615 lines
13 KiB
C
615 lines
13 KiB
C
/* Pluto Asynchronous DNS Helper Program -- for internal use only!
|
|
* Copyright (C) 2002 D. Hugh Redelmeier.
|
|
*
|
|
* This program is free software; you can redistribute it and/or modify it
|
|
* under the terms of the GNU General Public License as published by the
|
|
* Free Software Foundation; either version 2 of the License, or (at your
|
|
* option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
|
|
*
|
|
* This program is distributed in the hope that it will be useful, but
|
|
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
|
|
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
|
|
* for more details.
|
|
*/
|
|
|
|
#ifndef USE_LWRES /* whole file! */
|
|
|
|
/* This program executes as multiple processes. The Master process
|
|
* receives queries (struct adns_query messages) from Pluto and distributes
|
|
* them amongst Worker processes. These Worker processes are created
|
|
* by the Master whenever a query arrives and no existing Worker is free.
|
|
* At most MAX_WORKERS will be created; after that, the Master will queue
|
|
* queries until a Worker becomes free. When a Worker has an answer from
|
|
* the resolver, it sends the answer as a struct adns_answer message to the
|
|
* Master. The Master then forwards the answer to Pluto, noting that
|
|
* the Worker is free to accept another query.
|
|
*
|
|
* The protocol is simple: Pluto sends a sequence of queries and receives
|
|
* a sequence of answers. select(2) is used by Pluto and by the Master
|
|
* process to decide when to read, but writes are done without checking
|
|
* for readiness. Communications is via pipes. Since only one process
|
|
* can write to each pipe, messages will not be interleaved. Fixed length
|
|
* records are used for simplicity.
|
|
*
|
|
* Pluto needs a way to indicate to the Master when to shut down
|
|
* and the Master needs to indicate this to each worker. EOF on the pipe
|
|
* signifies this.
|
|
*
|
|
* The interfaces between these components are considered private to
|
|
* Pluto. This allows us to get away with less checking. This is a
|
|
* reason to use pipes instead of TCP/IP.
|
|
*
|
|
* Although the code uses plain old UNIX processes, it could be modified
|
|
* to use threads. That might reduce resource requirements. It would
|
|
* preclude running on systems without thread-safe resolvers.
|
|
*/
|
|
|
|
#include <stdio.h>
|
|
#include <stdlib.h>
|
|
#include <stddef.h>
|
|
#include <string.h>
|
|
#include <errno.h>
|
|
#include <unistd.h>
|
|
#include <syslog.h>
|
|
#include <sys/types.h>
|
|
#include <sys/wait.h>
|
|
#include <netinet/in.h>
|
|
#include <arpa/nameser.h>
|
|
#include <resolv.h>
|
|
#include <netdb.h> /* ??? for h_errno */
|
|
|
|
#include <freeswan.h>
|
|
|
|
/* GCC magic! */
|
|
#ifdef GCC_LINT
|
|
# define UNUSED __attribute__ ((unused))
|
|
#else
|
|
# define UNUSED /* ignore */
|
|
#endif
|
|
|
|
#include "constants.h"
|
|
#include "adns.h" /* needs <resolv.h> */
|
|
|
|
/* shared by all processes */
|
|
|
|
static const char *name; /* program name, for messages */
|
|
|
|
static bool debug = FALSE;
|
|
|
|
/* Read a variable-length record from a pipe (and no more!).
|
|
* First bytes must be a size_t containing the length.
|
|
* HES_CONTINUE if record read
|
|
* HES_OK if EOF
|
|
* HES_IO_ERROR_IN if errno tells the tale.
|
|
* Others are errors.
|
|
*/
|
|
static enum helper_exit_status
|
|
read_pipe(int fd, unsigned char *stuff, size_t minlen, size_t maxlen)
|
|
{
|
|
size_t n = 0;
|
|
size_t goal = minlen;
|
|
|
|
do {
|
|
ssize_t m = read(fd, stuff + n, goal - n);
|
|
|
|
if (m == -1)
|
|
{
|
|
if (errno != EINTR)
|
|
{
|
|
syslog(LOG_ERR, "Input error on pipe: %s", strerror(errno));
|
|
return HES_IO_ERROR_IN;
|
|
}
|
|
}
|
|
else if (m == 0)
|
|
{
|
|
return HES_OK; /* treat empty message as EOF */
|
|
}
|
|
else
|
|
{
|
|
n += m;
|
|
if (n >= sizeof(size_t))
|
|
{
|
|
goal = *(size_t *)(void *)stuff;
|
|
if (goal < minlen || maxlen < goal)
|
|
{
|
|
if (debug)
|
|
fprintf(stderr, "%lu : [%lu, %lu]\n"
|
|
, (unsigned long)goal
|
|
, (unsigned long)minlen, (unsigned long)maxlen);
|
|
return HES_BAD_LEN;
|
|
}
|
|
}
|
|
}
|
|
} while (n < goal);
|
|
|
|
return HES_CONTINUE;
|
|
}
|
|
|
|
/* Write a variable-length record to a pipe.
|
|
* First bytes must be a size_t containing the length.
|
|
* HES_CONTINUE if record written
|
|
* Others are errors.
|
|
*/
|
|
static enum helper_exit_status
|
|
write_pipe(int fd, const unsigned char *stuff)
|
|
{
|
|
size_t len = *(const size_t *)(const void *)stuff;
|
|
size_t n = 0;
|
|
|
|
do {
|
|
ssize_t m = write(fd, stuff + n, len - n);
|
|
|
|
if (m == -1)
|
|
{
|
|
/* error, but ignore and retry if EINTR */
|
|
if (errno != EINTR)
|
|
{
|
|
syslog(LOG_ERR, "Output error from master: %s", strerror(errno));
|
|
return HES_IO_ERROR_OUT;
|
|
}
|
|
}
|
|
else
|
|
{
|
|
n += m;
|
|
}
|
|
} while (n != len);
|
|
return HES_CONTINUE;
|
|
}
|
|
|
|
/**************** worker process ****************/
|
|
|
|
/* The interface in RHL6.x and BIND distribution 8.2.2 are different,
|
|
* so we build some of our own :-(
|
|
*/
|
|
|
|
/* Support deprecated interface to allow for older releases of the resolver.
|
|
* Fake new interface!
|
|
* See resolver(3) bind distribution (should be in RHL6.1, but isn't).
|
|
* __RES was 19960801 in RHL6.2, an old resolver.
|
|
*/
|
|
|
|
#if (__RES) <= 19960801
|
|
# define OLD_RESOLVER 1
|
|
#endif
|
|
|
|
#ifdef OLD_RESOLVER
|
|
|
|
# define res_ninit(statp) res_init()
|
|
# define res_nquery(statp, dname, class, type, answer, anslen) \
|
|
res_query(dname, class, type, answer, anslen)
|
|
# define res_nclose(statp) res_close()
|
|
|
|
static struct __res_state *statp = &_res;
|
|
|
|
#else /* !OLD_RESOLVER */
|
|
|
|
static struct __res_state my_res_state /* = { 0 } */;
|
|
static res_state statp = &my_res_state;
|
|
|
|
#endif /* !OLD_RESOLVER */
|
|
|
|
static int
|
|
worker(int qfd, int afd)
|
|
{
|
|
{
|
|
int r = res_ninit(statp);
|
|
|
|
if (r != 0)
|
|
{
|
|
syslog(LOG_ERR, "cannot initialize resolver");
|
|
return HES_RES_INIT;
|
|
}
|
|
#ifndef OLD_RESOLVER
|
|
statp->options |= RES_ROTATE;
|
|
#endif
|
|
statp->options |= RES_DEBUG;
|
|
}
|
|
|
|
for (;;)
|
|
{
|
|
struct adns_query q;
|
|
struct adns_answer a;
|
|
|
|
enum helper_exit_status r = read_pipe(qfd, (unsigned char *)&q
|
|
, sizeof(q), sizeof(q));
|
|
|
|
if (r != HES_CONTINUE)
|
|
return r; /* some kind of exit */
|
|
|
|
if (q.qmagic != ADNS_Q_MAGIC)
|
|
{
|
|
syslog(LOG_ERR, "error in input from master: bad magic");
|
|
return HES_BAD_MAGIC;
|
|
}
|
|
|
|
a.amagic = ADNS_A_MAGIC;
|
|
a.serial = q.serial;
|
|
a.continuation = NULL;
|
|
|
|
a.result = res_nquery(statp, q.name_buf, C_IN, q.type, a.ans, sizeof(a.ans));
|
|
a.h_errno_val = h_errno;
|
|
|
|
a.len = offsetof(struct adns_answer, ans) + (a.result < 0? 0 : a.result);
|
|
|
|
#ifdef DEBUG
|
|
if (((q.debugging & IMPAIR_DELAY_ADNS_KEY_ANSWER) && q.type == T_KEY)
|
|
|| ((q.debugging & IMPAIR_DELAY_ADNS_TXT_ANSWER) && q.type == T_TXT))
|
|
sleep(30); /* delay the answer */
|
|
#endif
|
|
|
|
/* write answer, possibly a bit at a time */
|
|
r = write_pipe(afd, (const unsigned char *)&a);
|
|
|
|
if (r != HES_CONTINUE)
|
|
return r; /* some kind of exit */
|
|
}
|
|
}
|
|
|
|
/**************** master process ****************/
|
|
|
|
bool eof_from_pluto = FALSE;
|
|
#define PLUTO_QFD 0 /* queries come on stdin */
|
|
#define PLUTO_AFD 1 /* answers go out on stdout */
|
|
|
|
#ifndef MAX_WORKERS
|
|
# define MAX_WORKERS 10 /* number of in-flight queries */
|
|
#endif
|
|
|
|
struct worker_info {
|
|
int qfd; /* query pipe's file descriptor */
|
|
int afd; /* answer pipe's file descriptor */
|
|
pid_t pid;
|
|
bool busy;
|
|
void *continuation; /* of outstanding request */
|
|
};
|
|
|
|
static struct worker_info wi[MAX_WORKERS];
|
|
static struct worker_info *wi_roof = wi;
|
|
|
|
/* request FIFO */
|
|
|
|
struct query_list {
|
|
struct query_list *next;
|
|
struct adns_query aq;
|
|
};
|
|
|
|
static struct query_list *oldest_query = NULL;
|
|
static struct query_list *newest_query; /* undefined when oldest == NULL */
|
|
static struct query_list *free_queries = NULL;
|
|
|
|
static bool
|
|
spawn_worker(void)
|
|
{
|
|
int qfds[2];
|
|
int afds[2];
|
|
pid_t p;
|
|
|
|
if (pipe(qfds) != 0 || pipe(afds) != 0)
|
|
{
|
|
syslog(LOG_ERR, "pipe(2) failed: %s", strerror(errno));
|
|
exit(HES_PIPE);
|
|
}
|
|
|
|
wi_roof->qfd = qfds[1]; /* write end of query pipe */
|
|
wi_roof->afd = afds[0]; /* read end of answer pipe */
|
|
|
|
p = fork();
|
|
if (p == -1)
|
|
{
|
|
/* fork failed: ignore if at least one worker exists */
|
|
if (wi_roof == wi)
|
|
{
|
|
syslog(LOG_ERR, "fork(2) error creating first worker: %s", strerror(errno));
|
|
exit(HES_FORK);
|
|
}
|
|
close(qfds[0]);
|
|
close(qfds[1]);
|
|
close(afds[0]);
|
|
close(afds[1]);
|
|
return FALSE;
|
|
}
|
|
else if (p == 0)
|
|
{
|
|
/* child */
|
|
struct worker_info *w;
|
|
|
|
close(PLUTO_QFD);
|
|
close(PLUTO_AFD);
|
|
/* close all master pipes, including ours */
|
|
for (w = wi; w <= wi_roof; w++)
|
|
{
|
|
close(w->qfd);
|
|
close(w->afd);
|
|
}
|
|
exit(worker(qfds[0], afds[1]));
|
|
}
|
|
else
|
|
{
|
|
/* parent */
|
|
struct worker_info *w = wi_roof++;
|
|
|
|
w->pid = p;
|
|
w->busy = FALSE;
|
|
close(qfds[0]);
|
|
close(afds[1]);
|
|
return TRUE;
|
|
}
|
|
}
|
|
|
|
static void
|
|
send_eof(struct worker_info *w)
|
|
{
|
|
pid_t p;
|
|
int status;
|
|
|
|
close(w->qfd);
|
|
w->qfd = NULL_FD;
|
|
|
|
close(w->afd);
|
|
w->afd = NULL_FD;
|
|
|
|
/* reap child */
|
|
p = waitpid(w->pid, &status, 0);
|
|
/* ignore result -- what could we do with it? */
|
|
}
|
|
|
|
static void
|
|
forward_query(struct worker_info *w)
|
|
{
|
|
struct query_list *q = oldest_query;
|
|
|
|
if (q == NULL)
|
|
{
|
|
if (eof_from_pluto)
|
|
send_eof(w);
|
|
}
|
|
else
|
|
{
|
|
enum helper_exit_status r
|
|
= write_pipe(w->qfd, (const unsigned char *) &q->aq);
|
|
|
|
if (r != HES_CONTINUE)
|
|
exit(r);
|
|
|
|
w->busy = TRUE;
|
|
|
|
oldest_query = q->next;
|
|
q->next = free_queries;
|
|
free_queries = q;
|
|
}
|
|
}
|
|
|
|
static void
|
|
query(void)
|
|
{
|
|
struct query_list *q = free_queries;
|
|
enum helper_exit_status r;
|
|
|
|
/* find an unused queue entry */
|
|
if (q == NULL)
|
|
{
|
|
q = malloc(sizeof(*q));
|
|
if (q == NULL)
|
|
{
|
|
syslog(LOG_ERR, "malloc(3) failed");
|
|
exit(HES_MALLOC);
|
|
}
|
|
}
|
|
else
|
|
{
|
|
free_queries = q->next;
|
|
}
|
|
|
|
r = read_pipe(PLUTO_QFD, (unsigned char *)&q->aq
|
|
, sizeof(q->aq), sizeof(q->aq));
|
|
|
|
if (r == HES_OK)
|
|
{
|
|
/* EOF: we're done, except for unanswered queries */
|
|
struct worker_info *w;
|
|
|
|
eof_from_pluto = TRUE;
|
|
q->next = free_queries;
|
|
free_queries = q;
|
|
|
|
/* Send bye-bye to unbusy processes.
|
|
* Note that if there are queued queries, there won't be
|
|
* any non-busy workers.
|
|
*/
|
|
for (w = wi; w != wi_roof; w++)
|
|
if (!w->busy)
|
|
send_eof(w);
|
|
}
|
|
else if (r != HES_CONTINUE)
|
|
{
|
|
exit(r);
|
|
}
|
|
else if (q->aq.qmagic != ADNS_Q_MAGIC)
|
|
{
|
|
syslog(LOG_ERR, "error in query from Pluto: bad magic");
|
|
exit(HES_BAD_MAGIC);
|
|
}
|
|
else
|
|
{
|
|
struct worker_info *w;
|
|
|
|
/* got a query */
|
|
|
|
/* add it to FIFO */
|
|
q->next = NULL;
|
|
if (oldest_query == NULL)
|
|
oldest_query = q;
|
|
else
|
|
newest_query->next = q;
|
|
newest_query = q;
|
|
|
|
/* See if any worker available */
|
|
for (w = wi; ; w++)
|
|
{
|
|
if (w == wi_roof)
|
|
{
|
|
/* no free worker */
|
|
if (w == wi + MAX_WORKERS)
|
|
break; /* no more to be created */
|
|
/* make a new one */
|
|
if (!spawn_worker())
|
|
break; /* cannot create one at this time */
|
|
}
|
|
if (!w->busy)
|
|
{
|
|
/* assign first to free worker */
|
|
forward_query(w);
|
|
break;
|
|
}
|
|
}
|
|
}
|
|
return;
|
|
}
|
|
|
|
static void
|
|
answer(struct worker_info *w)
|
|
{
|
|
struct adns_answer a;
|
|
enum helper_exit_status r = read_pipe(w->afd, (unsigned char *)&a
|
|
, offsetof(struct adns_answer, ans), sizeof(a));
|
|
|
|
if (r == HES_OK)
|
|
{
|
|
/* unexpected EOF */
|
|
syslog(LOG_ERR, "unexpected EOF from worker");
|
|
exit(HES_IO_ERROR_IN);
|
|
}
|
|
else if (r != HES_CONTINUE)
|
|
{
|
|
exit(r);
|
|
}
|
|
else if (a.amagic != ADNS_A_MAGIC)
|
|
{
|
|
syslog(LOG_ERR, "Input from worker error: bad magic");
|
|
exit(HES_BAD_MAGIC);
|
|
}
|
|
else if (a.continuation != w->continuation)
|
|
{
|
|
/* answer doesn't match query */
|
|
syslog(LOG_ERR, "Input from worker error: continuation mismatch");
|
|
exit(HES_SYNC);
|
|
}
|
|
else
|
|
{
|
|
/* pass the answer on to Pluto */
|
|
enum helper_exit_status r
|
|
= write_pipe(PLUTO_AFD, (const unsigned char *) &a);
|
|
|
|
if (r != HES_CONTINUE)
|
|
exit(r);
|
|
w->busy = FALSE;
|
|
forward_query(w);
|
|
}
|
|
}
|
|
|
|
/* assumption: input limited; accept blocking on output */
|
|
static int
|
|
master(void)
|
|
{
|
|
for (;;)
|
|
{
|
|
fd_set readfds;
|
|
int maxfd = PLUTO_QFD; /* approximate lower bound */
|
|
int ndes = 0;
|
|
struct worker_info *w;
|
|
|
|
FD_ZERO(&readfds);
|
|
if (!eof_from_pluto)
|
|
{
|
|
FD_SET(PLUTO_QFD, &readfds);
|
|
ndes++;
|
|
}
|
|
for (w = wi; w != wi_roof; w++)
|
|
{
|
|
if (w->busy)
|
|
{
|
|
FD_SET(w->afd, &readfds);
|
|
ndes++;
|
|
if (maxfd < w->afd)
|
|
maxfd = w->afd;
|
|
}
|
|
}
|
|
|
|
if (ndes == 0)
|
|
return HES_OK; /* done! */
|
|
|
|
do {
|
|
ndes = select(maxfd + 1, &readfds, NULL, NULL, NULL);
|
|
} while (ndes == -1 && errno == EINTR);
|
|
if (ndes == -1)
|
|
{
|
|
syslog(LOG_ERR, "select(2) error: %s", strerror(errno));
|
|
exit(HES_IO_ERROR_SELECT);
|
|
}
|
|
else if (ndes > 0)
|
|
{
|
|
if (FD_ISSET(PLUTO_QFD, &readfds))
|
|
{
|
|
query();
|
|
ndes--;
|
|
}
|
|
for (w = wi; ndes > 0 && w != wi_roof; w++)
|
|
{
|
|
if (w->busy && FD_ISSET(w->afd, &readfds))
|
|
{
|
|
answer(w);
|
|
ndes--;
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
/* Not to be invoked by strangers -- user hostile.
|
|
* Mandatory args: query-fd answer-fd
|
|
* Optional arg: -d, signifying "debug".
|
|
*/
|
|
|
|
static void
|
|
adns_usage(const char *fmt, const char *arg)
|
|
{
|
|
const char **sp = ipsec_copyright_notice();
|
|
|
|
fprintf(stderr, "INTERNAL TO PLUTO: DO NOT EXECUTE\n");
|
|
|
|
fprintf(stderr, fmt, arg);
|
|
fprintf(stderr, "\nstrongSwan "VERSION"\n");
|
|
|
|
for (; *sp != NULL; sp++)
|
|
fprintf(stderr, "%s\n", *sp);
|
|
|
|
syslog(LOG_ERR, fmt, arg);
|
|
exit(HES_INVOCATION);
|
|
}
|
|
|
|
int
|
|
main(int argc UNUSED, char **argv)
|
|
{
|
|
int i = 1;
|
|
|
|
name = argv[0];
|
|
|
|
while (i < argc)
|
|
{
|
|
if (streq(argv[i], "-d"))
|
|
{
|
|
i++;
|
|
debug = TRUE;
|
|
}
|
|
else
|
|
{
|
|
adns_usage("unexpected argument \"%s\"", argv[i]);
|
|
/*NOTREACHED*/
|
|
}
|
|
}
|
|
|
|
return master();
|
|
}
|
|
|
|
#endif /* !USE_LWRES */
|