respip.c File Reference

This file contains a module that inspects a result of recursive resolution to see if any IP address record should trigger a special action. More...

#include "config.h"
#include "services/localzone.h"
#include "services/authzone.h"
#include "services/cache/dns.h"
#include "sldns/str2wire.h"
#include "util/config_file.h"
#include "util/fptr_wlist.h"
#include "util/module.h"
#include "util/net_help.h"
#include "util/regional.h"
#include "util/data/msgreply.h"
#include "util/storage/dnstree.h"
#include "respip/respip.h"
#include "services/view.h"
#include "sldns/rrdef.h"
#include "util/data/dname.h"

Data Structures

struct  respip_addr_info
 Subset of resp_addr.node, used for inform-variant logging. More...
 
struct  respip_qstate
 Per query state for the response-ip module. More...
 

Enumerations

enum  respip_state { RESPIP_INIT = 0 , RESPIP_SUBQUERY_FINISHED }
 Query state regarding the response-ip module. More...
 

Functions

struct respip_setrespip_set_create (void)
 Create response IP set. More...
 
static void resp_addr_del (rbnode_type *n, void *ATTR_UNUSED(arg))
 helper traverse to delete resp_addr nodes
 
void respip_set_delete (struct respip_set *set)
 Delete response IP set. More...
 
struct rbtree_typerespip_set_get_tree (struct respip_set *set)
 returns address of the IP address tree of the specified respip set; returns NULL for NULL input; exists for test purposes only
 
struct resp_addrrespip_sockaddr_find_or_create (struct respip_set *set, struct sockaddr_storage *addr, socklen_t addrlen, int net, int create, const char *ipstr)
 Find resp_addr in tree, create and add to tree if it does not exist. More...
 
void respip_sockaddr_delete (struct respip_set *set, struct resp_addr *node)
 Delete resp_addr node from tree. More...
 
static struct resp_addrrespip_find_or_create (struct respip_set *set, const char *ipstr, int create)
 returns the node in the address tree for the specified netblock string; non-existent node will be created if 'create' is true
 
static int respip_tag_cfg (struct respip_set *set, const char *ipstr, const uint8_t *taglist, size_t taglen)
 
static int respip_action_cfg (struct respip_set *set, const char *ipstr, const char *actnstr)
 set action for the node specified by the netblock string
 
static struct ub_packed_rrset_keynew_rrset (struct regional *region, uint16_t rrtype, uint16_t rrclass)
 allocate and initialize an rrset structure; this function is based on new_local_rrset() from the localzone.c module
 
int respip_enter_rr (struct regional *region, struct resp_addr *raddr, uint16_t rrtype, uint16_t rrclass, time_t ttl, uint8_t *rdata, size_t rdata_len, const char *rrstr, const char *netblockstr)
 enter local data as resource records into a response-ip node More...
 
static int respip_enter_rrstr (struct regional *region, struct resp_addr *raddr, const char *rrstr, const char *netblock)
 
static int respip_data_cfg (struct respip_set *set, const char *ipstr, const char *rrstr)
 
static int respip_set_apply_cfg (struct respip_set *set, char *const *tagname, int num_tags, struct config_strbytelist *respip_tags, struct config_str2list *respip_actions, struct config_str2list *respip_data)
 
int respip_global_apply_cfg (struct respip_set *set, struct config_file *cfg)
 Apply response-ip config settings to the global (default) view. More...
 
int respip_views_apply_cfg (struct views *vs, struct config_file *cfg, int *have_view_respip_cfg)
 Iterate through raw view data and apply the view-specific respip configuration; at this point we should have already seen all the views, so if any of the views that respip data refer to does not exist, that's an error. More...
 
struct ub_packed_rrset_keyrespip_copy_rrset (const struct ub_packed_rrset_key *key, struct regional *region)
 make a deep copy of 'key' in 'region'. More...
 
int respip_init (struct module_env *env, int id)
 response-ip init
 
void respip_deinit (struct module_env *env, int id)
 response-ip deinit
 
static int rdata2sockaddr (const struct packed_rrset_data *rd, uint16_t rtype, size_t i, struct sockaddr_storage *ss, socklen_t *addrlenp)
 Convert a packed AAAA or A RRset to sockaddr.
 
static struct resp_addrrespip_addr_lookup (const struct reply_info *rep, struct respip_set *rs, size_t *rrset_id, size_t *rr_id)
 Search the given 'iptree' for response address information that matches any of the IP addresses in an AAAA or A in the answer section of the response (stored in 'rep'). More...
 
static int respip_data_answer (enum respip_action action, struct ub_packed_rrset_key *data, uint16_t qtype, const struct reply_info *rep, size_t rrset_id, struct reply_info **new_repp, int tag, struct config_strlist **tag_datas, size_t tag_datas_size, char *const *tagname, int num_tags, struct ub_packed_rrset_key **redirect_rrsetp, struct regional *region)
 See if response-ip or tag data should override the original answer rrset (which is rep->rrsets[rrset_id]) and if so override it. More...
 
static int respip_nodata_answer (uint16_t qtype, enum respip_action action, const struct reply_info *rep, size_t rrset_id, struct reply_info **new_repp, struct regional *region)
 apply response ip action in case where no action data is provided. More...
 
static int populate_action_info (struct respip_action_info *actinfo, enum respip_action action, const struct resp_addr *raddr, const struct ub_packed_rrset_key *ATTR_UNUSED(rrset), int ATTR_UNUSED(tag), const struct respip_set *ATTR_UNUSED(ipset), int ATTR_UNUSED(action_only), struct regional *region, int rpz_used, int rpz_log, char *log_name, int rpz_cname_override)
 Populate action info structure with the results of response-ip action processing, iff as the result of response-ip processing we are actually taking some action. More...
 
static int respip_use_rpz (struct resp_addr *raddr, struct rpz *r, enum respip_action *action, struct ub_packed_rrset_key **data, int *rpz_log, char **log_name, int *rpz_cname_override, struct regional *region, int *is_rpz, int *rpz_passthru)
 
int respip_rewrite_reply (const struct query_info *qinfo, const struct respip_client_info *cinfo, const struct reply_info *rep, struct reply_info **new_repp, struct respip_action_info *actinfo, struct ub_packed_rrset_key **alias_rrset, int search_only, struct regional *region, struct auth_zones *az, int *rpz_passthru)
 See if any IP-based action should apply to any IP address of AAAA/A answer record in the reply. More...
 
static int generate_cname_request (struct module_qstate *qstate, struct ub_packed_rrset_key *alias_rrset)
 
void respip_operate (struct module_qstate *qstate, enum module_ev event, int id, struct outbound_entry *outbound)
 response-ip operate on a query
 
int respip_merge_cname (struct reply_info *base_rep, const struct query_info *qinfo, const struct reply_info *tgt_rep, const struct respip_client_info *cinfo, int must_validate, struct reply_info **new_repp, struct regional *region, struct auth_zones *az)
 Merge two replies to build a complete CNAME chain. More...
 
void respip_inform_super (struct module_qstate *qstate, int id, struct module_qstate *super)
 inform response-ip super
 
void respip_clear (struct module_qstate *qstate, int id)
 response-ip cleanup query state
 
size_t respip_get_mem (struct module_env *env, int id)
 response-ip alloc size routine
 
struct module_func_blockrespip_get_funcblock (void)
 Get the response-ip function block. More...
 
enum respip_action resp_addr_get_action (const struct resp_addr *addr)
 returns respip action for the specified node in the respip address returns respip_none for NULL input; exists for test purposes only
 
struct ub_packed_rrset_keyresp_addr_get_rrset (struct resp_addr *addr)
 returns rrset portion of the specified node in the respip address tree; returns NULL for NULL input; exists for test purposes only
 
int respip_set_is_empty (const struct respip_set *set)
 respip set emptiness test More...
 
void respip_inform_print (struct respip_action_info *respip_actinfo, uint8_t *qname, uint16_t qtype, uint16_t qclass, struct local_rrset *local_alias, struct sockaddr_storage *addr, socklen_t addrlen)
 print log information for a query subject to an inform or inform-deny response-ip action. More...
 

Variables

static struct module_func_block respip_block
 The response-ip function block. More...
 

Detailed Description

This file contains a module that inspects a result of recursive resolution to see if any IP address record should trigger a special action.

If applicable these actions can modify the original response.

Enumeration Type Documentation

◆ respip_state

Query state regarding the response-ip module.

Enumerator
RESPIP_INIT 

The general state.

Unless CNAME chasing takes place, all processing is completed in this state without any other asynchronous event.

RESPIP_SUBQUERY_FINISHED 

A subquery for CNAME chasing is completed.

Function Documentation

◆ respip_set_create()

struct respip_set* respip_set_create ( void  )

Create response IP set.

Returns
new struct or NULL on error.

References addr_tree_init(), and regional_create().

Referenced by respip_conf_actions_test(), respip_conf_data_test(), respip_views_apply_cfg(), and rpz_create().

◆ respip_set_delete()

void respip_set_delete ( struct respip_set set)

Delete response IP set.

Parameters
setto delete.

References regional_destroy(), resp_addr_del(), and traverse_postorder().

Referenced by daemon_cleanup(), respip_conf_data_test(), rpz_clear(), rpz_delete(), and view_delete().

◆ respip_sockaddr_find_or_create()

struct resp_addr* respip_sockaddr_find_or_create ( struct respip_set set,
struct sockaddr_storage *  addr,
socklen_t  addrlen,
int  net,
int  create,
const char *  ipstr 
)

Find resp_addr in tree, create and add to tree if it does not exist.

Parameters
setstruct containing the tree and region to alloc new node on. should hold write lock.
addraddress to look up.
addrlenlength of addr.
netnetblock to lookup.
createcreate node if it does not exist when 1.
ipstrhuman redable ip string, for logging.
Returns
newly created of found node, not holding lock.

References addr_tree_find(), addr_tree_insert(), log_err(), log_warn(), resp_addr::node, addr_tree_node::node, regional_alloc_zero(), and respip_none.

Referenced by respip_find_or_create().

◆ respip_sockaddr_delete()

void respip_sockaddr_delete ( struct respip_set set,
struct resp_addr node 
)

Delete resp_addr node from tree.

Parameters
setstruct containing tree. Must hold write lock.
nodenode to delete. Not locked.

References addr_tree_init_parents(), addr_tree_init_parents_node(), resp_addr::node, rbtree_delete(), and rbtree_previous().

◆ respip_enter_rr()

int respip_enter_rr ( struct regional region,
struct resp_addr raddr,
uint16_t  rrtype,
uint16_t  rrclass,
time_t  ttl,
uint8_t *  rdata,
size_t  rdata_len,
const char *  rrstr,
const char *  netblockstr 
)

◆ respip_global_apply_cfg()

int respip_global_apply_cfg ( struct respip_set set,
struct config_file cfg 
)

Apply response-ip config settings to the global (default) view.

It assumes exclusive access to set (no internal locks).

Parameters
setprocessed global respip config data
cfgconfig data.
Returns
1 on success, 0 on error.

Referenced by respip_conf_data_test().

◆ respip_views_apply_cfg()

int respip_views_apply_cfg ( struct views vs,
struct config_file cfg,
int *  have_view_respip_cfg 
)

Iterate through raw view data and apply the view-specific respip configuration; at this point we should have already seen all the views, so if any of the views that respip data refer to does not exist, that's an error.

Apply response-ip config settings in named views.

This additional iteration through view configuration data is expected to not have significant performance impact (or rather, its performance impact is not expected to be prohibitive in the configuration processing phase).

if no respip config for this view then there's nothing to do; note that even though respip data must go with respip action, we're checking for both here because we want to catch the case where the respip action is missing while the data is present

References view::lock, log_err(), config_view::name, config_view::next, config_view::respip_actions, config_view::respip_data, view::respip_set, respip_set_create(), config_file::views, and views_find_view().

Referenced by respip_view_conf_data_test().

◆ respip_copy_rrset()

struct ub_packed_rrset_key* respip_copy_rrset ( const struct ub_packed_rrset_key key,
struct regional region 
)

make a deep copy of 'key' in 'region'.

This is largely derived from packed_rrset_copy_region() and packed_rrset_ptr_fixup(), but differs in the following points:

  • It doesn't assume all data in 'key' are in a contiguous memory region. Although that would be the case in most cases, 'key' can be passed from a lower-level module and it might not build the rrset to meet the assumption. In fact, an rrset specified as response-ip-data or generated in local_data_find_tag_datas() breaks the assumption. So it would be safer not to naively rely on the assumption. On the other hand, this function ensures the copied rrset data are in a contiguous region so that it won't cause a disruption even if an upper layer module naively assumes the memory layout.
  • It doesn't copy RRSIGs (if any) in 'key'. The rrset will be used in a reply that was already faked, so it doesn't make much sense to provide partial sigs even if they are valid themselves.
  • It doesn't adjust TTLs as it basically has to be a verbatim copy of 'key' just allocated in 'region' (the assumption is necessary TTL adjustment has been already done in 'key').

This function returns the copied rrset key on success, and NULL on memory allocation failure.

References packed_rrset_data::count, lruhash_entry::data, packed_rrset_key::dname, packed_rrset_key::dname_len, ub_packed_rrset_key::entry, lruhash_entry::hash, ub_packed_rrset_key::id, lruhash_entry::key, regional_alloc(), regional_alloc_init(), regional_alloc_zero(), ub_packed_rrset_key::rk, packed_rrset_data::rr_data, packed_rrset_data::rr_len, packed_rrset_data::rr_ttl, and packed_rrset_data::rrsig_count.

Referenced by make_soa_ubrrset(), and respip_data_answer().

◆ respip_addr_lookup()

static struct resp_addr* respip_addr_lookup ( const struct reply_info rep,
struct respip_set rs,
size_t *  rrset_id,
size_t *  rr_id 
)
static

Search the given 'iptree' for response address information that matches any of the IP addresses in an AAAA or A in the answer section of the response (stored in 'rep').

If found, a pointer to the matched resp_addr structure will be returned, and '*rrset_id' is set to the index in rep->rrsets for the RRset that contains the matching IP address record (the index is normally 0, but can be larger than that if this is a CNAME chain or type-ANY response). Returns resp_addr holding read lock.

References addr_tree_lookup(), reply_info::an_numrrsets, packed_rrset_data::count, lruhash_entry::data, ub_packed_rrset_key::entry, LDNS_RR_TYPE_A, LDNS_RR_TYPE_AAAA, resp_addr::lock, rdata2sockaddr(), ub_packed_rrset_key::rk, reply_info::rrsets, and packed_rrset_key::type.

Referenced by respip_rewrite_reply().

◆ respip_data_answer()

static int respip_data_answer ( enum respip_action  action,
struct ub_packed_rrset_key data,
uint16_t  qtype,
const struct reply_info rep,
size_t  rrset_id,
struct reply_info **  new_repp,
int  tag,
struct config_strlist **  tag_datas,
size_t  tag_datas_size,
char *const *  tagname,
int  num_tags,
struct ub_packed_rrset_key **  redirect_rrsetp,
struct regional region 
)
static

See if response-ip or tag data should override the original answer rrset (which is rep->rrsets[rrset_id]) and if so override it.

This is (mostly) equivalent to localzone.c:local_data_answer() but for response-ip actions. Note that this function distinguishes error conditions from "success but not overridden". This is because we want to avoid accidentally applying the "no data" action in case of error.

Parameters
actionaction to apply
dataRRset to use for override
qtypeoriginal query type
reporiginal reply message
rrset_idthe rrset ID in 'rep' to which the action should apply
new_reppsee respip_rewrite_reply
tagif >= 0 the tag ID used to determine the action and data
tag_datasdata corresponding to 'tag'.
tag_datas_sizesize of 'tag_datas'
tagnamearray of tag names, used for logging
num_tagssize of 'tagname', used for logging
redirect_rrsetpptr to redirect record
regionregion for building new reply
Returns
1 if overridden, 0 if not overridden, -1 on error.

References packed_rrset_key::dname, packed_rrset_key::dname_len, LDNS_RR_TYPE_ANY, local_data_find_tag_datas(), query_info::qclass, query_info::qname, query_info::qname_len, query_info::qtype, respip_copy_rrset(), respip_redirect, ub_packed_rrset_key::rk, packed_rrset_key::rrset_class, reply_info::rrsets, packed_rrset_key::type, VERB_ALGO, and verbose().

◆ respip_nodata_answer()

static int respip_nodata_answer ( uint16_t  qtype,
enum respip_action  action,
const struct reply_info rep,
size_t  rrset_id,
struct reply_info **  new_repp,
struct regional region 
)
static

apply response ip action in case where no action data is provided.

this is similar to localzone.c:lz_zone_answer() but simplified due to the characteristics of response ip:

  • 'deny' variants will be handled at the caller side
  • no specific processing for 'transparent' variants: unlike local zones, there is no such a case of 'no data but name existing'. so all variants just mean 'transparent if no data'.
    Parameters
    qtypequery type
    actionfound action
    rep
    new_repp
    rrset_id
    regionregion for building new reply
    Returns
    1 on success, 0 on error.

References respip_always_refuse, and respip_refuse.

◆ populate_action_info()

static int populate_action_info ( struct respip_action_info actinfo,
enum respip_action  action,
const struct resp_addr raddr,
const struct ub_packed_rrset_key ATTR_UNUSEDrrset,
int   ATTR_UNUSEDtag,
const struct respip_set ATTR_UNUSEDipset,
int   ATTR_UNUSEDaction_only,
struct regional region,
int  rpz_used,
int  rpz_log,
char *  log_name,
int  rpz_cname_override 
)
static

Populate action info structure with the results of response-ip action processing, iff as the result of response-ip processing we are actually taking some action.

Only action is set if action_only is true. Returns true on success, false on failure.

◆ respip_rewrite_reply()

int respip_rewrite_reply ( const struct query_info qinfo,
const struct respip_client_info cinfo,
const struct reply_info rep,
struct reply_info **  new_repp,
struct respip_action_info actinfo,
struct ub_packed_rrset_key **  alias_rrset,
int  search_only,
struct regional region,
struct auth_zones az,
int *  rpz_passthru 
)

See if any IP-based action should apply to any IP address of AAAA/A answer record in the reply.

If so, apply the action. In some cases it rewrites the reply rrsets, in which case *new_repp will point to the updated reply info. Depending on the action, some of the rrsets in 'rep' will be shallow-copied into '*new_repp'; the caller must ensure that the rrsets in 'rep' are valid throughout the lifetime of *new_repp, and it must provide appropriate mutex if the rrsets can be shared by multiple threads.

Parameters
qinfoquery info corresponding to the reply.
cinfoclient-specific info to identify the best matching action. can be NULL.
reporiginal reply info. must not be NULL.
new_reppcan be set to the rewritten reply info (intact on failure).
actinforesult of response-ip processing
alias_rrsetmust not be NULL.
search_onlyif true, only check if an action would apply. actionp will be set (or intact) accordingly but the modified reply won't be built.
azauth zones containing RPZ information.
regionallocator to build *new_repp.
rpz_passthrukeeps track of query state can have passthru that stops further rpz processing. Or NULL for cached answer processing.
Returns
1 on success, 0 on error.

Try to use response-ip config from the view first; use global response-ip config if we don't have the view or we don't have the matching per-view config (and the view allows the use of global data in this case). Note that we lock the view even if we only use view members that currently don't change after creation. This is for safety for future possible changes as the view documentation seems to expect any of its member can change in the view's lifetime. Note also that we assume 'view' is valid in this function, which should be safe (see unbound bug #1191)

for per-view respip directives the action can only be direct (i.e. not tag-based)

References resp_addr::action, view::isfirst, local_data_find_tag_action(), auth_zone::lock, view::lock, log_assert, respip_addr_lookup(), respip_none, view::respip_set, auth_zone::rpz, auth_zone::rpz_az_next, auth_zones::rpz_first, auth_zones::rpz_lock, resp_addr::taglen, resp_addr::taglist, and taglist_intersect().

Referenced by apply_respip_action(), and respip_operate().

◆ respip_merge_cname()

int respip_merge_cname ( struct reply_info base_rep,
const struct query_info qinfo,
const struct reply_info tgt_rep,
const struct respip_client_info cinfo,
int  must_validate,
struct reply_info **  new_repp,
struct regional region,
struct auth_zones az 
)

Merge two replies to build a complete CNAME chain.

It appends the content of 'tgt_rep' to 'base_rep', assuming (but not checking) the former ends with a CNAME and the latter resolves its target. A merged new reply will be built using 'region' and *new_repp will point to the new one on success. If the target reply would also be subject to a response-ip action for 'cinfo', this function uses 'base_rep' as the merged reply, ignoring 'tgt_rep'. This is for avoiding cases like a CNAME loop or failure of applying an action to an address. RRSIGs in 'tgt_rep' will be excluded in the merged reply, as the resulting reply is assumed to be faked due to a response-ip action and can't be considered secure in terms of DNSSEC. The caller must ensure that neither 'base_rep' nor 'tgt_rep' can be modified until this function returns.

Parameters
base_repthe reply info containing an incomplete CNAME.
qinfoquery info corresponding to 'base_rep'.
tgt_repthe reply info that completes the CNAME chain.
cinfoclient info corresponding to 'base_rep'.
must_validatewhether 'tgt_rep' must be DNSSEC-validated.
new_repppointer placeholder for the merged reply. will be intact on error.
regionallocator to build *new_repp.
azauth zones containing RPZ information.
Returns
1 on success, 0 on error.

References reply_info::flags, FLAGS_GET_RCODE, and respip_none.

Referenced by mesh_serve_expired_callback().

◆ respip_get_funcblock()

struct module_func_block* respip_get_funcblock ( void  )

Get the response-ip function block.

Returns
: function block with function pointers to response-ip methods.

Referenced by module_funcs_avail().

◆ respip_set_is_empty()

int respip_set_is_empty ( const struct respip_set set)

respip set emptiness test

Parameters
setrespip set to test
Returns
0 if the specified set exists (non-NULL) and is non-empty; otherwise returns 1

References rbtree_type::count.

◆ respip_inform_print()

void respip_inform_print ( struct respip_action_info respip_actinfo,
uint8_t *  qname,
uint16_t  qtype,
uint16_t  qclass,
struct local_rrset local_alias,
struct sockaddr_storage *  addr,
socklen_t  addrlen 
)

print log information for a query subject to an inform or inform-deny response-ip action.

Parameters
respip_actinforesponse-ip information that causes the action
qnamequery name in the context, will be ignored if local_alias is non-NULL.
qtypequery type, in host byte order.
qclassquery class, in host byte order.
local_aliasset to a local alias if the query matches an alias in a local zone. In this case its owner name will be considered the actual query name.
addrthe client's source address and port.
addrlenthe client's source address length.

References addr_to_str(), packed_rrset_key::dname, ub_packed_rrset_key::rk, rpz_action_to_string(), and local_rrset::rrset.

Referenced by apply_respip_action(), and mesh_serve_expired_callback().

Variable Documentation

◆ respip_block

struct module_func_block respip_block
static
Initial value:
= {
"respip",
}
void respip_clear(struct module_qstate *qstate, int id)
response-ip cleanup query state
Definition: respip.c:1244
size_t respip_get_mem(struct module_env *env, int id)
response-ip alloc size routine
Definition: respip.c:1250
void respip_inform_super(struct module_qstate *qstate, int id, struct module_qstate *super)
inform response-ip super
Definition: respip.c:1209
void respip_deinit(struct module_env *env, int id)
response-ip deinit
Definition: respip.c:559
void respip_operate(struct module_qstate *qstate, enum module_ev event, int id, struct outbound_entry *outbound)
response-ip operate on a query
Definition: respip.c:1062
int respip_init(struct module_env *env, int id)
response-ip init
Definition: respip.c:551

The response-ip function block.

Referenced by resp_addr_get_action().