1 /* 2 * util/netevent.c - event notification 3 * 4 * Copyright (c) 2007, NLnet Labs. All rights reserved. 5 * 6 * This software is open source. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 12 * Redistributions of source code must retain the above copyright notice, 13 * this list of conditions and the following disclaimer. 14 * 15 * Redistributions in binary form must reproduce the above copyright notice, 16 * this list of conditions and the following disclaimer in the documentation 17 * and/or other materials provided with the distribution. 18 * 19 * Neither the name of the NLNET LABS nor the names of its contributors may 20 * be used to endorse or promote products derived from this software without 21 * specific prior written permission. 22 * 23 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 24 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 25 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 26 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 27 * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 28 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED 29 * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR 30 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF 31 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING 32 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS 33 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 34 */ 35 36 /** 37 * \file 38 * 39 * This file contains event notification functions. 40 */ 41 #include "config.h" 42 #include "util/netevent.h" 43 #include "util/ub_event.h" 44 #include "util/log.h" 45 #include "util/net_help.h" 46 #include "util/tcp_conn_limit.h" 47 #include "util/fptr_wlist.h" 48 #include "sldns/pkthdr.h" 49 #include "sldns/sbuffer.h" 50 #include "sldns/str2wire.h" 51 #include "dnstap/dnstap.h" 52 #include "dnscrypt/dnscrypt.h" 53 #include "services/listen_dnsport.h" 54 #ifdef HAVE_OPENSSL_SSL_H 55 #include <openssl/ssl.h> 56 #endif 57 #ifdef HAVE_OPENSSL_ERR_H 58 #include <openssl/err.h> 59 #endif 60 61 /* -------- Start of local definitions -------- */ 62 /** if CMSG_ALIGN is not defined on this platform, a workaround */ 63 #ifndef CMSG_ALIGN 64 # ifdef __CMSG_ALIGN 65 # define CMSG_ALIGN(n) __CMSG_ALIGN(n) 66 # elif defined(CMSG_DATA_ALIGN) 67 # define CMSG_ALIGN _CMSG_DATA_ALIGN 68 # else 69 # define CMSG_ALIGN(len) (((len)+sizeof(long)-1) & ~(sizeof(long)-1)) 70 # endif 71 #endif 72 73 /** if CMSG_LEN is not defined on this platform, a workaround */ 74 #ifndef CMSG_LEN 75 # define CMSG_LEN(len) (CMSG_ALIGN(sizeof(struct cmsghdr))+(len)) 76 #endif 77 78 /** if CMSG_SPACE is not defined on this platform, a workaround */ 79 #ifndef CMSG_SPACE 80 # ifdef _CMSG_HDR_ALIGN 81 # define CMSG_SPACE(l) (CMSG_ALIGN(l)+_CMSG_HDR_ALIGN(sizeof(struct cmsghdr))) 82 # else 83 # define CMSG_SPACE(l) (CMSG_ALIGN(l)+CMSG_ALIGN(sizeof(struct cmsghdr))) 84 # endif 85 #endif 86 87 /** The TCP writing query timeout in milliseconds */ 88 #define TCP_QUERY_TIMEOUT 120000 89 /** The minimum actual TCP timeout to use, regardless of what we advertise, 90 * in msec */ 91 #define TCP_QUERY_TIMEOUT_MINIMUM 200 92 93 #ifndef NONBLOCKING_IS_BROKEN 94 /** number of UDP reads to perform per read indication from select */ 95 #define NUM_UDP_PER_SELECT 100 96 #else 97 #define NUM_UDP_PER_SELECT 1 98 #endif 99 100 /** 101 * The internal event structure for keeping ub_event info for the event. 102 * Possibly other structures (list, tree) this is part of. 103 */ 104 struct internal_event { 105 /** the comm base */ 106 struct comm_base* base; 107 /** ub_event event type */ 108 struct ub_event* ev; 109 }; 110 111 /** 112 * Internal base structure, so that every thread has its own events. 113 */ 114 struct internal_base { 115 /** ub_event event_base type. */ 116 struct ub_event_base* base; 117 /** seconds time pointer points here */ 118 time_t secs; 119 /** timeval with current time */ 120 struct timeval now; 121 /** the event used for slow_accept timeouts */ 122 struct ub_event* slow_accept; 123 /** true if slow_accept is enabled */ 124 int slow_accept_enabled; 125 }; 126 127 /** 128 * Internal timer structure, to store timer event in. 129 */ 130 struct internal_timer { 131 /** the super struct from which derived */ 132 struct comm_timer super; 133 /** the comm base */ 134 struct comm_base* base; 135 /** ub_event event type */ 136 struct ub_event* ev; 137 /** is timer enabled */ 138 uint8_t enabled; 139 }; 140 141 /** 142 * Internal signal structure, to store signal event in. 143 */ 144 struct internal_signal { 145 /** ub_event event type */ 146 struct ub_event* ev; 147 /** next in signal list */ 148 struct internal_signal* next; 149 }; 150 151 /** create a tcp handler with a parent */ 152 static struct comm_point* comm_point_create_tcp_handler( 153 struct comm_base *base, struct comm_point* parent, size_t bufsize, 154 struct sldns_buffer* spoolbuf, comm_point_callback_type* callback, 155 void* callback_arg); 156 157 /* -------- End of local definitions -------- */ 158 159 struct comm_base* 160 comm_base_create(int sigs) 161 { 162 struct comm_base* b = (struct comm_base*)calloc(1, 163 sizeof(struct comm_base)); 164 const char *evnm="event", *evsys="", *evmethod=""; 165 166 if(!b) 167 return NULL; 168 b->eb = (struct internal_base*)calloc(1, sizeof(struct internal_base)); 169 if(!b->eb) { 170 free(b); 171 return NULL; 172 } 173 b->eb->base = ub_default_event_base(sigs, &b->eb->secs, &b->eb->now); 174 if(!b->eb->base) { 175 free(b->eb); 176 free(b); 177 return NULL; 178 } 179 ub_comm_base_now(b); 180 ub_get_event_sys(b->eb->base, &evnm, &evsys, &evmethod); 181 verbose(VERB_ALGO, "%s %s uses %s method.", evnm, evsys, evmethod); 182 return b; 183 } 184 185 struct comm_base* 186 comm_base_create_event(struct ub_event_base* base) 187 { 188 struct comm_base* b = (struct comm_base*)calloc(1, 189 sizeof(struct comm_base)); 190 if(!b) 191 return NULL; 192 b->eb = (struct internal_base*)calloc(1, sizeof(struct internal_base)); 193 if(!b->eb) { 194 free(b); 195 return NULL; 196 } 197 b->eb->base = base; 198 ub_comm_base_now(b); 199 return b; 200 } 201 202 void 203 comm_base_delete(struct comm_base* b) 204 { 205 if(!b) 206 return; 207 if(b->eb->slow_accept_enabled) { 208 if(ub_event_del(b->eb->slow_accept) != 0) { 209 log_err("could not event_del slow_accept"); 210 } 211 ub_event_free(b->eb->slow_accept); 212 } 213 ub_event_base_free(b->eb->base); 214 b->eb->base = NULL; 215 free(b->eb); 216 free(b); 217 } 218 219 void 220 comm_base_delete_no_base(struct comm_base* b) 221 { 222 if(!b) 223 return; 224 if(b->eb->slow_accept_enabled) { 225 if(ub_event_del(b->eb->slow_accept) != 0) { 226 log_err("could not event_del slow_accept"); 227 } 228 ub_event_free(b->eb->slow_accept); 229 } 230 b->eb->base = NULL; 231 free(b->eb); 232 free(b); 233 } 234 235 void 236 comm_base_timept(struct comm_base* b, time_t** tt, struct timeval** tv) 237 { 238 *tt = &b->eb->secs; 239 *tv = &b->eb->now; 240 } 241 242 void 243 comm_base_dispatch(struct comm_base* b) 244 { 245 int retval; 246 retval = ub_event_base_dispatch(b->eb->base); 247 if(retval < 0) { 248 fatal_exit("event_dispatch returned error %d, " 249 "errno is %s", retval, strerror(errno)); 250 } 251 } 252 253 void comm_base_exit(struct comm_base* b) 254 { 255 if(ub_event_base_loopexit(b->eb->base) != 0) { 256 log_err("Could not loopexit"); 257 } 258 } 259 260 void comm_base_set_slow_accept_handlers(struct comm_base* b, 261 void (*stop_acc)(void*), void (*start_acc)(void*), void* arg) 262 { 263 b->stop_accept = stop_acc; 264 b->start_accept = start_acc; 265 b->cb_arg = arg; 266 } 267 268 struct ub_event_base* comm_base_internal(struct comm_base* b) 269 { 270 return b->eb->base; 271 } 272 273 /** see if errno for udp has to be logged or not uses globals */ 274 static int 275 udp_send_errno_needs_log(struct sockaddr* addr, socklen_t addrlen) 276 { 277 /* do not log transient errors (unless high verbosity) */ 278 #if defined(ENETUNREACH) || defined(EHOSTDOWN) || defined(EHOSTUNREACH) || defined(ENETDOWN) 279 switch(errno) { 280 # ifdef ENETUNREACH 281 case ENETUNREACH: 282 # endif 283 # ifdef EHOSTDOWN 284 case EHOSTDOWN: 285 # endif 286 # ifdef EHOSTUNREACH 287 case EHOSTUNREACH: 288 # endif 289 # ifdef ENETDOWN 290 case ENETDOWN: 291 # endif 292 if(verbosity < VERB_ALGO) 293 return 0; 294 default: 295 break; 296 } 297 #endif 298 /* permission denied is gotten for every send if the 299 * network is disconnected (on some OS), squelch it */ 300 if( ((errno == EPERM) 301 # ifdef EADDRNOTAVAIL 302 /* 'Cannot assign requested address' also when disconnected */ 303 || (errno == EADDRNOTAVAIL) 304 # endif 305 ) && verbosity < VERB_DETAIL) 306 return 0; 307 # ifdef EADDRINUSE 308 /* If SO_REUSEADDR is set, we could try to connect to the same server 309 * from the same source port twice. */ 310 if(errno == EADDRINUSE && verbosity < VERB_DETAIL) 311 return 0; 312 # endif 313 /* squelch errors where people deploy AAAA ::ffff:bla for 314 * authority servers, which we try for intranets. */ 315 if(errno == EINVAL && addr_is_ip4mapped( 316 (struct sockaddr_storage*)addr, addrlen) && 317 verbosity < VERB_DETAIL) 318 return 0; 319 /* SO_BROADCAST sockopt can give access to 255.255.255.255, 320 * but a dns cache does not need it. */ 321 if(errno == EACCES && addr_is_broadcast( 322 (struct sockaddr_storage*)addr, addrlen) && 323 verbosity < VERB_DETAIL) 324 return 0; 325 return 1; 326 } 327 328 int tcp_connect_errno_needs_log(struct sockaddr* addr, socklen_t addrlen) 329 { 330 return udp_send_errno_needs_log(addr, addrlen); 331 } 332 333 /* send a UDP reply */ 334 int 335 comm_point_send_udp_msg(struct comm_point *c, sldns_buffer* packet, 336 struct sockaddr* addr, socklen_t addrlen, int is_connected) 337 { 338 ssize_t sent; 339 log_assert(c->fd != -1); 340 #ifdef UNBOUND_DEBUG 341 if(sldns_buffer_remaining(packet) == 0) 342 log_err("error: send empty UDP packet"); 343 #endif 344 log_assert(addr && addrlen > 0); 345 if(!is_connected) { 346 sent = sendto(c->fd, (void*)sldns_buffer_begin(packet), 347 sldns_buffer_remaining(packet), 0, 348 addr, addrlen); 349 } else { 350 sent = send(c->fd, (void*)sldns_buffer_begin(packet), 351 sldns_buffer_remaining(packet), 0); 352 } 353 if(sent == -1) { 354 /* try again and block, waiting for IO to complete, 355 * we want to send the answer, and we will wait for 356 * the ethernet interface buffer to have space. */ 357 #ifndef USE_WINSOCK 358 if(errno == EAGAIN || 359 # ifdef EWOULDBLOCK 360 errno == EWOULDBLOCK || 361 # endif 362 errno == ENOBUFS) { 363 #else 364 if(WSAGetLastError() == WSAEINPROGRESS || 365 WSAGetLastError() == WSAENOBUFS || 366 WSAGetLastError() == WSAEWOULDBLOCK) { 367 #endif 368 int e; 369 fd_set_block(c->fd); 370 if (!is_connected) { 371 sent = sendto(c->fd, (void*)sldns_buffer_begin(packet), 372 sldns_buffer_remaining(packet), 0, 373 addr, addrlen); 374 } else { 375 sent = send(c->fd, (void*)sldns_buffer_begin(packet), 376 sldns_buffer_remaining(packet), 0); 377 } 378 e = errno; 379 fd_set_nonblock(c->fd); 380 errno = e; 381 } 382 } 383 if(sent == -1) { 384 if(!udp_send_errno_needs_log(addr, addrlen)) 385 return 0; 386 if (!is_connected) { 387 verbose(VERB_OPS, "sendto failed: %s", sock_strerror(errno)); 388 } else { 389 verbose(VERB_OPS, "send failed: %s", sock_strerror(errno)); 390 } 391 if(addr) 392 log_addr(VERB_OPS, "remote address is", 393 (struct sockaddr_storage*)addr, addrlen); 394 return 0; 395 } else if((size_t)sent != sldns_buffer_remaining(packet)) { 396 log_err("sent %d in place of %d bytes", 397 (int)sent, (int)sldns_buffer_remaining(packet)); 398 return 0; 399 } 400 return 1; 401 } 402 403 #if defined(AF_INET6) && defined(IPV6_PKTINFO) && (defined(HAVE_RECVMSG) || defined(HAVE_SENDMSG)) 404 /** print debug ancillary info */ 405 static void p_ancil(const char* str, struct comm_reply* r) 406 { 407 if(r->srctype != 4 && r->srctype != 6) { 408 log_info("%s: unknown srctype %d", str, r->srctype); 409 return; 410 } 411 if(r->srctype == 6) { 412 char buf[1024]; 413 if(inet_ntop(AF_INET6, &r->pktinfo.v6info.ipi6_addr, 414 buf, (socklen_t)sizeof(buf)) == 0) { 415 (void)strlcpy(buf, "(inet_ntop error)", sizeof(buf)); 416 } 417 buf[sizeof(buf)-1]=0; 418 log_info("%s: %s %d", str, buf, r->pktinfo.v6info.ipi6_ifindex); 419 } else if(r->srctype == 4) { 420 #ifdef IP_PKTINFO 421 char buf1[1024], buf2[1024]; 422 if(inet_ntop(AF_INET, &r->pktinfo.v4info.ipi_addr, 423 buf1, (socklen_t)sizeof(buf1)) == 0) { 424 (void)strlcpy(buf1, "(inet_ntop error)", sizeof(buf1)); 425 } 426 buf1[sizeof(buf1)-1]=0; 427 #ifdef HAVE_STRUCT_IN_PKTINFO_IPI_SPEC_DST 428 if(inet_ntop(AF_INET, &r->pktinfo.v4info.ipi_spec_dst, 429 buf2, (socklen_t)sizeof(buf2)) == 0) { 430 (void)strlcpy(buf2, "(inet_ntop error)", sizeof(buf2)); 431 } 432 buf2[sizeof(buf2)-1]=0; 433 #else 434 buf2[0]=0; 435 #endif 436 log_info("%s: %d %s %s", str, r->pktinfo.v4info.ipi_ifindex, 437 buf1, buf2); 438 #elif defined(IP_RECVDSTADDR) 439 char buf1[1024]; 440 if(inet_ntop(AF_INET, &r->pktinfo.v4addr, 441 buf1, (socklen_t)sizeof(buf1)) == 0) { 442 (void)strlcpy(buf1, "(inet_ntop error)", sizeof(buf1)); 443 } 444 buf1[sizeof(buf1)-1]=0; 445 log_info("%s: %s", str, buf1); 446 #endif /* IP_PKTINFO or PI_RECVDSTDADDR */ 447 } 448 } 449 #endif /* AF_INET6 && IPV6_PKTINFO && HAVE_RECVMSG||HAVE_SENDMSG */ 450 451 /** send a UDP reply over specified interface*/ 452 static int 453 comm_point_send_udp_msg_if(struct comm_point *c, sldns_buffer* packet, 454 struct sockaddr* addr, socklen_t addrlen, struct comm_reply* r) 455 { 456 #if defined(AF_INET6) && defined(IPV6_PKTINFO) && defined(HAVE_SENDMSG) 457 ssize_t sent; 458 struct msghdr msg; 459 struct iovec iov[1]; 460 union { 461 struct cmsghdr hdr; 462 char buf[256]; 463 } control; 464 #ifndef S_SPLINT_S 465 struct cmsghdr *cmsg; 466 #endif /* S_SPLINT_S */ 467 468 log_assert(c->fd != -1); 469 #ifdef UNBOUND_DEBUG 470 if(sldns_buffer_remaining(packet) == 0) 471 log_err("error: send empty UDP packet"); 472 #endif 473 log_assert(addr && addrlen > 0); 474 475 msg.msg_name = addr; 476 msg.msg_namelen = addrlen; 477 iov[0].iov_base = sldns_buffer_begin(packet); 478 iov[0].iov_len = sldns_buffer_remaining(packet); 479 msg.msg_iov = iov; 480 msg.msg_iovlen = 1; 481 msg.msg_control = control.buf; 482 #ifndef S_SPLINT_S 483 msg.msg_controllen = sizeof(control.buf); 484 #endif /* S_SPLINT_S */ 485 msg.msg_flags = 0; 486 487 #ifndef S_SPLINT_S 488 cmsg = CMSG_FIRSTHDR(&msg); 489 if(r->srctype == 4) { 490 #ifdef IP_PKTINFO 491 void* cmsg_data; 492 msg.msg_controllen = CMSG_SPACE(sizeof(struct in_pktinfo)); 493 log_assert(msg.msg_controllen <= sizeof(control.buf)); 494 cmsg->cmsg_level = IPPROTO_IP; 495 cmsg->cmsg_type = IP_PKTINFO; 496 memmove(CMSG_DATA(cmsg), &r->pktinfo.v4info, 497 sizeof(struct in_pktinfo)); 498 /* unset the ifindex to not bypass the routing tables */ 499 cmsg_data = CMSG_DATA(cmsg); 500 ((struct in_pktinfo *) cmsg_data)->ipi_ifindex = 0; 501 cmsg->cmsg_len = CMSG_LEN(sizeof(struct in_pktinfo)); 502 #elif defined(IP_SENDSRCADDR) 503 msg.msg_controllen = CMSG_SPACE(sizeof(struct in_addr)); 504 log_assert(msg.msg_controllen <= sizeof(control.buf)); 505 cmsg->cmsg_level = IPPROTO_IP; 506 cmsg->cmsg_type = IP_SENDSRCADDR; 507 memmove(CMSG_DATA(cmsg), &r->pktinfo.v4addr, 508 sizeof(struct in_addr)); 509 cmsg->cmsg_len = CMSG_LEN(sizeof(struct in_addr)); 510 #else 511 verbose(VERB_ALGO, "no IP_PKTINFO or IP_SENDSRCADDR"); 512 msg.msg_control = NULL; 513 #endif /* IP_PKTINFO or IP_SENDSRCADDR */ 514 } else if(r->srctype == 6) { 515 void* cmsg_data; 516 msg.msg_controllen = CMSG_SPACE(sizeof(struct in6_pktinfo)); 517 log_assert(msg.msg_controllen <= sizeof(control.buf)); 518 cmsg->cmsg_level = IPPROTO_IPV6; 519 cmsg->cmsg_type = IPV6_PKTINFO; 520 memmove(CMSG_DATA(cmsg), &r->pktinfo.v6info, 521 sizeof(struct in6_pktinfo)); 522 /* unset the ifindex to not bypass the routing tables */ 523 cmsg_data = CMSG_DATA(cmsg); 524 ((struct in6_pktinfo *) cmsg_data)->ipi6_ifindex = 0; 525 cmsg->cmsg_len = CMSG_LEN(sizeof(struct in6_pktinfo)); 526 } else { 527 /* try to pass all 0 to use default route */ 528 msg.msg_controllen = CMSG_SPACE(sizeof(struct in6_pktinfo)); 529 log_assert(msg.msg_controllen <= sizeof(control.buf)); 530 cmsg->cmsg_level = IPPROTO_IPV6; 531 cmsg->cmsg_type = IPV6_PKTINFO; 532 memset(CMSG_DATA(cmsg), 0, sizeof(struct in6_pktinfo)); 533 cmsg->cmsg_len = CMSG_LEN(sizeof(struct in6_pktinfo)); 534 } 535 #endif /* S_SPLINT_S */ 536 if(verbosity >= VERB_ALGO) 537 p_ancil("send_udp over interface", r); 538 sent = sendmsg(c->fd, &msg, 0); 539 if(sent == -1) { 540 /* try again and block, waiting for IO to complete, 541 * we want to send the answer, and we will wait for 542 * the ethernet interface buffer to have space. */ 543 #ifndef USE_WINSOCK 544 if(errno == EAGAIN || 545 # ifdef EWOULDBLOCK 546 errno == EWOULDBLOCK || 547 # endif 548 errno == ENOBUFS) { 549 #else 550 if(WSAGetLastError() == WSAEINPROGRESS || 551 WSAGetLastError() == WSAENOBUFS || 552 WSAGetLastError() == WSAEWOULDBLOCK) { 553 #endif 554 int e; 555 fd_set_block(c->fd); 556 sent = sendmsg(c->fd, &msg, 0); 557 e = errno; 558 fd_set_nonblock(c->fd); 559 errno = e; 560 } 561 } 562 if(sent == -1) { 563 if(!udp_send_errno_needs_log(addr, addrlen)) 564 return 0; 565 verbose(VERB_OPS, "sendmsg failed: %s", strerror(errno)); 566 log_addr(VERB_OPS, "remote address is", 567 (struct sockaddr_storage*)addr, addrlen); 568 #ifdef __NetBSD__ 569 /* netbsd 7 has IP_PKTINFO for recv but not send */ 570 if(errno == EINVAL && r->srctype == 4) 571 log_err("sendmsg: No support for sendmsg(IP_PKTINFO). " 572 "Please disable interface-automatic"); 573 #endif 574 return 0; 575 } else if((size_t)sent != sldns_buffer_remaining(packet)) { 576 log_err("sent %d in place of %d bytes", 577 (int)sent, (int)sldns_buffer_remaining(packet)); 578 return 0; 579 } 580 return 1; 581 #else 582 (void)c; 583 (void)packet; 584 (void)addr; 585 (void)addrlen; 586 (void)r; 587 log_err("sendmsg: IPV6_PKTINFO not supported"); 588 return 0; 589 #endif /* AF_INET6 && IPV6_PKTINFO && HAVE_SENDMSG */ 590 } 591 592 /** return true is UDP receive error needs to be logged */ 593 static int udp_recv_needs_log(int err) 594 { 595 switch(err) { 596 case EACCES: /* some hosts send ICMP 'Permission Denied' */ 597 #ifndef USE_WINSOCK 598 case ECONNREFUSED: 599 # ifdef ENETUNREACH 600 case ENETUNREACH: 601 # endif 602 # ifdef EHOSTDOWN 603 case EHOSTDOWN: 604 # endif 605 # ifdef EHOSTUNREACH 606 case EHOSTUNREACH: 607 # endif 608 # ifdef ENETDOWN 609 case ENETDOWN: 610 # endif 611 #else /* USE_WINSOCK */ 612 case WSAECONNREFUSED: 613 case WSAENETUNREACH: 614 case WSAEHOSTDOWN: 615 case WSAEHOSTUNREACH: 616 case WSAENETDOWN: 617 #endif 618 if(verbosity >= VERB_ALGO) 619 return 1; 620 return 0; 621 default: 622 break; 623 } 624 return 1; 625 } 626 627 void 628 comm_point_udp_ancil_callback(int fd, short event, void* arg) 629 { 630 #if defined(AF_INET6) && defined(IPV6_PKTINFO) && defined(HAVE_RECVMSG) 631 struct comm_reply rep; 632 struct msghdr msg; 633 struct iovec iov[1]; 634 ssize_t rcv; 635 union { 636 struct cmsghdr hdr; 637 char buf[256]; 638 } ancil; 639 int i; 640 #ifndef S_SPLINT_S 641 struct cmsghdr* cmsg; 642 #endif /* S_SPLINT_S */ 643 644 rep.c = (struct comm_point*)arg; 645 log_assert(rep.c->type == comm_udp); 646 647 if(!(event&UB_EV_READ)) 648 return; 649 log_assert(rep.c && rep.c->buffer && rep.c->fd == fd); 650 ub_comm_base_now(rep.c->ev->base); 651 for(i=0; i<NUM_UDP_PER_SELECT; i++) { 652 sldns_buffer_clear(rep.c->buffer); 653 rep.addrlen = (socklen_t)sizeof(rep.addr); 654 log_assert(fd != -1); 655 log_assert(sldns_buffer_remaining(rep.c->buffer) > 0); 656 msg.msg_name = &rep.addr; 657 msg.msg_namelen = (socklen_t)sizeof(rep.addr); 658 iov[0].iov_base = sldns_buffer_begin(rep.c->buffer); 659 iov[0].iov_len = sldns_buffer_remaining(rep.c->buffer); 660 msg.msg_iov = iov; 661 msg.msg_iovlen = 1; 662 msg.msg_control = ancil.buf; 663 #ifndef S_SPLINT_S 664 msg.msg_controllen = sizeof(ancil.buf); 665 #endif /* S_SPLINT_S */ 666 msg.msg_flags = 0; 667 rcv = recvmsg(fd, &msg, 0); 668 if(rcv == -1) { 669 if(errno != EAGAIN && errno != EINTR 670 && udp_recv_needs_log(errno)) { 671 log_err("recvmsg failed: %s", strerror(errno)); 672 } 673 return; 674 } 675 rep.addrlen = msg.msg_namelen; 676 sldns_buffer_skip(rep.c->buffer, rcv); 677 sldns_buffer_flip(rep.c->buffer); 678 rep.srctype = 0; 679 #ifndef S_SPLINT_S 680 for(cmsg = CMSG_FIRSTHDR(&msg); cmsg != NULL; 681 cmsg = CMSG_NXTHDR(&msg, cmsg)) { 682 if( cmsg->cmsg_level == IPPROTO_IPV6 && 683 cmsg->cmsg_type == IPV6_PKTINFO) { 684 rep.srctype = 6; 685 memmove(&rep.pktinfo.v6info, CMSG_DATA(cmsg), 686 sizeof(struct in6_pktinfo)); 687 break; 688 #ifdef IP_PKTINFO 689 } else if( cmsg->cmsg_level == IPPROTO_IP && 690 cmsg->cmsg_type == IP_PKTINFO) { 691 rep.srctype = 4; 692 memmove(&rep.pktinfo.v4info, CMSG_DATA(cmsg), 693 sizeof(struct in_pktinfo)); 694 break; 695 #elif defined(IP_RECVDSTADDR) 696 } else if( cmsg->cmsg_level == IPPROTO_IP && 697 cmsg->cmsg_type == IP_RECVDSTADDR) { 698 rep.srctype = 4; 699 memmove(&rep.pktinfo.v4addr, CMSG_DATA(cmsg), 700 sizeof(struct in_addr)); 701 break; 702 #endif /* IP_PKTINFO or IP_RECVDSTADDR */ 703 } 704 } 705 if(verbosity >= VERB_ALGO) 706 p_ancil("receive_udp on interface", &rep); 707 #endif /* S_SPLINT_S */ 708 fptr_ok(fptr_whitelist_comm_point(rep.c->callback)); 709 if((*rep.c->callback)(rep.c, rep.c->cb_arg, NETEVENT_NOERROR, &rep)) { 710 /* send back immediate reply */ 711 (void)comm_point_send_udp_msg_if(rep.c, rep.c->buffer, 712 (struct sockaddr*)&rep.addr, rep.addrlen, &rep); 713 } 714 if(!rep.c || rep.c->fd == -1) /* commpoint closed */ 715 break; 716 } 717 #else 718 (void)fd; 719 (void)event; 720 (void)arg; 721 fatal_exit("recvmsg: No support for IPV6_PKTINFO; IP_PKTINFO or IP_RECVDSTADDR. " 722 "Please disable interface-automatic"); 723 #endif /* AF_INET6 && IPV6_PKTINFO && HAVE_RECVMSG */ 724 } 725 726 void 727 comm_point_udp_callback(int fd, short event, void* arg) 728 { 729 struct comm_reply rep; 730 ssize_t rcv; 731 int i; 732 struct sldns_buffer *buffer; 733 734 rep.c = (struct comm_point*)arg; 735 log_assert(rep.c->type == comm_udp); 736 737 if(!(event&UB_EV_READ)) 738 return; 739 log_assert(rep.c && rep.c->buffer && rep.c->fd == fd); 740 ub_comm_base_now(rep.c->ev->base); 741 for(i=0; i<NUM_UDP_PER_SELECT; i++) { 742 sldns_buffer_clear(rep.c->buffer); 743 rep.addrlen = (socklen_t)sizeof(rep.addr); 744 log_assert(fd != -1); 745 log_assert(sldns_buffer_remaining(rep.c->buffer) > 0); 746 rcv = recvfrom(fd, (void*)sldns_buffer_begin(rep.c->buffer), 747 sldns_buffer_remaining(rep.c->buffer), 0, 748 (struct sockaddr*)&rep.addr, &rep.addrlen); 749 if(rcv == -1) { 750 #ifndef USE_WINSOCK 751 if(errno != EAGAIN && errno != EINTR 752 && udp_recv_needs_log(errno)) 753 log_err("recvfrom %d failed: %s", 754 fd, strerror(errno)); 755 #else 756 if(WSAGetLastError() != WSAEINPROGRESS && 757 WSAGetLastError() != WSAECONNRESET && 758 WSAGetLastError()!= WSAEWOULDBLOCK && 759 udp_recv_needs_log(WSAGetLastError())) 760 log_err("recvfrom failed: %s", 761 wsa_strerror(WSAGetLastError())); 762 #endif 763 return; 764 } 765 sldns_buffer_skip(rep.c->buffer, rcv); 766 sldns_buffer_flip(rep.c->buffer); 767 rep.srctype = 0; 768 fptr_ok(fptr_whitelist_comm_point(rep.c->callback)); 769 if((*rep.c->callback)(rep.c, rep.c->cb_arg, NETEVENT_NOERROR, &rep)) { 770 /* send back immediate reply */ 771 #ifdef USE_DNSCRYPT 772 buffer = rep.c->dnscrypt_buffer; 773 #else 774 buffer = rep.c->buffer; 775 #endif 776 (void)comm_point_send_udp_msg(rep.c, buffer, 777 (struct sockaddr*)&rep.addr, rep.addrlen, 0); 778 } 779 if(!rep.c || rep.c->fd != fd) /* commpoint closed to -1 or reused for 780 another UDP port. Note rep.c cannot be reused with TCP fd. */ 781 break; 782 } 783 } 784 785 int adjusted_tcp_timeout(struct comm_point* c) 786 { 787 if(c->tcp_timeout_msec < TCP_QUERY_TIMEOUT_MINIMUM) 788 return TCP_QUERY_TIMEOUT_MINIMUM; 789 return c->tcp_timeout_msec; 790 } 791 792 /** Use a new tcp handler for new query fd, set to read query */ 793 static void 794 setup_tcp_handler(struct comm_point* c, int fd, int cur, int max) 795 { 796 int handler_usage; 797 log_assert(c->type == comm_tcp || c->type == comm_http); 798 log_assert(c->fd == -1); 799 sldns_buffer_clear(c->buffer); 800 #ifdef USE_DNSCRYPT 801 if (c->dnscrypt) 802 sldns_buffer_clear(c->dnscrypt_buffer); 803 #endif 804 c->tcp_is_reading = 1; 805 c->tcp_byte_count = 0; 806 /* if more than half the tcp handlers are in use, use a shorter 807 * timeout for this TCP connection, we need to make space for 808 * other connections to be able to get attention */ 809 /* If > 50% TCP handler structures in use, set timeout to 1/100th 810 * configured value. 811 * If > 65%TCP handler structures in use, set to 1/500th configured 812 * value. 813 * If > 80% TCP handler structures in use, set to 0. 814 * 815 * If the timeout to use falls below 200 milliseconds, an actual 816 * timeout of 200ms is used. 817 */ 818 handler_usage = (cur * 100) / max; 819 if(handler_usage > 50 && handler_usage <= 65) 820 c->tcp_timeout_msec /= 100; 821 else if (handler_usage > 65 && handler_usage <= 80) 822 c->tcp_timeout_msec /= 500; 823 else if (handler_usage > 80) 824 c->tcp_timeout_msec = 0; 825 comm_point_start_listening(c, fd, adjusted_tcp_timeout(c)); 826 } 827 828 void comm_base_handle_slow_accept(int ATTR_UNUSED(fd), 829 short ATTR_UNUSED(event), void* arg) 830 { 831 struct comm_base* b = (struct comm_base*)arg; 832 /* timeout for the slow accept, re-enable accepts again */ 833 if(b->start_accept) { 834 verbose(VERB_ALGO, "wait is over, slow accept disabled"); 835 fptr_ok(fptr_whitelist_start_accept(b->start_accept)); 836 (*b->start_accept)(b->cb_arg); 837 b->eb->slow_accept_enabled = 0; 838 } 839 } 840 841 int comm_point_perform_accept(struct comm_point* c, 842 struct sockaddr_storage* addr, socklen_t* addrlen) 843 { 844 int new_fd; 845 *addrlen = (socklen_t)sizeof(*addr); 846 #ifndef HAVE_ACCEPT4 847 new_fd = accept(c->fd, (struct sockaddr*)addr, addrlen); 848 #else 849 /* SOCK_NONBLOCK saves extra calls to fcntl for the same result */ 850 new_fd = accept4(c->fd, (struct sockaddr*)addr, addrlen, SOCK_NONBLOCK); 851 #endif 852 if(new_fd == -1) { 853 #ifndef USE_WINSOCK 854 /* EINTR is signal interrupt. others are closed connection. */ 855 if( errno == EINTR || errno == EAGAIN 856 #ifdef EWOULDBLOCK 857 || errno == EWOULDBLOCK 858 #endif 859 #ifdef ECONNABORTED 860 || errno == ECONNABORTED 861 #endif 862 #ifdef EPROTO 863 || errno == EPROTO 864 #endif /* EPROTO */ 865 ) 866 return -1; 867 #if defined(ENFILE) && defined(EMFILE) 868 if(errno == ENFILE || errno == EMFILE) { 869 /* out of file descriptors, likely outside of our 870 * control. stop accept() calls for some time */ 871 if(c->ev->base->stop_accept) { 872 struct comm_base* b = c->ev->base; 873 struct timeval tv; 874 verbose(VERB_ALGO, "out of file descriptors: " 875 "slow accept"); 876 b->eb->slow_accept_enabled = 1; 877 fptr_ok(fptr_whitelist_stop_accept( 878 b->stop_accept)); 879 (*b->stop_accept)(b->cb_arg); 880 /* set timeout, no mallocs */ 881 tv.tv_sec = NETEVENT_SLOW_ACCEPT_TIME/1000; 882 tv.tv_usec = (NETEVENT_SLOW_ACCEPT_TIME%1000)*1000; 883 b->eb->slow_accept = ub_event_new(b->eb->base, 884 -1, UB_EV_TIMEOUT, 885 comm_base_handle_slow_accept, b); 886 if(b->eb->slow_accept == NULL) { 887 /* we do not want to log here, because 888 * that would spam the logfiles. 889 * error: "event_base_set failed." */ 890 } 891 else if(ub_event_add(b->eb->slow_accept, &tv) 892 != 0) { 893 /* we do not want to log here, 894 * error: "event_add failed." */ 895 } 896 } 897 return -1; 898 } 899 #endif 900 #else /* USE_WINSOCK */ 901 if(WSAGetLastError() == WSAEINPROGRESS || 902 WSAGetLastError() == WSAECONNRESET) 903 return -1; 904 if(WSAGetLastError() == WSAEWOULDBLOCK) { 905 ub_winsock_tcp_wouldblock(c->ev->ev, UB_EV_READ); 906 return -1; 907 } 908 #endif 909 log_err_addr("accept failed", sock_strerror(errno), addr, 910 *addrlen); 911 return -1; 912 } 913 if(c->tcp_conn_limit && c->type == comm_tcp_accept) { 914 c->tcl_addr = tcl_addr_lookup(c->tcp_conn_limit, addr, *addrlen); 915 if(!tcl_new_connection(c->tcl_addr)) { 916 if(verbosity >= 3) 917 log_err_addr("accept rejected", 918 "connection limit exceeded", addr, *addrlen); 919 close(new_fd); 920 return -1; 921 } 922 } 923 #ifndef HAVE_ACCEPT4 924 fd_set_nonblock(new_fd); 925 #endif 926 return new_fd; 927 } 928 929 #ifdef USE_WINSOCK 930 static long win_bio_cb(BIO *b, int oper, const char* ATTR_UNUSED(argp), 931 int ATTR_UNUSED(argi), long argl, long retvalue) 932 { 933 int wsa_err = WSAGetLastError(); /* store errcode before it is gone */ 934 verbose(VERB_ALGO, "bio_cb %d, %s %s %s", oper, 935 (oper&BIO_CB_RETURN)?"return":"before", 936 (oper&BIO_CB_READ)?"read":((oper&BIO_CB_WRITE)?"write":"other"), 937 wsa_err==WSAEWOULDBLOCK?"wsawb":""); 938 /* on windows, check if previous operation caused EWOULDBLOCK */ 939 if( (oper == (BIO_CB_READ|BIO_CB_RETURN) && argl == 0) || 940 (oper == (BIO_CB_GETS|BIO_CB_RETURN) && argl == 0)) { 941 if(wsa_err == WSAEWOULDBLOCK) 942 ub_winsock_tcp_wouldblock((struct ub_event*) 943 BIO_get_callback_arg(b), UB_EV_READ); 944 } 945 if( (oper == (BIO_CB_WRITE|BIO_CB_RETURN) && argl == 0) || 946 (oper == (BIO_CB_PUTS|BIO_CB_RETURN) && argl == 0)) { 947 if(wsa_err == WSAEWOULDBLOCK) 948 ub_winsock_tcp_wouldblock((struct ub_event*) 949 BIO_get_callback_arg(b), UB_EV_WRITE); 950 } 951 /* return original return value */ 952 return retvalue; 953 } 954 955 /** set win bio callbacks for nonblocking operations */ 956 void 957 comm_point_tcp_win_bio_cb(struct comm_point* c, void* thessl) 958 { 959 SSL* ssl = (SSL*)thessl; 960 /* set them both just in case, but usually they are the same BIO */ 961 BIO_set_callback(SSL_get_rbio(ssl), &win_bio_cb); 962 BIO_set_callback_arg(SSL_get_rbio(ssl), (char*)c->ev->ev); 963 BIO_set_callback(SSL_get_wbio(ssl), &win_bio_cb); 964 BIO_set_callback_arg(SSL_get_wbio(ssl), (char*)c->ev->ev); 965 } 966 #endif 967 968 #ifdef HAVE_NGHTTP2 969 /** Create http2 session server. Per connection, after TCP accepted.*/ 970 static int http2_session_server_create(struct http2_session* h2_session) 971 { 972 log_assert(h2_session->callbacks); 973 h2_session->is_drop = 0; 974 if(nghttp2_session_server_new(&h2_session->session, 975 h2_session->callbacks, 976 h2_session) == NGHTTP2_ERR_NOMEM) { 977 log_err("failed to create nghttp2 session server"); 978 return 0; 979 } 980 981 return 1; 982 } 983 984 /** Submit http2 setting to session. Once per session. */ 985 static int http2_submit_settings(struct http2_session* h2_session) 986 { 987 int ret; 988 nghttp2_settings_entry settings[1] = { 989 {NGHTTP2_SETTINGS_MAX_CONCURRENT_STREAMS, 990 h2_session->c->http2_max_streams}}; 991 992 ret = nghttp2_submit_settings(h2_session->session, NGHTTP2_FLAG_NONE, 993 settings, 1); 994 if(ret) { 995 verbose(VERB_QUERY, "http2: submit_settings failed, " 996 "error: %s", nghttp2_strerror(ret)); 997 return 0; 998 } 999 return 1; 1000 } 1001 #endif /* HAVE_NGHTTP2 */ 1002 1003 1004 void 1005 comm_point_tcp_accept_callback(int fd, short event, void* arg) 1006 { 1007 struct comm_point* c = (struct comm_point*)arg, *c_hdl; 1008 int new_fd; 1009 log_assert(c->type == comm_tcp_accept); 1010 if(!(event & UB_EV_READ)) { 1011 log_info("ignoring tcp accept event %d", (int)event); 1012 return; 1013 } 1014 ub_comm_base_now(c->ev->base); 1015 /* find free tcp handler. */ 1016 if(!c->tcp_free) { 1017 log_warn("accepted too many tcp, connections full"); 1018 return; 1019 } 1020 /* accept incoming connection. */ 1021 c_hdl = c->tcp_free; 1022 /* clear leftover flags from previous use, and then set the 1023 * correct event base for the event structure for libevent */ 1024 ub_event_free(c_hdl->ev->ev); 1025 if((c_hdl->type == comm_tcp && c_hdl->tcp_req_info) || 1026 c_hdl->type == comm_local || c_hdl->type == comm_raw) 1027 c_hdl->tcp_do_toggle_rw = 0; 1028 else c_hdl->tcp_do_toggle_rw = 1; 1029 1030 if(c_hdl->type == comm_http) { 1031 #ifdef HAVE_NGHTTP2 1032 if(!c_hdl->h2_session || 1033 !http2_session_server_create(c_hdl->h2_session)) { 1034 log_warn("failed to create nghttp2"); 1035 return; 1036 } 1037 if(!c_hdl->h2_session || 1038 !http2_submit_settings(c_hdl->h2_session)) { 1039 log_warn("failed to submit http2 settings"); 1040 return; 1041 } 1042 if(!c->ssl) { 1043 c_hdl->tcp_do_toggle_rw = 0; 1044 c_hdl->use_h2 = 1; 1045 } 1046 #endif 1047 c_hdl->ev->ev = ub_event_new(c_hdl->ev->base->eb->base, -1, 1048 UB_EV_PERSIST | UB_EV_READ | UB_EV_TIMEOUT, 1049 comm_point_http_handle_callback, c_hdl); 1050 } else { 1051 c_hdl->ev->ev = ub_event_new(c_hdl->ev->base->eb->base, -1, 1052 UB_EV_PERSIST | UB_EV_READ | UB_EV_TIMEOUT, 1053 comm_point_tcp_handle_callback, c_hdl); 1054 } 1055 if(!c_hdl->ev->ev) { 1056 log_warn("could not ub_event_new, dropped tcp"); 1057 return; 1058 } 1059 log_assert(fd != -1); 1060 (void)fd; 1061 new_fd = comm_point_perform_accept(c, &c_hdl->repinfo.addr, 1062 &c_hdl->repinfo.addrlen); 1063 if(new_fd == -1) 1064 return; 1065 if(c->ssl) { 1066 c_hdl->ssl = incoming_ssl_fd(c->ssl, new_fd); 1067 if(!c_hdl->ssl) { 1068 c_hdl->fd = new_fd; 1069 comm_point_close(c_hdl); 1070 return; 1071 } 1072 c_hdl->ssl_shake_state = comm_ssl_shake_read; 1073 #ifdef USE_WINSOCK 1074 comm_point_tcp_win_bio_cb(c_hdl, c_hdl->ssl); 1075 #endif 1076 } 1077 1078 /* grab the tcp handler buffers */ 1079 c->cur_tcp_count++; 1080 c->tcp_free = c_hdl->tcp_free; 1081 if(!c->tcp_free) { 1082 /* stop accepting incoming queries for now. */ 1083 comm_point_stop_listening(c); 1084 } 1085 setup_tcp_handler(c_hdl, new_fd, c->cur_tcp_count, c->max_tcp_count); 1086 } 1087 1088 /** Make tcp handler free for next assignment */ 1089 static void 1090 reclaim_tcp_handler(struct comm_point* c) 1091 { 1092 log_assert(c->type == comm_tcp); 1093 if(c->ssl) { 1094 #ifdef HAVE_SSL 1095 SSL_shutdown(c->ssl); 1096 SSL_free(c->ssl); 1097 c->ssl = NULL; 1098 #endif 1099 } 1100 comm_point_close(c); 1101 if(c->tcp_parent) { 1102 c->tcp_parent->cur_tcp_count--; 1103 c->tcp_free = c->tcp_parent->tcp_free; 1104 c->tcp_parent->tcp_free = c; 1105 if(!c->tcp_free) { 1106 /* re-enable listening on accept socket */ 1107 comm_point_start_listening(c->tcp_parent, -1, -1); 1108 } 1109 } 1110 c->tcp_more_read_again = NULL; 1111 c->tcp_more_write_again = NULL; 1112 } 1113 1114 /** do the callback when writing is done */ 1115 static void 1116 tcp_callback_writer(struct comm_point* c) 1117 { 1118 log_assert(c->type == comm_tcp); 1119 if(!c->tcp_write_and_read) { 1120 sldns_buffer_clear(c->buffer); 1121 c->tcp_byte_count = 0; 1122 } 1123 if(c->tcp_do_toggle_rw) 1124 c->tcp_is_reading = 1; 1125 /* switch from listening(write) to listening(read) */ 1126 if(c->tcp_req_info) { 1127 tcp_req_info_handle_writedone(c->tcp_req_info); 1128 } else { 1129 comm_point_stop_listening(c); 1130 if(c->tcp_write_and_read) { 1131 fptr_ok(fptr_whitelist_comm_point(c->callback)); 1132 if( (*c->callback)(c, c->cb_arg, NETEVENT_PKT_WRITTEN, 1133 &c->repinfo) ) { 1134 comm_point_start_listening(c, -1, 1135 adjusted_tcp_timeout(c)); 1136 } 1137 } else { 1138 comm_point_start_listening(c, -1, 1139 adjusted_tcp_timeout(c)); 1140 } 1141 } 1142 } 1143 1144 /** do the callback when reading is done */ 1145 static void 1146 tcp_callback_reader(struct comm_point* c) 1147 { 1148 log_assert(c->type == comm_tcp || c->type == comm_local); 1149 sldns_buffer_flip(c->buffer); 1150 if(c->tcp_do_toggle_rw) 1151 c->tcp_is_reading = 0; 1152 c->tcp_byte_count = 0; 1153 if(c->tcp_req_info) { 1154 tcp_req_info_handle_readdone(c->tcp_req_info); 1155 } else { 1156 if(c->type == comm_tcp) 1157 comm_point_stop_listening(c); 1158 fptr_ok(fptr_whitelist_comm_point(c->callback)); 1159 if( (*c->callback)(c, c->cb_arg, NETEVENT_NOERROR, &c->repinfo) ) { 1160 comm_point_start_listening(c, -1, 1161 adjusted_tcp_timeout(c)); 1162 } 1163 } 1164 } 1165 1166 #ifdef HAVE_SSL 1167 /** true if the ssl handshake error has to be squelched from the logs */ 1168 int 1169 squelch_err_ssl_handshake(unsigned long err) 1170 { 1171 if(verbosity >= VERB_QUERY) 1172 return 0; /* only squelch on low verbosity */ 1173 /* this is very specific, we could filter on ERR_GET_REASON() 1174 * (the third element in ERR_PACK) */ 1175 if(err == ERR_PACK(ERR_LIB_SSL, SSL_F_SSL3_GET_RECORD, SSL_R_HTTPS_PROXY_REQUEST) || 1176 err == ERR_PACK(ERR_LIB_SSL, SSL_F_SSL3_GET_RECORD, SSL_R_HTTP_REQUEST) || 1177 err == ERR_PACK(ERR_LIB_SSL, SSL_F_SSL3_GET_RECORD, SSL_R_WRONG_VERSION_NUMBER) || 1178 err == ERR_PACK(ERR_LIB_SSL, SSL_F_SSL3_READ_BYTES, SSL_R_SSLV3_ALERT_BAD_CERTIFICATE) 1179 #ifdef SSL_F_TLS_POST_PROCESS_CLIENT_HELLO 1180 || err == ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_POST_PROCESS_CLIENT_HELLO, SSL_R_NO_SHARED_CIPHER) 1181 #endif 1182 #ifdef SSL_F_TLS_EARLY_POST_PROCESS_CLIENT_HELLO 1183 || err == ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_EARLY_POST_PROCESS_CLIENT_HELLO, SSL_R_UNKNOWN_PROTOCOL) 1184 || err == ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_EARLY_POST_PROCESS_CLIENT_HELLO, SSL_R_UNSUPPORTED_PROTOCOL) 1185 # ifdef SSL_R_VERSION_TOO_LOW 1186 || err == ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_EARLY_POST_PROCESS_CLIENT_HELLO, SSL_R_VERSION_TOO_LOW) 1187 # endif 1188 #endif 1189 ) 1190 return 1; 1191 return 0; 1192 } 1193 #endif /* HAVE_SSL */ 1194 1195 /** continue ssl handshake */ 1196 #ifdef HAVE_SSL 1197 static int 1198 ssl_handshake(struct comm_point* c) 1199 { 1200 int r; 1201 if(c->ssl_shake_state == comm_ssl_shake_hs_read) { 1202 /* read condition satisfied back to writing */ 1203 comm_point_listen_for_rw(c, 1, 1); 1204 c->ssl_shake_state = comm_ssl_shake_none; 1205 return 1; 1206 } 1207 if(c->ssl_shake_state == comm_ssl_shake_hs_write) { 1208 /* write condition satisfied, back to reading */ 1209 comm_point_listen_for_rw(c, 1, 0); 1210 c->ssl_shake_state = comm_ssl_shake_none; 1211 return 1; 1212 } 1213 1214 ERR_clear_error(); 1215 r = SSL_do_handshake(c->ssl); 1216 if(r != 1) { 1217 int want = SSL_get_error(c->ssl, r); 1218 if(want == SSL_ERROR_WANT_READ) { 1219 if(c->ssl_shake_state == comm_ssl_shake_read) 1220 return 1; 1221 c->ssl_shake_state = comm_ssl_shake_read; 1222 comm_point_listen_for_rw(c, 1, 0); 1223 return 1; 1224 } else if(want == SSL_ERROR_WANT_WRITE) { 1225 if(c->ssl_shake_state == comm_ssl_shake_write) 1226 return 1; 1227 c->ssl_shake_state = comm_ssl_shake_write; 1228 comm_point_listen_for_rw(c, 0, 1); 1229 return 1; 1230 } else if(r == 0) { 1231 return 0; /* closed */ 1232 } else if(want == SSL_ERROR_SYSCALL) { 1233 /* SYSCALL and errno==0 means closed uncleanly */ 1234 #ifdef EPIPE 1235 if(errno == EPIPE && verbosity < 2) 1236 return 0; /* silence 'broken pipe' */ 1237 #endif 1238 #ifdef ECONNRESET 1239 if(errno == ECONNRESET && verbosity < 2) 1240 return 0; /* silence reset by peer */ 1241 #endif 1242 if(errno != 0) 1243 log_err("SSL_handshake syscall: %s", 1244 strerror(errno)); 1245 return 0; 1246 } else { 1247 unsigned long err = ERR_get_error(); 1248 if(!squelch_err_ssl_handshake(err)) { 1249 log_crypto_err_code("ssl handshake failed", err); 1250 log_addr(VERB_OPS, "ssl handshake failed", &c->repinfo.addr, 1251 c->repinfo.addrlen); 1252 } 1253 return 0; 1254 } 1255 } 1256 /* this is where peer verification could take place */ 1257 if((SSL_get_verify_mode(c->ssl)&SSL_VERIFY_PEER)) { 1258 /* verification */ 1259 if(SSL_get_verify_result(c->ssl) == X509_V_OK) { 1260 X509* x = SSL_get_peer_certificate(c->ssl); 1261 if(!x) { 1262 log_addr(VERB_ALGO, "SSL connection failed: " 1263 "no certificate", 1264 &c->repinfo.addr, c->repinfo.addrlen); 1265 return 0; 1266 } 1267 log_cert(VERB_ALGO, "peer certificate", x); 1268 #ifdef HAVE_SSL_GET0_PEERNAME 1269 if(SSL_get0_peername(c->ssl)) { 1270 char buf[255]; 1271 snprintf(buf, sizeof(buf), "SSL connection " 1272 "to %s authenticated", 1273 SSL_get0_peername(c->ssl)); 1274 log_addr(VERB_ALGO, buf, &c->repinfo.addr, 1275 c->repinfo.addrlen); 1276 } else { 1277 #endif 1278 log_addr(VERB_ALGO, "SSL connection " 1279 "authenticated", &c->repinfo.addr, 1280 c->repinfo.addrlen); 1281 #ifdef HAVE_SSL_GET0_PEERNAME 1282 } 1283 #endif 1284 X509_free(x); 1285 } else { 1286 X509* x = SSL_get_peer_certificate(c->ssl); 1287 if(x) { 1288 log_cert(VERB_ALGO, "peer certificate", x); 1289 X509_free(x); 1290 } 1291 log_addr(VERB_ALGO, "SSL connection failed: " 1292 "failed to authenticate", 1293 &c->repinfo.addr, c->repinfo.addrlen); 1294 return 0; 1295 } 1296 } else { 1297 /* unauthenticated, the verify peer flag was not set 1298 * in c->ssl when the ssl object was created from ssl_ctx */ 1299 log_addr(VERB_ALGO, "SSL connection", &c->repinfo.addr, 1300 c->repinfo.addrlen); 1301 } 1302 1303 /* check if http2 use is negotiated */ 1304 if(c->type == comm_http && c->h2_session) { 1305 const unsigned char *alpn; 1306 unsigned int alpnlen = 0; 1307 SSL_get0_alpn_selected(c->ssl, &alpn, &alpnlen); 1308 if(alpnlen == 2 && memcmp("h2", alpn, 2) == 0) { 1309 /* connection upgraded to HTTP2 */ 1310 c->tcp_do_toggle_rw = 0; 1311 c->use_h2 = 1; 1312 } 1313 } 1314 1315 /* setup listen rw correctly */ 1316 if(c->tcp_is_reading) { 1317 if(c->ssl_shake_state != comm_ssl_shake_read) 1318 comm_point_listen_for_rw(c, 1, 0); 1319 } else { 1320 comm_point_listen_for_rw(c, 1, 1); 1321 } 1322 c->ssl_shake_state = comm_ssl_shake_none; 1323 return 1; 1324 } 1325 #endif /* HAVE_SSL */ 1326 1327 /** ssl read callback on TCP */ 1328 static int 1329 ssl_handle_read(struct comm_point* c) 1330 { 1331 #ifdef HAVE_SSL 1332 int r; 1333 if(c->ssl_shake_state != comm_ssl_shake_none) { 1334 if(!ssl_handshake(c)) 1335 return 0; 1336 if(c->ssl_shake_state != comm_ssl_shake_none) 1337 return 1; 1338 } 1339 if(c->tcp_byte_count < sizeof(uint16_t)) { 1340 /* read length bytes */ 1341 ERR_clear_error(); 1342 if((r=SSL_read(c->ssl, (void*)sldns_buffer_at(c->buffer, 1343 c->tcp_byte_count), (int)(sizeof(uint16_t) - 1344 c->tcp_byte_count))) <= 0) { 1345 int want = SSL_get_error(c->ssl, r); 1346 if(want == SSL_ERROR_ZERO_RETURN) { 1347 if(c->tcp_req_info) 1348 return tcp_req_info_handle_read_close(c->tcp_req_info); 1349 return 0; /* shutdown, closed */ 1350 } else if(want == SSL_ERROR_WANT_READ) { 1351 ub_winsock_tcp_wouldblock(c->ev->ev, UB_EV_READ); 1352 return 1; /* read more later */ 1353 } else if(want == SSL_ERROR_WANT_WRITE) { 1354 c->ssl_shake_state = comm_ssl_shake_hs_write; 1355 comm_point_listen_for_rw(c, 0, 1); 1356 return 1; 1357 } else if(want == SSL_ERROR_SYSCALL) { 1358 #ifdef ECONNRESET 1359 if(errno == ECONNRESET && verbosity < 2) 1360 return 0; /* silence reset by peer */ 1361 #endif 1362 if(errno != 0) 1363 log_err("SSL_read syscall: %s", 1364 strerror(errno)); 1365 return 0; 1366 } 1367 log_crypto_err("could not SSL_read"); 1368 return 0; 1369 } 1370 c->tcp_byte_count += r; 1371 if(c->tcp_byte_count < sizeof(uint16_t)) 1372 return 1; 1373 if(sldns_buffer_read_u16_at(c->buffer, 0) > 1374 sldns_buffer_capacity(c->buffer)) { 1375 verbose(VERB_QUERY, "ssl: dropped larger than buffer"); 1376 return 0; 1377 } 1378 sldns_buffer_set_limit(c->buffer, 1379 sldns_buffer_read_u16_at(c->buffer, 0)); 1380 if(sldns_buffer_limit(c->buffer) < LDNS_HEADER_SIZE) { 1381 verbose(VERB_QUERY, "ssl: dropped bogus too short."); 1382 return 0; 1383 } 1384 sldns_buffer_skip(c->buffer, (ssize_t)(c->tcp_byte_count-sizeof(uint16_t))); 1385 verbose(VERB_ALGO, "Reading ssl tcp query of length %d", 1386 (int)sldns_buffer_limit(c->buffer)); 1387 } 1388 if(sldns_buffer_remaining(c->buffer) > 0) { 1389 ERR_clear_error(); 1390 r = SSL_read(c->ssl, (void*)sldns_buffer_current(c->buffer), 1391 (int)sldns_buffer_remaining(c->buffer)); 1392 if(r <= 0) { 1393 int want = SSL_get_error(c->ssl, r); 1394 if(want == SSL_ERROR_ZERO_RETURN) { 1395 if(c->tcp_req_info) 1396 return tcp_req_info_handle_read_close(c->tcp_req_info); 1397 return 0; /* shutdown, closed */ 1398 } else if(want == SSL_ERROR_WANT_READ) { 1399 ub_winsock_tcp_wouldblock(c->ev->ev, UB_EV_READ); 1400 return 1; /* read more later */ 1401 } else if(want == SSL_ERROR_WANT_WRITE) { 1402 c->ssl_shake_state = comm_ssl_shake_hs_write; 1403 comm_point_listen_for_rw(c, 0, 1); 1404 return 1; 1405 } else if(want == SSL_ERROR_SYSCALL) { 1406 #ifdef ECONNRESET 1407 if(errno == ECONNRESET && verbosity < 2) 1408 return 0; /* silence reset by peer */ 1409 #endif 1410 if(errno != 0) 1411 log_err("SSL_read syscall: %s", 1412 strerror(errno)); 1413 return 0; 1414 } 1415 log_crypto_err("could not SSL_read"); 1416 return 0; 1417 } 1418 sldns_buffer_skip(c->buffer, (ssize_t)r); 1419 } 1420 if(sldns_buffer_remaining(c->buffer) <= 0) { 1421 tcp_callback_reader(c); 1422 } 1423 return 1; 1424 #else 1425 (void)c; 1426 return 0; 1427 #endif /* HAVE_SSL */ 1428 } 1429 1430 /** ssl write callback on TCP */ 1431 static int 1432 ssl_handle_write(struct comm_point* c) 1433 { 1434 #ifdef HAVE_SSL 1435 int r; 1436 if(c->ssl_shake_state != comm_ssl_shake_none) { 1437 if(!ssl_handshake(c)) 1438 return 0; 1439 if(c->ssl_shake_state != comm_ssl_shake_none) 1440 return 1; 1441 } 1442 /* ignore return, if fails we may simply block */ 1443 (void)SSL_set_mode(c->ssl, (long)SSL_MODE_ENABLE_PARTIAL_WRITE); 1444 if((c->tcp_write_and_read?c->tcp_write_byte_count:c->tcp_byte_count) < sizeof(uint16_t)) { 1445 uint16_t len = htons(c->tcp_write_and_read?c->tcp_write_pkt_len:sldns_buffer_limit(c->buffer)); 1446 ERR_clear_error(); 1447 if(c->tcp_write_and_read) { 1448 if(c->tcp_write_pkt_len + 2 < LDNS_RR_BUF_SIZE) { 1449 /* combine the tcp length and the query for 1450 * write, this emulates writev */ 1451 uint8_t buf[LDNS_RR_BUF_SIZE]; 1452 memmove(buf, &len, sizeof(uint16_t)); 1453 memmove(buf+sizeof(uint16_t), 1454 c->tcp_write_pkt, 1455 c->tcp_write_pkt_len); 1456 r = SSL_write(c->ssl, 1457 (void*)(buf+c->tcp_write_byte_count), 1458 c->tcp_write_pkt_len + 2 - 1459 c->tcp_write_byte_count); 1460 } else { 1461 r = SSL_write(c->ssl, 1462 (void*)(((uint8_t*)&len)+c->tcp_write_byte_count), 1463 (int)(sizeof(uint16_t)-c->tcp_write_byte_count)); 1464 } 1465 } else if(sizeof(uint16_t)+sldns_buffer_remaining(c->buffer) < 1466 LDNS_RR_BUF_SIZE) { 1467 /* combine the tcp length and the query for write, 1468 * this emulates writev */ 1469 uint8_t buf[LDNS_RR_BUF_SIZE]; 1470 memmove(buf, &len, sizeof(uint16_t)); 1471 memmove(buf+sizeof(uint16_t), 1472 sldns_buffer_current(c->buffer), 1473 sldns_buffer_remaining(c->buffer)); 1474 r = SSL_write(c->ssl, (void*)(buf+c->tcp_byte_count), 1475 (int)(sizeof(uint16_t)+ 1476 sldns_buffer_remaining(c->buffer) 1477 - c->tcp_byte_count)); 1478 } else { 1479 r = SSL_write(c->ssl, 1480 (void*)(((uint8_t*)&len)+c->tcp_byte_count), 1481 (int)(sizeof(uint16_t)-c->tcp_byte_count)); 1482 } 1483 if(r <= 0) { 1484 int want = SSL_get_error(c->ssl, r); 1485 if(want == SSL_ERROR_ZERO_RETURN) { 1486 return 0; /* closed */ 1487 } else if(want == SSL_ERROR_WANT_READ) { 1488 c->ssl_shake_state = comm_ssl_shake_hs_read; 1489 comm_point_listen_for_rw(c, 1, 0); 1490 return 1; /* wait for read condition */ 1491 } else if(want == SSL_ERROR_WANT_WRITE) { 1492 ub_winsock_tcp_wouldblock(c->ev->ev, UB_EV_WRITE); 1493 return 1; /* write more later */ 1494 } else if(want == SSL_ERROR_SYSCALL) { 1495 #ifdef EPIPE 1496 if(errno == EPIPE && verbosity < 2) 1497 return 0; /* silence 'broken pipe' */ 1498 #endif 1499 if(errno != 0) 1500 log_err("SSL_write syscall: %s", 1501 strerror(errno)); 1502 return 0; 1503 } 1504 log_crypto_err("could not SSL_write"); 1505 return 0; 1506 } 1507 if(c->tcp_write_and_read) { 1508 c->tcp_write_byte_count += r; 1509 if(c->tcp_write_byte_count < sizeof(uint16_t)) 1510 return 1; 1511 } else { 1512 c->tcp_byte_count += r; 1513 if(c->tcp_byte_count < sizeof(uint16_t)) 1514 return 1; 1515 sldns_buffer_set_position(c->buffer, c->tcp_byte_count - 1516 sizeof(uint16_t)); 1517 } 1518 if((!c->tcp_write_and_read && sldns_buffer_remaining(c->buffer) == 0) || (c->tcp_write_and_read && c->tcp_write_byte_count == c->tcp_write_pkt_len + 2)) { 1519 tcp_callback_writer(c); 1520 return 1; 1521 } 1522 } 1523 log_assert(c->tcp_write_and_read || sldns_buffer_remaining(c->buffer) > 0); 1524 log_assert(!c->tcp_write_and_read || c->tcp_write_byte_count < c->tcp_write_pkt_len + 2); 1525 ERR_clear_error(); 1526 if(c->tcp_write_and_read) { 1527 r = SSL_write(c->ssl, (void*)(c->tcp_write_pkt + c->tcp_write_byte_count - 2), 1528 (int)(c->tcp_write_pkt_len + 2 - c->tcp_write_byte_count)); 1529 } else { 1530 r = SSL_write(c->ssl, (void*)sldns_buffer_current(c->buffer), 1531 (int)sldns_buffer_remaining(c->buffer)); 1532 } 1533 if(r <= 0) { 1534 int want = SSL_get_error(c->ssl, r); 1535 if(want == SSL_ERROR_ZERO_RETURN) { 1536 return 0; /* closed */ 1537 } else if(want == SSL_ERROR_WANT_READ) { 1538 c->ssl_shake_state = comm_ssl_shake_hs_read; 1539 comm_point_listen_for_rw(c, 1, 0); 1540 return 1; /* wait for read condition */ 1541 } else if(want == SSL_ERROR_WANT_WRITE) { 1542 ub_winsock_tcp_wouldblock(c->ev->ev, UB_EV_WRITE); 1543 return 1; /* write more later */ 1544 } else if(want == SSL_ERROR_SYSCALL) { 1545 #ifdef EPIPE 1546 if(errno == EPIPE && verbosity < 2) 1547 return 0; /* silence 'broken pipe' */ 1548 #endif 1549 if(errno != 0) 1550 log_err("SSL_write syscall: %s", 1551 strerror(errno)); 1552 return 0; 1553 } 1554 log_crypto_err("could not SSL_write"); 1555 return 0; 1556 } 1557 if(c->tcp_write_and_read) { 1558 c->tcp_write_byte_count += r; 1559 } else { 1560 sldns_buffer_skip(c->buffer, (ssize_t)r); 1561 } 1562 1563 if((!c->tcp_write_and_read && sldns_buffer_remaining(c->buffer) == 0) || (c->tcp_write_and_read && c->tcp_write_byte_count == c->tcp_write_pkt_len + 2)) { 1564 tcp_callback_writer(c); 1565 } 1566 return 1; 1567 #else 1568 (void)c; 1569 return 0; 1570 #endif /* HAVE_SSL */ 1571 } 1572 1573 /** handle ssl tcp connection with dns contents */ 1574 static int 1575 ssl_handle_it(struct comm_point* c, int is_write) 1576 { 1577 /* handle case where renegotiation wants read during write call 1578 * or write during read calls */ 1579 if(is_write && c->ssl_shake_state == comm_ssl_shake_hs_write) 1580 return ssl_handle_read(c); 1581 else if(!is_write && c->ssl_shake_state == comm_ssl_shake_hs_read) 1582 return ssl_handle_write(c); 1583 /* handle read events for read operation and write events for a 1584 * write operation */ 1585 else if(!is_write) 1586 return ssl_handle_read(c); 1587 return ssl_handle_write(c); 1588 } 1589 1590 /** Handle tcp reading callback. 1591 * @param fd: file descriptor of socket. 1592 * @param c: comm point to read from into buffer. 1593 * @param short_ok: if true, very short packets are OK (for comm_local). 1594 * @return: 0 on error 1595 */ 1596 static int 1597 comm_point_tcp_handle_read(int fd, struct comm_point* c, int short_ok) 1598 { 1599 ssize_t r; 1600 log_assert(c->type == comm_tcp || c->type == comm_local); 1601 if(c->ssl) 1602 return ssl_handle_it(c, 0); 1603 if(!c->tcp_is_reading && !c->tcp_write_and_read) 1604 return 0; 1605 1606 log_assert(fd != -1); 1607 if(c->tcp_byte_count < sizeof(uint16_t)) { 1608 /* read length bytes */ 1609 r = recv(fd,(void*)sldns_buffer_at(c->buffer,c->tcp_byte_count), 1610 sizeof(uint16_t)-c->tcp_byte_count, 0); 1611 if(r == 0) { 1612 if(c->tcp_req_info) 1613 return tcp_req_info_handle_read_close(c->tcp_req_info); 1614 return 0; 1615 } else if(r == -1) { 1616 #ifndef USE_WINSOCK 1617 if(errno == EINTR || errno == EAGAIN) 1618 return 1; 1619 #ifdef ECONNRESET 1620 if(errno == ECONNRESET && verbosity < 2) 1621 return 0; /* silence reset by peer */ 1622 #endif 1623 #ifdef ENETUNREACH 1624 if(errno == ENETUNREACH && verbosity < 2) 1625 return 0; /* silence it */ 1626 #endif 1627 #ifdef EHOSTDOWN 1628 if(errno == EHOSTDOWN && verbosity < 2) 1629 return 0; /* silence it */ 1630 #endif 1631 #ifdef EHOSTUNREACH 1632 if(errno == EHOSTUNREACH && verbosity < 2) 1633 return 0; /* silence it */ 1634 #endif 1635 #ifdef ENETDOWN 1636 if(errno == ENETDOWN && verbosity < 2) 1637 return 0; /* silence it */ 1638 #endif 1639 #ifdef EACCES 1640 if(errno == EACCES && verbosity < 2) 1641 return 0; /* silence it */ 1642 #endif 1643 #ifdef ENOTCONN 1644 if(errno == ENOTCONN) { 1645 log_err_addr("read (in tcp s) failed and this could be because TCP Fast Open is enabled [--disable-tfo-client --disable-tfo-server] but does not work", sock_strerror(errno), 1646 &c->repinfo.addr, c->repinfo.addrlen); 1647 return 0; 1648 } 1649 #endif 1650 #else /* USE_WINSOCK */ 1651 if(WSAGetLastError() == WSAECONNRESET) 1652 return 0; 1653 if(WSAGetLastError() == WSAEINPROGRESS) 1654 return 1; 1655 if(WSAGetLastError() == WSAEWOULDBLOCK) { 1656 ub_winsock_tcp_wouldblock(c->ev->ev, 1657 UB_EV_READ); 1658 return 1; 1659 } 1660 #endif 1661 log_err_addr("read (in tcp s)", sock_strerror(errno), 1662 &c->repinfo.addr, c->repinfo.addrlen); 1663 return 0; 1664 } 1665 c->tcp_byte_count += r; 1666 if(c->tcp_byte_count != sizeof(uint16_t)) 1667 return 1; 1668 if(sldns_buffer_read_u16_at(c->buffer, 0) > 1669 sldns_buffer_capacity(c->buffer)) { 1670 verbose(VERB_QUERY, "tcp: dropped larger than buffer"); 1671 return 0; 1672 } 1673 sldns_buffer_set_limit(c->buffer, 1674 sldns_buffer_read_u16_at(c->buffer, 0)); 1675 if(!short_ok && 1676 sldns_buffer_limit(c->buffer) < LDNS_HEADER_SIZE) { 1677 verbose(VERB_QUERY, "tcp: dropped bogus too short."); 1678 return 0; 1679 } 1680 verbose(VERB_ALGO, "Reading tcp query of length %d", 1681 (int)sldns_buffer_limit(c->buffer)); 1682 } 1683 1684 log_assert(sldns_buffer_remaining(c->buffer) > 0); 1685 r = recv(fd, (void*)sldns_buffer_current(c->buffer), 1686 sldns_buffer_remaining(c->buffer), 0); 1687 if(r == 0) { 1688 if(c->tcp_req_info) 1689 return tcp_req_info_handle_read_close(c->tcp_req_info); 1690 return 0; 1691 } else if(r == -1) { 1692 #ifndef USE_WINSOCK 1693 if(errno == EINTR || errno == EAGAIN) 1694 return 1; 1695 #else /* USE_WINSOCK */ 1696 if(WSAGetLastError() == WSAECONNRESET) 1697 return 0; 1698 if(WSAGetLastError() == WSAEINPROGRESS) 1699 return 1; 1700 if(WSAGetLastError() == WSAEWOULDBLOCK) { 1701 ub_winsock_tcp_wouldblock(c->ev->ev, UB_EV_READ); 1702 return 1; 1703 } 1704 #endif 1705 log_err_addr("read (in tcp r)", sock_strerror(errno), 1706 &c->repinfo.addr, c->repinfo.addrlen); 1707 return 0; 1708 } 1709 sldns_buffer_skip(c->buffer, r); 1710 if(sldns_buffer_remaining(c->buffer) <= 0) { 1711 tcp_callback_reader(c); 1712 } 1713 return 1; 1714 } 1715 1716 /** 1717 * Handle tcp writing callback. 1718 * @param fd: file descriptor of socket. 1719 * @param c: comm point to write buffer out of. 1720 * @return: 0 on error 1721 */ 1722 static int 1723 comm_point_tcp_handle_write(int fd, struct comm_point* c) 1724 { 1725 ssize_t r; 1726 struct sldns_buffer *buffer; 1727 log_assert(c->type == comm_tcp); 1728 #ifdef USE_DNSCRYPT 1729 buffer = c->dnscrypt_buffer; 1730 #else 1731 buffer = c->buffer; 1732 #endif 1733 if(c->tcp_is_reading && !c->ssl && !c->tcp_write_and_read) 1734 return 0; 1735 log_assert(fd != -1); 1736 if(((!c->tcp_write_and_read && c->tcp_byte_count == 0) || (c->tcp_write_and_read && c->tcp_write_byte_count == 0)) && c->tcp_check_nb_connect) { 1737 /* check for pending error from nonblocking connect */ 1738 /* from Stevens, unix network programming, vol1, 3rd ed, p450*/ 1739 int error = 0; 1740 socklen_t len = (socklen_t)sizeof(error); 1741 if(getsockopt(fd, SOL_SOCKET, SO_ERROR, (void*)&error, 1742 &len) < 0){ 1743 #ifndef USE_WINSOCK 1744 error = errno; /* on solaris errno is error */ 1745 #else /* USE_WINSOCK */ 1746 error = WSAGetLastError(); 1747 #endif 1748 } 1749 #ifndef USE_WINSOCK 1750 #if defined(EINPROGRESS) && defined(EWOULDBLOCK) 1751 if(error == EINPROGRESS || error == EWOULDBLOCK) 1752 return 1; /* try again later */ 1753 else 1754 #endif 1755 if(error != 0 && verbosity < 2) 1756 return 0; /* silence lots of chatter in the logs */ 1757 else if(error != 0) { 1758 log_err_addr("tcp connect", strerror(error), 1759 &c->repinfo.addr, c->repinfo.addrlen); 1760 #else /* USE_WINSOCK */ 1761 /* examine error */ 1762 if(error == WSAEINPROGRESS) 1763 return 1; 1764 else if(error == WSAEWOULDBLOCK) { 1765 ub_winsock_tcp_wouldblock(c->ev->ev, UB_EV_WRITE); 1766 return 1; 1767 } else if(error != 0 && verbosity < 2) 1768 return 0; 1769 else if(error != 0) { 1770 log_err_addr("tcp connect", wsa_strerror(error), 1771 &c->repinfo.addr, c->repinfo.addrlen); 1772 #endif /* USE_WINSOCK */ 1773 return 0; 1774 } 1775 } 1776 if(c->ssl) 1777 return ssl_handle_it(c, 1); 1778 1779 #ifdef USE_MSG_FASTOPEN 1780 /* Only try this on first use of a connection that uses tfo, 1781 otherwise fall through to normal write */ 1782 /* Also, TFO support on WINDOWS not implemented at the moment */ 1783 if(c->tcp_do_fastopen == 1) { 1784 /* this form of sendmsg() does both a connect() and send() so need to 1785 look for various flavours of error*/ 1786 uint16_t len = htons(c->tcp_write_and_read?c->tcp_write_pkt_len:sldns_buffer_limit(buffer)); 1787 struct msghdr msg; 1788 struct iovec iov[2]; 1789 c->tcp_do_fastopen = 0; 1790 memset(&msg, 0, sizeof(msg)); 1791 if(c->tcp_write_and_read) { 1792 iov[0].iov_base = (uint8_t*)&len + c->tcp_write_byte_count; 1793 iov[0].iov_len = sizeof(uint16_t) - c->tcp_write_byte_count; 1794 iov[1].iov_base = c->tcp_write_pkt; 1795 iov[1].iov_len = c->tcp_write_pkt_len; 1796 } else { 1797 iov[0].iov_base = (uint8_t*)&len + c->tcp_byte_count; 1798 iov[0].iov_len = sizeof(uint16_t) - c->tcp_byte_count; 1799 iov[1].iov_base = sldns_buffer_begin(buffer); 1800 iov[1].iov_len = sldns_buffer_limit(buffer); 1801 } 1802 log_assert(iov[0].iov_len > 0); 1803 msg.msg_name = &c->repinfo.addr; 1804 msg.msg_namelen = c->repinfo.addrlen; 1805 msg.msg_iov = iov; 1806 msg.msg_iovlen = 2; 1807 r = sendmsg(fd, &msg, MSG_FASTOPEN); 1808 if (r == -1) { 1809 #if defined(EINPROGRESS) && defined(EWOULDBLOCK) 1810 /* Handshake is underway, maybe because no TFO cookie available. 1811 Come back to write the message*/ 1812 if(errno == EINPROGRESS || errno == EWOULDBLOCK) 1813 return 1; 1814 #endif 1815 if(errno == EINTR || errno == EAGAIN) 1816 return 1; 1817 /* Not handling EISCONN here as shouldn't ever hit that case.*/ 1818 if(errno != EPIPE && errno != 0 && verbosity < 2) 1819 return 0; /* silence lots of chatter in the logs */ 1820 if(errno != EPIPE && errno != 0) { 1821 log_err_addr("tcp sendmsg", strerror(errno), 1822 &c->repinfo.addr, c->repinfo.addrlen); 1823 return 0; 1824 } 1825 /* fallthrough to nonFASTOPEN 1826 * (MSG_FASTOPEN on Linux 3 produces EPIPE) 1827 * we need to perform connect() */ 1828 if(connect(fd, (struct sockaddr *)&c->repinfo.addr, c->repinfo.addrlen) == -1) { 1829 #ifdef EINPROGRESS 1830 if(errno == EINPROGRESS) 1831 return 1; /* wait until connect done*/ 1832 #endif 1833 #ifdef USE_WINSOCK 1834 if(WSAGetLastError() == WSAEINPROGRESS || 1835 WSAGetLastError() == WSAEWOULDBLOCK) 1836 return 1; /* wait until connect done*/ 1837 #endif 1838 if(tcp_connect_errno_needs_log( 1839 (struct sockaddr *)&c->repinfo.addr, c->repinfo.addrlen)) { 1840 log_err_addr("outgoing tcp: connect after EPIPE for fastopen", 1841 strerror(errno), &c->repinfo.addr, c->repinfo.addrlen); 1842 } 1843 return 0; 1844 } 1845 1846 } else { 1847 if(c->tcp_write_and_read) { 1848 c->tcp_write_byte_count += r; 1849 if(c->tcp_write_byte_count < sizeof(uint16_t)) 1850 return 1; 1851 } else { 1852 c->tcp_byte_count += r; 1853 if(c->tcp_byte_count < sizeof(uint16_t)) 1854 return 1; 1855 sldns_buffer_set_position(buffer, c->tcp_byte_count - 1856 sizeof(uint16_t)); 1857 } 1858 if((!c->tcp_write_and_read && sldns_buffer_remaining(buffer) == 0) || (c->tcp_write_and_read && c->tcp_write_byte_count == c->tcp_write_pkt_len + 2)) { 1859 tcp_callback_writer(c); 1860 return 1; 1861 } 1862 } 1863 } 1864 #endif /* USE_MSG_FASTOPEN */ 1865 1866 if((c->tcp_write_and_read?c->tcp_write_byte_count:c->tcp_byte_count) < sizeof(uint16_t)) { 1867 uint16_t len = htons(c->tcp_write_and_read?c->tcp_write_pkt_len:sldns_buffer_limit(buffer)); 1868 #ifdef HAVE_WRITEV 1869 struct iovec iov[2]; 1870 if(c->tcp_write_and_read) { 1871 iov[0].iov_base = (uint8_t*)&len + c->tcp_write_byte_count; 1872 iov[0].iov_len = sizeof(uint16_t) - c->tcp_write_byte_count; 1873 iov[1].iov_base = c->tcp_write_pkt; 1874 iov[1].iov_len = c->tcp_write_pkt_len; 1875 } else { 1876 iov[0].iov_base = (uint8_t*)&len + c->tcp_byte_count; 1877 iov[0].iov_len = sizeof(uint16_t) - c->tcp_byte_count; 1878 iov[1].iov_base = sldns_buffer_begin(buffer); 1879 iov[1].iov_len = sldns_buffer_limit(buffer); 1880 } 1881 log_assert(iov[0].iov_len > 0); 1882 r = writev(fd, iov, 2); 1883 #else /* HAVE_WRITEV */ 1884 if(c->tcp_write_and_read) { 1885 r = send(fd, (void*)(((uint8_t*)&len)+c->tcp_write_byte_count), 1886 sizeof(uint16_t)-c->tcp_write_byte_count, 0); 1887 } else { 1888 r = send(fd, (void*)(((uint8_t*)&len)+c->tcp_byte_count), 1889 sizeof(uint16_t)-c->tcp_byte_count, 0); 1890 } 1891 #endif /* HAVE_WRITEV */ 1892 if(r == -1) { 1893 #ifndef USE_WINSOCK 1894 # ifdef EPIPE 1895 if(errno == EPIPE && verbosity < 2) 1896 return 0; /* silence 'broken pipe' */ 1897 #endif 1898 if(errno == EINTR || errno == EAGAIN) 1899 return 1; 1900 #ifdef ECONNRESET 1901 if(errno == ECONNRESET && verbosity < 2) 1902 return 0; /* silence reset by peer */ 1903 #endif 1904 # ifdef HAVE_WRITEV 1905 log_err_addr("tcp writev", strerror(errno), 1906 &c->repinfo.addr, c->repinfo.addrlen); 1907 # else /* HAVE_WRITEV */ 1908 log_err_addr("tcp send s", strerror(errno), 1909 &c->repinfo.addr, c->repinfo.addrlen); 1910 # endif /* HAVE_WRITEV */ 1911 #else 1912 if(WSAGetLastError() == WSAENOTCONN) 1913 return 1; 1914 if(WSAGetLastError() == WSAEINPROGRESS) 1915 return 1; 1916 if(WSAGetLastError() == WSAEWOULDBLOCK) { 1917 ub_winsock_tcp_wouldblock(c->ev->ev, 1918 UB_EV_WRITE); 1919 return 1; 1920 } 1921 if(WSAGetLastError() == WSAECONNRESET && verbosity < 2) 1922 return 0; /* silence reset by peer */ 1923 log_err_addr("tcp send s", 1924 wsa_strerror(WSAGetLastError()), 1925 &c->repinfo.addr, c->repinfo.addrlen); 1926 #endif 1927 return 0; 1928 } 1929 if(c->tcp_write_and_read) { 1930 c->tcp_write_byte_count += r; 1931 if(c->tcp_write_byte_count < sizeof(uint16_t)) 1932 return 1; 1933 } else { 1934 c->tcp_byte_count += r; 1935 if(c->tcp_byte_count < sizeof(uint16_t)) 1936 return 1; 1937 sldns_buffer_set_position(buffer, c->tcp_byte_count - 1938 sizeof(uint16_t)); 1939 } 1940 if((!c->tcp_write_and_read && sldns_buffer_remaining(buffer) == 0) || (c->tcp_write_and_read && c->tcp_write_byte_count == c->tcp_write_pkt_len + 2)) { 1941 tcp_callback_writer(c); 1942 return 1; 1943 } 1944 } 1945 log_assert(c->tcp_write_and_read || sldns_buffer_remaining(buffer) > 0); 1946 log_assert(!c->tcp_write_and_read || c->tcp_write_byte_count < c->tcp_write_pkt_len + 2); 1947 if(c->tcp_write_and_read) { 1948 r = send(fd, (void*)(c->tcp_write_pkt + c->tcp_write_byte_count - 2), 1949 c->tcp_write_pkt_len + 2 - c->tcp_write_byte_count, 0); 1950 } else { 1951 r = send(fd, (void*)sldns_buffer_current(buffer), 1952 sldns_buffer_remaining(buffer), 0); 1953 } 1954 if(r == -1) { 1955 #ifndef USE_WINSOCK 1956 if(errno == EINTR || errno == EAGAIN) 1957 return 1; 1958 #ifdef ECONNRESET 1959 if(errno == ECONNRESET && verbosity < 2) 1960 return 0; /* silence reset by peer */ 1961 #endif 1962 #else 1963 if(WSAGetLastError() == WSAEINPROGRESS) 1964 return 1; 1965 if(WSAGetLastError() == WSAEWOULDBLOCK) { 1966 ub_winsock_tcp_wouldblock(c->ev->ev, UB_EV_WRITE); 1967 return 1; 1968 } 1969 if(WSAGetLastError() == WSAECONNRESET && verbosity < 2) 1970 return 0; /* silence reset by peer */ 1971 #endif 1972 log_err_addr("tcp send r", sock_strerror(errno), 1973 &c->repinfo.addr, c->repinfo.addrlen); 1974 return 0; 1975 } 1976 if(c->tcp_write_and_read) { 1977 c->tcp_write_byte_count += r; 1978 } else { 1979 sldns_buffer_skip(buffer, r); 1980 } 1981 1982 if((!c->tcp_write_and_read && sldns_buffer_remaining(buffer) == 0) || (c->tcp_write_and_read && c->tcp_write_byte_count == c->tcp_write_pkt_len + 2)) { 1983 tcp_callback_writer(c); 1984 } 1985 1986 return 1; 1987 } 1988 1989 /** read again to drain buffers when there could be more to read */ 1990 static void 1991 tcp_req_info_read_again(int fd, struct comm_point* c) 1992 { 1993 while(c->tcp_req_info->read_again) { 1994 int r; 1995 c->tcp_req_info->read_again = 0; 1996 if(c->tcp_is_reading) 1997 r = comm_point_tcp_handle_read(fd, c, 0); 1998 else r = comm_point_tcp_handle_write(fd, c); 1999 if(!r) { 2000 reclaim_tcp_handler(c); 2001 if(!c->tcp_do_close) { 2002 fptr_ok(fptr_whitelist_comm_point( 2003 c->callback)); 2004 (void)(*c->callback)(c, c->cb_arg, 2005 NETEVENT_CLOSED, NULL); 2006 } 2007 return; 2008 } 2009 } 2010 } 2011 2012 /** read again to drain buffers when there could be more to read */ 2013 static void 2014 tcp_more_read_again(int fd, struct comm_point* c) 2015 { 2016 /* if the packet is done, but another one could be waiting on 2017 * the connection, the callback signals this, and we try again */ 2018 /* this continues until the read routines get EAGAIN or so, 2019 * and thus does not call the callback, and the bool is 0 */ 2020 int* moreread = c->tcp_more_read_again; 2021 while(moreread && *moreread) { 2022 *moreread = 0; 2023 if(!comm_point_tcp_handle_read(fd, c, 0)) { 2024 reclaim_tcp_handler(c); 2025 if(!c->tcp_do_close) { 2026 fptr_ok(fptr_whitelist_comm_point( 2027 c->callback)); 2028 (void)(*c->callback)(c, c->cb_arg, 2029 NETEVENT_CLOSED, NULL); 2030 } 2031 return; 2032 } 2033 } 2034 } 2035 2036 /** write again to fill up when there could be more to write */ 2037 static void 2038 tcp_more_write_again(int fd, struct comm_point* c) 2039 { 2040 /* if the packet is done, but another is waiting to be written, 2041 * the callback signals it and we try again. */ 2042 /* this continues until the write routines get EAGAIN or so, 2043 * and thus does not call the callback, and the bool is 0 */ 2044 int* morewrite = c->tcp_more_write_again; 2045 while(morewrite && *morewrite) { 2046 *morewrite = 0; 2047 if(!comm_point_tcp_handle_write(fd, c)) { 2048 reclaim_tcp_handler(c); 2049 if(!c->tcp_do_close) { 2050 fptr_ok(fptr_whitelist_comm_point( 2051 c->callback)); 2052 (void)(*c->callback)(c, c->cb_arg, 2053 NETEVENT_CLOSED, NULL); 2054 } 2055 return; 2056 } 2057 } 2058 } 2059 2060 void 2061 comm_point_tcp_handle_callback(int fd, short event, void* arg) 2062 { 2063 struct comm_point* c = (struct comm_point*)arg; 2064 log_assert(c->type == comm_tcp); 2065 ub_comm_base_now(c->ev->base); 2066 2067 #ifdef USE_DNSCRYPT 2068 /* Initialize if this is a dnscrypt socket */ 2069 if(c->tcp_parent) { 2070 c->dnscrypt = c->tcp_parent->dnscrypt; 2071 } 2072 if(c->dnscrypt && c->dnscrypt_buffer == c->buffer) { 2073 c->dnscrypt_buffer = sldns_buffer_new(sldns_buffer_capacity(c->buffer)); 2074 if(!c->dnscrypt_buffer) { 2075 log_err("Could not allocate dnscrypt buffer"); 2076 reclaim_tcp_handler(c); 2077 if(!c->tcp_do_close) { 2078 fptr_ok(fptr_whitelist_comm_point( 2079 c->callback)); 2080 (void)(*c->callback)(c, c->cb_arg, 2081 NETEVENT_CLOSED, NULL); 2082 } 2083 return; 2084 } 2085 } 2086 #endif 2087 2088 if(event&UB_EV_TIMEOUT) { 2089 verbose(VERB_QUERY, "tcp took too long, dropped"); 2090 reclaim_tcp_handler(c); 2091 if(!c->tcp_do_close) { 2092 fptr_ok(fptr_whitelist_comm_point(c->callback)); 2093 (void)(*c->callback)(c, c->cb_arg, 2094 NETEVENT_TIMEOUT, NULL); 2095 } 2096 return; 2097 } 2098 if(event&UB_EV_READ 2099 #ifdef USE_MSG_FASTOPEN 2100 && !(c->tcp_do_fastopen && (event&UB_EV_WRITE)) 2101 #endif 2102 ) { 2103 int has_tcpq = (c->tcp_req_info != NULL); 2104 int* moreread = c->tcp_more_read_again; 2105 if(!comm_point_tcp_handle_read(fd, c, 0)) { 2106 reclaim_tcp_handler(c); 2107 if(!c->tcp_do_close) { 2108 fptr_ok(fptr_whitelist_comm_point( 2109 c->callback)); 2110 (void)(*c->callback)(c, c->cb_arg, 2111 NETEVENT_CLOSED, NULL); 2112 } 2113 return; 2114 } 2115 if(has_tcpq && c->tcp_req_info && c->tcp_req_info->read_again) 2116 tcp_req_info_read_again(fd, c); 2117 if(moreread && *moreread) 2118 tcp_more_read_again(fd, c); 2119 return; 2120 } 2121 if(event&UB_EV_WRITE) { 2122 int has_tcpq = (c->tcp_req_info != NULL); 2123 int* morewrite = c->tcp_more_write_again; 2124 if(!comm_point_tcp_handle_write(fd, c)) { 2125 reclaim_tcp_handler(c); 2126 if(!c->tcp_do_close) { 2127 fptr_ok(fptr_whitelist_comm_point( 2128 c->callback)); 2129 (void)(*c->callback)(c, c->cb_arg, 2130 NETEVENT_CLOSED, NULL); 2131 } 2132 return; 2133 } 2134 if(has_tcpq && c->tcp_req_info && c->tcp_req_info->read_again) 2135 tcp_req_info_read_again(fd, c); 2136 if(morewrite && *morewrite) 2137 tcp_more_write_again(fd, c); 2138 return; 2139 } 2140 log_err("Ignored event %d for tcphdl.", event); 2141 } 2142 2143 /** Make http handler free for next assignment */ 2144 static void 2145 reclaim_http_handler(struct comm_point* c) 2146 { 2147 log_assert(c->type == comm_http); 2148 if(c->ssl) { 2149 #ifdef HAVE_SSL 2150 SSL_shutdown(c->ssl); 2151 SSL_free(c->ssl); 2152 c->ssl = NULL; 2153 #endif 2154 } 2155 comm_point_close(c); 2156 if(c->tcp_parent) { 2157 c->tcp_parent->cur_tcp_count--; 2158 c->tcp_free = c->tcp_parent->tcp_free; 2159 c->tcp_parent->tcp_free = c; 2160 if(!c->tcp_free) { 2161 /* re-enable listening on accept socket */ 2162 comm_point_start_listening(c->tcp_parent, -1, -1); 2163 } 2164 } 2165 } 2166 2167 /** read more data for http (with ssl) */ 2168 static int 2169 ssl_http_read_more(struct comm_point* c) 2170 { 2171 #ifdef HAVE_SSL 2172 int r; 2173 log_assert(sldns_buffer_remaining(c->buffer) > 0); 2174 ERR_clear_error(); 2175 r = SSL_read(c->ssl, (void*)sldns_buffer_current(c->buffer), 2176 (int)sldns_buffer_remaining(c->buffer)); 2177 if(r <= 0) { 2178 int want = SSL_get_error(c->ssl, r); 2179 if(want == SSL_ERROR_ZERO_RETURN) { 2180 return 0; /* shutdown, closed */ 2181 } else if(want == SSL_ERROR_WANT_READ) { 2182 return 1; /* read more later */ 2183 } else if(want == SSL_ERROR_WANT_WRITE) { 2184 c->ssl_shake_state = comm_ssl_shake_hs_write; 2185 comm_point_listen_for_rw(c, 0, 1); 2186 return 1; 2187 } else if(want == SSL_ERROR_SYSCALL) { 2188 #ifdef ECONNRESET 2189 if(errno == ECONNRESET && verbosity < 2) 2190 return 0; /* silence reset by peer */ 2191 #endif 2192 if(errno != 0) 2193 log_err("SSL_read syscall: %s", 2194 strerror(errno)); 2195 return 0; 2196 } 2197 log_crypto_err("could not SSL_read"); 2198 return 0; 2199 } 2200 sldns_buffer_skip(c->buffer, (ssize_t)r); 2201 return 1; 2202 #else 2203 (void)c; 2204 return 0; 2205 #endif /* HAVE_SSL */ 2206 } 2207 2208 /** read more data for http */ 2209 static int 2210 http_read_more(int fd, struct comm_point* c) 2211 { 2212 ssize_t r; 2213 log_assert(sldns_buffer_remaining(c->buffer) > 0); 2214 r = recv(fd, (void*)sldns_buffer_current(c->buffer), 2215 sldns_buffer_remaining(c->buffer), 0); 2216 if(r == 0) { 2217 return 0; 2218 } else if(r == -1) { 2219 #ifndef USE_WINSOCK 2220 if(errno == EINTR || errno == EAGAIN) 2221 return 1; 2222 #else /* USE_WINSOCK */ 2223 if(WSAGetLastError() == WSAECONNRESET) 2224 return 0; 2225 if(WSAGetLastError() == WSAEINPROGRESS) 2226 return 1; 2227 if(WSAGetLastError() == WSAEWOULDBLOCK) { 2228 ub_winsock_tcp_wouldblock(c->ev->ev, UB_EV_READ); 2229 return 1; 2230 } 2231 #endif 2232 log_err_addr("read (in http r)", sock_strerror(errno), 2233 &c->repinfo.addr, c->repinfo.addrlen); 2234 return 0; 2235 } 2236 sldns_buffer_skip(c->buffer, r); 2237 return 1; 2238 } 2239 2240 /** return true if http header has been read (one line complete) */ 2241 static int 2242 http_header_done(sldns_buffer* buf) 2243 { 2244 size_t i; 2245 for(i=sldns_buffer_position(buf); i<sldns_buffer_limit(buf); i++) { 2246 /* there was a \r before the \n, but we ignore that */ 2247 if((char)sldns_buffer_read_u8_at(buf, i) == '\n') 2248 return 1; 2249 } 2250 return 0; 2251 } 2252 2253 /** return character string into buffer for header line, moves buffer 2254 * past that line and puts zero terminator into linefeed-newline */ 2255 static char* 2256 http_header_line(sldns_buffer* buf) 2257 { 2258 char* result = (char*)sldns_buffer_current(buf); 2259 size_t i; 2260 for(i=sldns_buffer_position(buf); i<sldns_buffer_limit(buf); i++) { 2261 /* terminate the string on the \r */ 2262 if((char)sldns_buffer_read_u8_at(buf, i) == '\r') 2263 sldns_buffer_write_u8_at(buf, i, 0); 2264 /* terminate on the \n and skip past the it and done */ 2265 if((char)sldns_buffer_read_u8_at(buf, i) == '\n') { 2266 sldns_buffer_write_u8_at(buf, i, 0); 2267 sldns_buffer_set_position(buf, i+1); 2268 return result; 2269 } 2270 } 2271 return NULL; 2272 } 2273 2274 /** move unread buffer to start and clear rest for putting the rest into it */ 2275 static void 2276 http_moveover_buffer(sldns_buffer* buf) 2277 { 2278 size_t pos = sldns_buffer_position(buf); 2279 size_t len = sldns_buffer_remaining(buf); 2280 sldns_buffer_clear(buf); 2281 memmove(sldns_buffer_begin(buf), sldns_buffer_at(buf, pos), len); 2282 sldns_buffer_set_position(buf, len); 2283 } 2284 2285 /** a http header is complete, process it */ 2286 static int 2287 http_process_initial_header(struct comm_point* c) 2288 { 2289 char* line = http_header_line(c->buffer); 2290 if(!line) return 1; 2291 verbose(VERB_ALGO, "http header: %s", line); 2292 if(strncasecmp(line, "HTTP/1.1 ", 9) == 0) { 2293 /* check returncode */ 2294 if(line[9] != '2') { 2295 verbose(VERB_ALGO, "http bad status %s", line+9); 2296 return 0; 2297 } 2298 } else if(strncasecmp(line, "Content-Length: ", 16) == 0) { 2299 if(!c->http_is_chunked) 2300 c->tcp_byte_count = (size_t)atoi(line+16); 2301 } else if(strncasecmp(line, "Transfer-Encoding: chunked", 19+7) == 0) { 2302 c->tcp_byte_count = 0; 2303 c->http_is_chunked = 1; 2304 } else if(line[0] == 0) { 2305 /* end of initial headers */ 2306 c->http_in_headers = 0; 2307 if(c->http_is_chunked) 2308 c->http_in_chunk_headers = 1; 2309 /* remove header text from front of buffer 2310 * the buffer is going to be used to return the data segment 2311 * itself and we don't want the header to get returned 2312 * prepended with it */ 2313 http_moveover_buffer(c->buffer); 2314 sldns_buffer_flip(c->buffer); 2315 return 1; 2316 } 2317 /* ignore other headers */ 2318 return 1; 2319 } 2320 2321 /** a chunk header is complete, process it, return 0=fail, 1=continue next 2322 * header line, 2=done with chunked transfer*/ 2323 static int 2324 http_process_chunk_header(struct comm_point* c) 2325 { 2326 char* line = http_header_line(c->buffer); 2327 if(!line) return 1; 2328 if(c->http_in_chunk_headers == 3) { 2329 verbose(VERB_ALGO, "http chunk trailer: %s", line); 2330 /* are we done ? */ 2331 if(line[0] == 0 && c->tcp_byte_count == 0) { 2332 /* callback of http reader when NETEVENT_DONE, 2333 * end of data, with no data in buffer */ 2334 sldns_buffer_set_position(c->buffer, 0); 2335 sldns_buffer_set_limit(c->buffer, 0); 2336 fptr_ok(fptr_whitelist_comm_point(c->callback)); 2337 (void)(*c->callback)(c, c->cb_arg, NETEVENT_DONE, NULL); 2338 /* return that we are done */ 2339 return 2; 2340 } 2341 if(line[0] == 0) { 2342 /* continue with header of the next chunk */ 2343 c->http_in_chunk_headers = 1; 2344 /* remove header text from front of buffer */ 2345 http_moveover_buffer(c->buffer); 2346 sldns_buffer_flip(c->buffer); 2347 return 1; 2348 } 2349 /* ignore further trail headers */ 2350 return 1; 2351 } 2352 verbose(VERB_ALGO, "http chunk header: %s", line); 2353 if(c->http_in_chunk_headers == 1) { 2354 /* read chunked start line */ 2355 char* end = NULL; 2356 c->tcp_byte_count = (size_t)strtol(line, &end, 16); 2357 if(end == line) 2358 return 0; 2359 c->http_in_chunk_headers = 0; 2360 /* remove header text from front of buffer */ 2361 http_moveover_buffer(c->buffer); 2362 sldns_buffer_flip(c->buffer); 2363 if(c->tcp_byte_count == 0) { 2364 /* done with chunks, process chunk_trailer lines */ 2365 c->http_in_chunk_headers = 3; 2366 } 2367 return 1; 2368 } 2369 /* ignore other headers */ 2370 return 1; 2371 } 2372 2373 /** handle nonchunked data segment */ 2374 static int 2375 http_nonchunk_segment(struct comm_point* c) 2376 { 2377 /* c->buffer at position..limit has new data we read in. 2378 * the buffer itself is full of nonchunked data. 2379 * we are looking to read tcp_byte_count more data 2380 * and then the transfer is done. */ 2381 size_t remainbufferlen; 2382 size_t got_now = sldns_buffer_limit(c->buffer) - c->http_stored; 2383 if(c->tcp_byte_count <= got_now) { 2384 /* done, this is the last data fragment */ 2385 c->http_stored = 0; 2386 sldns_buffer_set_position(c->buffer, 0); 2387 fptr_ok(fptr_whitelist_comm_point(c->callback)); 2388 (void)(*c->callback)(c, c->cb_arg, NETEVENT_DONE, NULL); 2389 return 1; 2390 } 2391 c->tcp_byte_count -= got_now; 2392 /* if we have the buffer space, 2393 * read more data collected into the buffer */ 2394 remainbufferlen = sldns_buffer_capacity(c->buffer) - 2395 sldns_buffer_limit(c->buffer); 2396 if(remainbufferlen >= c->tcp_byte_count || 2397 remainbufferlen >= 2048) { 2398 size_t total = sldns_buffer_limit(c->buffer); 2399 sldns_buffer_clear(c->buffer); 2400 sldns_buffer_set_position(c->buffer, total); 2401 c->http_stored = total; 2402 /* return and wait to read more */ 2403 return 1; 2404 } 2405 /* call callback with this data amount, then 2406 * wait for more */ 2407 c->http_stored = 0; 2408 sldns_buffer_set_position(c->buffer, 0); 2409 fptr_ok(fptr_whitelist_comm_point(c->callback)); 2410 (void)(*c->callback)(c, c->cb_arg, NETEVENT_NOERROR, NULL); 2411 /* c->callback has to buffer_clear(c->buffer). */ 2412 /* return and wait to read more */ 2413 return 1; 2414 } 2415 2416 /** handle chunked data segment, return 0=fail, 1=wait, 2=process more */ 2417 static int 2418 http_chunked_segment(struct comm_point* c) 2419 { 2420 /* the c->buffer has from position..limit new data we read. */ 2421 /* the current chunk has length tcp_byte_count. 2422 * once we read that read more chunk headers. 2423 */ 2424 size_t remainbufferlen; 2425 size_t got_now = sldns_buffer_limit(c->buffer) - c->http_stored; 2426 verbose(VERB_ALGO, "http_chunked_segment: got now %d, tcpbytcount %d, http_stored %d, buffer pos %d, buffer limit %d", (int)got_now, (int)c->tcp_byte_count, (int)c->http_stored, (int)sldns_buffer_position(c->buffer), (int)sldns_buffer_limit(c->buffer)); 2427 if(c->tcp_byte_count <= got_now) { 2428 /* the chunk has completed (with perhaps some extra data 2429 * from next chunk header and next chunk) */ 2430 /* save too much info into temp buffer */ 2431 size_t fraglen; 2432 struct comm_reply repinfo; 2433 c->http_stored = 0; 2434 sldns_buffer_skip(c->buffer, (ssize_t)c->tcp_byte_count); 2435 sldns_buffer_clear(c->http_temp); 2436 sldns_buffer_write(c->http_temp, 2437 sldns_buffer_current(c->buffer), 2438 sldns_buffer_remaining(c->buffer)); 2439 sldns_buffer_flip(c->http_temp); 2440 2441 /* callback with this fragment */ 2442 fraglen = sldns_buffer_position(c->buffer); 2443 sldns_buffer_set_position(c->buffer, 0); 2444 sldns_buffer_set_limit(c->buffer, fraglen); 2445 repinfo = c->repinfo; 2446 fptr_ok(fptr_whitelist_comm_point(c->callback)); 2447 (void)(*c->callback)(c, c->cb_arg, NETEVENT_NOERROR, &repinfo); 2448 /* c->callback has to buffer_clear(). */ 2449 2450 /* is commpoint deleted? */ 2451 if(!repinfo.c) { 2452 return 1; 2453 } 2454 /* copy waiting info */ 2455 sldns_buffer_clear(c->buffer); 2456 sldns_buffer_write(c->buffer, 2457 sldns_buffer_begin(c->http_temp), 2458 sldns_buffer_remaining(c->http_temp)); 2459 sldns_buffer_flip(c->buffer); 2460 /* process end of chunk trailer header lines, until 2461 * an empty line */ 2462 c->http_in_chunk_headers = 3; 2463 /* process more data in buffer (if any) */ 2464 return 2; 2465 } 2466 c->tcp_byte_count -= got_now; 2467 2468 /* if we have the buffer space, 2469 * read more data collected into the buffer */ 2470 remainbufferlen = sldns_buffer_capacity(c->buffer) - 2471 sldns_buffer_limit(c->buffer); 2472 if(remainbufferlen >= c->tcp_byte_count || 2473 remainbufferlen >= 2048) { 2474 size_t total = sldns_buffer_limit(c->buffer); 2475 sldns_buffer_clear(c->buffer); 2476 sldns_buffer_set_position(c->buffer, total); 2477 c->http_stored = total; 2478 /* return and wait to read more */ 2479 return 1; 2480 } 2481 2482 /* callback of http reader for a new part of the data */ 2483 c->http_stored = 0; 2484 sldns_buffer_set_position(c->buffer, 0); 2485 fptr_ok(fptr_whitelist_comm_point(c->callback)); 2486 (void)(*c->callback)(c, c->cb_arg, NETEVENT_NOERROR, NULL); 2487 /* c->callback has to buffer_clear(c->buffer). */ 2488 /* return and wait to read more */ 2489 return 1; 2490 } 2491 2492 #ifdef HAVE_NGHTTP2 2493 /** Create new http2 session. Called when creating handling comm point. */ 2494 static struct http2_session* http2_session_create(struct comm_point* c) 2495 { 2496 struct http2_session* session = calloc(1, sizeof(*session)); 2497 if(!session) { 2498 log_err("malloc failure while creating http2 session"); 2499 return NULL; 2500 } 2501 session->c = c; 2502 2503 return session; 2504 } 2505 #endif 2506 2507 /** Delete http2 session. After closing connection or on error */ 2508 static void http2_session_delete(struct http2_session* h2_session) 2509 { 2510 #ifdef HAVE_NGHTTP2 2511 if(h2_session->callbacks) 2512 nghttp2_session_callbacks_del(h2_session->callbacks); 2513 free(h2_session); 2514 #else 2515 (void)h2_session; 2516 #endif 2517 } 2518 2519 #ifdef HAVE_NGHTTP2 2520 struct http2_stream* http2_stream_create(int32_t stream_id) 2521 { 2522 struct http2_stream* h2_stream = calloc(1, sizeof(*h2_stream)); 2523 if(!h2_stream) { 2524 log_err("malloc failure while creating http2 stream"); 2525 return NULL; 2526 } 2527 h2_stream->stream_id = stream_id; 2528 return h2_stream; 2529 } 2530 2531 /** Delete http2 stream. After session delete or stream close callback */ 2532 static void http2_stream_delete(struct http2_session* h2_session, 2533 struct http2_stream* h2_stream) 2534 { 2535 if(h2_stream->mesh_state) { 2536 mesh_state_remove_reply(h2_stream->mesh, h2_stream->mesh_state, 2537 h2_session->c); 2538 h2_stream->mesh_state = NULL; 2539 } 2540 http2_req_stream_clear(h2_stream); 2541 free(h2_stream); 2542 } 2543 #endif 2544 2545 void http2_stream_add_meshstate(struct http2_stream* h2_stream, 2546 struct mesh_area* mesh, struct mesh_state* m) 2547 { 2548 h2_stream->mesh = mesh; 2549 h2_stream->mesh_state = m; 2550 } 2551 2552 /** delete http2 session server. After closing connection. */ 2553 static void http2_session_server_delete(struct http2_session* h2_session) 2554 { 2555 #ifdef HAVE_NGHTTP2 2556 struct http2_stream* h2_stream, *next; 2557 nghttp2_session_del(h2_session->session); /* NULL input is fine */ 2558 h2_session->session = NULL; 2559 for(h2_stream = h2_session->first_stream; h2_stream;) { 2560 next = h2_stream->next; 2561 http2_stream_delete(h2_session, h2_stream); 2562 h2_stream = next; 2563 } 2564 h2_session->first_stream = NULL; 2565 h2_session->is_drop = 0; 2566 h2_session->postpone_drop = 0; 2567 h2_session->c->h2_stream = NULL; 2568 #endif 2569 (void)h2_session; 2570 } 2571 2572 #ifdef HAVE_NGHTTP2 2573 void http2_session_add_stream(struct http2_session* h2_session, 2574 struct http2_stream* h2_stream) 2575 { 2576 if(h2_session->first_stream) 2577 h2_session->first_stream->prev = h2_stream; 2578 h2_stream->next = h2_session->first_stream; 2579 h2_session->first_stream = h2_stream; 2580 } 2581 2582 /** remove stream from session linked list. After stream close callback or 2583 * closing connection */ 2584 static void http2_session_remove_stream(struct http2_session* h2_session, 2585 struct http2_stream* h2_stream) 2586 { 2587 if(h2_stream->prev) 2588 h2_stream->prev->next = h2_stream->next; 2589 else 2590 h2_session->first_stream = h2_stream->next; 2591 if(h2_stream->next) 2592 h2_stream->next->prev = h2_stream->prev; 2593 2594 } 2595 2596 int http2_stream_close_cb(nghttp2_session* ATTR_UNUSED(session), 2597 int32_t stream_id, uint32_t ATTR_UNUSED(error_code), void* cb_arg) 2598 { 2599 struct http2_stream* h2_stream; 2600 struct http2_session* h2_session = (struct http2_session*)cb_arg; 2601 if(!(h2_stream = nghttp2_session_get_stream_user_data( 2602 h2_session->session, stream_id))) { 2603 return 0; 2604 } 2605 http2_session_remove_stream(h2_session, h2_stream); 2606 http2_stream_delete(h2_session, h2_stream); 2607 return 0; 2608 } 2609 2610 ssize_t http2_recv_cb(nghttp2_session* ATTR_UNUSED(session), uint8_t* buf, 2611 size_t len, int ATTR_UNUSED(flags), void* cb_arg) 2612 { 2613 struct http2_session* h2_session = (struct http2_session*)cb_arg; 2614 ssize_t ret; 2615 2616 log_assert(h2_session->c->type == comm_http); 2617 log_assert(h2_session->c->h2_session); 2618 2619 #ifdef HAVE_SSL 2620 if(h2_session->c->ssl) { 2621 int r; 2622 ERR_clear_error(); 2623 r = SSL_read(h2_session->c->ssl, buf, len); 2624 if(r <= 0) { 2625 int want = SSL_get_error(h2_session->c->ssl, r); 2626 if(want == SSL_ERROR_ZERO_RETURN) { 2627 return NGHTTP2_ERR_EOF; 2628 } else if(want == SSL_ERROR_WANT_READ) { 2629 return NGHTTP2_ERR_WOULDBLOCK; 2630 } else if(want == SSL_ERROR_WANT_WRITE) { 2631 h2_session->c->ssl_shake_state = comm_ssl_shake_hs_write; 2632 comm_point_listen_for_rw(h2_session->c, 0, 1); 2633 return NGHTTP2_ERR_WOULDBLOCK; 2634 } else if(want == SSL_ERROR_SYSCALL) { 2635 #ifdef ECONNRESET 2636 if(errno == ECONNRESET && verbosity < 2) 2637 return NGHTTP2_ERR_CALLBACK_FAILURE; 2638 #endif 2639 if(errno != 0) 2640 log_err("SSL_read syscall: %s", 2641 strerror(errno)); 2642 return NGHTTP2_ERR_CALLBACK_FAILURE; 2643 } 2644 log_crypto_err("could not SSL_read"); 2645 return NGHTTP2_ERR_CALLBACK_FAILURE; 2646 } 2647 return r; 2648 } 2649 #endif /* HAVE_SSL */ 2650 2651 ret = recv(h2_session->c->fd, buf, len, 0); 2652 if(ret == 0) { 2653 return NGHTTP2_ERR_EOF; 2654 } else if(ret < 0) { 2655 #ifndef USE_WINSOCK 2656 if(errno == EINTR || errno == EAGAIN) 2657 return NGHTTP2_ERR_WOULDBLOCK; 2658 #ifdef ECONNRESET 2659 if(errno == ECONNRESET && verbosity < 2) 2660 return NGHTTP2_ERR_CALLBACK_FAILURE; 2661 #endif 2662 log_err_addr("could not http2 recv: %s", strerror(errno), 2663 &h2_session->c->repinfo.addr, 2664 h2_session->c->repinfo.addrlen); 2665 #else /* USE_WINSOCK */ 2666 if(WSAGetLastError() == WSAECONNRESET) 2667 return NGHTTP2_ERR_CALLBACK_FAILURE; 2668 if(WSAGetLastError() == WSAEINPROGRESS) 2669 return NGHTTP2_ERR_WOULDBLOCK; 2670 if(WSAGetLastError() == WSAEWOULDBLOCK) { 2671 ub_winsock_tcp_wouldblock(h2_session->c->ev->ev, 2672 UB_EV_READ); 2673 return NGHTTP2_ERR_WOULDBLOCK; 2674 } 2675 log_err_addr("could not http2 recv: %s", 2676 wsa_strerror(WSAGetLastError()), 2677 &h2_session->c->repinfo.addr, 2678 h2_session->c->repinfo.addrlen); 2679 #endif 2680 return NGHTTP2_ERR_CALLBACK_FAILURE; 2681 } 2682 return ret; 2683 } 2684 #endif /* HAVE_NGHTTP2 */ 2685 2686 /** Handle http2 read */ 2687 static int 2688 comm_point_http2_handle_read(int ATTR_UNUSED(fd), struct comm_point* c) 2689 { 2690 #ifdef HAVE_NGHTTP2 2691 int ret; 2692 log_assert(c->h2_session); 2693 2694 /* reading until recv cb returns NGHTTP2_ERR_WOULDBLOCK */ 2695 ret = nghttp2_session_recv(c->h2_session->session); 2696 if(ret) { 2697 if(ret != NGHTTP2_ERR_EOF && 2698 ret != NGHTTP2_ERR_CALLBACK_FAILURE) { 2699 char a[256]; 2700 addr_to_str(&c->repinfo.addr, c->repinfo.addrlen, 2701 a, sizeof(a)); 2702 verbose(VERB_QUERY, "http2: session_recv from %s failed, " 2703 "error: %s", a, nghttp2_strerror(ret)); 2704 } 2705 return 0; 2706 } 2707 if(nghttp2_session_want_write(c->h2_session->session)) { 2708 c->tcp_is_reading = 0; 2709 comm_point_stop_listening(c); 2710 comm_point_start_listening(c, -1, adjusted_tcp_timeout(c)); 2711 } else if(!nghttp2_session_want_read(c->h2_session->session)) 2712 return 0; /* connection can be closed */ 2713 return 1; 2714 #else 2715 (void)c; 2716 return 0; 2717 #endif 2718 } 2719 2720 /** 2721 * Handle http reading callback. 2722 * @param fd: file descriptor of socket. 2723 * @param c: comm point to read from into buffer. 2724 * @return: 0 on error 2725 */ 2726 static int 2727 comm_point_http_handle_read(int fd, struct comm_point* c) 2728 { 2729 log_assert(c->type == comm_http); 2730 log_assert(fd != -1); 2731 2732 /* if we are in ssl handshake, handle SSL handshake */ 2733 #ifdef HAVE_SSL 2734 if(c->ssl && c->ssl_shake_state != comm_ssl_shake_none) { 2735 if(!ssl_handshake(c)) 2736 return 0; 2737 if(c->ssl_shake_state != comm_ssl_shake_none) 2738 return 1; 2739 } 2740 #endif /* HAVE_SSL */ 2741 2742 if(!c->tcp_is_reading) 2743 return 1; 2744 2745 if(c->use_h2) { 2746 return comm_point_http2_handle_read(fd, c); 2747 } 2748 2749 /* http version is <= http/1.1 */ 2750 2751 if(c->http_min_version >= http_version_2) { 2752 /* HTTP/2 failed, not allowed to use lower version. */ 2753 return 0; 2754 } 2755 2756 /* read more data */ 2757 if(c->ssl) { 2758 if(!ssl_http_read_more(c)) 2759 return 0; 2760 } else { 2761 if(!http_read_more(fd, c)) 2762 return 0; 2763 } 2764 2765 sldns_buffer_flip(c->buffer); 2766 /* if we are partway in a segment of data, position us at the point 2767 * where we left off previously */ 2768 if(c->http_stored < sldns_buffer_limit(c->buffer)) 2769 sldns_buffer_set_position(c->buffer, c->http_stored); 2770 else sldns_buffer_set_position(c->buffer, sldns_buffer_limit(c->buffer)); 2771 2772 while(sldns_buffer_remaining(c->buffer) > 0) { 2773 /* Handle HTTP/1.x data */ 2774 /* if we are reading headers, read more headers */ 2775 if(c->http_in_headers || c->http_in_chunk_headers) { 2776 /* if header is done, process the header */ 2777 if(!http_header_done(c->buffer)) { 2778 /* copy remaining data to front of buffer 2779 * and set rest for writing into it */ 2780 http_moveover_buffer(c->buffer); 2781 /* return and wait to read more */ 2782 return 1; 2783 } 2784 if(!c->http_in_chunk_headers) { 2785 /* process initial headers */ 2786 if(!http_process_initial_header(c)) 2787 return 0; 2788 } else { 2789 /* process chunk headers */ 2790 int r = http_process_chunk_header(c); 2791 if(r == 0) return 0; 2792 if(r == 2) return 1; /* done */ 2793 /* r == 1, continue */ 2794 } 2795 /* see if we have more to process */ 2796 continue; 2797 } 2798 2799 if(!c->http_is_chunked) { 2800 /* if we are reading nonchunks, process that*/ 2801 return http_nonchunk_segment(c); 2802 } else { 2803 /* if we are reading chunks, read the chunk */ 2804 int r = http_chunked_segment(c); 2805 if(r == 0) return 0; 2806 if(r == 1) return 1; 2807 continue; 2808 } 2809 } 2810 /* broke out of the loop; could not process header instead need 2811 * to read more */ 2812 /* moveover any remaining data and read more data */ 2813 http_moveover_buffer(c->buffer); 2814 /* return and wait to read more */ 2815 return 1; 2816 } 2817 2818 /** check pending connect for http */ 2819 static int 2820 http_check_connect(int fd, struct comm_point* c) 2821 { 2822 /* check for pending error from nonblocking connect */ 2823 /* from Stevens, unix network programming, vol1, 3rd ed, p450*/ 2824 int error = 0; 2825 socklen_t len = (socklen_t)sizeof(error); 2826 if(getsockopt(fd, SOL_SOCKET, SO_ERROR, (void*)&error, 2827 &len) < 0){ 2828 #ifndef USE_WINSOCK 2829 error = errno; /* on solaris errno is error */ 2830 #else /* USE_WINSOCK */ 2831 error = WSAGetLastError(); 2832 #endif 2833 } 2834 #ifndef USE_WINSOCK 2835 #if defined(EINPROGRESS) && defined(EWOULDBLOCK) 2836 if(error == EINPROGRESS || error == EWOULDBLOCK) 2837 return 1; /* try again later */ 2838 else 2839 #endif 2840 if(error != 0 && verbosity < 2) 2841 return 0; /* silence lots of chatter in the logs */ 2842 else if(error != 0) { 2843 log_err_addr("http connect", strerror(error), 2844 &c->repinfo.addr, c->repinfo.addrlen); 2845 #else /* USE_WINSOCK */ 2846 /* examine error */ 2847 if(error == WSAEINPROGRESS) 2848 return 1; 2849 else if(error == WSAEWOULDBLOCK) { 2850 ub_winsock_tcp_wouldblock(c->ev->ev, UB_EV_WRITE); 2851 return 1; 2852 } else if(error != 0 && verbosity < 2) 2853 return 0; 2854 else if(error != 0) { 2855 log_err_addr("http connect", wsa_strerror(error), 2856 &c->repinfo.addr, c->repinfo.addrlen); 2857 #endif /* USE_WINSOCK */ 2858 return 0; 2859 } 2860 /* keep on processing this socket */ 2861 return 2; 2862 } 2863 2864 /** write more data for http (with ssl) */ 2865 static int 2866 ssl_http_write_more(struct comm_point* c) 2867 { 2868 #ifdef HAVE_SSL 2869 int r; 2870 log_assert(sldns_buffer_remaining(c->buffer) > 0); 2871 ERR_clear_error(); 2872 r = SSL_write(c->ssl, (void*)sldns_buffer_current(c->buffer), 2873 (int)sldns_buffer_remaining(c->buffer)); 2874 if(r <= 0) { 2875 int want = SSL_get_error(c->ssl, r); 2876 if(want == SSL_ERROR_ZERO_RETURN) { 2877 return 0; /* closed */ 2878 } else if(want == SSL_ERROR_WANT_READ) { 2879 c->ssl_shake_state = comm_ssl_shake_hs_read; 2880 comm_point_listen_for_rw(c, 1, 0); 2881 return 1; /* wait for read condition */ 2882 } else if(want == SSL_ERROR_WANT_WRITE) { 2883 return 1; /* write more later */ 2884 } else if(want == SSL_ERROR_SYSCALL) { 2885 #ifdef EPIPE 2886 if(errno == EPIPE && verbosity < 2) 2887 return 0; /* silence 'broken pipe' */ 2888 #endif 2889 if(errno != 0) 2890 log_err("SSL_write syscall: %s", 2891 strerror(errno)); 2892 return 0; 2893 } 2894 log_crypto_err("could not SSL_write"); 2895 return 0; 2896 } 2897 sldns_buffer_skip(c->buffer, (ssize_t)r); 2898 return 1; 2899 #else 2900 (void)c; 2901 return 0; 2902 #endif /* HAVE_SSL */ 2903 } 2904 2905 /** write more data for http */ 2906 static int 2907 http_write_more(int fd, struct comm_point* c) 2908 { 2909 ssize_t r; 2910 log_assert(sldns_buffer_remaining(c->buffer) > 0); 2911 r = send(fd, (void*)sldns_buffer_current(c->buffer), 2912 sldns_buffer_remaining(c->buffer), 0); 2913 if(r == -1) { 2914 #ifndef USE_WINSOCK 2915 if(errno == EINTR || errno == EAGAIN) 2916 return 1; 2917 #else 2918 if(WSAGetLastError() == WSAEINPROGRESS) 2919 return 1; 2920 if(WSAGetLastError() == WSAEWOULDBLOCK) { 2921 ub_winsock_tcp_wouldblock(c->ev->ev, UB_EV_WRITE); 2922 return 1; 2923 } 2924 #endif 2925 log_err_addr("http send r", sock_strerror(errno), 2926 &c->repinfo.addr, c->repinfo.addrlen); 2927 return 0; 2928 } 2929 sldns_buffer_skip(c->buffer, r); 2930 return 1; 2931 } 2932 2933 #ifdef HAVE_NGHTTP2 2934 ssize_t http2_send_cb(nghttp2_session* ATTR_UNUSED(session), const uint8_t* buf, 2935 size_t len, int ATTR_UNUSED(flags), void* cb_arg) 2936 { 2937 ssize_t ret; 2938 struct http2_session* h2_session = (struct http2_session*)cb_arg; 2939 log_assert(h2_session->c->type == comm_http); 2940 log_assert(h2_session->c->h2_session); 2941 2942 #ifdef HAVE_SSL 2943 if(h2_session->c->ssl) { 2944 int r; 2945 ERR_clear_error(); 2946 r = SSL_write(h2_session->c->ssl, buf, len); 2947 if(r <= 0) { 2948 int want = SSL_get_error(h2_session->c->ssl, r); 2949 if(want == SSL_ERROR_ZERO_RETURN) { 2950 return NGHTTP2_ERR_CALLBACK_FAILURE; 2951 } else if(want == SSL_ERROR_WANT_READ) { 2952 h2_session->c->ssl_shake_state = comm_ssl_shake_hs_read; 2953 comm_point_listen_for_rw(h2_session->c, 1, 0); 2954 return NGHTTP2_ERR_WOULDBLOCK; 2955 } else if(want == SSL_ERROR_WANT_WRITE) { 2956 return NGHTTP2_ERR_WOULDBLOCK; 2957 } else if(want == SSL_ERROR_SYSCALL) { 2958 #ifdef EPIPE 2959 if(errno == EPIPE && verbosity < 2) 2960 return NGHTTP2_ERR_CALLBACK_FAILURE; 2961 #endif 2962 if(errno != 0) 2963 log_err("SSL_write syscall: %s", 2964 strerror(errno)); 2965 return NGHTTP2_ERR_CALLBACK_FAILURE; 2966 } 2967 log_crypto_err("could not SSL_write"); 2968 return NGHTTP2_ERR_CALLBACK_FAILURE; 2969 } 2970 return r; 2971 } 2972 #endif /* HAVE_SSL */ 2973 2974 ret = send(h2_session->c->fd, buf, len, 0); 2975 if(ret == 0) { 2976 return NGHTTP2_ERR_CALLBACK_FAILURE; 2977 } else if(ret < 0) { 2978 #ifndef USE_WINSOCK 2979 if(errno == EINTR || errno == EAGAIN) 2980 return NGHTTP2_ERR_WOULDBLOCK; 2981 #ifdef EPIPE 2982 if(errno == EPIPE && verbosity < 2) 2983 return NGHTTP2_ERR_CALLBACK_FAILURE; 2984 #endif 2985 #ifdef ECONNRESET 2986 if(errno == ECONNRESET && verbosity < 2) 2987 return NGHTTP2_ERR_CALLBACK_FAILURE; 2988 #endif 2989 log_err_addr("could not http2 write: %s", strerror(errno), 2990 &h2_session->c->repinfo.addr, 2991 h2_session->c->repinfo.addrlen); 2992 #else /* USE_WINSOCK */ 2993 if(WSAGetLastError() == WSAENOTCONN) 2994 return NGHTTP2_ERR_WOULDBLOCK; 2995 if(WSAGetLastError() == WSAEINPROGRESS) 2996 return NGHTTP2_ERR_WOULDBLOCK; 2997 if(WSAGetLastError() == WSAEWOULDBLOCK) { 2998 ub_winsock_tcp_wouldblock(h2_session->c->ev->ev, 2999 UB_EV_WRITE); 3000 return NGHTTP2_ERR_WOULDBLOCK; 3001 } 3002 if(WSAGetLastError() == WSAECONNRESET && verbosity < 2) 3003 return NGHTTP2_ERR_CALLBACK_FAILURE; 3004 log_err_addr("could not http2 write: %s", 3005 wsa_strerror(WSAGetLastError()), 3006 &h2_session->c->repinfo.addr, 3007 h2_session->c->repinfo.addrlen); 3008 #endif 3009 return NGHTTP2_ERR_CALLBACK_FAILURE; 3010 } 3011 return ret; 3012 } 3013 #endif /* HAVE_NGHTTP2 */ 3014 3015 /** Handle http2 writing */ 3016 static int 3017 comm_point_http2_handle_write(int ATTR_UNUSED(fd), struct comm_point* c) 3018 { 3019 #ifdef HAVE_NGHTTP2 3020 int ret; 3021 log_assert(c->h2_session); 3022 3023 ret = nghttp2_session_send(c->h2_session->session); 3024 if(ret) { 3025 verbose(VERB_QUERY, "http2: session_send failed, " 3026 "error: %s", nghttp2_strerror(ret)); 3027 return 0; 3028 } 3029 3030 if(nghttp2_session_want_read(c->h2_session->session)) { 3031 c->tcp_is_reading = 1; 3032 comm_point_stop_listening(c); 3033 comm_point_start_listening(c, -1, adjusted_tcp_timeout(c)); 3034 } else if(!nghttp2_session_want_write(c->h2_session->session)) 3035 return 0; /* connection can be closed */ 3036 return 1; 3037 #else 3038 (void)c; 3039 return 0; 3040 #endif 3041 } 3042 3043 /** 3044 * Handle http writing callback. 3045 * @param fd: file descriptor of socket. 3046 * @param c: comm point to write buffer out of. 3047 * @return: 0 on error 3048 */ 3049 static int 3050 comm_point_http_handle_write(int fd, struct comm_point* c) 3051 { 3052 log_assert(c->type == comm_http); 3053 log_assert(fd != -1); 3054 3055 /* check pending connect errors, if that fails, we wait for more, 3056 * or we can continue to write contents */ 3057 if(c->tcp_check_nb_connect) { 3058 int r = http_check_connect(fd, c); 3059 if(r == 0) return 0; 3060 if(r == 1) return 1; 3061 c->tcp_check_nb_connect = 0; 3062 } 3063 /* if we are in ssl handshake, handle SSL handshake */ 3064 #ifdef HAVE_SSL 3065 if(c->ssl && c->ssl_shake_state != comm_ssl_shake_none) { 3066 if(!ssl_handshake(c)) 3067 return 0; 3068 if(c->ssl_shake_state != comm_ssl_shake_none) 3069 return 1; 3070 } 3071 #endif /* HAVE_SSL */ 3072 if(c->tcp_is_reading) 3073 return 1; 3074 3075 if(c->use_h2) { 3076 return comm_point_http2_handle_write(fd, c); 3077 } 3078 3079 /* http version is <= http/1.1 */ 3080 3081 if(c->http_min_version >= http_version_2) { 3082 /* HTTP/2 failed, not allowed to use lower version. */ 3083 return 0; 3084 } 3085 3086 /* if we are writing, write more */ 3087 if(c->ssl) { 3088 if(!ssl_http_write_more(c)) 3089 return 0; 3090 } else { 3091 if(!http_write_more(fd, c)) 3092 return 0; 3093 } 3094 3095 /* we write a single buffer contents, that can contain 3096 * the http request, and then flip to read the results */ 3097 /* see if write is done */ 3098 if(sldns_buffer_remaining(c->buffer) == 0) { 3099 sldns_buffer_clear(c->buffer); 3100 if(c->tcp_do_toggle_rw) 3101 c->tcp_is_reading = 1; 3102 c->tcp_byte_count = 0; 3103 /* switch from listening(write) to listening(read) */ 3104 comm_point_stop_listening(c); 3105 comm_point_start_listening(c, -1, -1); 3106 } 3107 return 1; 3108 } 3109 3110 void 3111 comm_point_http_handle_callback(int fd, short event, void* arg) 3112 { 3113 struct comm_point* c = (struct comm_point*)arg; 3114 log_assert(c->type == comm_http); 3115 ub_comm_base_now(c->ev->base); 3116 3117 if(event&UB_EV_TIMEOUT) { 3118 verbose(VERB_QUERY, "http took too long, dropped"); 3119 reclaim_http_handler(c); 3120 if(!c->tcp_do_close) { 3121 fptr_ok(fptr_whitelist_comm_point(c->callback)); 3122 (void)(*c->callback)(c, c->cb_arg, 3123 NETEVENT_TIMEOUT, NULL); 3124 } 3125 return; 3126 } 3127 if(event&UB_EV_READ) { 3128 if(!comm_point_http_handle_read(fd, c)) { 3129 reclaim_http_handler(c); 3130 if(!c->tcp_do_close) { 3131 fptr_ok(fptr_whitelist_comm_point( 3132 c->callback)); 3133 (void)(*c->callback)(c, c->cb_arg, 3134 NETEVENT_CLOSED, NULL); 3135 } 3136 } 3137 return; 3138 } 3139 if(event&UB_EV_WRITE) { 3140 if(!comm_point_http_handle_write(fd, c)) { 3141 reclaim_http_handler(c); 3142 if(!c->tcp_do_close) { 3143 fptr_ok(fptr_whitelist_comm_point( 3144 c->callback)); 3145 (void)(*c->callback)(c, c->cb_arg, 3146 NETEVENT_CLOSED, NULL); 3147 } 3148 } 3149 return; 3150 } 3151 log_err("Ignored event %d for httphdl.", event); 3152 } 3153 3154 void comm_point_local_handle_callback(int fd, short event, void* arg) 3155 { 3156 struct comm_point* c = (struct comm_point*)arg; 3157 log_assert(c->type == comm_local); 3158 ub_comm_base_now(c->ev->base); 3159 3160 if(event&UB_EV_READ) { 3161 if(!comm_point_tcp_handle_read(fd, c, 1)) { 3162 fptr_ok(fptr_whitelist_comm_point(c->callback)); 3163 (void)(*c->callback)(c, c->cb_arg, NETEVENT_CLOSED, 3164 NULL); 3165 } 3166 return; 3167 } 3168 log_err("Ignored event %d for localhdl.", event); 3169 } 3170 3171 void comm_point_raw_handle_callback(int ATTR_UNUSED(fd), 3172 short event, void* arg) 3173 { 3174 struct comm_point* c = (struct comm_point*)arg; 3175 int err = NETEVENT_NOERROR; 3176 log_assert(c->type == comm_raw); 3177 ub_comm_base_now(c->ev->base); 3178 3179 if(event&UB_EV_TIMEOUT) 3180 err = NETEVENT_TIMEOUT; 3181 fptr_ok(fptr_whitelist_comm_point_raw(c->callback)); 3182 (void)(*c->callback)(c, c->cb_arg, err, NULL); 3183 } 3184 3185 struct comm_point* 3186 comm_point_create_udp(struct comm_base *base, int fd, sldns_buffer* buffer, 3187 comm_point_callback_type* callback, void* callback_arg) 3188 { 3189 struct comm_point* c = (struct comm_point*)calloc(1, 3190 sizeof(struct comm_point)); 3191 short evbits; 3192 if(!c) 3193 return NULL; 3194 c->ev = (struct internal_event*)calloc(1, 3195 sizeof(struct internal_event)); 3196 if(!c->ev) { 3197 free(c); 3198 return NULL; 3199 } 3200 c->ev->base = base; 3201 c->fd = fd; 3202 c->buffer = buffer; 3203 c->timeout = NULL; 3204 c->tcp_is_reading = 0; 3205 c->tcp_byte_count = 0; 3206 c->tcp_parent = NULL; 3207 c->max_tcp_count = 0; 3208 c->cur_tcp_count = 0; 3209 c->tcp_handlers = NULL; 3210 c->tcp_free = NULL; 3211 c->type = comm_udp; 3212 c->tcp_do_close = 0; 3213 c->do_not_close = 0; 3214 c->tcp_do_toggle_rw = 0; 3215 c->tcp_check_nb_connect = 0; 3216 #ifdef USE_MSG_FASTOPEN 3217 c->tcp_do_fastopen = 0; 3218 #endif 3219 #ifdef USE_DNSCRYPT 3220 c->dnscrypt = 0; 3221 c->dnscrypt_buffer = buffer; 3222 #endif 3223 c->inuse = 0; 3224 c->callback = callback; 3225 c->cb_arg = callback_arg; 3226 evbits = UB_EV_READ | UB_EV_PERSIST; 3227 /* ub_event stuff */ 3228 c->ev->ev = ub_event_new(base->eb->base, c->fd, evbits, 3229 comm_point_udp_callback, c); 3230 if(c->ev->ev == NULL) { 3231 log_err("could not baseset udp event"); 3232 comm_point_delete(c); 3233 return NULL; 3234 } 3235 if(fd!=-1 && ub_event_add(c->ev->ev, c->timeout) != 0 ) { 3236 log_err("could not add udp event"); 3237 comm_point_delete(c); 3238 return NULL; 3239 } 3240 c->event_added = 1; 3241 return c; 3242 } 3243 3244 struct comm_point* 3245 comm_point_create_udp_ancil(struct comm_base *base, int fd, 3246 sldns_buffer* buffer, 3247 comm_point_callback_type* callback, void* callback_arg) 3248 { 3249 struct comm_point* c = (struct comm_point*)calloc(1, 3250 sizeof(struct comm_point)); 3251 short evbits; 3252 if(!c) 3253 return NULL; 3254 c->ev = (struct internal_event*)calloc(1, 3255 sizeof(struct internal_event)); 3256 if(!c->ev) { 3257 free(c); 3258 return NULL; 3259 } 3260 c->ev->base = base; 3261 c->fd = fd; 3262 c->buffer = buffer; 3263 c->timeout = NULL; 3264 c->tcp_is_reading = 0; 3265 c->tcp_byte_count = 0; 3266 c->tcp_parent = NULL; 3267 c->max_tcp_count = 0; 3268 c->cur_tcp_count = 0; 3269 c->tcp_handlers = NULL; 3270 c->tcp_free = NULL; 3271 c->type = comm_udp; 3272 c->tcp_do_close = 0; 3273 c->do_not_close = 0; 3274 #ifdef USE_DNSCRYPT 3275 c->dnscrypt = 0; 3276 c->dnscrypt_buffer = buffer; 3277 #endif 3278 c->inuse = 0; 3279 c->tcp_do_toggle_rw = 0; 3280 c->tcp_check_nb_connect = 0; 3281 #ifdef USE_MSG_FASTOPEN 3282 c->tcp_do_fastopen = 0; 3283 #endif 3284 c->callback = callback; 3285 c->cb_arg = callback_arg; 3286 evbits = UB_EV_READ | UB_EV_PERSIST; 3287 /* ub_event stuff */ 3288 c->ev->ev = ub_event_new(base->eb->base, c->fd, evbits, 3289 comm_point_udp_ancil_callback, c); 3290 if(c->ev->ev == NULL) { 3291 log_err("could not baseset udp event"); 3292 comm_point_delete(c); 3293 return NULL; 3294 } 3295 if(fd!=-1 && ub_event_add(c->ev->ev, c->timeout) != 0 ) { 3296 log_err("could not add udp event"); 3297 comm_point_delete(c); 3298 return NULL; 3299 } 3300 c->event_added = 1; 3301 return c; 3302 } 3303 3304 static struct comm_point* 3305 comm_point_create_tcp_handler(struct comm_base *base, 3306 struct comm_point* parent, size_t bufsize, 3307 struct sldns_buffer* spoolbuf, comm_point_callback_type* callback, 3308 void* callback_arg) 3309 { 3310 struct comm_point* c = (struct comm_point*)calloc(1, 3311 sizeof(struct comm_point)); 3312 short evbits; 3313 if(!c) 3314 return NULL; 3315 c->ev = (struct internal_event*)calloc(1, 3316 sizeof(struct internal_event)); 3317 if(!c->ev) { 3318 free(c); 3319 return NULL; 3320 } 3321 c->ev->base = base; 3322 c->fd = -1; 3323 c->buffer = sldns_buffer_new(bufsize); 3324 if(!c->buffer) { 3325 free(c->ev); 3326 free(c); 3327 return NULL; 3328 } 3329 c->timeout = (struct timeval*)malloc(sizeof(struct timeval)); 3330 if(!c->timeout) { 3331 sldns_buffer_free(c->buffer); 3332 free(c->ev); 3333 free(c); 3334 return NULL; 3335 } 3336 c->tcp_is_reading = 0; 3337 c->tcp_byte_count = 0; 3338 c->tcp_parent = parent; 3339 c->tcp_timeout_msec = parent->tcp_timeout_msec; 3340 c->tcp_conn_limit = parent->tcp_conn_limit; 3341 c->tcl_addr = NULL; 3342 c->tcp_keepalive = 0; 3343 c->max_tcp_count = 0; 3344 c->cur_tcp_count = 0; 3345 c->tcp_handlers = NULL; 3346 c->tcp_free = NULL; 3347 c->type = comm_tcp; 3348 c->tcp_do_close = 0; 3349 c->do_not_close = 0; 3350 c->tcp_do_toggle_rw = 1; 3351 c->tcp_check_nb_connect = 0; 3352 #ifdef USE_MSG_FASTOPEN 3353 c->tcp_do_fastopen = 0; 3354 #endif 3355 #ifdef USE_DNSCRYPT 3356 c->dnscrypt = 0; 3357 /* We don't know just yet if this is a dnscrypt channel. Allocation 3358 * will be done when handling the callback. */ 3359 c->dnscrypt_buffer = c->buffer; 3360 #endif 3361 c->repinfo.c = c; 3362 c->callback = callback; 3363 c->cb_arg = callback_arg; 3364 if(spoolbuf) { 3365 c->tcp_req_info = tcp_req_info_create(spoolbuf); 3366 if(!c->tcp_req_info) { 3367 log_err("could not create tcp commpoint"); 3368 sldns_buffer_free(c->buffer); 3369 free(c->timeout); 3370 free(c->ev); 3371 free(c); 3372 return NULL; 3373 } 3374 c->tcp_req_info->cp = c; 3375 c->tcp_do_close = 1; 3376 c->tcp_do_toggle_rw = 0; 3377 } 3378 /* add to parent free list */ 3379 c->tcp_free = parent->tcp_free; 3380 parent->tcp_free = c; 3381 /* ub_event stuff */ 3382 evbits = UB_EV_PERSIST | UB_EV_READ | UB_EV_TIMEOUT; 3383 c->ev->ev = ub_event_new(base->eb->base, c->fd, evbits, 3384 comm_point_tcp_handle_callback, c); 3385 if(c->ev->ev == NULL) 3386 { 3387 log_err("could not basetset tcphdl event"); 3388 parent->tcp_free = c->tcp_free; 3389 tcp_req_info_delete(c->tcp_req_info); 3390 sldns_buffer_free(c->buffer); 3391 free(c->timeout); 3392 free(c->ev); 3393 free(c); 3394 return NULL; 3395 } 3396 return c; 3397 } 3398 3399 static struct comm_point* 3400 comm_point_create_http_handler(struct comm_base *base, 3401 struct comm_point* parent, size_t bufsize, int harden_large_queries, 3402 uint32_t http_max_streams, char* http_endpoint, 3403 comm_point_callback_type* callback, void* callback_arg) 3404 { 3405 struct comm_point* c = (struct comm_point*)calloc(1, 3406 sizeof(struct comm_point)); 3407 short evbits; 3408 if(!c) 3409 return NULL; 3410 c->ev = (struct internal_event*)calloc(1, 3411 sizeof(struct internal_event)); 3412 if(!c->ev) { 3413 free(c); 3414 return NULL; 3415 } 3416 c->ev->base = base; 3417 c->fd = -1; 3418 c->buffer = sldns_buffer_new(bufsize); 3419 if(!c->buffer) { 3420 free(c->ev); 3421 free(c); 3422 return NULL; 3423 } 3424 c->timeout = (struct timeval*)malloc(sizeof(struct timeval)); 3425 if(!c->timeout) { 3426 sldns_buffer_free(c->buffer); 3427 free(c->ev); 3428 free(c); 3429 return NULL; 3430 } 3431 c->tcp_is_reading = 0; 3432 c->tcp_byte_count = 0; 3433 c->tcp_parent = parent; 3434 c->tcp_timeout_msec = parent->tcp_timeout_msec; 3435 c->tcp_conn_limit = parent->tcp_conn_limit; 3436 c->tcl_addr = NULL; 3437 c->tcp_keepalive = 0; 3438 c->max_tcp_count = 0; 3439 c->cur_tcp_count = 0; 3440 c->tcp_handlers = NULL; 3441 c->tcp_free = NULL; 3442 c->type = comm_http; 3443 c->tcp_do_close = 1; 3444 c->do_not_close = 0; 3445 c->tcp_do_toggle_rw = 1; /* will be set to 0 after http2 upgrade */ 3446 c->tcp_check_nb_connect = 0; 3447 #ifdef USE_MSG_FASTOPEN 3448 c->tcp_do_fastopen = 0; 3449 #endif 3450 #ifdef USE_DNSCRYPT 3451 c->dnscrypt = 0; 3452 c->dnscrypt_buffer = NULL; 3453 #endif 3454 c->repinfo.c = c; 3455 c->callback = callback; 3456 c->cb_arg = callback_arg; 3457 3458 c->http_min_version = http_version_2; 3459 c->http2_stream_max_qbuffer_size = bufsize; 3460 if(harden_large_queries && bufsize > 512) 3461 c->http2_stream_max_qbuffer_size = 512; 3462 c->http2_max_streams = http_max_streams; 3463 if(!(c->http_endpoint = strdup(http_endpoint))) { 3464 log_err("could not strdup http_endpoint"); 3465 sldns_buffer_free(c->buffer); 3466 free(c->timeout); 3467 free(c->ev); 3468 free(c); 3469 return NULL; 3470 } 3471 c->use_h2 = 0; 3472 #ifdef HAVE_NGHTTP2 3473 if(!(c->h2_session = http2_session_create(c))) { 3474 log_err("could not create http2 session"); 3475 free(c->http_endpoint); 3476 sldns_buffer_free(c->buffer); 3477 free(c->timeout); 3478 free(c->ev); 3479 free(c); 3480 return NULL; 3481 } 3482 if(!(c->h2_session->callbacks = http2_req_callbacks_create())) { 3483 log_err("could not create http2 callbacks"); 3484 http2_session_delete(c->h2_session); 3485 free(c->http_endpoint); 3486 sldns_buffer_free(c->buffer); 3487 free(c->timeout); 3488 free(c->ev); 3489 free(c); 3490 return NULL; 3491 } 3492 #endif 3493 3494 /* add to parent free list */ 3495 c->tcp_free = parent->tcp_free; 3496 parent->tcp_free = c; 3497 /* ub_event stuff */ 3498 evbits = UB_EV_PERSIST | UB_EV_READ | UB_EV_TIMEOUT; 3499 c->ev->ev = ub_event_new(base->eb->base, c->fd, evbits, 3500 comm_point_http_handle_callback, c); 3501 if(c->ev->ev == NULL) 3502 { 3503 log_err("could not set http handler event"); 3504 parent->tcp_free = c->tcp_free; 3505 http2_session_delete(c->h2_session); 3506 sldns_buffer_free(c->buffer); 3507 free(c->timeout); 3508 free(c->ev); 3509 free(c); 3510 return NULL; 3511 } 3512 return c; 3513 } 3514 3515 struct comm_point* 3516 comm_point_create_tcp(struct comm_base *base, int fd, int num, 3517 int idle_timeout, int harden_large_queries, 3518 uint32_t http_max_streams, char* http_endpoint, 3519 struct tcl_list* tcp_conn_limit, size_t bufsize, 3520 struct sldns_buffer* spoolbuf, enum listen_type port_type, 3521 comm_point_callback_type* callback, void* callback_arg) 3522 { 3523 struct comm_point* c = (struct comm_point*)calloc(1, 3524 sizeof(struct comm_point)); 3525 short evbits; 3526 int i; 3527 /* first allocate the TCP accept listener */ 3528 if(!c) 3529 return NULL; 3530 c->ev = (struct internal_event*)calloc(1, 3531 sizeof(struct internal_event)); 3532 if(!c->ev) { 3533 free(c); 3534 return NULL; 3535 } 3536 c->ev->base = base; 3537 c->fd = fd; 3538 c->buffer = NULL; 3539 c->timeout = NULL; 3540 c->tcp_is_reading = 0; 3541 c->tcp_byte_count = 0; 3542 c->tcp_timeout_msec = idle_timeout; 3543 c->tcp_conn_limit = tcp_conn_limit; 3544 c->tcl_addr = NULL; 3545 c->tcp_keepalive = 0; 3546 c->tcp_parent = NULL; 3547 c->max_tcp_count = num; 3548 c->cur_tcp_count = 0; 3549 c->tcp_handlers = (struct comm_point**)calloc((size_t)num, 3550 sizeof(struct comm_point*)); 3551 if(!c->tcp_handlers) { 3552 free(c->ev); 3553 free(c); 3554 return NULL; 3555 } 3556 c->tcp_free = NULL; 3557 c->type = comm_tcp_accept; 3558 c->tcp_do_close = 0; 3559 c->do_not_close = 0; 3560 c->tcp_do_toggle_rw = 0; 3561 c->tcp_check_nb_connect = 0; 3562 #ifdef USE_MSG_FASTOPEN 3563 c->tcp_do_fastopen = 0; 3564 #endif 3565 #ifdef USE_DNSCRYPT 3566 c->dnscrypt = 0; 3567 c->dnscrypt_buffer = NULL; 3568 #endif 3569 c->callback = NULL; 3570 c->cb_arg = NULL; 3571 evbits = UB_EV_READ | UB_EV_PERSIST; 3572 /* ub_event stuff */ 3573 c->ev->ev = ub_event_new(base->eb->base, c->fd, evbits, 3574 comm_point_tcp_accept_callback, c); 3575 if(c->ev->ev == NULL) { 3576 log_err("could not baseset tcpacc event"); 3577 comm_point_delete(c); 3578 return NULL; 3579 } 3580 if (ub_event_add(c->ev->ev, c->timeout) != 0) { 3581 log_err("could not add tcpacc event"); 3582 comm_point_delete(c); 3583 return NULL; 3584 } 3585 c->event_added = 1; 3586 /* now prealloc the handlers */ 3587 for(i=0; i<num; i++) { 3588 if(port_type == listen_type_tcp || 3589 port_type == listen_type_ssl || 3590 port_type == listen_type_tcp_dnscrypt) { 3591 c->tcp_handlers[i] = comm_point_create_tcp_handler(base, 3592 c, bufsize, spoolbuf, callback, callback_arg); 3593 } else if(port_type == listen_type_http) { 3594 c->tcp_handlers[i] = comm_point_create_http_handler( 3595 base, c, bufsize, harden_large_queries, 3596 http_max_streams, http_endpoint, 3597 callback, callback_arg); 3598 } 3599 else { 3600 log_err("could not create tcp handler, unknown listen " 3601 "type"); 3602 return NULL; 3603 } 3604 if(!c->tcp_handlers[i]) { 3605 comm_point_delete(c); 3606 return NULL; 3607 } 3608 } 3609 3610 return c; 3611 } 3612 3613 struct comm_point* 3614 comm_point_create_tcp_out(struct comm_base *base, size_t bufsize, 3615 comm_point_callback_type* callback, void* callback_arg) 3616 { 3617 struct comm_point* c = (struct comm_point*)calloc(1, 3618 sizeof(struct comm_point)); 3619 short evbits; 3620 if(!c) 3621 return NULL; 3622 c->ev = (struct internal_event*)calloc(1, 3623 sizeof(struct internal_event)); 3624 if(!c->ev) { 3625 free(c); 3626 return NULL; 3627 } 3628 c->ev->base = base; 3629 c->fd = -1; 3630 c->buffer = sldns_buffer_new(bufsize); 3631 if(!c->buffer) { 3632 free(c->ev); 3633 free(c); 3634 return NULL; 3635 } 3636 c->timeout = NULL; 3637 c->tcp_is_reading = 0; 3638 c->tcp_byte_count = 0; 3639 c->tcp_timeout_msec = TCP_QUERY_TIMEOUT; 3640 c->tcp_conn_limit = NULL; 3641 c->tcl_addr = NULL; 3642 c->tcp_keepalive = 0; 3643 c->tcp_parent = NULL; 3644 c->max_tcp_count = 0; 3645 c->cur_tcp_count = 0; 3646 c->tcp_handlers = NULL; 3647 c->tcp_free = NULL; 3648 c->type = comm_tcp; 3649 c->tcp_do_close = 0; 3650 c->do_not_close = 0; 3651 c->tcp_do_toggle_rw = 1; 3652 c->tcp_check_nb_connect = 1; 3653 #ifdef USE_MSG_FASTOPEN 3654 c->tcp_do_fastopen = 1; 3655 #endif 3656 #ifdef USE_DNSCRYPT 3657 c->dnscrypt = 0; 3658 c->dnscrypt_buffer = c->buffer; 3659 #endif 3660 c->repinfo.c = c; 3661 c->callback = callback; 3662 c->cb_arg = callback_arg; 3663 evbits = UB_EV_PERSIST | UB_EV_WRITE; 3664 c->ev->ev = ub_event_new(base->eb->base, c->fd, evbits, 3665 comm_point_tcp_handle_callback, c); 3666 if(c->ev->ev == NULL) 3667 { 3668 log_err("could not baseset tcpout event"); 3669 sldns_buffer_free(c->buffer); 3670 free(c->ev); 3671 free(c); 3672 return NULL; 3673 } 3674 3675 return c; 3676 } 3677 3678 struct comm_point* 3679 comm_point_create_http_out(struct comm_base *base, size_t bufsize, 3680 comm_point_callback_type* callback, void* callback_arg, 3681 sldns_buffer* temp) 3682 { 3683 struct comm_point* c = (struct comm_point*)calloc(1, 3684 sizeof(struct comm_point)); 3685 short evbits; 3686 if(!c) 3687 return NULL; 3688 c->ev = (struct internal_event*)calloc(1, 3689 sizeof(struct internal_event)); 3690 if(!c->ev) { 3691 free(c); 3692 return NULL; 3693 } 3694 c->ev->base = base; 3695 c->fd = -1; 3696 c->buffer = sldns_buffer_new(bufsize); 3697 if(!c->buffer) { 3698 free(c->ev); 3699 free(c); 3700 return NULL; 3701 } 3702 c->timeout = NULL; 3703 c->tcp_is_reading = 0; 3704 c->tcp_byte_count = 0; 3705 c->tcp_parent = NULL; 3706 c->max_tcp_count = 0; 3707 c->cur_tcp_count = 0; 3708 c->tcp_handlers = NULL; 3709 c->tcp_free = NULL; 3710 c->type = comm_http; 3711 c->tcp_do_close = 0; 3712 c->do_not_close = 0; 3713 c->tcp_do_toggle_rw = 1; 3714 c->tcp_check_nb_connect = 1; 3715 c->http_in_headers = 1; 3716 c->http_in_chunk_headers = 0; 3717 c->http_is_chunked = 0; 3718 c->http_temp = temp; 3719 #ifdef USE_MSG_FASTOPEN 3720 c->tcp_do_fastopen = 1; 3721 #endif 3722 #ifdef USE_DNSCRYPT 3723 c->dnscrypt = 0; 3724 c->dnscrypt_buffer = c->buffer; 3725 #endif 3726 c->repinfo.c = c; 3727 c->callback = callback; 3728 c->cb_arg = callback_arg; 3729 evbits = UB_EV_PERSIST | UB_EV_WRITE; 3730 c->ev->ev = ub_event_new(base->eb->base, c->fd, evbits, 3731 comm_point_http_handle_callback, c); 3732 if(c->ev->ev == NULL) 3733 { 3734 log_err("could not baseset tcpout event"); 3735 #ifdef HAVE_SSL 3736 SSL_free(c->ssl); 3737 #endif 3738 sldns_buffer_free(c->buffer); 3739 free(c->ev); 3740 free(c); 3741 return NULL; 3742 } 3743 3744 return c; 3745 } 3746 3747 struct comm_point* 3748 comm_point_create_local(struct comm_base *base, int fd, size_t bufsize, 3749 comm_point_callback_type* callback, void* callback_arg) 3750 { 3751 struct comm_point* c = (struct comm_point*)calloc(1, 3752 sizeof(struct comm_point)); 3753 short evbits; 3754 if(!c) 3755 return NULL; 3756 c->ev = (struct internal_event*)calloc(1, 3757 sizeof(struct internal_event)); 3758 if(!c->ev) { 3759 free(c); 3760 return NULL; 3761 } 3762 c->ev->base = base; 3763 c->fd = fd; 3764 c->buffer = sldns_buffer_new(bufsize); 3765 if(!c->buffer) { 3766 free(c->ev); 3767 free(c); 3768 return NULL; 3769 } 3770 c->timeout = NULL; 3771 c->tcp_is_reading = 1; 3772 c->tcp_byte_count = 0; 3773 c->tcp_parent = NULL; 3774 c->max_tcp_count = 0; 3775 c->cur_tcp_count = 0; 3776 c->tcp_handlers = NULL; 3777 c->tcp_free = NULL; 3778 c->type = comm_local; 3779 c->tcp_do_close = 0; 3780 c->do_not_close = 1; 3781 c->tcp_do_toggle_rw = 0; 3782 c->tcp_check_nb_connect = 0; 3783 #ifdef USE_MSG_FASTOPEN 3784 c->tcp_do_fastopen = 0; 3785 #endif 3786 #ifdef USE_DNSCRYPT 3787 c->dnscrypt = 0; 3788 c->dnscrypt_buffer = c->buffer; 3789 #endif 3790 c->callback = callback; 3791 c->cb_arg = callback_arg; 3792 /* ub_event stuff */ 3793 evbits = UB_EV_PERSIST | UB_EV_READ; 3794 c->ev->ev = ub_event_new(base->eb->base, c->fd, evbits, 3795 comm_point_local_handle_callback, c); 3796 if(c->ev->ev == NULL) { 3797 log_err("could not baseset localhdl event"); 3798 free(c->ev); 3799 free(c); 3800 return NULL; 3801 } 3802 if (ub_event_add(c->ev->ev, c->timeout) != 0) { 3803 log_err("could not add localhdl event"); 3804 ub_event_free(c->ev->ev); 3805 free(c->ev); 3806 free(c); 3807 return NULL; 3808 } 3809 c->event_added = 1; 3810 return c; 3811 } 3812 3813 struct comm_point* 3814 comm_point_create_raw(struct comm_base* base, int fd, int writing, 3815 comm_point_callback_type* callback, void* callback_arg) 3816 { 3817 struct comm_point* c = (struct comm_point*)calloc(1, 3818 sizeof(struct comm_point)); 3819 short evbits; 3820 if(!c) 3821 return NULL; 3822 c->ev = (struct internal_event*)calloc(1, 3823 sizeof(struct internal_event)); 3824 if(!c->ev) { 3825 free(c); 3826 return NULL; 3827 } 3828 c->ev->base = base; 3829 c->fd = fd; 3830 c->buffer = NULL; 3831 c->timeout = NULL; 3832 c->tcp_is_reading = 0; 3833 c->tcp_byte_count = 0; 3834 c->tcp_parent = NULL; 3835 c->max_tcp_count = 0; 3836 c->cur_tcp_count = 0; 3837 c->tcp_handlers = NULL; 3838 c->tcp_free = NULL; 3839 c->type = comm_raw; 3840 c->tcp_do_close = 0; 3841 c->do_not_close = 1; 3842 c->tcp_do_toggle_rw = 0; 3843 c->tcp_check_nb_connect = 0; 3844 #ifdef USE_MSG_FASTOPEN 3845 c->tcp_do_fastopen = 0; 3846 #endif 3847 #ifdef USE_DNSCRYPT 3848 c->dnscrypt = 0; 3849 c->dnscrypt_buffer = c->buffer; 3850 #endif 3851 c->callback = callback; 3852 c->cb_arg = callback_arg; 3853 /* ub_event stuff */ 3854 if(writing) 3855 evbits = UB_EV_PERSIST | UB_EV_WRITE; 3856 else evbits = UB_EV_PERSIST | UB_EV_READ; 3857 c->ev->ev = ub_event_new(base->eb->base, c->fd, evbits, 3858 comm_point_raw_handle_callback, c); 3859 if(c->ev->ev == NULL) { 3860 log_err("could not baseset rawhdl event"); 3861 free(c->ev); 3862 free(c); 3863 return NULL; 3864 } 3865 if (ub_event_add(c->ev->ev, c->timeout) != 0) { 3866 log_err("could not add rawhdl event"); 3867 ub_event_free(c->ev->ev); 3868 free(c->ev); 3869 free(c); 3870 return NULL; 3871 } 3872 c->event_added = 1; 3873 return c; 3874 } 3875 3876 void 3877 comm_point_close(struct comm_point* c) 3878 { 3879 if(!c) 3880 return; 3881 if(c->fd != -1) { 3882 verbose(5, "comm_point_close of %d: event_del", c->fd); 3883 if(c->event_added) { 3884 if(ub_event_del(c->ev->ev) != 0) { 3885 log_err("could not event_del on close"); 3886 } 3887 c->event_added = 0; 3888 } 3889 } 3890 tcl_close_connection(c->tcl_addr); 3891 if(c->tcp_req_info) 3892 tcp_req_info_clear(c->tcp_req_info); 3893 if(c->h2_session) 3894 http2_session_server_delete(c->h2_session); 3895 3896 /* close fd after removing from event lists, or epoll.. is messed up */ 3897 if(c->fd != -1 && !c->do_not_close) { 3898 if(c->type == comm_tcp || c->type == comm_http) { 3899 /* delete sticky events for the fd, it gets closed */ 3900 ub_winsock_tcp_wouldblock(c->ev->ev, UB_EV_READ); 3901 ub_winsock_tcp_wouldblock(c->ev->ev, UB_EV_WRITE); 3902 } 3903 verbose(VERB_ALGO, "close fd %d", c->fd); 3904 sock_close(c->fd); 3905 } 3906 c->fd = -1; 3907 } 3908 3909 void 3910 comm_point_delete(struct comm_point* c) 3911 { 3912 if(!c) 3913 return; 3914 if((c->type == comm_tcp || c->type == comm_http) && c->ssl) { 3915 #ifdef HAVE_SSL 3916 SSL_shutdown(c->ssl); 3917 SSL_free(c->ssl); 3918 #endif 3919 } 3920 if(c->type == comm_http && c->http_endpoint) { 3921 free(c->http_endpoint); 3922 c->http_endpoint = NULL; 3923 } 3924 comm_point_close(c); 3925 if(c->tcp_handlers) { 3926 int i; 3927 for(i=0; i<c->max_tcp_count; i++) 3928 comm_point_delete(c->tcp_handlers[i]); 3929 free(c->tcp_handlers); 3930 } 3931 free(c->timeout); 3932 if(c->type == comm_tcp || c->type == comm_local || c->type == comm_http) { 3933 sldns_buffer_free(c->buffer); 3934 #ifdef USE_DNSCRYPT 3935 if(c->dnscrypt && c->dnscrypt_buffer != c->buffer) { 3936 sldns_buffer_free(c->dnscrypt_buffer); 3937 } 3938 #endif 3939 if(c->tcp_req_info) { 3940 tcp_req_info_delete(c->tcp_req_info); 3941 } 3942 if(c->h2_session) { 3943 http2_session_delete(c->h2_session); 3944 } 3945 } 3946 ub_event_free(c->ev->ev); 3947 free(c->ev); 3948 free(c); 3949 } 3950 3951 void 3952 comm_point_send_reply(struct comm_reply *repinfo) 3953 { 3954 struct sldns_buffer* buffer; 3955 log_assert(repinfo && repinfo->c); 3956 #ifdef USE_DNSCRYPT 3957 buffer = repinfo->c->dnscrypt_buffer; 3958 if(!dnsc_handle_uncurved_request(repinfo)) { 3959 return; 3960 } 3961 #else 3962 buffer = repinfo->c->buffer; 3963 #endif 3964 if(repinfo->c->type == comm_udp) { 3965 if(repinfo->srctype) 3966 comm_point_send_udp_msg_if(repinfo->c, 3967 buffer, (struct sockaddr*)&repinfo->addr, 3968 repinfo->addrlen, repinfo); 3969 else 3970 comm_point_send_udp_msg(repinfo->c, buffer, 3971 (struct sockaddr*)&repinfo->addr, repinfo->addrlen, 0); 3972 #ifdef USE_DNSTAP 3973 if(repinfo->c->dtenv != NULL && 3974 repinfo->c->dtenv->log_client_response_messages) 3975 dt_msg_send_client_response(repinfo->c->dtenv, 3976 &repinfo->addr, repinfo->c->type, repinfo->c->buffer); 3977 #endif 3978 } else { 3979 #ifdef USE_DNSTAP 3980 if(repinfo->c->tcp_parent->dtenv != NULL && 3981 repinfo->c->tcp_parent->dtenv->log_client_response_messages) 3982 dt_msg_send_client_response(repinfo->c->tcp_parent->dtenv, 3983 &repinfo->addr, repinfo->c->type, 3984 ( repinfo->c->tcp_req_info 3985 ? repinfo->c->tcp_req_info->spool_buffer 3986 : repinfo->c->buffer )); 3987 #endif 3988 if(repinfo->c->tcp_req_info) { 3989 tcp_req_info_send_reply(repinfo->c->tcp_req_info); 3990 } else if(repinfo->c->use_h2) { 3991 if(!http2_submit_dns_response(repinfo->c->h2_session)) { 3992 comm_point_drop_reply(repinfo); 3993 return; 3994 } 3995 repinfo->c->h2_stream = NULL; 3996 repinfo->c->tcp_is_reading = 0; 3997 comm_point_stop_listening(repinfo->c); 3998 comm_point_start_listening(repinfo->c, -1, 3999 adjusted_tcp_timeout(repinfo->c)); 4000 return; 4001 } else { 4002 comm_point_start_listening(repinfo->c, -1, 4003 adjusted_tcp_timeout(repinfo->c)); 4004 } 4005 } 4006 } 4007 4008 void 4009 comm_point_drop_reply(struct comm_reply* repinfo) 4010 { 4011 if(!repinfo) 4012 return; 4013 log_assert(repinfo->c); 4014 log_assert(repinfo->c->type != comm_tcp_accept); 4015 if(repinfo->c->type == comm_udp) 4016 return; 4017 if(repinfo->c->tcp_req_info) 4018 repinfo->c->tcp_req_info->is_drop = 1; 4019 if(repinfo->c->type == comm_http) { 4020 if(repinfo->c->h2_session) { 4021 repinfo->c->h2_session->is_drop = 1; 4022 if(!repinfo->c->h2_session->postpone_drop) 4023 reclaim_http_handler(repinfo->c); 4024 return; 4025 } 4026 reclaim_http_handler(repinfo->c); 4027 return; 4028 } 4029 reclaim_tcp_handler(repinfo->c); 4030 } 4031 4032 void 4033 comm_point_stop_listening(struct comm_point* c) 4034 { 4035 verbose(VERB_ALGO, "comm point stop listening %d", c->fd); 4036 if(c->event_added) { 4037 if(ub_event_del(c->ev->ev) != 0) { 4038 log_err("event_del error to stoplisten"); 4039 } 4040 c->event_added = 0; 4041 } 4042 } 4043 4044 void 4045 comm_point_start_listening(struct comm_point* c, int newfd, int msec) 4046 { 4047 verbose(VERB_ALGO, "comm point start listening %d (%d msec)", 4048 c->fd==-1?newfd:c->fd, msec); 4049 if(c->type == comm_tcp_accept && !c->tcp_free) { 4050 /* no use to start listening no free slots. */ 4051 return; 4052 } 4053 if(c->event_added) { 4054 if(ub_event_del(c->ev->ev) != 0) { 4055 log_err("event_del error to startlisten"); 4056 } 4057 c->event_added = 0; 4058 } 4059 if(msec != -1 && msec != 0) { 4060 if(!c->timeout) { 4061 c->timeout = (struct timeval*)malloc(sizeof( 4062 struct timeval)); 4063 if(!c->timeout) { 4064 log_err("cpsl: malloc failed. No net read."); 4065 return; 4066 } 4067 } 4068 ub_event_add_bits(c->ev->ev, UB_EV_TIMEOUT); 4069 #ifndef S_SPLINT_S /* splint fails on struct timeval. */ 4070 c->timeout->tv_sec = msec/1000; 4071 c->timeout->tv_usec = (msec%1000)*1000; 4072 #endif /* S_SPLINT_S */ 4073 } 4074 if(c->type == comm_tcp || c->type == comm_http) { 4075 ub_event_del_bits(c->ev->ev, UB_EV_READ|UB_EV_WRITE); 4076 if(c->tcp_write_and_read) { 4077 verbose(5, "startlistening %d mode rw", (newfd==-1?c->fd:newfd)); 4078 ub_event_add_bits(c->ev->ev, UB_EV_READ|UB_EV_WRITE); 4079 } else if(c->tcp_is_reading) { 4080 verbose(5, "startlistening %d mode r", (newfd==-1?c->fd:newfd)); 4081 ub_event_add_bits(c->ev->ev, UB_EV_READ); 4082 } else { 4083 verbose(5, "startlistening %d mode w", (newfd==-1?c->fd:newfd)); 4084 ub_event_add_bits(c->ev->ev, UB_EV_WRITE); 4085 } 4086 } 4087 if(newfd != -1) { 4088 if(c->fd != -1 && c->fd != newfd) { 4089 verbose(5, "cpsl close of fd %d for %d", c->fd, newfd); 4090 sock_close(c->fd); 4091 } 4092 c->fd = newfd; 4093 ub_event_set_fd(c->ev->ev, c->fd); 4094 } 4095 if(ub_event_add(c->ev->ev, msec==0?NULL:c->timeout) != 0) { 4096 log_err("event_add failed. in cpsl."); 4097 } 4098 c->event_added = 1; 4099 } 4100 4101 void comm_point_listen_for_rw(struct comm_point* c, int rd, int wr) 4102 { 4103 verbose(VERB_ALGO, "comm point listen_for_rw %d %d", c->fd, wr); 4104 if(c->event_added) { 4105 if(ub_event_del(c->ev->ev) != 0) { 4106 log_err("event_del error to cplf"); 4107 } 4108 c->event_added = 0; 4109 } 4110 ub_event_del_bits(c->ev->ev, UB_EV_READ|UB_EV_WRITE); 4111 if(rd) ub_event_add_bits(c->ev->ev, UB_EV_READ); 4112 if(wr) ub_event_add_bits(c->ev->ev, UB_EV_WRITE); 4113 if(ub_event_add(c->ev->ev, c->timeout) != 0) { 4114 log_err("event_add failed. in cplf."); 4115 } 4116 c->event_added = 1; 4117 } 4118 4119 size_t comm_point_get_mem(struct comm_point* c) 4120 { 4121 size_t s; 4122 if(!c) 4123 return 0; 4124 s = sizeof(*c) + sizeof(*c->ev); 4125 if(c->timeout) 4126 s += sizeof(*c->timeout); 4127 if(c->type == comm_tcp || c->type == comm_local) { 4128 s += sizeof(*c->buffer) + sldns_buffer_capacity(c->buffer); 4129 #ifdef USE_DNSCRYPT 4130 s += sizeof(*c->dnscrypt_buffer); 4131 if(c->buffer != c->dnscrypt_buffer) { 4132 s += sldns_buffer_capacity(c->dnscrypt_buffer); 4133 } 4134 #endif 4135 } 4136 if(c->type == comm_tcp_accept) { 4137 int i; 4138 for(i=0; i<c->max_tcp_count; i++) 4139 s += comm_point_get_mem(c->tcp_handlers[i]); 4140 } 4141 return s; 4142 } 4143 4144 struct comm_timer* 4145 comm_timer_create(struct comm_base* base, void (*cb)(void*), void* cb_arg) 4146 { 4147 struct internal_timer *tm = (struct internal_timer*)calloc(1, 4148 sizeof(struct internal_timer)); 4149 if(!tm) { 4150 log_err("malloc failed"); 4151 return NULL; 4152 } 4153 tm->super.ev_timer = tm; 4154 tm->base = base; 4155 tm->super.callback = cb; 4156 tm->super.cb_arg = cb_arg; 4157 tm->ev = ub_event_new(base->eb->base, -1, UB_EV_TIMEOUT, 4158 comm_timer_callback, &tm->super); 4159 if(tm->ev == NULL) { 4160 log_err("timer_create: event_base_set failed."); 4161 free(tm); 4162 return NULL; 4163 } 4164 return &tm->super; 4165 } 4166 4167 void 4168 comm_timer_disable(struct comm_timer* timer) 4169 { 4170 if(!timer) 4171 return; 4172 ub_timer_del(timer->ev_timer->ev); 4173 timer->ev_timer->enabled = 0; 4174 } 4175 4176 void 4177 comm_timer_set(struct comm_timer* timer, struct timeval* tv) 4178 { 4179 log_assert(tv); 4180 if(timer->ev_timer->enabled) 4181 comm_timer_disable(timer); 4182 if(ub_timer_add(timer->ev_timer->ev, timer->ev_timer->base->eb->base, 4183 comm_timer_callback, timer, tv) != 0) 4184 log_err("comm_timer_set: evtimer_add failed."); 4185 timer->ev_timer->enabled = 1; 4186 } 4187 4188 void 4189 comm_timer_delete(struct comm_timer* timer) 4190 { 4191 if(!timer) 4192 return; 4193 comm_timer_disable(timer); 4194 /* Free the sub struct timer->ev_timer derived from the super struct timer. 4195 * i.e. assert(timer == timer->ev_timer) 4196 */ 4197 ub_event_free(timer->ev_timer->ev); 4198 free(timer->ev_timer); 4199 } 4200 4201 void 4202 comm_timer_callback(int ATTR_UNUSED(fd), short event, void* arg) 4203 { 4204 struct comm_timer* tm = (struct comm_timer*)arg; 4205 if(!(event&UB_EV_TIMEOUT)) 4206 return; 4207 ub_comm_base_now(tm->ev_timer->base); 4208 tm->ev_timer->enabled = 0; 4209 fptr_ok(fptr_whitelist_comm_timer(tm->callback)); 4210 (*tm->callback)(tm->cb_arg); 4211 } 4212 4213 int 4214 comm_timer_is_set(struct comm_timer* timer) 4215 { 4216 return (int)timer->ev_timer->enabled; 4217 } 4218 4219 size_t 4220 comm_timer_get_mem(struct comm_timer* ATTR_UNUSED(timer)) 4221 { 4222 return sizeof(struct internal_timer); 4223 } 4224 4225 struct comm_signal* 4226 comm_signal_create(struct comm_base* base, 4227 void (*callback)(int, void*), void* cb_arg) 4228 { 4229 struct comm_signal* com = (struct comm_signal*)malloc( 4230 sizeof(struct comm_signal)); 4231 if(!com) { 4232 log_err("malloc failed"); 4233 return NULL; 4234 } 4235 com->base = base; 4236 com->callback = callback; 4237 com->cb_arg = cb_arg; 4238 com->ev_signal = NULL; 4239 return com; 4240 } 4241 4242 void 4243 comm_signal_callback(int sig, short event, void* arg) 4244 { 4245 struct comm_signal* comsig = (struct comm_signal*)arg; 4246 if(!(event & UB_EV_SIGNAL)) 4247 return; 4248 ub_comm_base_now(comsig->base); 4249 fptr_ok(fptr_whitelist_comm_signal(comsig->callback)); 4250 (*comsig->callback)(sig, comsig->cb_arg); 4251 } 4252 4253 int 4254 comm_signal_bind(struct comm_signal* comsig, int sig) 4255 { 4256 struct internal_signal* entry = (struct internal_signal*)calloc(1, 4257 sizeof(struct internal_signal)); 4258 if(!entry) { 4259 log_err("malloc failed"); 4260 return 0; 4261 } 4262 log_assert(comsig); 4263 /* add signal event */ 4264 entry->ev = ub_signal_new(comsig->base->eb->base, sig, 4265 comm_signal_callback, comsig); 4266 if(entry->ev == NULL) { 4267 log_err("Could not create signal event"); 4268 free(entry); 4269 return 0; 4270 } 4271 if(ub_signal_add(entry->ev, NULL) != 0) { 4272 log_err("Could not add signal handler"); 4273 ub_event_free(entry->ev); 4274 free(entry); 4275 return 0; 4276 } 4277 /* link into list */ 4278 entry->next = comsig->ev_signal; 4279 comsig->ev_signal = entry; 4280 return 1; 4281 } 4282 4283 void 4284 comm_signal_delete(struct comm_signal* comsig) 4285 { 4286 struct internal_signal* p, *np; 4287 if(!comsig) 4288 return; 4289 p=comsig->ev_signal; 4290 while(p) { 4291 np = p->next; 4292 ub_signal_del(p->ev); 4293 ub_event_free(p->ev); 4294 free(p); 4295 p = np; 4296 } 4297 free(comsig); 4298 } 4299