summaryrefslogtreecommitdiff
path: root/src/dnsstub
diff options
context:
space:
mode:
Diffstat (limited to 'src/dnsstub')
-rw-r--r--src/dnsstub/README.md171
-rw-r--r--src/dnsstub/dns_cname.c6
-rw-r--r--src/dnsstub/dns_dfd.c8
-rw-r--r--src/dnsstub/dns_domain.c8
-rw-r--r--src/dnsstub/dns_dtda.c8
-rw-r--r--src/dnsstub/dns_ip.c8
-rw-r--r--src/dnsstub/dns_ipq.c12
-rw-r--r--src/dnsstub/dns_mx.c13
-rw-r--r--src/dnsstub/dns_name.c11
-rw-r--r--src/dnsstub/dns_nd.c8
-rw-r--r--src/dnsstub/dns_packet.c10
-rw-r--r--src/dnsstub/dns_random.c8
-rw-r--r--src/dnsstub/dns_rcip.c28
-rw-r--r--src/dnsstub/dns_rcrw.c14
-rw-r--r--src/dnsstub/dns_resolve.c8
-rw-r--r--src/dnsstub/dns_sortip.c12
-rw-r--r--src/dnsstub/dns_transmit.c10
-rw-r--r--src/dnsstub/dns_txt.c3
18 files changed, 91 insertions, 255 deletions
diff --git a/src/dnsstub/README.md b/src/dnsstub/README.md
deleted file mode 100644
index 95cd11c..0000000
--- a/src/dnsstub/README.md
+++ /dev/null
@@ -1,171 +0,0 @@
-/*! \mainpage
-
-Stub Resolver
-=============
-
-Simple DJBDNS stub-resolver based on 'djbdns-1.05(IPv6)' allowing for each
-calling application individually to include up to 16 DNSCACHEIP(s)
-as DNS forwarding/resolving servers to be tried sequentially.
-
-IP Addresses
-------------
-
-Here,
- - global IPv6,
- - IPv6 ULA, and
- - IPv6 LLU addresses with a given Interface-Id
-can be specified. The IPv4 format could be either a
- - legacy dotted-decimal or a
- - IPv4-mapped IPv6 address.
-
-In any case, compactified IPv6 addresses are understood.
-IPv4/IPv6 addresses in brackets are understood by dns_ip.
-
-Resolver Call
--------------
-
-If $DNSCACHEIP is not provided as environment variable, the stub-resolver
-will use the system-wide
- - /etc/resolv.conf
-file; however now without the capability for IPv6 LLU addresses.
-While IPv4-mapped IPv6 addresses are supported here by default as well,
-care has to taken not to jeopardize other client's usage.
-
-Name Qualification
-------------------
-
-If provided, the stub-resolver uses either a system-wide configuration file
- - /etc/dnsrewritefile or assumes this file to available as given in
- - $DNSREWRITEFILE
-in order to define persistent mapping-rules of local domain names to public
-ones (for lookup) or IP addresses (for direct matching).
-
-Well-known domain names 'localhost', 'ip4-loopback' and 'ip6-loopback'
-are handled locally, thus no DNS query is used (RFC 6761).
-'localhost' is advertised as '::1' and '::ff:127.0.0.1' in it's native
-IPv6 format. It is up to the caller to convert the IPv6-mapped IPv4
-address to the IPv4 format.
-
-Local domain names can be alternatively specified (per application) using
-the environment variable
- - $LOCALDOMAIN
-to be appended to unqualified hostnames dynamically. This is roughly equivalent
-with the 'search' string in /etc/resolv. Several domains names may be
-specified within $LOCALDOMAIN separated by blanks.
-
-See: https://cr.yp.to/djbdns/qualify.html
-
-
-Specific DNS Record type lookup
--------------------------------
-
-* dns_ip (A, AAAAA)
-* dns_name (PTR)
-* dns_cname (CNAME)
-* dns_txt (TXT) -- now considering several 'labels'
-* dns_mx (MX)
-
-
-Internals
----------
-
-* UDP message size:
-Unlike other implementations, this DNS stub-resolver supports UDP packet
-sizes up to 1028 byte without the need for (E)DNS0 packet enhancements.
-
-* DNS UDP query retrials:
-In case the NS is not able to initally reply to the query,
-it is retried again at the intervalls {1, 2, 4, 8, 16} secs.
-
-* DNS name qualification (dns_ip_qualify):
-Well-known domain names are qualified locally without invoking a DNS query
-while handling IPv4 and IPv6 addresses separately.
-
-* NS qualification/sorting for NS replies:
-NS qualification is not supported (yet), thus we use a randomly sorted
-list of NS IP addresses.
-
-* Query/Reply to/from DNS Cache servers/forwarders:
-Neither message (CurveDNS) nor transport layer (TLS) encryption is provided;
-the sub-resolver 'trusts' it's upstream caches/forwarders. We recommend to
-setup communication on private IPv4/IPv6 addresses; if applicable.
-
-* DNS TXT Records:
-The label substructure is now recognized in the RDATA section;
-each label may have the size of 255 byte.
-The length information is excluded from the output.
-Only printable characters are recognized in the output.
-
-* Return Codes:
-Different from DJB's initial routines, the DNS front-end routines
- dns_cname*, dns_ip*, dns_mx*, dns_name*, dns dns_txt*
-return now the number of replies received (not bytes!).
-Thus, three cases need to be considered:
-
- - rc < 0: Problem occured (SOFTFAIL, HARDFAIL)
- - rc = 0: No answer obtained (but query was successful) = NXDOMAIN
- - rc > 0: rc answers received; positive reply
-
-For return codes < 0, the following conventions have been applied:
-
- include/dnsresolv.h
-
-\#define DNS_NXD 0
-\#define DNS_MEM -1
-\#define DNS_ERR -2 /* parsing errors and others */
-\#define DNS_COM -3 /* (socket) communication errors */
-\#define DNS_INT -4 /* internal errors */
-\#define DNS_SOFT -5 /* either -2 or -3 */
-\#define DNS_HARD -6 /* CNAME loop problem */
-
-The modification of the return code is typically not problematic,
-since mostly just rc = -1 is checked.
-
-In the future, these return codes are subject of change.
-Thus, instead of
-
- if (dns_XX(...) == -1)
-
-one shoud use the more general syntax
-
- if (dns_XX(...) < 0)
-
-to check for 'negative' results, allowing further actions
-and refinements given the calling sequence.
-
-
-
-Environment Variables Read
---------------------------
-
-$DNSCACHEPIP The upstream resolver's IP[v4|v6] addresses (up to 32).
- IPv6 LLU addresses may be suffixed with the interface name.
-$DNSREWRITEFILE Alternate location for the system-wide
- /etc/dnsrewrite
-file
-$LOCALDOMAIN Additional local domain name appended to unqualified
- hostnames dynamically.
-
-Sample for the file /etc/dnsrewrite:
-
-\#annything.local -> me
-\-.example.com:me
-\# me -> 127.0.0.1
-\=me:127.0.0.1
-\# any.name.a -> any.name.af.mil
-\*.a:.af.mil
-\# any-name-without-dots -> any-name-without-dots.heaven.af.mil
-\?:.heaven.af.mil
-\# remove trailing dot
-\*.:
-
-and DJB's explanations are given here:
-
-Instructions are followed in order, each at most once. There are four types of instructions:
-
-\=post:new means that the host name post is replaced by new.
-\*post:new means that any name of the form prepost is replaced by prenew.
-\?post:new means that any name of the form prepost, where pre does not contain dots or brackets, is replaced by prenew.
-\-post:new means that any name of the form prepost is replaced by new.
-
-Erwin Hoffmann, June 2023.
diff --git a/src/dnsstub/dns_cname.c b/src/dnsstub/dns_cname.c
index d1ea110..1235f06 100644
--- a/src/dnsstub/dns_cname.c
+++ b/src/dnsstub/dns_cname.c
@@ -6,9 +6,9 @@
#include "uint_t.h"
/**
- @file dns_cname.c
- @author feh
- @brief DNS cname lookup
+ @file dns_cname.c
+ @author feh
+ @brief DNS cname lookup
*/
static char *q = 0;
diff --git a/src/dnsstub/dns_dfd.c b/src/dnsstub/dns_dfd.c
index 645d068..832bd6e 100644
--- a/src/dnsstub/dns_dfd.c
+++ b/src/dnsstub/dns_dfd.c
@@ -4,10 +4,10 @@
#include "error.h"
/**
- @file dns_dfd.c
- @author djb
- @source ucspi-tcp
- @brief domain name qualification (domain from dot)
+ @file dns_dfd.c
+ @author djb
+ @source ucspi-tcp
+ @brief domain name qualification (domain from dot)
*/
int dns_domain_fromdot(char **out, const char *buf, unsigned int n)
diff --git a/src/dnsstub/dns_domain.c b/src/dnsstub/dns_domain.c
index 4ee7ba3..dcdf2f2 100644
--- a/src/dnsstub/dns_domain.c
+++ b/src/dnsstub/dns_domain.c
@@ -4,10 +4,10 @@
#include "dnsresolv.h"
/**
- @file dns_domain.c
- @author djb
- @source ucspi-tcp
- @brief domain qualification
+ @file dns_domain.c
+ @author djb
+ @source ucspi-tcp
+ @brief domain qualification
*/
unsigned int dns_domain_length(const char *dn)
diff --git a/src/dnsstub/dns_dtda.c b/src/dnsstub/dns_dtda.c
index 13e6051..f1b7d58 100644
--- a/src/dnsstub/dns_dtda.c
+++ b/src/dnsstub/dns_dtda.c
@@ -2,10 +2,10 @@
#include "stralloc.h"
/**
- @file dns_dtda.c
- @author djb
- @source ucspi-tcp
- @brief domain to dot append
+ @file dns_dtda.c
+ @author djb
+ @source ucspi-tcp
+ @brief domain to dot append
*/
int dns_domain_todot_cat(stralloc *out, const char *d)
diff --git a/src/dnsstub/dns_ip.c b/src/dnsstub/dns_ip.c
index 0a63022..913c310 100644
--- a/src/dnsstub/dns_ip.c
+++ b/src/dnsstub/dns_ip.c
@@ -5,10 +5,10 @@
#include "uint_t.h"
/**
- @file dns_ip.c
- @author djb, fefe, feh
- @source ucspi-tcp6
- @brief DNS IP query
+ @file dns_ip.c
+ @author djb, fefe, feh
+ @source ucspi-tcp6
+ @brief DNS IP query
*/
static char *q = 0;
diff --git a/src/dnsstub/dns_ipq.c b/src/dnsstub/dns_ipq.c
index d1a40e5..49049b5 100644
--- a/src/dnsstub/dns_ipq.c
+++ b/src/dnsstub/dns_ipq.c
@@ -7,14 +7,14 @@
#include "stralloc.h"
/**
- @file dns_ipq.c
- @author djb, feh
- @source ucspi-tcp
- @brief DNS hostname qualification for ipv4 and ipv6
+ @file dns_ipq.c
+ @author djb, feh
+ @source ucspi-tcp
+ @brief DNS hostname qualification for ipv4 and ipv6
*/
-/**
- @fn int doit -> @return number of added chars to name
+/**
+ @fn int doit -> @return number of added chars to name
*/
static int doit(stralloc *work, const char *rule)
{
diff --git a/src/dnsstub/dns_mx.c b/src/dnsstub/dns_mx.c
index 3a140d2..967999e 100644
--- a/src/dnsstub/dns_mx.c
+++ b/src/dnsstub/dns_mx.c
@@ -4,11 +4,11 @@
#include "uint_t.h"
/**
- @file dns_mx.c
- @author djb
- @source qmail
- @brief dns MX query
- @param (on output) stralloc out
+ @file dns_mx.c
+ @author djb
+ @source qmail
+ @brief dns MX query
+ @param (on output) stralloc out
*/
static char *q = 0;
@@ -37,7 +37,7 @@ int dns_mx_packet(stralloc *out, const char *buf, unsigned int len)
pos = dns_packet_copy(buf, len, pos, header, 10);
if (!pos) return DNS_ERR;
uint16_unpack_big(header + 8, &datalen);
- if (byte_equal(header, 2, DNS_T_MX))
+ if (byte_equal(header, 2, DNS_T_MX)) {
if (byte_equal(header + 2, 2, DNS_C_IN)) {
if (!dns_packet_copy(buf, len, pos, pref, 2)) return DNS_ERR;
if (!dns_packet_getname(buf, len, pos + 2, &q)) return DNS_ERR;
@@ -45,6 +45,7 @@ int dns_mx_packet(stralloc *out, const char *buf, unsigned int len)
if (dns_domain_todot_cat(out, q) <= 0) return DNS_ERR;
if (!stralloc_0(out)) return DNS_MEM;
}
+ }
pos += datalen;
++ranswers;
}
diff --git a/src/dnsstub/dns_name.c b/src/dnsstub/dns_name.c
index db4565a..1802143 100644
--- a/src/dnsstub/dns_name.c
+++ b/src/dnsstub/dns_name.c
@@ -5,10 +5,10 @@
#include "uint_t.h"
/**
- @file dns_name.c
- @author djb, fefe, feh
- @source ucspi-tcp
- @brief DNS name query (ptr)
+ @file dns_name.c
+ @author djb, fefe, feh
+ @source ucspi-tcp
+ @brief DNS name query (ptr)
*/
static char *q = 0;
@@ -35,12 +35,13 @@ int dns_name_packet(stralloc *out, const char *buf, unsigned int len)
pos = dns_packet_copy(buf, len, pos, header, 10);
if (!pos) return DNS_ERR;
uint16_unpack_big(header + 8, &datalen);
- if (byte_equal(header, 2, DNS_T_PTR))
+ if (byte_equal(header, 2, DNS_T_PTR)) {
if (byte_equal(header + 2, 2, DNS_C_IN)) {
if (!dns_packet_getname(buf, len, pos, &q)) return DNS_ERR;
if (dns_domain_todot_cat(out, q) <= 0) return DNS_ERR;
return 1;
}
+ }
pos += datalen;
}
diff --git a/src/dnsstub/dns_nd.c b/src/dnsstub/dns_nd.c
index 3bbbeca..b8e153a 100644
--- a/src/dnsstub/dns_nd.c
+++ b/src/dnsstub/dns_nd.c
@@ -4,10 +4,10 @@
#include "ip.h"
/**
- @file dns_nd.c
- @autor djb, fefe
- @source ucspi-tcp
- @brief DNS domain name for ip (wire format)
+ @file dns_nd.c
+ @autor djb, fefe
+ @source ucspi-tcp
+ @brief DNS domain name for ip (wire format)
*/
int dns_name4_domain(char name[DNS_NAME4_DOMAIN], const char ip[4])
diff --git a/src/dnsstub/dns_packet.c b/src/dnsstub/dns_packet.c
index 2b2040f..66d6196 100644
--- a/src/dnsstub/dns_packet.c
+++ b/src/dnsstub/dns_packet.c
@@ -2,11 +2,11 @@
#include "error.h"
/**
- @file dns_packet.c
- @author djb
- @source ucspi-tcp
- @brief DNS low level packet routine
- @brief DNS should have used LZ77 instead of its own sophomoric compression algorithm.
+ @file dns_packet.c
+ @author djb
+ @source ucspi-tcp
+ @brief DNS low level packet routine
+ @brief DNS should have used LZ77 instead of its own sophomoric compression algorithm.
*/
unsigned int dns_packet_copy(
diff --git a/src/dnsstub/dns_random.c b/src/dnsstub/dns_random.c
index 8b89244..d345c78 100644
--- a/src/dnsstub/dns_random.c
+++ b/src/dnsstub/dns_random.c
@@ -5,10 +5,10 @@
#include "uint_t.h"
/**
- @file dns_random.c
- @author djb
- @source ucspi-tcp
- @brief random use of DNS resolvers given their IP
+ @file dns_random.c
+ @author djb
+ @source ucspi-tcp
+ @brief random use of DNS resolvers given their IP
*/
static uint32 seed[32];
diff --git a/src/dnsstub/dns_rcip.c b/src/dnsstub/dns_rcip.c
index fd86df9..2d6ad08 100644
--- a/src/dnsstub/dns_rcip.c
+++ b/src/dnsstub/dns_rcip.c
@@ -7,10 +7,10 @@
#include "taia.h"
/**
- @file dns_rcip.c
- @author djb, fefe, feh
- @source ucspi-tcp
- @brief DNS receive for query
+ @file dns_rcip.c
+ @author djb, fefe, feh
+ @source ucspi-tcp
+ @brief DNS receive for query
*/
static stralloc data = {0};
@@ -26,25 +26,26 @@ static int init(char ip[QUERY_MAXIPLEN], uint32 sid[QUERY_MAXNS])
char ip4[4];
/* Read (compactified) IPv4|v6 addresses of resolvers
- Store them in array IP with fixed length :
- ip(64) -> 16 IPv4 addresses (not used anymore)
- ip(512) -> 16*2 IPv6 addresses (we use IPv4 mapped IPv6 addresses)
- sid(32) -> the scope for the respective IPv6 or 0
-*/
+ Store them in array IP with fixed length:
+ ip(64) -> 16 IPv4 addresses (not used anymore)
+ ip(512) -> 16*2 IPv6 addresses (we use IPv4 mapped IPv6 addresses)
+ sid(32) -> the scope for the respective IPv6 or 0
+ */
for (i = 0; i < QUERY_MAXNS; ++i) sid[i] = 0;
x = env_get("DNSCACHEIP");
- if (x)
+ if (x) {
while (iplen <= 240 && *x != '\0') {
- if (*x == ' ')
+ if (*x == ' ') {
++x;
- else if ((i = ip6_ifscan(x, ip + iplen, &ifname))) {
+ } else if ((i = ip6_ifscan(x, ip + iplen, &ifname))) {
if (ifname.len > 2) sid[k] = socket_getifidx(ifname.s);
iplen += 16;
k++;
if (*(x += i) == '\0') break;
}
}
+ }
if (!iplen) {
i = openreadclose("/etc/resolv.conf", &data, 64);
@@ -52,7 +53,7 @@ static int init(char ip[QUERY_MAXIPLEN], uint32 sid[QUERY_MAXNS])
if (i) {
if (!stralloc_append(&data, "\n")) return DNS_MEM;
i = 0;
- for (j = 0; j < data.len; ++j)
+ for (j = 0; j < data.len; ++j) {
if (data.s[j] == '\n') {
if (byte_equal("nameserver ", 11, data.s + i) || byte_equal("nameserver\t", 11, data.s + i)) {
i += 10;
@@ -75,6 +76,7 @@ static int init(char ip[QUERY_MAXIPLEN], uint32 sid[QUERY_MAXNS])
}
i = j + 1;
}
+ }
}
}
diff --git a/src/dnsstub/dns_rcrw.c b/src/dnsstub/dns_rcrw.c
index 8c15591..95239a2 100644
--- a/src/dnsstub/dns_rcrw.c
+++ b/src/dnsstub/dns_rcrw.c
@@ -8,10 +8,10 @@
#include "taia.h"
/**
- @file dns_rcrw.c
- @author djb
- @source ucspi-tcp
- @brief DNS receive rewrite
+ @file dns_rcrw.c
+ @author djb
+ @source ucspi-tcp
+ @brief DNS receive rewrite
*/
static stralloc data = {0};
@@ -56,12 +56,13 @@ static int init(stralloc *rules)
if (!stralloc_append(&data, " ")) return DNS_MEM;
if (!stralloc_copys(rules, "?:")) return DNS_MEM;
i = 0;
- for (j = 0; j < data.len; ++j)
+ for (j = 0; j < data.len; ++j) {
if (data.s[j] == ' ') {
if (!stralloc_cats(rules, "+.")) return DNS_MEM;
if (!stralloc_catb(rules, data.s + i, j - i)) return DNS_MEM;
i = j + 1;
}
+ }
if (!stralloc_0(rules)) return DNS_MEM;
if (!stralloc_cats(rules, "*.:")) return DNS_MEM;
if (!stralloc_0(rules)) return DNS_MEM;
@@ -74,7 +75,7 @@ static int init(stralloc *rules)
if (i) {
if (!stralloc_append(&data, "\n")) return DNS_MEM;
i = 0;
- for (j = 0; j < data.len; ++j)
+ for (j = 0; j < data.len; ++j) {
if (data.s[j] == '\n') {
if (byte_equal("search ", 7, data.s + i) || byte_equal("search\t", 7, data.s + i)
|| byte_equal("domain ", 7, data.s + i) || byte_equal("domain\t", 7, data.s + i))
@@ -99,6 +100,7 @@ static int init(stralloc *rules)
}
i = j + 1;
}
+ }
}
host[0] = 0;
diff --git a/src/dnsstub/dns_resolve.c b/src/dnsstub/dns_resolve.c
index 90c5615..6257b08 100644
--- a/src/dnsstub/dns_resolve.c
+++ b/src/dnsstub/dns_resolve.c
@@ -5,10 +5,10 @@
#include "taia.h"
/**
- @file dns_resolve.c
- @author djb, fefe, feh
- @source ucspi-tcp
- @brief high-level DNS resolve function
+ @file dns_resolve.c
+ @author djb, fefe, feh
+ @source ucspi-tcp
+ @brief high-level DNS resolve function
*/
struct dns_transmit dns_resolve_tx = {0};
diff --git a/src/dnsstub/dns_sortip.c b/src/dnsstub/dns_sortip.c
index 886e989..f319f53 100644
--- a/src/dnsstub/dns_sortip.c
+++ b/src/dnsstub/dns_sortip.c
@@ -3,10 +3,10 @@
#include "ip.h"
/**
- @file dns_sortip.c
- @authors djb, fefe, feh
- @source ucspi-tcp6
- @brief random sort of DNS servers per IP
+ @file dns_sortip.c
+ @authors djb, fefe, feh
+ @source ucspi-tcp6
+ @brief random sort of DNS servers per IP
*/
/* XXX: sort servers by configurable notion of closeness? */
@@ -19,7 +19,7 @@ void dns_sortip4(char *s, unsigned int n)
unsigned int i;
char tmp[4];
- n >>= 2; /* 4 byte per IPv4 address */
+ n >>= 2; // 4 byte per IPv4 address
while (n > 1) {
i = dns_random(n);
--n;
@@ -34,7 +34,7 @@ void dns_sortip6(char *s, unsigned int n)
unsigned int i;
char tmp[16];
- n >>= 4; /* 16 byte per IPv4 address */
+ n >>= 4; // 16 byte per IPv4 address
while (n > 1) {
i = dns_random(n);
--n;
diff --git a/src/dnsstub/dns_transmit.c b/src/dnsstub/dns_transmit.c
index e041312..96eb38c 100644
--- a/src/dnsstub/dns_transmit.c
+++ b/src/dnsstub/dns_transmit.c
@@ -11,11 +11,11 @@
#include "uint_t.h"
/**
- @file dns_transmit.c
- @authors djb, fefe, feh
- @source qlibs
- @brief DNS query function
- @brief scope_ids[32] -> 32 LLU root servers supported
+ @file dns_transmit.c
+ @authors djb, fefe, feh
+ @source qlibs
+ @brief DNS query function
+ @brief scope_ids[32] -> 32 LLU root servers supported
*/
#define DNSPORT 53
diff --git a/src/dnsstub/dns_txt.c b/src/dnsstub/dns_txt.c
index ce0afc4..8368a05 100644
--- a/src/dnsstub/dns_txt.c
+++ b/src/dnsstub/dns_txt.c
@@ -29,7 +29,7 @@ int dns_txt_packet(stralloc *out, const char *buf, unsigned int len)
pos = dns_packet_copy(buf, len, pos, header, 10);
if (!pos) return DNS_ERR;
uint16_unpack_big(header + 8, &datalen);
- if (byte_equal(header, 2, DNS_T_TXT))
+ if (byte_equal(header, 2, DNS_T_TXT)) {
if (byte_equal(header + 2, 2, DNS_C_IN)) {
if (pos + datalen > len) return DNS_ERR;
txtlen = (unsigned char)buf[pos];
@@ -44,6 +44,7 @@ int dns_txt_packet(stralloc *out, const char *buf, unsigned int len)
}
}
}
+ }
pos += datalen;
++ranswers;
if (numanswers)