_in *s = (struct sockaddr_in*)&from;
141
142 senderAddr.type = mDNSAddrType_IPv4;
143 senderAddr.ip.v4.NotAnInteger = s->sin_addr.s_addr;
144 senderPort.NotAnInteger = s->sin_port;
145
146 s = (struct sockaddr_in *)&to;
147 destAddr.type = mDNSAddrType_IPv4;
148 destAddr.ip.v4.NotAnInteger = s->sin_addr.s_addr;
149
150 LogInfo("ProxyTCPReceive received IPv4 packet(len %d) from %#-15a to %#-15a on skt %d %s", ti->replyLen, &senderAddr, &destAddr, s1, NULL);
151 }
152 else if (from.ss_family == AF_INET6)
153 {
154 struct sockaddr_in6 *sin6 = (struct sockaddr_in6*)&from;
155 senderAddr.type = mDNSAddrType_IPv6;
156 senderAddr.ip.v6 = *(mDNSv6Addr*)&sin6->sin6_addr;
157 senderPort.NotAnInteger = sin6->sin6_port;
158
159 sin6 = (struct sockaddr_in6 *)&to;
160 destAddr.type = mDNSAddrType_IPv6;
161 destAddr.ip.v6 = *(mDNSv6Addr*)&sin6->sin6_addr;
162
163 LogInfo("ProxyTCPReceive received IPv6 packet(len %d) from %#-15a to %#-15a on skt %d %s", ti->replyLen, &senderAddr, &destAddr, s1, NULL);
164 }
165 else
166 {
167 LogMsg("ProxyTCPReceive from is unknown address family %d", from.ss_family);
168 mDNSPlatformDisposeProxyContext(ti);
169 return;
170 }
171
172 // We pass sock for the TCPSocket and the "ti" for context as that's what we want to free at the end.
173 // In the UDP case, there is just a single socket and nothing to free. Hence, the context (last argument)
174 // would be NULL.
175 kq->m->p->TCPProxyCallback(kq->m, sock, ti->reply, (mDNSu8 *)ti->reply + ti->replyLen, &senderAddr, senderPort, &destAddr,
176 UnicastDNSPort, 0, ti);
177 }
178
179 mDNSlocal void ProxyTCPAccept(int s1, short filter, void *context)
180 {
181 int newfd;
182 struct sockaddr_storage ss;
183 socklen_t sslen = sizeof(ss);
184 const int on = 1;
185 KQSocketSet *listenSet = (KQSocketSet *)context;
186
187 (void) filter;
188
189 while ((newfd = accept(s1, (struct sockaddr *)&ss, &sslen)) != -1)
190 {
191 int err;
192 int *s;
193 KQueueEntry *k;
194 KQSocketSet *kq;
195
196 // Even though we just need a single KQueueEntry, for simplicity we re-use
197 // the KQSocketSet
198 ProxyTCPInfo_t *ti = mallocL("ProxyTCPContext", sizeof(ProxyTCPInfo_t));
199 if (!ti)
200 {
201 LogMsg("ProxyTCPAccept: cannot allocate TCPSocket");
202 close(newfd);
203 return;
204 }
205 mDNSPlatformMemZero(ti, sizeof(ProxyTCPInfo_t));
206 TCPSocket *sock = &ti->sock;
207
208 kq = &sock->ss;
209 kq->sktv4 = -1;
210 kq->sktv6 = -1;
211 kq->m = listenSet->m;
212
213 fcntl(newfd, F_SETFL, fcntl(newfd, F_GETFL, 0) | O_NONBLOCK); // set non-blocking
214 if (ss.ss_family == AF_INET)
215 {
216 s = &kq->sktv4;
217 k = &kq->kqsv4;
218 // Receive interface identifiers
219 err = setsockopt(newfd, IPPROTO_IP, IP_RECVIF, &on, sizeof(on));
220 if (err)
221 {
222 LogMsg("ProxyTCPAccept: IP_RECVIF %d errno %d (%s)", newfd, errno, strerror(errno));
223 mDNSPlatformDisposeProxyContext(ti);
224 return;
225 }
226 }
227 else
228 {
229 s = &kq->sktv6;
230 k = &kq->kqsv6;
231 // We want to receive destination addresses and receive interface identifiers
232 err = setsockopt(newfd, IPPROTO_IPV6, IPV6_RECVPKTINFO, &on, sizeof(on));
233 if (err)
234 {
235 LogMsg("ProxyTCPAccept: IP_RECVPKTINFO %d errno %d (%s)", newfd, errno, strerror(errno));
236 mDNSPlatformDisposeProxyContext(ti);
237 return;
238 }
239 }
240 *s = newfd;
241 // mDNSPlatformReadTCP/WriteTCP (unlike the UDP counterpart) does not provide the destination address
242 // from which we can infer the destination address family. Hence we need to remember that here.
243 // Instead of remembering the address family, we remember the right fd.
244 sock->fd = newfd;
245 sock->kqEntry = k;
246
247 k->KQcallback = ProxyTCPSocketCallBack;
248 k->KQcontext = ti;
249 k->KQtask = "TCP Proxy packet reception";
250 #ifdef MDNSRESPONDER_USES_LIB_DISPATCH_AS_PRIMARY_EVENT_LOOP_MECHANISM
251 k->readSource = mDNSNULL;
252 k->writeSource = mDNSNULL;
253 k->fdClosed = mDNSfalse;
254 #endif
255 KQueueSet(*s, EV_ADD, EVFILT_READ, k);
256 }
257 }
258
259 mDNSlocal mStatus SetupUDPProxySocket(mDNS *const m, int skt, KQSocketSet *cp, u_short sa_family, mDNSBool useBackgroundTrafficClass)
260 {
261 int *s = (sa_family == AF_INET) ? &cp->sktv4 : &cp->sktv6;
262 KQueueEntry *k = (sa_family == AF_INET) ? &cp->kqsv4 : &cp->kqsv6;
263 const int on = 1;
264 mDNSIPPort port;
265 mStatus err = mStatus_NoError;
266
267 cp->m = m;
268 port = cp->port;
269 cp->closeFlag = mDNSNULL;
270
271 // set default traffic class
272 // setTrafficClass(skt, mDNSfalse);
273 (void) useBackgroundTrafficClass;
274
275 if (sa_family == AF_INET)
276 {
277 err = setsockopt(skt, IPPROTO_IP, IP_RECVDSTADDR, &on, sizeof(on));
278 if (err < 0)
279 {
280 LogMsg("SetupUDPProxySocket: IP_RECVDSTADDR %d errno %d (%s)", skt, errno, strerror(errno));
281 return err;
282 }
283
284 // We want to receive interface identifiers
285 err = setsockopt(skt, IPPROTO_IP, IP_RECVIF, &on, sizeof(on));
286 if (err < 0)
287 {
288 LogMsg("SetupUDPProxySocket: IP_RECVIF %d errno %d (%s)", skt, errno, strerror(errno));
289 return err;
290 }
291 }
292 else if (sa_family == AF_INET6)
293 {
294 // We want to receive destination addresses and receive interface identifiers
295 err = setsockopt(skt, IPPROTO_IPV6, IPV6_RECVPKTINFO, &on, sizeof(on));
296 if (err < 0)
297 {
298 LogMsg("SetupUDPProxySocket: IPV6_RECVPKTINFO %d errno %d (%s)", skt, errno, strerror(errno));
299 return err;
300 }
301
302 // We want to receive packet hop count value so we can check it
303 err = setsockopt(skt, IPPROTO_IPV6, IPV6_RECVHOPLIMIT, &on, sizeof(on));
304 if (err < 0)
305 {
306 LogMsg("SetupUDPProxySocket: IPV6_RECVHOPLIMIT %d errno %d (%s)", skt, errno, strerror(errno));
307 return err;
308 }
309 }
310 else
311 {
312 LogMsg("SetupUDPProxySocket: wrong family %d", sa_family);
313 return -1;
314 }
315
316 if (fcntl(skt, F_SETFL, fcntl(skt, F_GETFL, 0) | O_NONBLOCK) < 0)
317 {
318 LogMsg("SetupUDPProxySocket: fnctl failed %d", errno);
319 return -1;
320 }
321
322 *s = skt;
323 //k->KQcallback = ProxyUDPSocketCallBack;
324 k->KQcallback = myKQSocketCallBack;
325 k->KQcontext = cp;
326 k->KQtask = "UDP Proxy packet reception";
327 #ifdef MDNSRESPONDER_USES_LIB_DISPATCH_AS_PRIMARY_EVENT_LOOP_MECHANISM
328 k->readSource = mDNSNULL;
329 k->writeSource = mDNSNULL;
330 k->fdClosed = mDNSfalse;
331 #endif
332
333 KQueueSet(*s, EV_ADD, EVFILT_READ, k);
334
335 return(err);
336 }
337
338 mDNSlocal mStatus SetupTCPProxySocket(mDNS *const m, int skt, KQSocketSet *cp, u_short sa_family, mDNSBool useBackgroundTrafficClass)
339 {
340 int *s = (sa_family == AF_INET) ? &cp->sktv4 : &cp->sktv6;
341 KQueueEntry *k = (sa_family == AF_INET) ? &cp->kqsv4 : &cp->kqsv6;
342 mDNSIPPort port;
343 mStatus err;
344
345 cp->m = m;
346 port = cp->port;
347 // XXX may not be used by the TCP codepath
348 cp->closeFlag = mDNSNULL;
349
350 // for TCP sockets, the traffic class is set once and not changed
351 // setTrafficClass(skt, useBackgroundTrafficClass);
352 (void) useBackgroundTrafficClass;
353
354 // All the socket setup has already been done
355 err = listen(skt, NUM_PROXY_TCP_CONNS);
356 if (err)
357 {
358 LogMsg("SetupTCPProxySocket: listen %d errno %d (%s)", skt, errno, strerror(errno));
359 return err;
360 }
361 fcntl(skt, F_SETFL, fcntl(skt, F_GETFL, 0) | O_NONBLOCK); // set non-blocking
362
363 *s = skt;
364 k->KQcallback = ProxyTCPAccept;
365 k->KQcontext = cp;
366 k->KQtask = "TCP Accept";
367 #ifdef MDNSRESPONDER_USES_LIB_DISPATCH_AS_PRIMARY_EVENT_LOOP_MECHANISM
368 k->readSource = mDNSNULL;
369 k->writeSource = mDNSNULL;
370 k->fdClosed = mDNSfalse;
371 #endif
372 KQueueSet(*s, EV_ADD, EVFILT_READ, k);
373 return mStatus_NoError;
374 }
375
376 mDNSlocal void BindDPSocket(int fd, int sa_family)
377 {
378 int err;
379 const int on = 1;
380
381 if (sa_family == AF_INET)
382 {
383 struct sockaddr_in addr;
384
385 err = setsockopt(fd, SOL_SOCKET, SO_REUSEPORT, &on, sizeof(on));
386 if (err < 0)
387 LogMsg("BindDPSocket: setsockopt SO_REUSEPORT failed for V4 %d errno %d (%s)", fd, errno, strerror(errno));
388
389 memset(&addr, 0, sizeof(addr));
390 addr.sin_family = AF_INET;
391 addr.sin_port = htons(53);
392
393 err = bind(fd, (struct sockaddr*) &addr, sizeof(addr));
394 if (err)
395 {
396 LogMsg("BindDPSocket: bind %d errno %d (%s)", fd, errno, strerror(errno));
397 return;
398 }
399 }
400 else
401 {
402 struct sockaddr_in6 addr6;
403
404 // We want to receive only IPv6 packets. Without this option we get IPv4 packets too,
405 // with mapped addresses of the form 0:0:0:0:0:FFFF:xxxx:xxxx, where xxxx:xxxx is the IPv4 address
406 err = setsockopt(fd, IPPROTO_IPV6, IPV6_V6ONLY, &on, sizeof(on));
407 if (err < 0)
408 {
409 LogMsg("DPFBindSocket: setsockopt IPV6_V6ONLY %d errno %d (%s)", fd, errno, strerror(errno));
410 return;
411 }
412 err = setsockopt(fd, SOL_SOCKET, SO_REUSEPORT, &on, sizeof(on));
413 if (err < 0)
414 LogMsg("BindDPSocket: setsockopt SO_REUSEPORT failed for V6 %d errno %d (%s)", fd, errno, strerror(errno));
415
416 memset(&addr6, 0, sizeof(addr6));
417 addr6.sin6_family = AF_INET6;
418 addr6.sin6_port = htons(53);
419
420 err = bind(fd, (struct sockaddr*) &addr6, sizeof(addr6));
421 if (err)
422 {
423 LogMsg("BindDPSocket: bind6 %d errno %d (%s)", fd, errno, strerror(errno));
424 return;
425 }
426 }
427 }
428
429 // Setup DNS Proxy Skts in main kevent loop and set the skt options
430 mDNSlocal void SetupDNSProxySkts(mDNS *const m, int fd[4])
431 {
432 int i;
433 mStatus err;
434 KQSocketSet *udpSS;
435 KQSocketSet *tcpSS;
436
437 udpSS = &m->p->UDPProxy.ss;
438 tcpSS = &m->p->TCPProxy.ss;
439 udpSS->port = UnicastDNSPort;
440 tcpSS->port = UnicastDNSPort;
441
442 LogMsg("SetupDNSProxySkts: %d, %d, %d, %d", fd[0], fd[1], fd[2], fd[3]);
443
444 // myKQSocketCallBack checks for proxy and calls the m->p->ProxyCallback instead of mDNSCoreReceive
445 udpSS->proxy = mDNStrue;
446 err = SetupUDPProxySocket(m, fd[0], udpSS, AF_INET, mDNSfalse);
447 if (err)
448 LogMsg("SetupDNSProxySkts: ERROR!! UDPv4 Socket");
449
450 err = SetupUDPProxySocket(m, fd[1], udpSS, AF_INET6, mDNSfalse);
451 if (err)
452 LogMsg("SetupDNSProxySkts: ERROR!! UDPv6 Socket");
453
454 err = SetupTCPProxySocket(m, fd[2], tcpSS, AF_INET, mDNSfalse);
455 if (err)
456 LogMsg("SetupDNSProxySkts: ERROR!! TCPv4 Socket");
457
458 err = SetupTCPProxySocket(m, fd[3], tcpSS, AF_INET6, mDNSfalse);
459 if (err)
460 LogMsg("SetupDNSProxySkts: ERROR!! TCPv6 Socket");
461
462 for (i = 0; i < 4; i++)
463 dp_listener[i] = fd[i];
464 }
465
466 // Create and bind the DNS Proxy Skts for use
467 mDNSexport void mDNSPlatformInitDNSProxySkts(mDNS *const m, ProxyCallback UDPCallback, ProxyCallback TCPCallback)
468 {
469 int dpskt[4];
470
471 dpskt[0] = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP);
472 dpskt[1] = socket(AF_INET6, SOCK_DGRAM, IPPROTO_UDP);
473 dpskt[2] = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP);
474 dpskt[3] = socket(AF_INET6, SOCK_STREAM, IPPROTO_TCP);
475
476 // Close all DNS Proxy skts in case any of them are invalid
477 if (!ValidSocket(dpskt[0]) || !ValidSocket(dpskt[1]) ||
478 !ValidSocket(dpskt[2]) || !ValidSocket(dpskt[3]))
479 {
480 if (ValidSocket(dpskt[0]))
481 close(dpskt[0]);
482 if (ValidSocket(dpskt[1]))
483 close(dpskt[1]);
484 if (ValidSocket(dpskt[2]))
485 close(dpskt[2]);
486 if (ValidSocket(dpskt[3]))
487 close(dpskt[3]);
488 }
489
490 BindDPSocket(dpskt[0], AF_INET);
491 BindDPSocket(dpskt[1], AF_INET6);
492 BindDPSocket(dpskt[2], AF_INET);
493 BindDPSocket(dpskt[3], AF_INET6);
494
495 LogInfo("mDNSPlatformInitDNSProxySkts: Opened Listener Sockets for DNS Proxy : %d, %d, %d, %d",
496 dpskt[0], dpskt[1], dpskt[2], dpskt[3]);
497
498 m->p->UDPProxyCallback = UDPCallback;
499 m->p->TCPProxyCallback = TCPCallback;
500
501 SetupDNSProxySkts(m, dpskt);
502 }
503
504 mDNSexport void mDNSPlatformCloseDNSProxySkts(mDNS *const m)
505 {
506 (void) m;
507 int i;
508 for (i = 0; i < 4; i++)
509 close(dp_listener[i]);
510 LogInfo("mDNSPlatformCloseDNSProxySkts: Closing DNS Proxy Listener Sockets");
511 }
512
513 mDNSexport void mDNSPlatformDisposeProxyContext(void *context)
514 {
515 ProxyTCPInfo_t *ti;
516 TCPSocket *sock;
517 KQSocketSet *kq;
518
519 if (!context)
520 return;
521
522 ti = (ProxyTCPInfo_t *)context;
523 sock = &ti->sock;
524
525 kq = &sock->ss;
526 if (kq->sktv4 != -1)
527 {
528 shutdown(kq->sktv4, 2);
529 mDNSPlatformCloseFD(&kq->kqsv4, kq->sktv4);
530 }
531 if (kq->sktv6 != -1)
532 {
533 shutdown(kq->sktv6, 2);
534 mDNSPlatformCloseFD(&kq->kqsv6, kq->sktv6);
535 }
536 if (kq->closeFlag)
537 *kq->closeFlag = 1;
538
539 if (ti->reply)
540 freeL("ProxyTCPInfoLen", ti->reply);
541 freeL("ProxyTCPContext", ti);
542 }
543
mirror of mDNSResponder