1 /* 2 * dnstap/unbound-dnstap-socket.c - debug program that listens for DNSTAP logs. 3 * 4 * Copyright (c) 2020, NLnet Labs. All rights reserved. 5 * 6 * This software is open source. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 12 * Redistributions of source code must retain the above copyright notice, 13 * this list of conditions and the following disclaimer. 14 * 15 * Redistributions in binary form must reproduce the above copyright notice, 16 * this list of conditions and the following disclaimer in the documentation 17 * and/or other materials provided with the distribution. 18 * 19 * Neither the name of the NLNET LABS nor the names of its contributors may 20 * be used to endorse or promote products derived from this software without 21 * specific prior written permission. 22 * 23 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 24 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 25 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 26 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 27 * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 28 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED 29 * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR 30 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF 31 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING 32 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS 33 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 34 */ 35 36 /** 37 * \file 38 * 39 * This program listens on a DNSTAP socket for logged messages. 40 */ 41 #include "config.h" 42 #ifdef HAVE_GETOPT_H 43 #include <getopt.h> 44 #endif 45 #include <signal.h> 46 #include <stdlib.h> 47 #include <unistd.h> 48 #include <signal.h> 49 #include <ctype.h> 50 #ifdef HAVE_SYS_UN_H 51 #include <sys/un.h> 52 #endif 53 #include <openssl/ssl.h> 54 #include <openssl/rand.h> 55 #include <openssl/err.h> 56 #include "dnstap/dtstream.h" 57 #include "dnstap/dnstap_fstrm.h" 58 #include "util/log.h" 59 #include "util/ub_event.h" 60 #include "util/net_help.h" 61 #include "services/listen_dnsport.h" 62 #include "sldns/sbuffer.h" 63 #include "sldns/wire2str.h" 64 #ifdef USE_DNSTAP 65 #include <protobuf-c/protobuf-c.h> 66 #include "dnstap/dnstap.pb-c.h" 67 #endif /* USE_DNSTAP */ 68 #include "util/config_file.h" 69 70 /** listen backlog on TCP connections for dnstap logs */ 71 #define LISTEN_BACKLOG 16 72 73 /** usage information for streamtcp */ 74 static void usage(char* argv[]) 75 { 76 printf("usage: %s [options]\n", argv[0]); 77 printf(" Listen to dnstap messages\n"); 78 printf("stdout has dnstap log, stderr has verbose server log\n"); 79 printf("-u <socketpath> listen to unix socket with this file name\n"); 80 printf("-s <serverip[@port]> listen for TCP on the IP and port\n"); 81 printf("-t <serverip[@port]> listen for TLS on IP and port\n"); 82 printf("-x <server.key> server key file for TLS service\n"); 83 printf("-y <server.pem> server cert file for TLS service\n"); 84 printf("-z <verify.pem> cert file to verify client connections\n"); 85 printf("-l long format for DNS printout\n"); 86 printf("-v more verbose log output\n"); 87 printf("-h this help text\n"); 88 exit(1); 89 } 90 91 /** long format option, for multiline printout per message */ 92 static int longformat = 0; 93 94 struct tap_socket_list; 95 struct tap_socket; 96 /** main tap callback data */ 97 struct main_tap_data { 98 /** the event base (to loopexit) */ 99 struct ub_event_base* base; 100 /** the list of accept sockets */ 101 struct tap_socket_list* acceptlist; 102 }; 103 104 /** tap callback variables */ 105 struct tap_data { 106 /** the fd */ 107 int fd; 108 /** the ub event */ 109 struct ub_event* ev; 110 /** the SSL for TLS streams */ 111 SSL* ssl; 112 /** is the ssl handshake done */ 113 int ssl_handshake_done; 114 /** we are briefly waiting to write (in the struct event) */ 115 int ssl_brief_write; 116 /** string that identifies the socket (or NULL), like IP address */ 117 char* id; 118 /** have we read the length, and how many bytes of it */ 119 int len_done; 120 /** have we read the data, and how many bytes of it */ 121 size_t data_done; 122 /** are we reading a control frame */ 123 int control_frame; 124 /** are we bi-directional (if false, uni-directional) */ 125 int is_bidirectional; 126 /** data of the frame */ 127 uint8_t* frame; 128 /** length of this frame */ 129 size_t len; 130 }; 131 132 /** list of sockets */ 133 struct tap_socket_list { 134 /** next in list */ 135 struct tap_socket_list* next; 136 /** the socket */ 137 struct tap_socket* s; 138 }; 139 140 /** tap socket */ 141 struct tap_socket { 142 /** fd of socket */ 143 int fd; 144 /** the event for it */ 145 struct ub_event *ev; 146 /** has the event been added */ 147 int ev_added; 148 /** the callback, for the event, ev_cb(fd, bits, arg) */ 149 void (*ev_cb)(int, short, void*); 150 /** data element, (arg for the tap_socket struct) */ 151 void* data; 152 /** socketpath, if this is an AF_LOCAL socket */ 153 char* socketpath; 154 /** IP, if this is a TCP socket */ 155 char* ip; 156 /** for a TLS socket, the tls context */ 157 SSL_CTX* sslctx; 158 }; 159 160 /** del the tap event */ 161 static void tap_socket_delev(struct tap_socket* s) 162 { 163 if(!s) return; 164 if(!s->ev) return; 165 if(!s->ev_added) return; 166 ub_event_del(s->ev); 167 s->ev_added = 0; 168 } 169 170 /** close the tap socket */ 171 static void tap_socket_close(struct tap_socket* s) 172 { 173 if(!s) return; 174 if(s->fd == -1) return; 175 close(s->fd); 176 s->fd = -1; 177 } 178 179 /** delete tap socket */ 180 static void tap_socket_delete(struct tap_socket* s) 181 { 182 if(!s) return; 183 #ifdef HAVE_SSL 184 SSL_CTX_free(s->sslctx); 185 #endif 186 ub_event_free(s->ev); 187 free(s->socketpath); 188 free(s->ip); 189 free(s); 190 } 191 192 /** create new socket (unconnected, not base-added), or NULL malloc fail */ 193 static struct tap_socket* tap_socket_new_local(char* socketpath, 194 void (*ev_cb)(int, short, void*), void* data) 195 { 196 struct tap_socket* s = calloc(1, sizeof(*s)); 197 if(!s) { 198 log_err("malloc failure"); 199 return NULL; 200 } 201 s->socketpath = strdup(socketpath); 202 if(!s->socketpath) { 203 free(s); 204 log_err("malloc failure"); 205 return NULL; 206 } 207 s->fd = -1; 208 s->ev_cb = ev_cb; 209 s->data = data; 210 return s; 211 } 212 213 /** create new socket (unconnected, not base-added), or NULL malloc fail */ 214 static struct tap_socket* tap_socket_new_tcpaccept(char* ip, 215 void (*ev_cb)(int, short, void*), void* data) 216 { 217 struct tap_socket* s = calloc(1, sizeof(*s)); 218 if(!s) { 219 log_err("malloc failure"); 220 return NULL; 221 } 222 s->ip = strdup(ip); 223 if(!s->ip) { 224 free(s); 225 log_err("malloc failure"); 226 return NULL; 227 } 228 s->fd = -1; 229 s->ev_cb = ev_cb; 230 s->data = data; 231 return s; 232 } 233 234 /** create new socket (unconnected, not base-added), or NULL malloc fail */ 235 static struct tap_socket* tap_socket_new_tlsaccept(char* ip, 236 void (*ev_cb)(int, short, void*), void* data, char* server_key, 237 char* server_cert, char* verifypem) 238 { 239 struct tap_socket* s = calloc(1, sizeof(*s)); 240 if(!s) { 241 log_err("malloc failure"); 242 return NULL; 243 } 244 s->ip = strdup(ip); 245 if(!s->ip) { 246 free(s); 247 log_err("malloc failure"); 248 return NULL; 249 } 250 s->fd = -1; 251 s->ev_cb = ev_cb; 252 s->data = data; 253 s->sslctx = listen_sslctx_create(server_key, server_cert, verifypem); 254 if(!s->sslctx) { 255 log_err("could not create ssl context"); 256 free(s->ip); 257 free(s); 258 return NULL; 259 } 260 return s; 261 } 262 263 /** setup tcp accept socket on IP string */ 264 static int make_tcp_accept(char* ip) 265 { 266 #ifdef SO_REUSEADDR 267 int on = 1; 268 #endif 269 struct sockaddr_storage addr; 270 socklen_t len; 271 int s; 272 273 memset(&addr, 0, sizeof(addr)); 274 len = (socklen_t)sizeof(addr); 275 if(!extstrtoaddr(ip, &addr, &len, UNBOUND_DNS_PORT)) { 276 log_err("could not parse IP '%s'", ip); 277 return -1; 278 } 279 280 if((s = socket(addr.ss_family, SOCK_STREAM, 0)) == -1) { 281 log_err("can't create socket: %s", sock_strerror(errno)); 282 return -1; 283 } 284 #ifdef SO_REUSEADDR 285 if(setsockopt(s, SOL_SOCKET, SO_REUSEADDR, (void*)&on, 286 (socklen_t)sizeof(on)) < 0) { 287 log_err("setsockopt(.. SO_REUSEADDR ..) failed: %s", 288 sock_strerror(errno)); 289 sock_close(s); 290 return -1; 291 } 292 #endif /* SO_REUSEADDR */ 293 if(bind(s, (struct sockaddr*)&addr, len) != 0) { 294 log_err_addr("can't bind socket", sock_strerror(errno), 295 &addr, len); 296 sock_close(s); 297 return -1; 298 } 299 if(!fd_set_nonblock(s)) { 300 sock_close(s); 301 return -1; 302 } 303 if(listen(s, LISTEN_BACKLOG) == -1) { 304 log_err("can't listen: %s", sock_strerror(errno)); 305 sock_close(s); 306 return -1; 307 } 308 return s; 309 } 310 311 /** setup socket on event base */ 312 static int tap_socket_setup(struct tap_socket* s, struct ub_event_base* base) 313 { 314 if(s->socketpath) { 315 /* AF_LOCAL accept socket */ 316 s->fd = create_local_accept_sock(s->socketpath, NULL, 0); 317 if(s->fd == -1) { 318 log_err("could not create local socket"); 319 return 0; 320 } 321 } else if(s->ip || s->sslctx) { 322 /* TCP accept socket */ 323 s->fd = make_tcp_accept(s->ip); 324 if(s->fd == -1) { 325 log_err("could not create tcp socket"); 326 return 0; 327 } 328 } 329 s->ev = ub_event_new(base, s->fd, UB_EV_READ | UB_EV_PERSIST, 330 s->ev_cb, s); 331 if(!s->ev) { 332 log_err("could not ub_event_new"); 333 return 0; 334 } 335 if(ub_event_add(s->ev, NULL) != 0) { 336 log_err("could not ub_event_add"); 337 return 0; 338 } 339 s->ev_added = 1; 340 return 1; 341 } 342 343 /** add tap socket to list */ 344 static int tap_socket_list_insert(struct tap_socket_list** liststart, 345 struct tap_socket* s) 346 { 347 struct tap_socket_list* entry = (struct tap_socket_list*) 348 malloc(sizeof(*entry)); 349 if(!entry) 350 return 0; 351 entry->next = *liststart; 352 entry->s = s; 353 *liststart = entry; 354 return 1; 355 } 356 357 /** delete the list */ 358 static void tap_socket_list_delete(struct tap_socket_list* list) 359 { 360 struct tap_socket_list* e = list, *next; 361 while(e) { 362 next = e->next; 363 tap_socket_delev(e->s); 364 tap_socket_close(e->s); 365 tap_socket_delete(e->s); 366 free(e); 367 e = next; 368 } 369 } 370 371 /** setup accept events */ 372 static int tap_socket_list_addevs(struct tap_socket_list* list, 373 struct ub_event_base* base) 374 { 375 struct tap_socket_list* entry; 376 for(entry = list; entry; entry = entry->next) { 377 if(!tap_socket_setup(entry->s, base)) { 378 log_err("could not setup socket"); 379 return 0; 380 } 381 } 382 return 1; 383 } 384 385 #ifdef USE_DNSTAP 386 /** log control frame contents */ 387 static void log_control_frame(uint8_t* pkt, size_t len) 388 { 389 char* desc; 390 if(verbosity == 0) return; 391 desc = fstrm_describe_control(pkt, len); 392 if(!desc) { 393 log_err("out of memory"); 394 return; 395 } 396 log_info("control frame %s", desc); 397 free(desc); 398 } 399 400 /** convert mtype to string */ 401 static const char* mtype_to_str(enum _Dnstap__Message__Type mtype) 402 { 403 switch(mtype) { 404 case DNSTAP__MESSAGE__TYPE__AUTH_QUERY: 405 return "AUTH_QUERY"; 406 case DNSTAP__MESSAGE__TYPE__AUTH_RESPONSE: 407 return "AUTH_RESPONSE"; 408 case DNSTAP__MESSAGE__TYPE__RESOLVER_QUERY: 409 return "RESOLVER_QUERY"; 410 case DNSTAP__MESSAGE__TYPE__RESOLVER_RESPONSE: 411 return "RESOLVER_RESPONSE"; 412 case DNSTAP__MESSAGE__TYPE__CLIENT_QUERY: 413 return "CLIENT_QUERY"; 414 case DNSTAP__MESSAGE__TYPE__CLIENT_RESPONSE: 415 return "CLIENT_RESPONSE"; 416 case DNSTAP__MESSAGE__TYPE__FORWARDER_QUERY: 417 return "FORWARDER_QUERY"; 418 case DNSTAP__MESSAGE__TYPE__FORWARDER_RESPONSE: 419 return "FORWARDER_RESPONSE"; 420 case DNSTAP__MESSAGE__TYPE__STUB_QUERY: 421 return "STUB_QUERY"; 422 case DNSTAP__MESSAGE__TYPE__STUB_RESPONSE: 423 return "STUB_RESPONSE"; 424 default: break; 425 } 426 return "unknown_message_type"; 427 } 428 429 /** convert type address to a string ip4 or ip6, malloced or NULL on fail */ 430 static char* str_of_addr(ProtobufCBinaryData address) 431 { 432 char buf[64]; 433 socklen_t len = sizeof(buf); 434 if(address.len == 4) { 435 if(inet_ntop(AF_INET, address.data, buf, len)!=0) 436 return strdup(buf); 437 } else if(address.len == 16) { 438 if(inet_ntop(AF_INET6, address.data, buf, len)!=0) 439 return strdup(buf); 440 } 441 return NULL; 442 } 443 444 /** convert message buffer (of dns bytes) to the first qname, type, class, 445 * malloced or NULL on fail */ 446 static char* q_of_msg(ProtobufCBinaryData message) 447 { 448 char buf[300]; 449 /* header, name, type, class minimum to get the query tuple */ 450 if(message.len < 12 + 1 + 4 + 4) return NULL; 451 if(sldns_wire2str_rrquestion_buf(message.data+12, message.len-12, 452 buf, sizeof(buf)) != 0) { 453 /* remove trailing newline, tabs to spaces */ 454 /* remove the newline: */ 455 if(buf[0] != 0) buf[strlen(buf)-1]=0; 456 /* remove first tab (before type) */ 457 if(strrchr(buf, '\t')) *strrchr(buf, '\t')=' '; 458 /* remove second tab (before class) */ 459 if(strrchr(buf, '\t')) *strrchr(buf, '\t')=' '; 460 return strdup(buf); 461 } 462 return NULL; 463 } 464 465 /** convert possible string or hex data to string. malloced or NULL */ 466 static char* possible_str(ProtobufCBinaryData str) 467 { 468 int is_str = 1; 469 size_t i; 470 for(i=0; i<str.len; i++) { 471 if(!isprint((unsigned char)str.data[i])) 472 is_str = 0; 473 } 474 if(is_str) { 475 char* res = malloc(str.len+1); 476 if(res) { 477 memmove(res, str.data, str.len); 478 res[str.len] = 0; 479 return res; 480 } 481 } else { 482 const char* hex = "0123456789ABCDEF"; 483 char* res = malloc(str.len*2+1); 484 if(res) { 485 for(i=0; i<str.len; i++) { 486 res[i*2] = hex[(str.data[i]&0xf0)>>4]; 487 res[i*2+1] = hex[str.data[i]&0x0f]; 488 } 489 res[str.len*2] = 0; 490 return res; 491 } 492 } 493 return NULL; 494 } 495 496 /** convert timeval to string, malloced or NULL */ 497 static char* tv_to_str(protobuf_c_boolean has_time_sec, uint64_t time_sec, 498 protobuf_c_boolean has_time_nsec, uint32_t time_nsec) 499 { 500 char buf[64], buf2[256]; 501 struct timeval tv; 502 time_t time_t_sec; 503 memset(&tv, 0, sizeof(tv)); 504 if(has_time_sec) tv.tv_sec = time_sec; 505 if(has_time_nsec) tv.tv_usec = time_nsec; 506 507 buf[0]=0; 508 time_t_sec = tv.tv_sec; 509 (void)ctime_r(&time_t_sec, buf); 510 snprintf(buf2, sizeof(buf2), "%u.%9.9u %s", 511 (unsigned)time_sec, (unsigned)time_nsec, buf); 512 return strdup(buf2); 513 } 514 515 /** log data frame contents */ 516 static void log_data_frame(uint8_t* pkt, size_t len) 517 { 518 Dnstap__Dnstap* d = dnstap__dnstap__unpack(NULL, len, pkt); 519 const char* mtype = NULL; 520 char* maddr=NULL, *qinf=NULL; 521 if(!d) { 522 log_err("could not unpack"); 523 return; 524 } 525 if(d->base.descriptor != &dnstap__dnstap__descriptor) { 526 log_err("wrong base descriptor"); 527 dnstap__dnstap__free_unpacked(d, NULL); 528 return; 529 } 530 if(d->type != DNSTAP__DNSTAP__TYPE__MESSAGE) { 531 log_err("dnstap type not type_message"); 532 dnstap__dnstap__free_unpacked(d, NULL); 533 return; 534 } 535 if(d->message) { 536 mtype = mtype_to_str(d->message->type); 537 if(d->message->has_query_address) 538 maddr = str_of_addr(d->message->query_address); 539 else if(d->message->has_response_address) 540 maddr = str_of_addr(d->message->response_address); 541 if(d->message->has_query_message) 542 qinf = q_of_msg(d->message->query_message); 543 else if(d->message->has_response_message) 544 qinf = q_of_msg(d->message->response_message); 545 546 } else { 547 mtype = "nomessage"; 548 } 549 550 printf("%s%s%s%s%s\n", mtype, (maddr?" ":""), (maddr?maddr:""), 551 (qinf?" ":""), (qinf?qinf:"")); 552 free(maddr); 553 free(qinf); 554 555 if(longformat) { 556 char* id=NULL, *vs=NULL; 557 if(d->has_identity) { 558 id=possible_str(d->identity); 559 } 560 if(d->has_version) { 561 vs=possible_str(d->version); 562 } 563 if(id || vs) 564 printf("identity: %s%s%s\n", (id?id:""), 565 (id&&vs?" ":""), (vs?vs:"")); 566 free(id); 567 free(vs); 568 569 if(d->message && d->message->has_query_message && 570 d->message->query_message.data) { 571 char* qmsg = sldns_wire2str_pkt( 572 d->message->query_message.data, 573 d->message->query_message.len); 574 if(qmsg) { 575 printf("query_message:\n%s", qmsg); 576 free(qmsg); 577 } 578 } 579 if(d->message && d->message->has_query_time_sec) { 580 char* qtv = tv_to_str(d->message->has_query_time_sec, 581 d->message->query_time_sec, 582 d->message->has_query_time_nsec, 583 d->message->query_time_nsec); 584 if(qtv) { 585 printf("query_time: %s\n", qtv); 586 free(qtv); 587 } 588 } 589 if(d->message && d->message->has_response_message && 590 d->message->response_message.data) { 591 char* rmsg = sldns_wire2str_pkt( 592 d->message->response_message.data, 593 d->message->response_message.len); 594 if(rmsg) { 595 printf("response_message:\n%s", rmsg); 596 free(rmsg); 597 } 598 } 599 if(d->message && d->message->has_response_time_sec) { 600 char* rtv = tv_to_str(d->message->has_response_time_sec, 601 d->message->response_time_sec, 602 d->message->has_response_time_nsec, 603 d->message->response_time_nsec); 604 if(rtv) { 605 printf("response_time: %s\n", rtv); 606 free(rtv); 607 } 608 } 609 } 610 fflush(stdout); 611 dnstap__dnstap__free_unpacked(d, NULL); 612 } 613 #endif /* USE_DNSTAP */ 614 615 /** receive bytes from fd, prints errors if bad, 616 * returns 0: closed/error, -1: continue, >0 number of bytes */ 617 static ssize_t receive_bytes(struct tap_data* data, int fd, void* buf, 618 size_t len) 619 { 620 ssize_t ret = recv(fd, buf, len, MSG_DONTWAIT); 621 if(ret == 0) { 622 /* closed */ 623 if(verbosity) log_info("dnstap client stream closed from %s", 624 (data->id?data->id:"")); 625 return 0; 626 } else if(ret == -1) { 627 /* error */ 628 #ifndef USE_WINSOCK 629 if(errno == EINTR || errno == EAGAIN) 630 return -1; 631 #else /* USE_WINSOCK */ 632 if(WSAGetLastError() == WSAEINPROGRESS) 633 return -1; 634 if(WSAGetLastError() == WSAEWOULDBLOCK) { 635 ub_winsock_tcp_wouldblock(data->ev, UB_EV_READ); 636 return -1; 637 } 638 #endif 639 log_err("could not recv: %s", sock_strerror(errno)); 640 if(verbosity) log_info("dnstap client stream closed from %s", 641 (data->id?data->id:"")); 642 return 0; 643 } 644 return ret; 645 } 646 647 /* define routine for have_ssl only to avoid unused function warning */ 648 #ifdef HAVE_SSL 649 /** set to wait briefly for a write event, for one event call */ 650 static void tap_enable_brief_write(struct tap_data* data) 651 { 652 ub_event_del(data->ev); 653 ub_event_del_bits(data->ev, UB_EV_READ); 654 ub_event_add_bits(data->ev, UB_EV_WRITE); 655 if(ub_event_add(data->ev, NULL) != 0) 656 log_err("could not ub_event_add in tap_enable_brief_write"); 657 data->ssl_brief_write = 1; 658 } 659 #endif /* HAVE_SSL */ 660 661 /* define routine for have_ssl only to avoid unused function warning */ 662 #ifdef HAVE_SSL 663 /** stop the brief wait for a write event. back to reading. */ 664 static void tap_disable_brief_write(struct tap_data* data) 665 { 666 ub_event_del(data->ev); 667 ub_event_del_bits(data->ev, UB_EV_WRITE); 668 ub_event_add_bits(data->ev, UB_EV_READ); 669 if(ub_event_add(data->ev, NULL) != 0) 670 log_err("could not ub_event_add in tap_disable_brief_write"); 671 data->ssl_brief_write = 0; 672 } 673 #endif /* HAVE_SSL */ 674 675 #ifdef HAVE_SSL 676 /** receive bytes over ssl stream, prints errors if bad, 677 * returns 0: closed/error, -1: continue, >0 number of bytes */ 678 static ssize_t ssl_read_bytes(struct tap_data* data, void* buf, size_t len) 679 { 680 int r; 681 ERR_clear_error(); 682 r = SSL_read(data->ssl, buf, len); 683 if(r <= 0) { 684 int want = SSL_get_error(data->ssl, r); 685 if(want == SSL_ERROR_ZERO_RETURN) { 686 /* closed */ 687 if(verbosity) log_info("dnstap client stream closed from %s", 688 (data->id?data->id:"")); 689 return 0; 690 } else if(want == SSL_ERROR_WANT_READ) { 691 /* continue later */ 692 return -1; 693 } else if(want == SSL_ERROR_WANT_WRITE) { 694 /* set to briefly write */ 695 tap_enable_brief_write(data); 696 return -1; 697 } else if(want == SSL_ERROR_SYSCALL) { 698 #ifdef ECONNRESET 699 if(errno == ECONNRESET && verbosity < 2) 700 return 0; /* silence reset by peer */ 701 #endif 702 if(errno != 0) 703 log_err("SSL_read syscall: %s", 704 strerror(errno)); 705 if(verbosity) log_info("dnstap client stream closed from %s", 706 (data->id?data->id:"")); 707 return 0; 708 } 709 log_crypto_err("could not SSL_read"); 710 if(verbosity) log_info("dnstap client stream closed from %s", 711 (data->id?data->id:"")); 712 return 0; 713 } 714 return r; 715 } 716 #endif /* HAVE_SSL */ 717 718 /** receive bytes on the tap connection, prints errors if bad, 719 * returns 0: closed/error, -1: continue, >0 number of bytes */ 720 static ssize_t tap_receive(struct tap_data* data, void* buf, size_t len) 721 { 722 #ifdef HAVE_SSL 723 if(data->ssl) 724 return ssl_read_bytes(data, buf, len); 725 #endif 726 return receive_bytes(data, data->fd, buf, len); 727 } 728 729 /** delete the tap structure */ 730 static void tap_data_free(struct tap_data* data) 731 { 732 ub_event_del(data->ev); 733 ub_event_free(data->ev); 734 #ifdef HAVE_SSL 735 SSL_free(data->ssl); 736 #endif 737 close(data->fd); 738 free(data->id); 739 free(data->frame); 740 free(data); 741 } 742 743 /** reply with ACCEPT control frame to bidirectional client, 744 * returns 0 on error */ 745 static int reply_with_accept(struct tap_data* data) 746 { 747 #ifdef USE_DNSTAP 748 /* len includes the escape and framelength */ 749 int r; 750 size_t len = 0; 751 void* acceptframe = fstrm_create_control_frame_accept( 752 DNSTAP_CONTENT_TYPE, &len); 753 if(!acceptframe) { 754 log_err("out of memory"); 755 return 0; 756 } 757 758 fd_set_block(data->fd); 759 if(data->ssl) { 760 if((r=SSL_write(data->ssl, acceptframe, len)) <= 0) { 761 if(SSL_get_error(data->ssl, r) == SSL_ERROR_ZERO_RETURN) 762 log_err("SSL_write, peer closed connection"); 763 else 764 log_err("could not SSL_write"); 765 fd_set_nonblock(data->fd); 766 free(acceptframe); 767 return 0; 768 } 769 } else { 770 if(send(data->fd, acceptframe, len, 0) == -1) { 771 log_err("send failed: %s", sock_strerror(errno)); 772 fd_set_nonblock(data->fd); 773 free(acceptframe); 774 return 0; 775 } 776 } 777 if(verbosity) log_info("sent control frame(accept) content-type:(%s)", 778 DNSTAP_CONTENT_TYPE); 779 780 fd_set_nonblock(data->fd); 781 free(acceptframe); 782 return 1; 783 #else 784 log_err("no dnstap compiled, no reply"); 785 (void)data; 786 return 0; 787 #endif 788 } 789 790 /** reply with FINISH control frame to bidirectional client, 791 * returns 0 on error */ 792 static int reply_with_finish(int fd) 793 { 794 #ifdef USE_DNSTAP 795 size_t len = 0; 796 void* finishframe = fstrm_create_control_frame_finish(&len); 797 if(!finishframe) { 798 log_err("out of memory"); 799 return 0; 800 } 801 802 fd_set_block(fd); 803 if(send(fd, finishframe, len, 0) == -1) { 804 log_err("send failed: %s", sock_strerror(errno)); 805 fd_set_nonblock(fd); 806 free(finishframe); 807 return 0; 808 } 809 if(verbosity) log_info("sent control frame(finish)"); 810 811 fd_set_nonblock(fd); 812 free(finishframe); 813 return 1; 814 #else 815 log_err("no dnstap compiled, no reply"); 816 (void)fd; 817 return 0; 818 #endif 819 } 820 821 #ifdef HAVE_SSL 822 /** check SSL peer certificate, return 0 on fail */ 823 static int tap_check_peer(struct tap_data* data) 824 { 825 if((SSL_get_verify_mode(data->ssl)&SSL_VERIFY_PEER)) { 826 /* verification */ 827 if(SSL_get_verify_result(data->ssl) == X509_V_OK) { 828 X509* x = SSL_get_peer_certificate(data->ssl); 829 if(!x) { 830 if(verbosity) log_info("SSL connection %s" 831 " failed no certificate", data->id); 832 return 0; 833 } 834 if(verbosity) 835 log_cert(VERB_ALGO, "peer certificate", x); 836 #ifdef HAVE_SSL_GET0_PEERNAME 837 if(SSL_get0_peername(data->ssl)) { 838 if(verbosity) log_info("SSL connection %s " 839 "to %s authenticated", data->id, 840 SSL_get0_peername(data->ssl)); 841 } else { 842 #endif 843 if(verbosity) log_info("SSL connection %s " 844 "authenticated", data->id); 845 #ifdef HAVE_SSL_GET0_PEERNAME 846 } 847 #endif 848 X509_free(x); 849 } else { 850 X509* x = SSL_get_peer_certificate(data->ssl); 851 if(x) { 852 if(verbosity) 853 log_cert(VERB_ALGO, "peer certificate", x); 854 X509_free(x); 855 } 856 if(verbosity) log_info("SSL connection %s failed: " 857 "failed to authenticate", data->id); 858 return 0; 859 } 860 } else { 861 /* unauthenticated, the verify peer flag was not set 862 * in ssl when the ssl object was created from ssl_ctx */ 863 if(verbosity) log_info("SSL connection %s", data->id); 864 } 865 return 1; 866 } 867 #endif /* HAVE_SSL */ 868 869 #ifdef HAVE_SSL 870 /** perform SSL handshake, return 0 to wait for events, 1 if done */ 871 static int tap_handshake(struct tap_data* data) 872 { 873 int r; 874 if(data->ssl_brief_write) { 875 /* write condition has been satisfied, back to reading */ 876 tap_disable_brief_write(data); 877 } 878 if(data->ssl_handshake_done) 879 return 1; 880 881 ERR_clear_error(); 882 r = SSL_do_handshake(data->ssl); 883 if(r != 1) { 884 int want = SSL_get_error(data->ssl, r); 885 if(want == SSL_ERROR_WANT_READ) { 886 return 0; 887 } else if(want == SSL_ERROR_WANT_WRITE) { 888 tap_enable_brief_write(data); 889 return 0; 890 } else if(r == 0) { 891 /* closed */ 892 tap_data_free(data); 893 return 0; 894 } else if(want == SSL_ERROR_SYSCALL) { 895 /* SYSCALL and errno==0 means closed uncleanly */ 896 int silent = 0; 897 #ifdef EPIPE 898 if(errno == EPIPE && verbosity < 2) 899 silent = 1; /* silence 'broken pipe' */ 900 #endif 901 #ifdef ECONNRESET 902 if(errno == ECONNRESET && verbosity < 2) 903 silent = 1; /* silence reset by peer */ 904 #endif 905 if(errno == 0) 906 silent = 1; 907 if(!silent) 908 log_err("SSL_handshake syscall: %s", 909 strerror(errno)); 910 tap_data_free(data); 911 return 0; 912 } else { 913 unsigned long err = ERR_get_error(); 914 if(!squelch_err_ssl_handshake(err)) { 915 log_crypto_err_code("ssl handshake failed", 916 err); 917 verbose(VERB_OPS, "ssl handshake failed " 918 "from %s", data->id); 919 } 920 tap_data_free(data); 921 return 0; 922 } 923 } 924 /* check peer verification */ 925 data->ssl_handshake_done = 1; 926 if(!tap_check_peer(data)) { 927 /* closed */ 928 tap_data_free(data); 929 return 0; 930 } 931 return 1; 932 } 933 #endif /* HAVE_SSL */ 934 935 /** callback for dnstap listener */ 936 void dtio_tap_callback(int fd, short ATTR_UNUSED(bits), void* arg) 937 { 938 struct tap_data* data = (struct tap_data*)arg; 939 if(verbosity>=3) log_info("tap callback"); 940 #ifdef HAVE_SSL 941 if(data->ssl && (!data->ssl_handshake_done || 942 data->ssl_brief_write)) { 943 if(!tap_handshake(data)) 944 return; 945 } 946 #endif 947 while(data->len_done < 4) { 948 uint32_t l = (uint32_t)data->len; 949 ssize_t ret = tap_receive(data, 950 ((uint8_t*)&l)+data->len_done, 4-data->len_done); 951 if(verbosity>=4) log_info("s recv %d", (int)ret); 952 if(ret == 0) { 953 /* closed or error */ 954 tap_data_free(data); 955 return; 956 } else if(ret == -1) { 957 /* continue later */ 958 return; 959 } 960 data->len_done += ret; 961 data->len = (size_t)l; 962 if(data->len_done < 4) 963 return; /* continue later */ 964 data->len = (size_t)(ntohl(l)); 965 if(verbosity>=3) log_info("length is %d", (int)data->len); 966 if(data->len == 0) { 967 /* it is a control frame */ 968 data->control_frame = 1; 969 /* read controlframelen */ 970 data->len_done = 0; 971 } else { 972 /* allocate frame size */ 973 data->frame = calloc(1, data->len); 974 if(!data->frame) { 975 log_err("out of memory"); 976 tap_data_free(data); 977 return; 978 } 979 } 980 } 981 982 /* we want to read the full length now */ 983 if(data->data_done < data->len) { 984 ssize_t r = tap_receive(data, data->frame + data->data_done, 985 data->len - data->data_done); 986 if(verbosity>=4) log_info("f recv %d", (int)r); 987 if(r == 0) { 988 /* closed or error */ 989 tap_data_free(data); 990 return; 991 } else if(r == -1) { 992 /* continue later */ 993 return; 994 } 995 data->data_done += r; 996 if(data->data_done < data->len) 997 return; /* continue later */ 998 } 999 1000 /* we are done with a frame */ 1001 if(verbosity>=3) log_info("received %sframe len %d", 1002 (data->control_frame?"control ":""), (int)data->len); 1003 #ifdef USE_DNSTAP 1004 if(data->control_frame) 1005 log_control_frame(data->frame, data->len); 1006 else log_data_frame(data->frame, data->len); 1007 #endif 1008 1009 if(data->len >= 4 && sldns_read_uint32(data->frame) == 1010 FSTRM_CONTROL_FRAME_READY) { 1011 data->is_bidirectional = 1; 1012 if(verbosity) log_info("bidirectional stream"); 1013 if(!reply_with_accept(data)) { 1014 tap_data_free(data); 1015 return; 1016 } 1017 } else if(data->len >= 4 && sldns_read_uint32(data->frame) == 1018 FSTRM_CONTROL_FRAME_STOP && data->is_bidirectional) { 1019 if(!reply_with_finish(fd)) { 1020 tap_data_free(data); 1021 return; 1022 } 1023 } 1024 1025 /* prepare for next frame */ 1026 free(data->frame); 1027 data->frame = NULL; 1028 data->control_frame = 0; 1029 data->len = 0; 1030 data->len_done = 0; 1031 data->data_done = 0; 1032 1033 } 1034 1035 /** callback for main listening file descriptor */ 1036 void dtio_mainfdcallback(int fd, short ATTR_UNUSED(bits), void* arg) 1037 { 1038 struct tap_socket* tap_sock = (struct tap_socket*)arg; 1039 struct main_tap_data* maindata = (struct main_tap_data*) 1040 tap_sock->data; 1041 struct tap_data* data; 1042 char* id = NULL; 1043 struct sockaddr_storage addr; 1044 socklen_t addrlen = (socklen_t)sizeof(addr); 1045 int s = accept(fd, (struct sockaddr*)&addr, &addrlen); 1046 if(s == -1) { 1047 #ifndef USE_WINSOCK 1048 /* EINTR is signal interrupt. others are closed connection. */ 1049 if( errno == EINTR || errno == EAGAIN 1050 #ifdef EWOULDBLOCK 1051 || errno == EWOULDBLOCK 1052 #endif 1053 #ifdef ECONNABORTED 1054 || errno == ECONNABORTED 1055 #endif 1056 #ifdef EPROTO 1057 || errno == EPROTO 1058 #endif /* EPROTO */ 1059 ) 1060 return; 1061 #else /* USE_WINSOCK */ 1062 if(WSAGetLastError() == WSAEINPROGRESS || 1063 WSAGetLastError() == WSAECONNRESET) 1064 return; 1065 if(WSAGetLastError() == WSAEWOULDBLOCK) { 1066 ub_winsock_tcp_wouldblock(maindata->ev, UB_EV_READ); 1067 return; 1068 } 1069 #endif 1070 log_err_addr("accept failed", sock_strerror(errno), &addr, 1071 addrlen); 1072 return; 1073 } 1074 fd_set_nonblock(s); 1075 if(verbosity) { 1076 if(addr.ss_family == AF_LOCAL) { 1077 #ifdef HAVE_SYS_UN_H 1078 struct sockaddr_un* usock = calloc(1, sizeof(struct sockaddr_un) + 1); 1079 if(usock) { 1080 socklen_t ulen = sizeof(struct sockaddr_un); 1081 if(getsockname(fd, (struct sockaddr*)usock, &ulen) != -1) { 1082 log_info("accepted new dnstap client from %s", usock->sun_path); 1083 id = strdup(usock->sun_path); 1084 } else { 1085 log_info("accepted new dnstap client"); 1086 } 1087 free(usock); 1088 } else { 1089 log_info("accepted new dnstap client"); 1090 } 1091 #endif /* HAVE_SYS_UN_H */ 1092 } else if(addr.ss_family == AF_INET || 1093 addr.ss_family == AF_INET6) { 1094 char ip[256]; 1095 addr_to_str(&addr, addrlen, ip, sizeof(ip)); 1096 log_info("accepted new dnstap client from %s", ip); 1097 id = strdup(ip); 1098 } else { 1099 log_info("accepted new dnstap client"); 1100 } 1101 } 1102 1103 data = calloc(1, sizeof(*data)); 1104 if(!data) fatal_exit("out of memory"); 1105 data->fd = s; 1106 data->id = id; 1107 if(tap_sock->sslctx) { 1108 data->ssl = incoming_ssl_fd(tap_sock->sslctx, data->fd); 1109 if(!data->ssl) fatal_exit("could not SSL_new"); 1110 } 1111 data->ev = ub_event_new(maindata->base, s, UB_EV_READ | UB_EV_PERSIST, 1112 &dtio_tap_callback, data); 1113 if(!data->ev) fatal_exit("could not ub_event_new"); 1114 if(ub_event_add(data->ev, NULL) != 0) fatal_exit("could not ub_event_add"); 1115 } 1116 1117 /** setup local accept sockets */ 1118 static void setup_local_list(struct main_tap_data* maindata, 1119 struct config_strlist_head* local_list) 1120 { 1121 struct config_strlist* item; 1122 for(item = local_list->first; item; item = item->next) { 1123 struct tap_socket* s; 1124 s = tap_socket_new_local(item->str, &dtio_mainfdcallback, 1125 maindata); 1126 if(!s) fatal_exit("out of memory"); 1127 if(!tap_socket_list_insert(&maindata->acceptlist, s)) 1128 fatal_exit("out of memory"); 1129 } 1130 } 1131 1132 /** setup tcp accept sockets */ 1133 static void setup_tcp_list(struct main_tap_data* maindata, 1134 struct config_strlist_head* tcp_list) 1135 { 1136 struct config_strlist* item; 1137 for(item = tcp_list->first; item; item = item->next) { 1138 struct tap_socket* s; 1139 s = tap_socket_new_tcpaccept(item->str, &dtio_mainfdcallback, 1140 maindata); 1141 if(!s) fatal_exit("out of memory"); 1142 if(!tap_socket_list_insert(&maindata->acceptlist, s)) 1143 fatal_exit("out of memory"); 1144 } 1145 } 1146 1147 /** setup tls accept sockets */ 1148 static void setup_tls_list(struct main_tap_data* maindata, 1149 struct config_strlist_head* tls_list, char* server_key, 1150 char* server_cert, char* verifypem) 1151 { 1152 struct config_strlist* item; 1153 for(item = tls_list->first; item; item = item->next) { 1154 struct tap_socket* s; 1155 s = tap_socket_new_tlsaccept(item->str, &dtio_mainfdcallback, 1156 maindata, server_key, server_cert, verifypem); 1157 if(!s) fatal_exit("out of memory"); 1158 if(!tap_socket_list_insert(&maindata->acceptlist, s)) 1159 fatal_exit("out of memory"); 1160 } 1161 } 1162 1163 /** signal variable */ 1164 static struct ub_event_base* sig_base = NULL; 1165 /** do we have to quit */ 1166 int sig_quit = 0; 1167 /** signal handler for user quit */ 1168 static RETSIGTYPE main_sigh(int sig) 1169 { 1170 if(!sig_quit) { 1171 char str[] = "exit on signal \n"; 1172 str[15] = '0' + (sig/10)%10; 1173 str[16] = '0' + sig%10; 1174 /* simple cast to void will not silence Wunused-result */ 1175 (void)!write(STDERR_FILENO, str, strlen(str)); 1176 } 1177 if(sig_base) { 1178 ub_event_base_loopexit(sig_base); 1179 sig_base = NULL; 1180 } 1181 sig_quit = 1; 1182 } 1183 1184 /** setup and run the server to listen to DNSTAP messages */ 1185 static void 1186 setup_and_run(struct config_strlist_head* local_list, 1187 struct config_strlist_head* tcp_list, 1188 struct config_strlist_head* tls_list, char* server_key, 1189 char* server_cert, char* verifypem) 1190 { 1191 time_t secs = 0; 1192 struct timeval now; 1193 struct main_tap_data* maindata; 1194 struct ub_event_base* base; 1195 const char *evnm="event", *evsys="", *evmethod=""; 1196 1197 maindata = calloc(1, sizeof(*maindata)); 1198 if(!maindata) fatal_exit("out of memory"); 1199 memset(&now, 0, sizeof(now)); 1200 base = ub_default_event_base(1, &secs, &now); 1201 if(!base) fatal_exit("could not create ub_event base"); 1202 maindata->base = base; 1203 sig_base = base; 1204 if(sig_quit) { 1205 ub_event_base_free(base); 1206 free(maindata); 1207 return; 1208 } 1209 ub_get_event_sys(base, &evnm, &evsys, &evmethod); 1210 if(verbosity) log_info("%s %s uses %s method", evnm, evsys, evmethod); 1211 1212 setup_local_list(maindata, local_list); 1213 setup_tcp_list(maindata, tcp_list); 1214 setup_tls_list(maindata, tls_list, server_key, server_cert, 1215 verifypem); 1216 if(!tap_socket_list_addevs(maindata->acceptlist, base)) 1217 fatal_exit("could not setup accept events"); 1218 if(verbosity) log_info("start of service"); 1219 1220 ub_event_base_dispatch(base); 1221 sig_base = NULL; 1222 1223 if(verbosity) log_info("end of service"); 1224 tap_socket_list_delete(maindata->acceptlist); 1225 ub_event_base_free(base); 1226 free(maindata); 1227 } 1228 1229 /** getopt global, in case header files fail to declare it. */ 1230 extern int optind; 1231 /** getopt global, in case header files fail to declare it. */ 1232 extern char* optarg; 1233 1234 /** main program for streamtcp */ 1235 int main(int argc, char** argv) 1236 { 1237 int c; 1238 int usessl = 0; 1239 struct config_strlist_head local_list; 1240 struct config_strlist_head tcp_list; 1241 struct config_strlist_head tls_list; 1242 char* server_key = NULL, *server_cert = NULL, *verifypem = NULL; 1243 #ifdef USE_WINSOCK 1244 WSADATA wsa_data; 1245 if(WSAStartup(MAKEWORD(2,2), &wsa_data) != 0) { 1246 printf("WSAStartup failed\n"); 1247 return 1; 1248 } 1249 #endif 1250 if(signal(SIGINT, main_sigh) == SIG_ERR || 1251 #ifdef SIGQUIT 1252 signal(SIGQUIT, main_sigh) == SIG_ERR || 1253 #endif 1254 #ifdef SIGHUP 1255 signal(SIGHUP, main_sigh) == SIG_ERR || 1256 #endif 1257 #ifdef SIGBREAK 1258 signal(SIGBREAK, main_sigh) == SIG_ERR || 1259 #endif 1260 signal(SIGTERM, main_sigh) == SIG_ERR) 1261 fatal_exit("could not bind to signal"); 1262 memset(&local_list, 0, sizeof(local_list)); 1263 memset(&tcp_list, 0, sizeof(tcp_list)); 1264 memset(&tls_list, 0, sizeof(tls_list)); 1265 1266 /* lock debug start (if any) */ 1267 checklock_start(); 1268 log_ident_set("unbound-dnstap-socket"); 1269 log_init(0, 0, 0); 1270 1271 #ifdef SIGPIPE 1272 if(signal(SIGPIPE, SIG_IGN) == SIG_ERR) { 1273 perror("could not install signal handler for SIGPIPE"); 1274 return 1; 1275 } 1276 #endif 1277 1278 /* command line options */ 1279 while( (c=getopt(argc, argv, "hls:t:u:vx:y:z:")) != -1) { 1280 switch(c) { 1281 case 'u': 1282 if(!cfg_strlist_append(&local_list, 1283 strdup(optarg))) 1284 fatal_exit("out of memory"); 1285 break; 1286 case 's': 1287 if(!cfg_strlist_append(&tcp_list, 1288 strdup(optarg))) 1289 fatal_exit("out of memory"); 1290 break; 1291 case 't': 1292 if(!cfg_strlist_append(&tls_list, 1293 strdup(optarg))) 1294 fatal_exit("out of memory"); 1295 usessl = 1; 1296 break; 1297 case 'x': 1298 server_key = optarg; 1299 usessl = 1; 1300 break; 1301 case 'y': 1302 server_cert = optarg; 1303 usessl = 1; 1304 break; 1305 case 'z': 1306 verifypem = optarg; 1307 usessl = 1; 1308 break; 1309 case 'l': 1310 longformat = 1; 1311 break; 1312 case 'v': 1313 verbosity++; 1314 break; 1315 case 'h': 1316 case '?': 1317 default: 1318 usage(argv); 1319 } 1320 } 1321 argc -= optind; 1322 argv += optind; 1323 1324 if(usessl) { 1325 #ifdef HAVE_SSL 1326 #if OPENSSL_VERSION_NUMBER < 0x10100000 || !defined(HAVE_OPENSSL_INIT_SSL) 1327 ERR_load_SSL_strings(); 1328 #endif 1329 #if OPENSSL_VERSION_NUMBER < 0x10100000 || !defined(HAVE_OPENSSL_INIT_CRYPTO) 1330 # ifndef S_SPLINT_S 1331 OpenSSL_add_all_algorithms(); 1332 # endif 1333 #else 1334 OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS 1335 | OPENSSL_INIT_ADD_ALL_DIGESTS 1336 | OPENSSL_INIT_LOAD_CRYPTO_STRINGS, NULL); 1337 #endif 1338 #if OPENSSL_VERSION_NUMBER < 0x10100000 || !defined(HAVE_OPENSSL_INIT_SSL) 1339 (void)SSL_library_init(); 1340 #else 1341 (void)OPENSSL_init_ssl(OPENSSL_INIT_LOAD_SSL_STRINGS, NULL); 1342 #endif 1343 #endif /* HAVE_SSL */ 1344 } 1345 setup_and_run(&local_list, &tcp_list, &tls_list, server_key, 1346 server_cert, verifypem); 1347 config_delstrlist(local_list.first); 1348 config_delstrlist(tcp_list.first); 1349 config_delstrlist(tls_list.first); 1350 1351 checklock_stop(); 1352 #ifdef USE_WINSOCK 1353 WSACleanup(); 1354 #endif 1355 return 0; 1356 } 1357 1358 /***--- definitions to make fptr_wlist work. ---***/ 1359 /* These are callbacks, similar to smallapp callbacks, except the debug 1360 * tool callbacks are not in it */ 1361 struct tube; 1362 struct query_info; 1363 #include "util/data/packed_rrset.h" 1364 #include "daemon/worker.h" 1365 #include "daemon/remote.h" 1366 #include "util/fptr_wlist.h" 1367 #include "libunbound/context.h" 1368 1369 void worker_handle_control_cmd(struct tube* ATTR_UNUSED(tube), 1370 uint8_t* ATTR_UNUSED(buffer), size_t ATTR_UNUSED(len), 1371 int ATTR_UNUSED(error), void* ATTR_UNUSED(arg)) 1372 { 1373 log_assert(0); 1374 } 1375 1376 int worker_handle_request(struct comm_point* ATTR_UNUSED(c), 1377 void* ATTR_UNUSED(arg), int ATTR_UNUSED(error), 1378 struct comm_reply* ATTR_UNUSED(repinfo)) 1379 { 1380 log_assert(0); 1381 return 0; 1382 } 1383 1384 int worker_handle_service_reply(struct comm_point* ATTR_UNUSED(c), 1385 void* ATTR_UNUSED(arg), int ATTR_UNUSED(error), 1386 struct comm_reply* ATTR_UNUSED(reply_info)) 1387 { 1388 log_assert(0); 1389 return 0; 1390 } 1391 1392 int remote_accept_callback(struct comm_point* ATTR_UNUSED(c), 1393 void* ATTR_UNUSED(arg), int ATTR_UNUSED(error), 1394 struct comm_reply* ATTR_UNUSED(repinfo)) 1395 { 1396 log_assert(0); 1397 return 0; 1398 } 1399 1400 int remote_control_callback(struct comm_point* ATTR_UNUSED(c), 1401 void* ATTR_UNUSED(arg), int ATTR_UNUSED(error), 1402 struct comm_reply* ATTR_UNUSED(repinfo)) 1403 { 1404 log_assert(0); 1405 return 0; 1406 } 1407 1408 void worker_sighandler(int ATTR_UNUSED(sig), void* ATTR_UNUSED(arg)) 1409 { 1410 log_assert(0); 1411 } 1412 1413 struct outbound_entry* worker_send_query( 1414 struct query_info* ATTR_UNUSED(qinfo), uint16_t ATTR_UNUSED(flags), 1415 int ATTR_UNUSED(dnssec), int ATTR_UNUSED(want_dnssec), 1416 int ATTR_UNUSED(nocaps), int ATTR_UNUSED(check_ratelimit), 1417 struct sockaddr_storage* ATTR_UNUSED(addr), 1418 socklen_t ATTR_UNUSED(addrlen), uint8_t* ATTR_UNUSED(zone), 1419 size_t ATTR_UNUSED(zonelen), int ATTR_UNUSED(tcp_upstream), 1420 int ATTR_UNUSED(ssl_upstream), char* ATTR_UNUSED(tls_auth_name), 1421 struct module_qstate* ATTR_UNUSED(q), int* ATTR_UNUSED(was_ratelimited)) 1422 { 1423 log_assert(0); 1424 return 0; 1425 } 1426 1427 #ifdef UB_ON_WINDOWS 1428 void 1429 worker_win_stop_cb(int ATTR_UNUSED(fd), short ATTR_UNUSED(ev), void* 1430 ATTR_UNUSED(arg)) { 1431 log_assert(0); 1432 } 1433 1434 void 1435 wsvc_cron_cb(void* ATTR_UNUSED(arg)) 1436 { 1437 log_assert(0); 1438 } 1439 #endif /* UB_ON_WINDOWS */ 1440 1441 void 1442 worker_alloc_cleanup(void* ATTR_UNUSED(arg)) 1443 { 1444 log_assert(0); 1445 } 1446 1447 struct outbound_entry* libworker_send_query( 1448 struct query_info* ATTR_UNUSED(qinfo), uint16_t ATTR_UNUSED(flags), 1449 int ATTR_UNUSED(dnssec), int ATTR_UNUSED(want_dnssec), 1450 int ATTR_UNUSED(nocaps), int ATTR_UNUSED(check_ratelimit), 1451 struct sockaddr_storage* ATTR_UNUSED(addr), 1452 socklen_t ATTR_UNUSED(addrlen), uint8_t* ATTR_UNUSED(zone), 1453 size_t ATTR_UNUSED(zonelen), int ATTR_UNUSED(tcp_upstream), 1454 int ATTR_UNUSED(ssl_upstream), char* ATTR_UNUSED(tls_auth_name), 1455 struct module_qstate* ATTR_UNUSED(q), int* ATTR_UNUSED(was_ratelimited)) 1456 { 1457 log_assert(0); 1458 return 0; 1459 } 1460 1461 int libworker_handle_service_reply(struct comm_point* ATTR_UNUSED(c), 1462 void* ATTR_UNUSED(arg), int ATTR_UNUSED(error), 1463 struct comm_reply* ATTR_UNUSED(reply_info)) 1464 { 1465 log_assert(0); 1466 return 0; 1467 } 1468 1469 void libworker_handle_control_cmd(struct tube* ATTR_UNUSED(tube), 1470 uint8_t* ATTR_UNUSED(buffer), size_t ATTR_UNUSED(len), 1471 int ATTR_UNUSED(error), void* ATTR_UNUSED(arg)) 1472 { 1473 log_assert(0); 1474 } 1475 1476 void libworker_fg_done_cb(void* ATTR_UNUSED(arg), int ATTR_UNUSED(rcode), 1477 struct sldns_buffer* ATTR_UNUSED(buf), enum sec_status ATTR_UNUSED(s), 1478 char* ATTR_UNUSED(why_bogus), int ATTR_UNUSED(was_ratelimited)) 1479 { 1480 log_assert(0); 1481 } 1482 1483 void libworker_bg_done_cb(void* ATTR_UNUSED(arg), int ATTR_UNUSED(rcode), 1484 struct sldns_buffer* ATTR_UNUSED(buf), enum sec_status ATTR_UNUSED(s), 1485 char* ATTR_UNUSED(why_bogus), int ATTR_UNUSED(was_ratelimited)) 1486 { 1487 log_assert(0); 1488 } 1489 1490 void libworker_event_done_cb(void* ATTR_UNUSED(arg), int ATTR_UNUSED(rcode), 1491 struct sldns_buffer* ATTR_UNUSED(buf), enum sec_status ATTR_UNUSED(s), 1492 char* ATTR_UNUSED(why_bogus), int ATTR_UNUSED(was_ratelimited)) 1493 { 1494 log_assert(0); 1495 } 1496 1497 int context_query_cmp(const void* ATTR_UNUSED(a), const void* ATTR_UNUSED(b)) 1498 { 1499 log_assert(0); 1500 return 0; 1501 } 1502 1503 void worker_stat_timer_cb(void* ATTR_UNUSED(arg)) 1504 { 1505 log_assert(0); 1506 } 1507 1508 void worker_probe_timer_cb(void* ATTR_UNUSED(arg)) 1509 { 1510 log_assert(0); 1511 } 1512 1513 void worker_start_accept(void* ATTR_UNUSED(arg)) 1514 { 1515 log_assert(0); 1516 } 1517 1518 void worker_stop_accept(void* ATTR_UNUSED(arg)) 1519 { 1520 log_assert(0); 1521 } 1522 1523 /** keep track of lock id in lock-verify application */ 1524 struct order_id { 1525 /** the thread id that created it */ 1526 int thr; 1527 /** the instance number of creation */ 1528 int instance; 1529 }; 1530 1531 int order_lock_cmp(const void* e1, const void* e2) 1532 { 1533 const struct order_id* o1 = e1; 1534 const struct order_id* o2 = e2; 1535 if(o1->thr < o2->thr) return -1; 1536 if(o1->thr > o2->thr) return 1; 1537 if(o1->instance < o2->instance) return -1; 1538 if(o1->instance > o2->instance) return 1; 1539 return 0; 1540 } 1541 1542 int 1543 codeline_cmp(const void* a, const void* b) 1544 { 1545 return strcmp(a, b); 1546 } 1547 1548 int replay_var_compare(const void* ATTR_UNUSED(a), const void* ATTR_UNUSED(b)) 1549 { 1550 log_assert(0); 1551 return 0; 1552 } 1553 1554 void remote_get_opt_ssl(char* ATTR_UNUSED(str), void* ATTR_UNUSED(arg)) 1555 { 1556 log_assert(0); 1557 } 1558