Maintained by: NLnet Labs
Data Structures | Enumerations | Functions | Variables
respip.c File Reference

This file contains a module that inspects a result of recursive resolution to see if any IP address record should trigger a special action. More...

#include "config.h"
#include "services/localzone.h"
#include "services/cache/dns.h"
#include "sldns/str2wire.h"
#include "util/config_file.h"
#include "util/fptr_wlist.h"
#include "util/module.h"
#include "util/net_help.h"
#include "util/regional.h"
#include "util/data/msgreply.h"
#include "util/storage/dnstree.h"
#include "respip/respip.h"
#include "services/view.h"
#include "sldns/rrdef.h"

Data Structures

struct  respip_set
 Conceptual set of IP addresses for response AAAA or A records that should trigger special actions. More...
 
struct  resp_addr
 An address span with response control information. More...
 
struct  respip_addr_info
 Subset of resp_addr.node, used for inform-variant logging. More...
 
struct  respip_qstate
 Per query state for the response-ip module. More...
 

Enumerations

enum  respip_state { RESPIP_INIT = 0, RESPIP_SUBQUERY_FINISHED }
 Query state regarding the response-ip module. More...
 

Functions

struct respip_setrespip_set_create (void)
 Create response IP set. More...
 
void respip_set_delete (struct respip_set *set)
 Delete response IP set. More...
 
struct rbtree_typerespip_set_get_tree (struct respip_set *set)
 returns address of the IP address tree of the specified respip set; returns NULL for NULL input; exists for test purposes only
 
static struct resp_addrrespip_find_or_create (struct respip_set *set, const char *ipstr, int create)
 returns the node in the address tree for the specified netblock string; non-existent node will be created if 'create' is true
 
static int respip_tag_cfg (struct respip_set *set, const char *ipstr, const uint8_t *taglist, size_t taglen)
 
static int respip_action_cfg (struct respip_set *set, const char *ipstr, const char *actnstr)
 set action for the node specified by the netblock string
 
static struct ub_packed_rrset_keynew_rrset (struct regional *region, uint16_t rrtype, uint16_t rrclass)
 allocate and initialize an rrset structure; this function is based on new_local_rrset() from the localzone.c module
 
static int respip_enter_rr (struct regional *region, struct resp_addr *raddr, const char *rrstr, const char *netblock)
 enter local data as resource records into a response-ip node
 
static int respip_data_cfg (struct respip_set *set, const char *ipstr, const char *rrstr)
 
static int respip_set_apply_cfg (struct respip_set *set, char *const *tagname, int num_tags, struct config_strbytelist *respip_tags, struct config_str2list *respip_actions, struct config_str2list *respip_data)
 
int respip_global_apply_cfg (struct respip_set *set, struct config_file *cfg)
 Apply response-ip config settings to the global (default) view. More...
 
int respip_views_apply_cfg (struct views *vs, struct config_file *cfg, int *have_view_respip_cfg)
 Iterate through raw view data and apply the view-specific respip configuration; at this point we should have already seen all the views, so if any of the views that respip data refer to does not exist, that's an error. More...
 
struct ub_packed_rrset_keycopy_rrset (const struct ub_packed_rrset_key *key, struct regional *region)
 make a deep copy of 'key' in 'region'. More...
 
int respip_init (struct module_env *env, int id)
 response-ip init
 
void respip_deinit (struct module_env *env, int id)
 response-ip deinit
 
static int rdata2sockaddr (const struct packed_rrset_data *rd, uint16_t rtype, size_t i, struct sockaddr_storage *ss, socklen_t *addrlenp)
 Convert a packed AAAA or A RRset to sockaddr. More...
 
static const struct resp_addrrespip_addr_lookup (const struct reply_info *rep, struct rbtree_type *iptree, size_t *rrset_id)
 Search the given 'iptree' for response address information that matches any of the IP addresses in an AAAA or A in the answer section of the response (stored in 'rep'). More...
 
static struct reply_infomake_new_reply_info (const struct reply_info *rep, struct regional *region, size_t an_numrrsets, size_t copy_rrsets)
 
static int respip_data_answer (const struct resp_addr *raddr, enum respip_action action, uint16_t qtype, const struct reply_info *rep, size_t rrset_id, struct reply_info **new_repp, int tag, struct config_strlist **tag_datas, size_t tag_datas_size, char *const *tagname, int num_tags, struct ub_packed_rrset_key **redirect_rrsetp, struct regional *region)
 See if response-ip or tag data should override the original answer rrset (which is rep->rrsets[rrset_id]) and if so override it. More...
 
static int respip_nodata_answer (uint16_t qtype, enum respip_action action, const struct reply_info *rep, size_t rrset_id, struct reply_info **new_repp, struct regional *region)
 apply response ip action in case where no action data is provided. More...
 
static int populate_action_info (struct respip_action_info *actinfo, enum respip_action action, const struct resp_addr *raddr, const struct ub_packed_rrset_key *ATTR_UNUSED(rrset), int ATTR_UNUSED(tag), const struct respip_set *ATTR_UNUSED(ipset), int ATTR_UNUSED(action_only), struct regional *region)
 Populate action info structure with the results of response-ip action processing, iff as the result of response-ip processing we are actually taking some action. More...
 
int respip_rewrite_reply (const struct query_info *qinfo, const struct respip_client_info *cinfo, const struct reply_info *rep, struct reply_info **new_repp, struct respip_action_info *actinfo, struct ub_packed_rrset_key **alias_rrset, int search_only, struct regional *region)
 See if any IP-based action should apply to any IP address of AAAA/A answer record in the reply. More...
 
static int generate_cname_request (struct module_qstate *qstate, struct ub_packed_rrset_key *alias_rrset)
 
void respip_operate (struct module_qstate *qstate, enum module_ev event, int id, struct outbound_entry *outbound)
 response-ip operate on a query
 
int respip_merge_cname (struct reply_info *base_rep, const struct query_info *qinfo, const struct reply_info *tgt_rep, const struct respip_client_info *cinfo, int must_validate, struct reply_info **new_repp, struct regional *region)
 Merge two replies to build a complete CNAME chain. More...
 
void respip_inform_super (struct module_qstate *qstate, int id, struct module_qstate *super)
 inform response-ip super
 
void respip_clear (struct module_qstate *qstate, int id)
 response-ip cleanup query state
 
size_t respip_get_mem (struct module_env *env, int id)
 response-ip alloc size routine
 
struct module_func_blockrespip_get_funcblock (void)
 Get the response-ip function block. More...
 
enum respip_action resp_addr_get_action (const struct resp_addr *addr)
 returns respip action for the specified node in the respip address returns respip_none for NULL input; exists for test purposes only
 
struct ub_packed_rrset_keyresp_addr_get_rrset (struct resp_addr *addr)
 returns rrset portion of the specified node in the respip address tree; returns NULL for NULL input; exists for test purposes only
 
int respip_set_is_empty (const struct respip_set *set)
 respip set emptiness test More...
 
void respip_inform_print (struct respip_addr_info *respip_addr, uint8_t *qname, uint16_t qtype, uint16_t qclass, struct local_rrset *local_alias, struct comm_reply *repinfo)
 print log information for a query subject to an inform or inform-deny response-ip action. More...
 

Variables

static struct module_func_block respip_block
 The response-ip function block. More...
 

Detailed Description

This file contains a module that inspects a result of recursive resolution to see if any IP address record should trigger a special action.

If applicable these actions can modify the original response.

Enumeration Type Documentation

◆ respip_state

Query state regarding the response-ip module.

Enumerator
RESPIP_INIT 

The general state.

Unless CNAME chasing takes place, all processing is completed in this state without any other asynchronous event.

RESPIP_SUBQUERY_FINISHED 

A subquery for CNAME chasing is completed.

Function Documentation

◆ respip_set_create()

struct respip_set* respip_set_create ( void  )

Create response IP set.

Returns
new struct or NULL on error.

References addr_tree_init(), and regional_create().

Referenced by respip_conf_actions_test(), respip_conf_data_test(), and respip_views_apply_cfg().

◆ respip_set_delete()

void respip_set_delete ( struct respip_set set)

Delete response IP set.

This prototype is defined in in respip.h, but we want to avoid unnecessary dependencies.

Parameters
setto delete.

References regional_destroy().

Referenced by daemon_cleanup(), respip_conf_data_test(), view_delete(), and views_create().

◆ respip_global_apply_cfg()

int respip_global_apply_cfg ( struct respip_set set,
struct config_file cfg 
)

Apply response-ip config settings to the global (default) view.

It assumes exclusive access to set (no internal locks).

Parameters
setprocessed global respip config data
cfgconfig data.
Returns
1 on success, 0 on error.

Referenced by respip_conf_data_test().

◆ respip_views_apply_cfg()

int respip_views_apply_cfg ( struct views vs,
struct config_file cfg,
int *  have_view_respip_cfg 
)

Iterate through raw view data and apply the view-specific respip configuration; at this point we should have already seen all the views, so if any of the views that respip data refer to does not exist, that's an error.

Apply response-ip config settings in named views.

This additional iteration through view configuration data is expected to not have significant performance impact (or rather, its performance impact is not expected to be prohibitive in the configuration processing phase).

if no respip config for this view then there's nothing to do; note that even though respip data must go with respip action, we're checking for both here because we want to catch the case where the respip action is missing while the data is present

References view::lock, log_err(), config_view::name, config_view::next, config_view::respip_actions, config_view::respip_data, view::respip_set, respip_set_create(), config_file::views, and views_find_view().

Referenced by respip_view_conf_data_test().

◆ copy_rrset()

struct ub_packed_rrset_key* copy_rrset ( const struct ub_packed_rrset_key key,
struct regional region 
)

make a deep copy of 'key' in 'region'.

This is largely derived from packed_rrset_copy_region() and packed_rrset_ptr_fixup(), but differs in the following points:

  • It doesn't assume all data in 'key' are in a contiguous memory region. Although that would be the case in most cases, 'key' can be passed from a lower-level module and it might not build the rrset to meet the assumption. In fact, an rrset specified as response-ip-data or generated in local_data_find_tag_datas() breaks the assumption. So it would be safer not to naively rely on the assumption. On the other hand, this function ensures the copied rrset data are in a contiguous region so that it won't cause a disruption even if an upper layer module naively assumes the memory layout.
  • It doesn't copy RRSIGs (if any) in 'key'. The rrset will be used in a reply that was already faked, so it doesn't make much sense to provide partial sigs even if they are valid themselves.
  • It doesn't adjust TTLs as it basically has to be a verbatim copy of 'key' just allocated in 'region' (the assumption is necessary TTL adjustment has been already done in 'key').

This function returns the copied rrset key on success, and NULL on memory allocation failure.

References packed_rrset_data::count, lruhash_entry::data, packed_rrset_key::dname, packed_rrset_key::dname_len, ub_packed_rrset_key::entry, lruhash_entry::hash, ub_packed_rrset_key::id, lruhash_entry::key, regional_alloc(), regional_alloc_init(), ub_packed_rrset_key::rk, packed_rrset_data::rr_data, packed_rrset_data::rr_len, packed_rrset_data::rr_ttl, and packed_rrset_data::rrsig_count.

Referenced by respip_data_answer().

◆ rdata2sockaddr()

static int rdata2sockaddr ( const struct packed_rrset_data rd,
uint16_t  rtype,
size_t  i,
struct sockaddr_storage *  ss,
socklen_t *  addrlenp 
)
static

Convert a packed AAAA or A RRset to sockaddr.

References LDNS_RR_TYPE_A, LDNS_RR_TYPE_AAAA, packed_rrset_data::rr_data, and packed_rrset_data::rr_len.

Referenced by respip_addr_lookup().

◆ respip_addr_lookup()

static const struct resp_addr* respip_addr_lookup ( const struct reply_info rep,
struct rbtree_type iptree,
size_t *  rrset_id 
)
static

Search the given 'iptree' for response address information that matches any of the IP addresses in an AAAA or A in the answer section of the response (stored in 'rep').

If found, a pointer to the matched resp_addr structure will be returned, and '*rrset_id' is set to the index in rep->rrsets for the RRset that contains the matching IP address record (the index is normally 0, but can be larger than that if this is a CNAME chain or type-ANY response).

References addr_tree_lookup(), reply_info::an_numrrsets, packed_rrset_data::count, lruhash_entry::data, ub_packed_rrset_key::entry, LDNS_RR_TYPE_A, LDNS_RR_TYPE_AAAA, rdata2sockaddr(), ub_packed_rrset_key::rk, reply_info::rrsets, and packed_rrset_key::type.

Referenced by respip_rewrite_reply().

◆ respip_data_answer()

static int respip_data_answer ( const struct resp_addr raddr,
enum respip_action  action,
uint16_t  qtype,
const struct reply_info rep,
size_t  rrset_id,
struct reply_info **  new_repp,
int  tag,
struct config_strlist **  tag_datas,
size_t  tag_datas_size,
char *const *  tagname,
int  num_tags,
struct ub_packed_rrset_key **  redirect_rrsetp,
struct regional region 
)
static

See if response-ip or tag data should override the original answer rrset (which is rep->rrsets[rrset_id]) and if so override it.

This is (mostly) equivalent to localzone.c:local_data_answer() but for response-ip actions. Note that this function distinguishes error conditions from "success but not overridden". This is because we want to avoid accidentally applying the "no data" action in case of error.

Parameters
raddraddress span that requires an action
actionaction to apply
qtypeoriginal query type
reporiginal reply message
rrset_idthe rrset ID in 'rep' to which the action should apply
new_reppsee respip_rewrite_reply
tagif >= 0 the tag ID used to determine the action and data
tag_datasdata corresponding to 'tag'.
tag_datas_sizesize of 'tag_datas'
tagnamearray of tag names, used for logging
num_tagssize of 'tagname', used for logging
redirect_rrsetpptr to redirect record
regionregion for building new reply
Returns
1 if overridden, 0 if not overridden, -1 on error.

References copy_rrset(), resp_addr::data, packed_rrset_key::dname, packed_rrset_key::dname_len, LDNS_RR_TYPE_ANY, local_data_find_tag_datas(), query_info::qclass, query_info::qname, query_info::qname_len, query_info::qtype, respip_redirect, ub_packed_rrset_key::rk, packed_rrset_key::rrset_class, reply_info::rrsets, packed_rrset_key::type, VERB_ALGO, and verbose().

Referenced by respip_rewrite_reply().

◆ respip_nodata_answer()

static int respip_nodata_answer ( uint16_t  qtype,
enum respip_action  action,
const struct reply_info rep,
size_t  rrset_id,
struct reply_info **  new_repp,
struct regional region 
)
static

apply response ip action in case where no action data is provided.

this is similar to localzone.c:lz_zone_answer() but simplified due to the characteristics of response ip:

  • 'deny' variants will be handled at the caller side
  • no specific processing for 'transparent' variants: unlike local zones, there is no such a case of 'no data but name existing'. so all variants just mean 'transparent if no data'.
    Parameters
    qtypequery type
    actionfound action
    rep
    new_repp
    rrset_id
    regionregion for building new reply
    Returns
    1 on success, 0 on error.

References respip_always_refuse, and respip_refuse.

Referenced by respip_rewrite_reply().

◆ populate_action_info()

static int populate_action_info ( struct respip_action_info actinfo,
enum respip_action  action,
const struct resp_addr raddr,
const struct ub_packed_rrset_key ATTR_UNUSEDrrset,
int   ATTR_UNUSEDtag,
const struct respip_set ATTR_UNUSEDipset,
int   ATTR_UNUSEDaction_only,
struct regional region 
)
static

Populate action info structure with the results of response-ip action processing, iff as the result of response-ip processing we are actually taking some action.

Only action is set if action_only is true. Returns true on success, false on failure.

Referenced by respip_rewrite_reply().

◆ respip_rewrite_reply()

int respip_rewrite_reply ( const struct query_info qinfo,
const struct respip_client_info cinfo,
const struct reply_info rep,
struct reply_info **  new_repp,
struct respip_action_info actinfo,
struct ub_packed_rrset_key **  alias_rrset,
int  search_only,
struct regional region 
)

See if any IP-based action should apply to any IP address of AAAA/A answer record in the reply.

If so, apply the action. In some cases it rewrites the reply rrsets, in which case *new_repp will point to the updated reply info. Depending on the action, some of the rrsets in 'rep' will be shallow-copied into '*new_repp'; the caller must ensure that the rrsets in 'rep' are valid throughout the lifetime of *new_repp, and it must provide appropriate mutex if the rrsets can be shared by multiple threads.

Parameters
qinfoquery info corresponding to the reply.
cinfoclient-specific info to identify the best matching action. can be NULL.
reporiginal reply info. must not be NULL.
new_reppcan be set to the rewritten reply info (intact on failure).
actinforesult of response-ip processing
alias_rrsetmust not be NULL.
search_onlyif true, only check if an action would apply. actionp will be set (or intact) accordingly but the modified reply won't be built.
regionallocator to build *new_repp.
Returns
1 on success, 0 on error.

Try to use response-ip config from the view first; use global response-ip config if we don't have the view or we don't have the matching per-view config (and the view allows the use of global data in this case). Note that we lock the view even if we only use view members that currently don't change after creation. This is for safety for future possible changes as the view documentation seems to expect any of its member can change in the view's lifetime. Note also that we assume 'view' is valid in this function, which should be safe (see unbound bug #1191)

for per-view respip directives the action can only be direct (i.e. not tag-based)

References resp_addr::action, view::isfirst, LDNS_RR_TYPE_ANY, LDNS_RR_TYPE_CNAME, local_data_find_tag_action(), view::lock, populate_action_info(), query_info::qtype, respip_addr_lookup(), respip_always_nxdomain, respip_always_refuse, respip_always_transparent, respip_data_answer(), respip_nodata_answer(), respip_none, view::respip_set, ub_packed_rrset_key::rk, resp_addr::taglen, resp_addr::taglist, and packed_rrset_key::type.

Referenced by apply_respip_action(), and respip_operate().

◆ respip_merge_cname()

int respip_merge_cname ( struct reply_info base_rep,
const struct query_info qinfo,
const struct reply_info tgt_rep,
const struct respip_client_info cinfo,
int  must_validate,
struct reply_info **  new_repp,
struct regional region 
)

Merge two replies to build a complete CNAME chain.

It appends the content of 'tgt_rep' to 'base_rep', assuming (but not checking) the former ends with a CNAME and the latter resolves its target. A merged new reply will be built using 'region' and *new_repp will point to the new one on success. If the target reply would also be subject to a response-ip action for 'cinfo', this function uses 'base_rep' as the merged reply, ignoring 'tgt_rep'. This is for avoiding cases like a CNAME loop or failure of applying an action to an address. RRSIGs in 'tgt_rep' will be excluded in the merged reply, as the resulting reply is assumed to be faked due to a response-ip action and can't be considered secure in terms of DNSSEC. The caller must ensure that neither 'base_rep' nor 'tgt_rep' can be modified until this function returns.

Parameters
base_repthe reply info containing an incomplete CNAME.
qinfoquery info corresponding to 'base_rep'.
tgt_repthe reply info that completes the CNAME chain.
cinfoclient info corresponding to 'base_rep'.
must_validatewhether 'tgt_rep' must be DNSSEC-validated.
new_repppointer placeholder for the merged reply. will be intact on error.
regionallocator to build *new_repp.
Returns
1 on success, 0 on error.

References reply_info::flags, FLAGS_GET_RCODE, and respip_none.

◆ respip_get_funcblock()

struct module_func_block* respip_get_funcblock ( void  )

Get the response-ip function block.

Returns
: function block with function pointers to response-ip methods.

References respip_block.

Referenced by module_funcs_avail().

◆ respip_set_is_empty()

int respip_set_is_empty ( const struct respip_set set)

respip set emptiness test

Parameters
setrespip set to test
Returns
0 if the specified set exists (non-NULL) and is non-empty; otherwise returns 1

◆ respip_inform_print()

void respip_inform_print ( struct respip_addr_info respip_addr,
uint8_t *  qname,
uint16_t  qtype,
uint16_t  qclass,
struct local_rrset local_alias,
struct comm_reply repinfo 
)

print log information for a query subject to an inform or inform-deny response-ip action.

Parameters
respip_addrresponse-ip information that causes the action
qnamequery name in the context, will be ignored if local_alias is non-NULL.
qtypequery type, in host byte order.
qclassquery class, in host byte order.
local_aliasset to a local alias if the query matches an alias in a local zone. In this case its owner name will be considered the actual query name.
repinforeply info containing the client's source address and port.

References comm_reply::addr, addr_to_str(), comm_reply::addrlen, packed_rrset_key::dname, log_nametypeclass(), ub_packed_rrset_key::rk, and local_rrset::rrset.

Referenced by apply_respip_action(), and mesh_query_done().

Variable Documentation

◆ respip_block

struct module_func_block respip_block
static
Initial value:
= {
"respip",
}
int respip_init(struct module_env *env, int id)
response-ip init
Definition: respip.c:506
void respip_deinit(struct module_env *env, int id)
response-ip deinit
Definition: respip.c:514
size_t respip_get_mem(struct module_env *env, int id)
response-ip alloc size routine
Definition: respip.c:1121
void respip_operate(struct module_qstate *qstate, enum module_ev event, int id, struct outbound_entry *outbound)
response-ip operate on a query
Definition: respip.c:939
void respip_clear(struct module_qstate *qstate, int id)
response-ip cleanup query state
Definition: respip.c:1115
void respip_inform_super(struct module_qstate *qstate, int id, struct module_qstate *super)
inform response-ip super
Definition: respip.c:1081

The response-ip function block.

Referenced by respip_get_funcblock().