1 /*
2 * libunbound/worker.c - worker thread or process that resolves
3 *
4 * Copyright (c) 2007, NLnet Labs. All rights reserved.
5 *
6 * This software is open source.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * Redistributions of source code must retain the above copyright notice,
13 * this list of conditions and the following disclaimer.
14 *
15 * Redistributions in binary form must reproduce the above copyright notice,
16 * this list of conditions and the following disclaimer in the documentation
17 * and/or other materials provided with the distribution.
18 *
19 * Neither the name of the NLNET LABS nor the names of its contributors may
20 * be used to endorse or promote products derived from this software without
21 * specific prior written permission.
22 *
23 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
24 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
25 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
26 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
27 * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
28 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
29 * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
30 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
31 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
32 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
33 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
34 */
35
36 /**
37 * \file
38 *
39 * This file contains the worker process or thread that performs
40 * the DNS resolving and validation. The worker is called by a procedure
41 * and if in the background continues until exit, if in the foreground
42 * returns from the procedure when done.
43 */
44 #include "config.h"
45 #ifdef HAVE_SSL
46 #include <openssl/ssl.h>
47 #endif
48 #include "libunbound/libworker.h"
49 #include "libunbound/context.h"
50 #include "libunbound/unbound.h"
51 #include "libunbound/worker.h"
52 #include "libunbound/unbound-event.h"
53 #include "services/outside_network.h"
54 #include "services/mesh.h"
55 #include "services/localzone.h"
56 #include "services/cache/rrset.h"
57 #include "services/outbound_list.h"
58 #include "services/authzone.h"
59 #include "util/fptr_wlist.h"
60 #include "util/module.h"
61 #include "util/regional.h"
62 #include "util/random.h"
63 #include "util/config_file.h"
64 #include "util/netevent.h"
65 #include "util/proxy_protocol.h"
66 #include "util/storage/lookup3.h"
67 #include "util/storage/slabhash.h"
68 #include "util/net_help.h"
69 #include "util/data/dname.h"
70 #include "util/data/msgreply.h"
71 #include "util/data/msgencode.h"
72 #include "util/tube.h"
73 #include "sldns/sbuffer.h"
74 #include "sldns/str2wire.h"
75 #ifdef USE_DNSTAP
76 #include "dnstap/dtstream.h"
77 #endif
78
79 #ifdef HAVE_TARGETCONDITIONALS_H
80 #include <TargetConditionals.h>
81 #endif
82
83 #if (defined(TARGET_OS_TV) && TARGET_OS_TV) || (defined(TARGET_OS_WATCH) && TARGET_OS_WATCH)
84 #undef HAVE_FORK
85 #endif
86
87 /** handle new query command for bg worker */
88 static void handle_newq(struct libworker* w, uint8_t* buf, uint32_t len);
89
90 /** delete libworker env */
91 static void
libworker_delete_env(struct libworker * w)92 libworker_delete_env(struct libworker* w)
93 {
94 if(w->env) {
95 outside_network_quit_prepare(w->back);
96 mesh_delete(w->env->mesh);
97 context_release_alloc(w->ctx, w->env->alloc,
98 !w->is_bg || w->is_bg_thread);
99 sldns_buffer_free(w->env->scratch_buffer);
100 regional_destroy(w->env->scratch);
101 ub_randfree(w->env->rnd);
102 free(w->env);
103 }
104 #ifdef HAVE_SSL
105 SSL_CTX_free(w->sslctx);
106 #endif
107 outside_network_delete(w->back);
108 }
109
110 /** delete libworker struct */
111 static void
libworker_delete(struct libworker * w)112 libworker_delete(struct libworker* w)
113 {
114 if(!w) return;
115 libworker_delete_env(w);
116 comm_base_delete(w->base);
117 free(w);
118 }
119
120 void
libworker_delete_event(struct libworker * w)121 libworker_delete_event(struct libworker* w)
122 {
123 if(!w) return;
124 libworker_delete_env(w);
125 comm_base_delete_no_base(w->base);
126 free(w);
127 }
128
129 /** setup fresh libworker struct */
130 static struct libworker*
libworker_setup(struct ub_ctx * ctx,int is_bg,struct ub_event_base * eb)131 libworker_setup(struct ub_ctx* ctx, int is_bg, struct ub_event_base* eb)
132 {
133 struct libworker* w = (struct libworker*)calloc(1, sizeof(*w));
134 struct config_file* cfg = ctx->env->cfg;
135 int* ports;
136 int numports;
137 if(!w) return NULL;
138 w->is_bg = is_bg;
139 w->ctx = ctx;
140 w->env = (struct module_env*)malloc(sizeof(*w->env));
141 if(!w->env) {
142 free(w);
143 return NULL;
144 }
145 *w->env = *ctx->env;
146 w->env->alloc = context_obtain_alloc(ctx, !w->is_bg || w->is_bg_thread);
147 if(!w->env->alloc) {
148 libworker_delete(w);
149 return NULL;
150 }
151 w->thread_num = w->env->alloc->thread_num;
152 alloc_set_id_cleanup(w->env->alloc, &libworker_alloc_cleanup, w);
153 if(!w->is_bg || w->is_bg_thread) {
154 lock_basic_lock(&ctx->cfglock);
155 }
156 w->env->scratch = regional_create_custom(cfg->msg_buffer_size);
157 w->env->scratch_buffer = sldns_buffer_new(cfg->msg_buffer_size);
158 #ifdef HAVE_SSL
159 w->sslctx = connect_sslctx_create(NULL, NULL,
160 cfg->tls_cert_bundle, cfg->tls_win_cert);
161 if(!w->sslctx) {
162 /* to make the setup fail after unlock */
163 sldns_buffer_free(w->env->scratch_buffer);
164 w->env->scratch_buffer = NULL;
165 }
166 #endif
167 if(!w->is_bg || w->is_bg_thread) {
168 lock_basic_unlock(&ctx->cfglock);
169 }
170 if(!w->env->scratch || !w->env->scratch_buffer) {
171 libworker_delete(w);
172 return NULL;
173 }
174 w->env->worker = (struct worker*)w;
175 w->env->probe_timer = NULL;
176 if(!w->is_bg || w->is_bg_thread) {
177 lock_basic_lock(&ctx->cfglock);
178 }
179 if(!(w->env->rnd = ub_initstate(ctx->seed_rnd))) {
180 if(!w->is_bg || w->is_bg_thread) {
181 lock_basic_unlock(&ctx->cfglock);
182 }
183 libworker_delete(w);
184 return NULL;
185 }
186 if(!w->is_bg || w->is_bg_thread) {
187 lock_basic_unlock(&ctx->cfglock);
188 }
189 if(1) {
190 /* primitive lockout for threading: if it overwrites another
191 * thread it is like wiping the cache (which is likely empty
192 * at the start) */
193 /* note we are holding the ctx lock in normal threaded
194 * cases so that is solved properly, it is only for many ctx
195 * in different threads that this may clash */
196 static int done_raninit = 0;
197 if(!done_raninit) {
198 done_raninit = 1;
199 hash_set_raninit((uint32_t)ub_random(w->env->rnd));
200 }
201 }
202
203 if(eb)
204 w->base = comm_base_create_event(eb);
205 else w->base = comm_base_create(0);
206 if(!w->base) {
207 libworker_delete(w);
208 return NULL;
209 }
210 w->env->worker_base = w->base;
211 if(!w->is_bg || w->is_bg_thread) {
212 lock_basic_lock(&ctx->cfglock);
213 }
214 numports = cfg_condense_ports(cfg, &ports);
215 if(numports == 0) {
216 if(!w->is_bg || w->is_bg_thread) {
217 lock_basic_unlock(&ctx->cfglock);
218 }
219 libworker_delete(w);
220 return NULL;
221 }
222 w->back = outside_network_create(w->base, cfg->msg_buffer_size,
223 (size_t)cfg->outgoing_num_ports, cfg->out_ifs,
224 cfg->num_out_ifs, cfg->do_ip4, cfg->do_ip6,
225 cfg->do_tcp?cfg->outgoing_num_tcp:0, cfg->ip_dscp,
226 w->env->infra_cache, w->env->rnd, cfg->use_caps_bits_for_id,
227 ports, numports, cfg->unwanted_threshold,
228 cfg->outgoing_tcp_mss, &libworker_alloc_cleanup, w,
229 cfg->do_udp || cfg->udp_upstream_without_downstream, w->sslctx,
230 cfg->delay_close, cfg->tls_use_sni, NULL, cfg->udp_connect,
231 cfg->max_reuse_tcp_queries, cfg->tcp_reuse_timeout,
232 cfg->tcp_auth_query_timeout);
233 w->env->outnet = w->back;
234 if(!w->is_bg || w->is_bg_thread) {
235 lock_basic_unlock(&ctx->cfglock);
236 }
237 free(ports);
238 if(!w->back) {
239 libworker_delete(w);
240 return NULL;
241 }
242 w->env->mesh = mesh_create(&ctx->mods, w->env);
243 if(!w->env->mesh) {
244 libworker_delete(w);
245 return NULL;
246 }
247 w->env->send_query = &libworker_send_query;
248 w->env->detach_subs = &mesh_detach_subs;
249 w->env->attach_sub = &mesh_attach_sub;
250 w->env->add_sub = &mesh_add_sub;
251 w->env->kill_sub = &mesh_state_delete;
252 w->env->detect_cycle = &mesh_detect_cycle;
253 comm_base_timept(w->base, &w->env->now, &w->env->now_tv);
254 pp_init(&sldns_write_uint16, &sldns_write_uint32);
255 return w;
256 }
257
libworker_create_event(struct ub_ctx * ctx,struct ub_event_base * eb)258 struct libworker* libworker_create_event(struct ub_ctx* ctx,
259 struct ub_event_base* eb)
260 {
261 return libworker_setup(ctx, 0, eb);
262 }
263
264 /** handle cancel command for bg worker */
265 static void
handle_cancel(struct libworker * w,uint8_t * buf,uint32_t len)266 handle_cancel(struct libworker* w, uint8_t* buf, uint32_t len)
267 {
268 struct ctx_query* q;
269 if(w->is_bg_thread) {
270 lock_basic_lock(&w->ctx->cfglock);
271 q = context_deserialize_cancel(w->ctx, buf, len);
272 lock_basic_unlock(&w->ctx->cfglock);
273 } else {
274 q = context_deserialize_cancel(w->ctx, buf, len);
275 }
276 if(!q) {
277 /* probably simply lookup failed, i.e. the message had been
278 * processed and answered before the cancel arrived */
279 return;
280 }
281 q->cancelled = 1;
282 free(buf);
283 }
284
285 /** do control command coming into bg server */
286 static void
libworker_do_cmd(struct libworker * w,uint8_t * msg,uint32_t len)287 libworker_do_cmd(struct libworker* w, uint8_t* msg, uint32_t len)
288 {
289 switch(context_serial_getcmd(msg, len)) {
290 default:
291 case UB_LIBCMD_ANSWER:
292 log_err("unknown command for bg worker %d",
293 (int)context_serial_getcmd(msg, len));
294 /* and fall through to quit */
295 ATTR_FALLTHROUGH
296 /* fallthrough */
297 case UB_LIBCMD_QUIT:
298 free(msg);
299 comm_base_exit(w->base);
300 break;
301 case UB_LIBCMD_NEWQUERY:
302 handle_newq(w, msg, len);
303 break;
304 case UB_LIBCMD_CANCEL:
305 handle_cancel(w, msg, len);
306 break;
307 }
308 }
309
310 /** handle control command coming into server */
311 void
libworker_handle_control_cmd(struct tube * ATTR_UNUSED (tube),uint8_t * msg,size_t len,int err,void * arg)312 libworker_handle_control_cmd(struct tube* ATTR_UNUSED(tube),
313 uint8_t* msg, size_t len, int err, void* arg)
314 {
315 struct libworker* w = (struct libworker*)arg;
316
317 if(err != 0) {
318 free(msg);
319 /* it is of no use to go on, exit */
320 comm_base_exit(w->base);
321 return;
322 }
323 libworker_do_cmd(w, msg, len); /* also frees the buf */
324 }
325
326 /** the background thread func */
327 static void*
libworker_dobg(void * arg)328 libworker_dobg(void* arg)
329 {
330 /* setup */
331 uint32_t m;
332 struct libworker* w = (struct libworker*)arg;
333 struct ub_ctx* ctx;
334 if(!w) {
335 log_err("libunbound bg worker init failed, nomem");
336 return NULL;
337 }
338 ctx = w->ctx;
339 log_thread_set(&w->thread_num);
340 #ifdef THREADS_DISABLED
341 /* we are forked */
342 w->is_bg_thread = 0;
343 /* close non-used parts of the pipes */
344 tube_close_write(ctx->qq_pipe);
345 tube_close_read(ctx->rr_pipe);
346 #endif
347 if(!tube_setup_bg_listen(ctx->qq_pipe, w->base,
348 libworker_handle_control_cmd, w)) {
349 log_err("libunbound bg worker init failed, no bglisten");
350 return NULL;
351 }
352 if(!tube_setup_bg_write(ctx->rr_pipe, w->base)) {
353 log_err("libunbound bg worker init failed, no bgwrite");
354 return NULL;
355 }
356
357 /* do the work */
358 comm_base_dispatch(w->base);
359
360 /* cleanup */
361 m = UB_LIBCMD_QUIT;
362 w->want_quit = 1;
363 tube_remove_bg_listen(w->ctx->qq_pipe);
364 tube_remove_bg_write(w->ctx->rr_pipe);
365 libworker_delete(w);
366 (void)tube_write_msg(ctx->rr_pipe, (uint8_t*)&m,
367 (uint32_t)sizeof(m), 0);
368 #ifdef THREADS_DISABLED
369 /* close pipes from forked process before exit */
370 tube_close_read(ctx->qq_pipe);
371 tube_close_write(ctx->rr_pipe);
372 #endif
373 return NULL;
374 }
375
libworker_bg(struct ub_ctx * ctx)376 int libworker_bg(struct ub_ctx* ctx)
377 {
378 struct libworker* w;
379 /* fork or threadcreate */
380 lock_basic_lock(&ctx->cfglock);
381 if(ctx->dothread) {
382 lock_basic_unlock(&ctx->cfglock);
383 w = libworker_setup(ctx, 1, NULL);
384 if(!w) return UB_NOMEM;
385 w->is_bg_thread = 1;
386 ctx->thread_worker = w;
387 #ifdef ENABLE_LOCK_CHECKS
388 w->thread_num = 1; /* for nicer DEBUG checklocks */
389 #endif
390 ub_thread_create(&ctx->bg_tid, libworker_dobg, w);
391 } else {
392 lock_basic_unlock(&ctx->cfglock);
393 #ifndef HAVE_FORK
394 /* no fork on windows */
395 return UB_FORKFAIL;
396 #else /* HAVE_FORK */
397 switch((ctx->bg_pid=fork())) {
398 case 0:
399 w = libworker_setup(ctx, 1, NULL);
400 if(!w) fatal_exit("out of memory");
401 /* close non-used parts of the pipes */
402 tube_close_write(ctx->qq_pipe);
403 tube_close_read(ctx->rr_pipe);
404 (void)libworker_dobg(w);
405 exit(0);
406 break;
407 case -1:
408 return UB_FORKFAIL;
409 default:
410 /* close non-used parts, so that the worker
411 * bgprocess gets 'pipe closed' when the
412 * main process exits */
413 tube_close_read(ctx->qq_pipe);
414 tube_close_write(ctx->rr_pipe);
415 break;
416 }
417 #endif /* HAVE_FORK */
418 }
419 return UB_NOERROR;
420 }
421
422 /** insert canonname */
423 static int
fill_canon(struct ub_result * res,uint8_t * s)424 fill_canon(struct ub_result* res, uint8_t* s)
425 {
426 char buf[LDNS_MAX_DOMAINLEN];
427 dname_str(s, buf);
428 res->canonname = strdup(buf);
429 return res->canonname != 0;
430 }
431
432 /** fill data into result */
433 static int
fill_res(struct ub_result * res,struct ub_packed_rrset_key * answer,uint8_t * finalcname,struct query_info * rq,struct reply_info * rep)434 fill_res(struct ub_result* res, struct ub_packed_rrset_key* answer,
435 uint8_t* finalcname, struct query_info* rq, struct reply_info* rep)
436 {
437 size_t i;
438 struct packed_rrset_data* data;
439 res->ttl = 0;
440 if(!answer) {
441 if(finalcname) {
442 if(!fill_canon(res, finalcname))
443 return 0; /* out of memory */
444 }
445 if(rep->rrset_count != 0)
446 res->ttl = (int)rep->ttl;
447 res->data = (char**)calloc(1, sizeof(char*));
448 if(!res->data)
449 return 0; /* out of memory */
450 res->len = (int*)calloc(1, sizeof(int));
451 if(!res->len) {
452 free(res->data);
453 res->data = NULL;
454 return 0; /* out of memory */
455 }
456 return 1;
457 }
458 data = (struct packed_rrset_data*)answer->entry.data;
459 if(query_dname_compare(rq->qname, answer->rk.dname) != 0) {
460 if(!fill_canon(res, answer->rk.dname))
461 return 0; /* out of memory */
462 } else res->canonname = NULL;
463 res->data = (char**)calloc(data->count+1, sizeof(char*));
464 if(!res->data)
465 return 0; /* out of memory */
466 res->len = (int*)calloc(data->count+1, sizeof(int));
467 if(!res->len) {
468 free(res->data);
469 res->data = NULL;
470 return 0; /* out of memory */
471 }
472 for(i=0; i<data->count; i++) {
473 /* remove rdlength from rdata */
474 res->len[i] = (int)(data->rr_len[i] - 2);
475 res->data[i] = memdup(data->rr_data[i]+2, (size_t)res->len[i]);
476 if(!res->data[i]) {
477 size_t j;
478 for(j=0; j<i; j++) {
479 free(res->data[j]);
480 res->data[j] = NULL;
481 }
482 free(res->data);
483 res->data = NULL;
484 free(res->len);
485 res->len = NULL;
486 return 0; /* out of memory */
487 }
488 }
489 /* ttl for positive answers, from CNAME and answer RRs */
490 if(data->count != 0) {
491 size_t j;
492 res->ttl = (int)data->ttl;
493 for(j=0; j<rep->an_numrrsets; j++) {
494 struct packed_rrset_data* d =
495 (struct packed_rrset_data*)rep->rrsets[j]->
496 entry.data;
497 if((int)d->ttl < res->ttl)
498 res->ttl = (int)d->ttl;
499 }
500 }
501 /* ttl for negative answers */
502 if(data->count == 0 && rep->rrset_count != 0)
503 res->ttl = (int)rep->ttl;
504 res->data[data->count] = NULL;
505 res->len[data->count] = 0;
506 return 1;
507 }
508
509 /** fill result from parsed message, on error fills servfail */
510 void
libworker_enter_result(struct ub_result * res,sldns_buffer * buf,struct regional * temp,enum sec_status msg_security)511 libworker_enter_result(struct ub_result* res, sldns_buffer* buf,
512 struct regional* temp, enum sec_status msg_security)
513 {
514 struct query_info rq;
515 struct reply_info* rep;
516 res->rcode = LDNS_RCODE_SERVFAIL;
517 rep = parse_reply_in_temp_region(buf, temp, &rq);
518 if(!rep) {
519 log_err("cannot parse buf");
520 return; /* error parsing buf, or out of memory */
521 }
522 if(!fill_res(res, reply_find_answer_rrset(&rq, rep),
523 reply_find_final_cname_target(&rq, rep), &rq, rep))
524 return; /* out of memory */
525 /* rcode, havedata, nxdomain, secure, bogus */
526 res->rcode = (int)FLAGS_GET_RCODE(rep->flags);
527 if(res->data && res->data[0])
528 res->havedata = 1;
529 if(res->rcode == LDNS_RCODE_NXDOMAIN)
530 res->nxdomain = 1;
531 if(msg_security == sec_status_secure)
532 res->secure = 1;
533 if(msg_security == sec_status_bogus ||
534 msg_security == sec_status_secure_sentinel_fail)
535 res->bogus = 1;
536 }
537
538 /** fillup fg results */
539 static void
libworker_fillup_fg(struct ctx_query * q,int rcode,sldns_buffer * buf,enum sec_status s,char * why_bogus,int was_ratelimited)540 libworker_fillup_fg(struct ctx_query* q, int rcode, sldns_buffer* buf,
541 enum sec_status s, char* why_bogus, int was_ratelimited)
542 {
543 q->res->was_ratelimited = was_ratelimited;
544 if(why_bogus)
545 q->res->why_bogus = strdup(why_bogus);
546 if(rcode != 0) {
547 q->res->rcode = rcode;
548 q->msg_security = s;
549 return;
550 }
551
552 q->res->rcode = LDNS_RCODE_SERVFAIL;
553 q->msg_security = sec_status_unchecked;
554 q->msg = memdup(sldns_buffer_begin(buf), sldns_buffer_limit(buf));
555 q->msg_len = sldns_buffer_limit(buf);
556 if(!q->msg) {
557 return; /* the error is in the rcode */
558 }
559
560 /* canonname and results */
561 q->msg_security = s;
562 libworker_enter_result(q->res, buf, q->w->env->scratch, s);
563 }
564
565 void
libworker_fg_done_cb(void * arg,int rcode,sldns_buffer * buf,enum sec_status s,char * why_bogus,int was_ratelimited)566 libworker_fg_done_cb(void* arg, int rcode, sldns_buffer* buf, enum sec_status s,
567 char* why_bogus, int was_ratelimited)
568 {
569 struct ctx_query* q = (struct ctx_query*)arg;
570 /* fg query is done; exit comm base */
571 comm_base_exit(q->w->base);
572
573 libworker_fillup_fg(q, rcode, buf, s, why_bogus, was_ratelimited);
574 }
575
576 /** setup qinfo and edns */
577 static int
setup_qinfo_edns(struct libworker * w,struct ctx_query * q,struct query_info * qinfo,struct edns_data * edns)578 setup_qinfo_edns(struct libworker* w, struct ctx_query* q,
579 struct query_info* qinfo, struct edns_data* edns)
580 {
581 qinfo->qtype = (uint16_t)q->res->qtype;
582 qinfo->qclass = (uint16_t)q->res->qclass;
583 qinfo->local_alias = NULL;
584 qinfo->qname = sldns_str2wire_dname(q->res->qname, &qinfo->qname_len);
585 if(!qinfo->qname) {
586 return 0;
587 }
588 edns->edns_present = 1;
589 edns->ext_rcode = 0;
590 edns->edns_version = 0;
591 edns->bits = EDNS_DO;
592 edns->opt_list_in = NULL;
593 edns->opt_list_out = NULL;
594 edns->opt_list_inplace_cb_out = NULL;
595 edns->padding_block_size = 0;
596 edns->cookie_present = 0;
597 edns->cookie_valid = 0;
598 if(sldns_buffer_capacity(w->back->udp_buff) < 65535)
599 edns->udp_size = (uint16_t)sldns_buffer_capacity(
600 w->back->udp_buff);
601 else edns->udp_size = 65535;
602 return 1;
603 }
604
libworker_fg(struct ub_ctx * ctx,struct ctx_query * q)605 int libworker_fg(struct ub_ctx* ctx, struct ctx_query* q)
606 {
607 struct libworker* w = libworker_setup(ctx, 0, NULL);
608 uint16_t qflags, qid;
609 struct query_info qinfo;
610 struct edns_data edns;
611 if(!w)
612 return UB_INITFAIL;
613 if(!setup_qinfo_edns(w, q, &qinfo, &edns)) {
614 libworker_delete(w);
615 return UB_SYNTAX;
616 }
617 qid = 0;
618 qflags = BIT_RD;
619 q->w = w;
620 /* see if there is a fixed answer */
621 sldns_buffer_write_u16_at(w->back->udp_buff, 0, qid);
622 sldns_buffer_write_u16_at(w->back->udp_buff, 2, qflags);
623 if(local_zones_answer(ctx->local_zones, w->env, &qinfo, &edns,
624 w->back->udp_buff, w->env->scratch, NULL, NULL, 0, NULL, 0,
625 NULL, 0, NULL, 0, NULL)) {
626 regional_free_all(w->env->scratch);
627 libworker_fillup_fg(q, LDNS_RCODE_NOERROR,
628 w->back->udp_buff, sec_status_insecure, NULL, 0);
629 libworker_delete(w);
630 free(qinfo.qname);
631 return UB_NOERROR;
632 }
633 if(ctx->env->auth_zones && auth_zones_downstream_answer(
634 ctx->env->auth_zones, w->env, &qinfo, &edns, NULL,
635 w->back->udp_buff, w->env->scratch)) {
636 regional_free_all(w->env->scratch);
637 libworker_fillup_fg(q, LDNS_RCODE_NOERROR,
638 w->back->udp_buff, sec_status_insecure, NULL, 0);
639 libworker_delete(w);
640 free(qinfo.qname);
641 return UB_NOERROR;
642 }
643 /* process new query */
644 if(!mesh_new_callback(w->env->mesh, &qinfo, qflags, &edns,
645 w->back->udp_buff, qid, libworker_fg_done_cb, q, 0)) {
646 free(qinfo.qname);
647 return UB_NOMEM;
648 }
649 free(qinfo.qname);
650
651 /* wait for reply */
652 comm_base_dispatch(w->base);
653
654 libworker_delete(w);
655 return UB_NOERROR;
656 }
657
658 void
libworker_event_done_cb(void * arg,int rcode,sldns_buffer * buf,enum sec_status s,char * why_bogus,int was_ratelimited)659 libworker_event_done_cb(void* arg, int rcode, sldns_buffer* buf,
660 enum sec_status s, char* why_bogus, int was_ratelimited)
661 {
662 struct ctx_query* q = (struct ctx_query*)arg;
663 ub_event_callback_type cb = q->cb_event;
664 void* cb_arg = q->cb_arg;
665 int cancelled = q->cancelled;
666
667 /* delete it now */
668 struct ub_ctx* ctx = q->w->ctx;
669 lock_basic_lock(&ctx->cfglock);
670 (void)rbtree_delete(&ctx->queries, q->node.key);
671 ctx->num_async--;
672 context_query_delete(q);
673 lock_basic_unlock(&ctx->cfglock);
674
675 if(!cancelled) {
676 /* call callback */
677 int sec = 0;
678 if(s == sec_status_bogus)
679 sec = 1;
680 else if(s == sec_status_secure)
681 sec = 2;
682 (*cb)(cb_arg, rcode, (buf?(void*)sldns_buffer_begin(buf):NULL),
683 (buf?(int)sldns_buffer_limit(buf):0), sec, why_bogus, was_ratelimited);
684 }
685 }
686
libworker_attach_mesh(struct ub_ctx * ctx,struct ctx_query * q,int * async_id)687 int libworker_attach_mesh(struct ub_ctx* ctx, struct ctx_query* q,
688 int* async_id)
689 {
690 struct libworker* w = ctx->event_worker;
691 uint16_t qflags, qid;
692 struct query_info qinfo;
693 struct edns_data edns;
694 if(!w)
695 return UB_INITFAIL;
696 if(!setup_qinfo_edns(w, q, &qinfo, &edns))
697 return UB_SYNTAX;
698 qid = 0;
699 qflags = BIT_RD;
700 q->w = w;
701 /* see if there is a fixed answer */
702 sldns_buffer_write_u16_at(w->back->udp_buff, 0, qid);
703 sldns_buffer_write_u16_at(w->back->udp_buff, 2, qflags);
704 if(local_zones_answer(ctx->local_zones, w->env, &qinfo, &edns,
705 w->back->udp_buff, w->env->scratch, NULL, NULL, 0, NULL, 0,
706 NULL, 0, NULL, 0, NULL)) {
707 regional_free_all(w->env->scratch);
708 free(qinfo.qname);
709 libworker_event_done_cb(q, LDNS_RCODE_NOERROR,
710 w->back->udp_buff, sec_status_insecure, NULL, 0);
711 return UB_NOERROR;
712 }
713 if(ctx->env->auth_zones && auth_zones_downstream_answer(
714 ctx->env->auth_zones, w->env, &qinfo, &edns, NULL,
715 w->back->udp_buff, w->env->scratch)) {
716 regional_free_all(w->env->scratch);
717 free(qinfo.qname);
718 libworker_event_done_cb(q, LDNS_RCODE_NOERROR,
719 w->back->udp_buff, sec_status_insecure, NULL, 0);
720 return UB_NOERROR;
721 }
722 /* process new query */
723 if(async_id)
724 *async_id = q->querynum;
725 if(!mesh_new_callback(w->env->mesh, &qinfo, qflags, &edns,
726 w->back->udp_buff, qid, libworker_event_done_cb, q, 0)) {
727 free(qinfo.qname);
728 return UB_NOMEM;
729 }
730 free(qinfo.qname);
731 return UB_NOERROR;
732 }
733
734 /** add result to the bg worker result queue */
735 static void
add_bg_result(struct libworker * w,struct ctx_query * q,sldns_buffer * pkt,int err,char * reason,int was_ratelimited)736 add_bg_result(struct libworker* w, struct ctx_query* q, sldns_buffer* pkt,
737 int err, char* reason, int was_ratelimited)
738 {
739 uint8_t* msg = NULL;
740 uint32_t len = 0;
741
742 if(w->want_quit) {
743 context_query_delete(q);
744 return;
745 }
746 /* serialize and delete unneeded q */
747 if(w->is_bg_thread) {
748 lock_basic_lock(&w->ctx->cfglock);
749 if(reason)
750 q->res->why_bogus = strdup(reason);
751 q->res->was_ratelimited = was_ratelimited;
752 if(pkt) {
753 q->msg_len = sldns_buffer_remaining(pkt);
754 q->msg = memdup(sldns_buffer_begin(pkt), q->msg_len);
755 if(!q->msg) {
756 msg = context_serialize_answer(q, UB_NOMEM, NULL, &len);
757 } else {
758 msg = context_serialize_answer(q, err, NULL, &len);
759 }
760 } else {
761 msg = context_serialize_answer(q, err, NULL, &len);
762 }
763 lock_basic_unlock(&w->ctx->cfglock);
764 } else {
765 if(reason)
766 q->res->why_bogus = strdup(reason);
767 q->res->was_ratelimited = was_ratelimited;
768 msg = context_serialize_answer(q, err, pkt, &len);
769 (void)rbtree_delete(&w->ctx->queries, q->node.key);
770 w->ctx->num_async--;
771 context_query_delete(q);
772 }
773
774 if(!msg) {
775 log_err("out of memory for async answer");
776 return;
777 }
778 if(!tube_queue_item(w->ctx->rr_pipe, msg, len)) {
779 log_err("out of memory for async answer");
780 return;
781 }
782 }
783
784 void
libworker_bg_done_cb(void * arg,int rcode,sldns_buffer * buf,enum sec_status s,char * why_bogus,int was_ratelimited)785 libworker_bg_done_cb(void* arg, int rcode, sldns_buffer* buf, enum sec_status s,
786 char* why_bogus, int was_ratelimited)
787 {
788 struct ctx_query* q = (struct ctx_query*)arg;
789
790 if(q->cancelled || q->w->back->want_to_quit) {
791 if(q->w->is_bg_thread) {
792 /* delete it now */
793 struct ub_ctx* ctx = q->w->ctx;
794 lock_basic_lock(&ctx->cfglock);
795 (void)rbtree_delete(&ctx->queries, q->node.key);
796 ctx->num_async--;
797 context_query_delete(q);
798 lock_basic_unlock(&ctx->cfglock);
799 }
800 /* cancelled, do not give answer */
801 return;
802 }
803 q->msg_security = s;
804 if(!buf) {
805 buf = q->w->env->scratch_buffer;
806 }
807 if(rcode != 0) {
808 error_encode(buf, rcode, NULL, 0, BIT_RD, NULL);
809 }
810 add_bg_result(q->w, q, buf, UB_NOERROR, why_bogus, was_ratelimited);
811 }
812
813
814 /** handle new query command for bg worker */
815 static void
handle_newq(struct libworker * w,uint8_t * buf,uint32_t len)816 handle_newq(struct libworker* w, uint8_t* buf, uint32_t len)
817 {
818 uint16_t qflags, qid;
819 struct query_info qinfo;
820 struct edns_data edns;
821 struct ctx_query* q;
822 if(w->is_bg_thread) {
823 lock_basic_lock(&w->ctx->cfglock);
824 q = context_lookup_new_query(w->ctx, buf, len);
825 lock_basic_unlock(&w->ctx->cfglock);
826 } else {
827 q = context_deserialize_new_query(w->ctx, buf, len);
828 }
829 free(buf);
830 if(!q) {
831 log_err("failed to deserialize newq");
832 return;
833 }
834 if(!setup_qinfo_edns(w, q, &qinfo, &edns)) {
835 add_bg_result(w, q, NULL, UB_SYNTAX, NULL, 0);
836 return;
837 }
838 qid = 0;
839 qflags = BIT_RD;
840 /* see if there is a fixed answer */
841 sldns_buffer_write_u16_at(w->back->udp_buff, 0, qid);
842 sldns_buffer_write_u16_at(w->back->udp_buff, 2, qflags);
843 if(local_zones_answer(w->ctx->local_zones, w->env, &qinfo, &edns,
844 w->back->udp_buff, w->env->scratch, NULL, NULL, 0, NULL, 0,
845 NULL, 0, NULL, 0, NULL)) {
846 regional_free_all(w->env->scratch);
847 q->msg_security = sec_status_insecure;
848 add_bg_result(w, q, w->back->udp_buff, UB_NOERROR, NULL, 0);
849 free(qinfo.qname);
850 return;
851 }
852 if(w->ctx->env->auth_zones && auth_zones_downstream_answer(
853 w->ctx->env->auth_zones, w->env, &qinfo, &edns, NULL,
854 w->back->udp_buff, w->env->scratch)) {
855 regional_free_all(w->env->scratch);
856 q->msg_security = sec_status_insecure;
857 add_bg_result(w, q, w->back->udp_buff, UB_NOERROR, NULL, 0);
858 free(qinfo.qname);
859 return;
860 }
861 q->w = w;
862 /* process new query */
863 if(!mesh_new_callback(w->env->mesh, &qinfo, qflags, &edns,
864 w->back->udp_buff, qid, libworker_bg_done_cb, q, 0)) {
865 add_bg_result(w, q, NULL, UB_NOMEM, NULL, 0);
866 }
867 free(qinfo.qname);
868 }
869
libworker_alloc_cleanup(void * arg)870 void libworker_alloc_cleanup(void* arg)
871 {
872 struct libworker* w = (struct libworker*)arg;
873 slabhash_clear(&w->env->rrset_cache->table);
874 slabhash_clear(w->env->msg_cache);
875 }
876
libworker_send_query(struct query_info * qinfo,uint16_t flags,int dnssec,int want_dnssec,int nocaps,int check_ratelimit,struct sockaddr_storage * addr,socklen_t addrlen,uint8_t * zone,size_t zonelen,int tcp_upstream,int ssl_upstream,char * tls_auth_name,struct module_qstate * q,int * was_ratelimited)877 struct outbound_entry* libworker_send_query(struct query_info* qinfo,
878 uint16_t flags, int dnssec, int want_dnssec, int nocaps,
879 int check_ratelimit,
880 struct sockaddr_storage* addr, socklen_t addrlen, uint8_t* zone,
881 size_t zonelen, int tcp_upstream, int ssl_upstream, char* tls_auth_name,
882 struct module_qstate* q, int* was_ratelimited)
883 {
884 struct libworker* w = (struct libworker*)q->env->worker;
885 struct outbound_entry* e = (struct outbound_entry*)regional_alloc(
886 q->region, sizeof(*e));
887 if(!e)
888 return NULL;
889 e->qstate = q;
890 e->qsent = outnet_serviced_query(w->back, qinfo, flags, dnssec,
891 want_dnssec, nocaps, check_ratelimit, tcp_upstream, ssl_upstream,
892 tls_auth_name, addr, addrlen, zone, zonelen, q,
893 libworker_handle_service_reply, e, w->back->udp_buff, q->env,
894 was_ratelimited);
895 if(!e->qsent) {
896 return NULL;
897 }
898 return e;
899 }
900
901 int
libworker_handle_service_reply(struct comm_point * c,void * arg,int error,struct comm_reply * reply_info)902 libworker_handle_service_reply(struct comm_point* c, void* arg, int error,
903 struct comm_reply* reply_info)
904 {
905 struct outbound_entry* e = (struct outbound_entry*)arg;
906 struct libworker* lw = (struct libworker*)e->qstate->env->worker;
907
908 if(error != 0) {
909 mesh_report_reply(lw->env->mesh, e, reply_info, error);
910 return 0;
911 }
912 /* sanity check. */
913 if(!LDNS_QR_WIRE(sldns_buffer_begin(c->buffer))
914 || LDNS_OPCODE_WIRE(sldns_buffer_begin(c->buffer)) !=
915 LDNS_PACKET_QUERY
916 || LDNS_QDCOUNT(sldns_buffer_begin(c->buffer)) > 1) {
917 /* error becomes timeout for the module as if this reply
918 * never arrived. */
919 mesh_report_reply(lw->env->mesh, e, reply_info,
920 NETEVENT_TIMEOUT);
921 return 0;
922 }
923 mesh_report_reply(lw->env->mesh, e, reply_info, NETEVENT_NOERROR);
924 return 0;
925 }
926
927 /* --- fake callbacks for fptr_wlist to work --- */
worker_handle_control_cmd(struct tube * ATTR_UNUSED (tube),uint8_t * ATTR_UNUSED (buffer),size_t ATTR_UNUSED (len),int ATTR_UNUSED (error),void * ATTR_UNUSED (arg))928 void worker_handle_control_cmd(struct tube* ATTR_UNUSED(tube),
929 uint8_t* ATTR_UNUSED(buffer), size_t ATTR_UNUSED(len),
930 int ATTR_UNUSED(error), void* ATTR_UNUSED(arg))
931 {
932 log_assert(0);
933 }
934
worker_handle_request(struct comm_point * ATTR_UNUSED (c),void * ATTR_UNUSED (arg),int ATTR_UNUSED (error),struct comm_reply * ATTR_UNUSED (repinfo))935 int worker_handle_request(struct comm_point* ATTR_UNUSED(c),
936 void* ATTR_UNUSED(arg), int ATTR_UNUSED(error),
937 struct comm_reply* ATTR_UNUSED(repinfo))
938 {
939 log_assert(0);
940 return 0;
941 }
942
worker_handle_service_reply(struct comm_point * ATTR_UNUSED (c),void * ATTR_UNUSED (arg),int ATTR_UNUSED (error),struct comm_reply * ATTR_UNUSED (reply_info))943 int worker_handle_service_reply(struct comm_point* ATTR_UNUSED(c),
944 void* ATTR_UNUSED(arg), int ATTR_UNUSED(error),
945 struct comm_reply* ATTR_UNUSED(reply_info))
946 {
947 log_assert(0);
948 return 0;
949 }
950
remote_accept_callback(struct comm_point * ATTR_UNUSED (c),void * ATTR_UNUSED (arg),int ATTR_UNUSED (error),struct comm_reply * ATTR_UNUSED (repinfo))951 int remote_accept_callback(struct comm_point* ATTR_UNUSED(c),
952 void* ATTR_UNUSED(arg), int ATTR_UNUSED(error),
953 struct comm_reply* ATTR_UNUSED(repinfo))
954 {
955 log_assert(0);
956 return 0;
957 }
958
remote_control_callback(struct comm_point * ATTR_UNUSED (c),void * ATTR_UNUSED (arg),int ATTR_UNUSED (error),struct comm_reply * ATTR_UNUSED (repinfo))959 int remote_control_callback(struct comm_point* ATTR_UNUSED(c),
960 void* ATTR_UNUSED(arg), int ATTR_UNUSED(error),
961 struct comm_reply* ATTR_UNUSED(repinfo))
962 {
963 log_assert(0);
964 return 0;
965 }
966
worker_sighandler(int ATTR_UNUSED (sig),void * ATTR_UNUSED (arg))967 void worker_sighandler(int ATTR_UNUSED(sig), void* ATTR_UNUSED(arg))
968 {
969 log_assert(0);
970 }
971
worker_send_query(struct query_info * ATTR_UNUSED (qinfo),uint16_t ATTR_UNUSED (flags),int ATTR_UNUSED (dnssec),int ATTR_UNUSED (want_dnssec),int ATTR_UNUSED (nocaps),int ATTR_UNUSED (check_ratelimit),struct sockaddr_storage * ATTR_UNUSED (addr),socklen_t ATTR_UNUSED (addrlen),uint8_t * ATTR_UNUSED (zone),size_t ATTR_UNUSED (zonelen),int ATTR_UNUSED (tcp_upstream),int ATTR_UNUSED (ssl_upstream),char * ATTR_UNUSED (tls_auth_name),struct module_qstate * ATTR_UNUSED (q),int * ATTR_UNUSED (was_ratelimited))972 struct outbound_entry* worker_send_query(struct query_info* ATTR_UNUSED(qinfo),
973 uint16_t ATTR_UNUSED(flags), int ATTR_UNUSED(dnssec),
974 int ATTR_UNUSED(want_dnssec), int ATTR_UNUSED(nocaps),
975 int ATTR_UNUSED(check_ratelimit),
976 struct sockaddr_storage* ATTR_UNUSED(addr), socklen_t ATTR_UNUSED(addrlen),
977 uint8_t* ATTR_UNUSED(zone), size_t ATTR_UNUSED(zonelen), int ATTR_UNUSED(tcp_upstream),
978 int ATTR_UNUSED(ssl_upstream), char* ATTR_UNUSED(tls_auth_name),
979 struct module_qstate* ATTR_UNUSED(q), int* ATTR_UNUSED(was_ratelimited))
980 {
981 log_assert(0);
982 return 0;
983 }
984
985 void
worker_alloc_cleanup(void * ATTR_UNUSED (arg))986 worker_alloc_cleanup(void* ATTR_UNUSED(arg))
987 {
988 log_assert(0);
989 }
990
worker_stat_timer_cb(void * ATTR_UNUSED (arg))991 void worker_stat_timer_cb(void* ATTR_UNUSED(arg))
992 {
993 log_assert(0);
994 }
995
worker_probe_timer_cb(void * ATTR_UNUSED (arg))996 void worker_probe_timer_cb(void* ATTR_UNUSED(arg))
997 {
998 log_assert(0);
999 }
1000
worker_start_accept(void * ATTR_UNUSED (arg))1001 void worker_start_accept(void* ATTR_UNUSED(arg))
1002 {
1003 log_assert(0);
1004 }
1005
worker_stop_accept(void * ATTR_UNUSED (arg))1006 void worker_stop_accept(void* ATTR_UNUSED(arg))
1007 {
1008 log_assert(0);
1009 }
1010
order_lock_cmp(const void * ATTR_UNUSED (e1),const void * ATTR_UNUSED (e2))1011 int order_lock_cmp(const void* ATTR_UNUSED(e1), const void* ATTR_UNUSED(e2))
1012 {
1013 log_assert(0);
1014 return 0;
1015 }
1016
1017 int
codeline_cmp(const void * ATTR_UNUSED (a),const void * ATTR_UNUSED (b))1018 codeline_cmp(const void* ATTR_UNUSED(a), const void* ATTR_UNUSED(b))
1019 {
1020 log_assert(0);
1021 return 0;
1022 }
1023
replay_var_compare(const void * ATTR_UNUSED (a),const void * ATTR_UNUSED (b))1024 int replay_var_compare(const void* ATTR_UNUSED(a), const void* ATTR_UNUSED(b))
1025 {
1026 log_assert(0);
1027 return 0;
1028 }
1029
remote_get_opt_ssl(char * ATTR_UNUSED (str),void * ATTR_UNUSED (arg))1030 void remote_get_opt_ssl(char* ATTR_UNUSED(str), void* ATTR_UNUSED(arg))
1031 {
1032 log_assert(0);
1033 }
1034
1035 #ifdef UB_ON_WINDOWS
1036 void
worker_win_stop_cb(int ATTR_UNUSED (fd),short ATTR_UNUSED (ev),void * ATTR_UNUSED (arg))1037 worker_win_stop_cb(int ATTR_UNUSED(fd), short ATTR_UNUSED(ev), void*
1038 ATTR_UNUSED(arg)) {
1039 log_assert(0);
1040 }
1041
1042 void
wsvc_cron_cb(void * ATTR_UNUSED (arg))1043 wsvc_cron_cb(void* ATTR_UNUSED(arg))
1044 {
1045 log_assert(0);
1046 }
1047 #endif /* UB_ON_WINDOWS */
1048
1049 #ifdef USE_DNSTAP
dtio_tap_callback(int ATTR_UNUSED (fd),short ATTR_UNUSED (ev),void * ATTR_UNUSED (arg))1050 void dtio_tap_callback(int ATTR_UNUSED(fd), short ATTR_UNUSED(ev),
1051 void* ATTR_UNUSED(arg))
1052 {
1053 log_assert(0);
1054 }
1055 #endif
1056
1057 #ifdef USE_DNSTAP
dtio_mainfdcallback(int ATTR_UNUSED (fd),short ATTR_UNUSED (ev),void * ATTR_UNUSED (arg))1058 void dtio_mainfdcallback(int ATTR_UNUSED(fd), short ATTR_UNUSED(ev),
1059 void* ATTR_UNUSED(arg))
1060 {
1061 log_assert(0);
1062 }
1063 #endif
1064
fast_reload_service_cb(int ATTR_UNUSED (fd),short ATTR_UNUSED (ev),void * ATTR_UNUSED (arg))1065 void fast_reload_service_cb(int ATTR_UNUSED(fd), short ATTR_UNUSED(ev),
1066 void* ATTR_UNUSED(arg))
1067 {
1068 log_assert(0);
1069 }
1070
fast_reload_client_callback(struct comm_point * ATTR_UNUSED (c),void * ATTR_UNUSED (arg),int ATTR_UNUSED (error),struct comm_reply * ATTR_UNUSED (repinfo))1071 int fast_reload_client_callback(struct comm_point* ATTR_UNUSED(c),
1072 void* ATTR_UNUSED(arg), int ATTR_UNUSED(error),
1073 struct comm_reply* ATTR_UNUSED(repinfo))
1074 {
1075 log_assert(0);
1076 return 0;
1077 }
1078
1079 #ifdef HAVE_NGTCP2
doq_client_event_cb(int ATTR_UNUSED (fd),short ATTR_UNUSED (ev),void * ATTR_UNUSED (arg))1080 void doq_client_event_cb(int ATTR_UNUSED(fd), short ATTR_UNUSED(ev),
1081 void* ATTR_UNUSED(arg))
1082 {
1083 log_assert(0);
1084 }
1085 #endif
1086
1087 #ifdef HAVE_NGTCP2
doq_client_timer_cb(int ATTR_UNUSED (fd),short ATTR_UNUSED (ev),void * ATTR_UNUSED (arg))1088 void doq_client_timer_cb(int ATTR_UNUSED(fd), short ATTR_UNUSED(ev),
1089 void* ATTR_UNUSED(arg))
1090 {
1091 log_assert(0);
1092 }
1093 #endif
1094