search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
checkpoint some cleanups
[tor.git] / src / or / dns.c
bloba47290e73152b9bc4b369f5a0d4f4fdb411502cf
1 /* Copyright 2003-2004 Roger Dingledine.
2 * Copyright 2004-2006 Roger Dingledine, Nick Mathewson. */
3 /* See LICENSE for licensing information */
4 /* $Id$ */
5 const char dns_c_id[] =
6 "$Id$";
7
8 /**
9 * \file dns.c
10 * \brief Implements a local cache for DNS results for Tor servers.
11 * We provide two asynchronous backend implementations:
12 * 1) A farm of 'DNS worker' threads or processes to perform DNS lookups for
13 * onion routers and cache the results.
14 * 2) A wrapper around Adam Langley's eventdns.c code, to send requests
15 * to the nameservers asynchronously.
16 * (We can't just use gethostbyname() and friends because we really need to
17 * be nonblocking.)
18 **/
19
20 #include "or.h"
21 #include "../common/ht.h"
22 #ifdef USE_EVENTDNS
23 #include "eventdns.h"
24 #endif
25
26 /** Longest hostname we're willing to resolve. */
27 #define MAX_ADDRESSLEN 256
28
29 /** Maximum DNS processes to spawn. */
30 #define MAX_DNSWORKERS 100
31 /** Minimum DNS processes to spawn. */
32 #define MIN_DNSWORKERS 3
33
34 /** If more than this many processes are idle, shut down the extras. */
35 #define MAX_IDLE_DNSWORKERS 10
36
37 /** How long will we wait for an answer from the resolver before we decide
38 * that the resolver is wedged? */
39 #define RESOLVE_MAX_TIMEOUT 300
40
41 /** Possible outcomes from hostname lookup: permanent failure,
42 * transient (retryable) failure, and success. */
43 #define DNS_RESOLVE_FAILED_TRANSIENT 1
44 #define DNS_RESOLVE_FAILED_PERMANENT 2
45 #define DNS_RESOLVE_SUCCEEDED 3
46
47 #ifndef USE_EVENTDNS
48 /** How many dnsworkers we have running right now. */
49 static int num_dnsworkers=0;
50 /** How many of the running dnsworkers have an assigned task right now. */
51 static int num_dnsworkers_busy=0;
52 /** When did we last rotate the dnsworkers? */
53 static time_t last_rotation_time=0;
54 #else
55 /** Have we currently configured nameservers with eventdns? */
56 static int nameservers_configured = 0;
57 /** What was the resolv_conf fname we last used when configuring the
58 * nameservers? Used to check whether we need to reconfigure. */
59 static char *resolv_conf_fname = NULL;
60 /** What was the mtime on the resolv.conf file we last used when configuring
61 * the nameservers? Used to check whether we need to reconfigure. */
62 static time_t resolv_conf_mtime = 0;
63 #endif
64
65 /** Linked list of connections waiting for a DNS answer. */
66 typedef struct pending_connection_t {
67 edge_connection_t *conn;
68 struct pending_connection_t *next;
69 } pending_connection_t;
70
71 #define CACHED_RESOLVE_MAGIC 0x1234F00D
72
73 /* Possible states for a cached resolve_t */
74 /** We are waiting for the resolver system to tell us an answer here.
75 * When we get one, or when we time out, the state of this cached_resolve_t
76 * will become "DONE" and we'll possibly add a CACHED_VALID or a CACHED_FAILED
77 * entry. This cached_resolve_t will be in the hash table so that we will
78 * know not to launch more requests for this addr, but rather to add more
79 * connections to the pending list for the addr. */
80 #define CACHE_STATE_PENDING 0
81 /** This used to be a pending cached_resolve_t, and we got an answer for it.
82 * Now we're waiting for this cached_resolve_t to expire. This should
83 * have no pending connections, and should not appear in the hash table. */
84 #define CACHE_STATE_DONE 1
85 /** We are caching an answer for this address. This should have no pending
86 * connections, and should appear in the hash table. */
87 #define CACHE_STATE_CACHED_VALID 2
88 /** We are caching a failure for this address. This should have no pending
89 * connections, and should appear in the hash table */
90 #define CACHE_STATE_CACHED_FAILED 3
91
92 /** A DNS request: possibly completed, possibly pending; cached_resolve
93 * structs are stored at the OR side in a hash table, and as a linked
94 * list from oldest to newest.
95 */
96 typedef struct cached_resolve_t {
97 HT_ENTRY(cached_resolve_t) node;
98 uint32_t magic;
99 char address[MAX_ADDRESSLEN]; /**< The hostname to be resolved. */
100 union {
101 uint32_t addr; /**< IPv4 addr for <b>address</b>. */
102 char *hostname; /**< Hostname for <b>address</b> (if a reverse lookup) */
103 } result;
104 uint8_t state; /**< Is this cached entry pending/done/valid/failed? */
105 uint8_t is_reverse; /**< Is this a reverse (addr-to-hostname) lookup? */
106 time_t expire; /**< Remove items from cache after this time. */
107 uint32_t ttl; /**< What TTL did the nameserver tell us? */
108 /** Connections that want to know when we get an answer for this resolve. */
109 pending_connection_t *pending_connections;
110 } cached_resolve_t;
111
112 static void purge_expired_resolves(time_t now);
113 static void dns_found_answer(const char *address, int is_reverse,
114 uint32_t addr, const char *hostname, char outcome,
115 uint32_t ttl);
116 static void send_resolved_cell(edge_connection_t *conn, or_circuit_t *circ,
117 uint8_t answer_type);
118 static int launch_resolve(edge_connection_t *exitconn, or_circuit_t *circ);
119 #ifndef USE_EVENTDNS
120 static void dnsworkers_rotate(void);
121 static void dnsworker_main(void *data);
122 static int spawn_dnsworker(void);
123 static int spawn_enough_dnsworkers(void);
124 #else
125 static int configure_nameservers(int force);
126 static int answer_is_wildcarded(const char *ip);
127 #endif
128 #ifdef DEBUG_DNS_CACHE
129 static void _assert_cache_ok(void);
130 #define assert_cache_ok() _assert_cache_ok()
131 #else
132 #define assert_cache_ok() do {} while (0)
133 #endif
134 static void assert_resolve_ok(cached_resolve_t *resolve);
135
136 /** Hash table of cached_resolve objects. */
137 static HT_HEAD(cache_map, cached_resolve_t) cache_root;
138
139 /** Function to compare hashed resolves on their addresses; used to
140 * implement hash tables. */
141 static INLINE int
142 cached_resolves_eq(cached_resolve_t *a, cached_resolve_t *b)
143 {
144 /* make this smarter one day? */
145 assert_resolve_ok(a); // Not b; b may be just a search.
146 return !strncmp(a->address, b->address, MAX_ADDRESSLEN);
147 }
148
149 /** Hash function for cached_resolve objects */
150 static INLINE unsigned int
151 cached_resolve_hash(cached_resolve_t *a)
152 {
153 return ht_string_hash(a->address);
154 }
155
156 HT_PROTOTYPE(cache_map, cached_resolve_t, node, cached_resolve_hash,
157 cached_resolves_eq);
158 HT_GENERATE(cache_map, cached_resolve_t, node, cached_resolve_hash,
159 cached_resolves_eq, 0.6, malloc, realloc, free);
160
161 /** Initialize the DNS cache. */
162 static void
163 init_cache_map(void)
164 {
165 HT_INIT(&cache_root);
166 }
167
168 #ifdef USE_EVENTDNS
169 /** Helper: called by eventdns when eventdns wants to log something. */
170 static void
171 evdns_log_cb(int warn, const char *msg)
172 {
173 if (!strcmpstart(msg, "Resolve requested for") &&
174 get_options()->SafeLogging) {
175 log(LOG_INFO, LD_EXIT, "eventdns: Resolve requested.");
176 return;
177 } else if (!strcmpstart(msg, "Search: ")) {
178 return;
179 }
180 log(warn?LOG_WARN:LOG_INFO, LD_EXIT, "eventdns: %s", msg);
181 }
182 #endif
183
184 /** Initialize the DNS subsystem; called by the OR process. */
185 int
186 dns_init(void)
187 {
188 init_cache_map();
189 #ifdef USE_EVENTDNS
190 if (server_mode(get_options()))
191 return configure_nameservers(1);
192 #else
193 dnsworkers_rotate();
194 #endif
195 return 0;
196 }
197
198 /** Called when DNS-related options change (or may have changed) */
199 void
200 dns_reset(void)
201 {
202 #ifdef USE_EVENTDNS
203 or_options_t *options = get_options();
204 if (! server_mode(options)) {
205 evdns_clear_nameservers_and_suspend();
206 evdns_search_clear();
207 nameservers_configured = 0;
208 tor_free(resolv_conf_fname);
209 resolv_conf_mtime = 0;
210 } else {
211 if (configure_nameservers(0) < 0)
212 /* XXXX */
213 return;
214 }
215 #else
216 dnsworkers_rotate();
217 #endif
218 }
219
220 /** Helper: Given a TTL from a DNS response, determine what TTL to give the
221 * OP that asked us to resolve it. */
222 uint32_t
223 dns_clip_ttl(uint32_t ttl)
224 {
225 if (ttl < MIN_DNS_TTL)
226 return MIN_DNS_TTL;
227 else if (ttl > MAX_DNS_TTL)
228 return MAX_DNS_TTL;
229 else
230 return ttl;
231 }
232
233 /** Helper: Given a TTL from a DNS response, determine how long to hold it in
234 * our cache. */
235 static uint32_t
236 dns_get_expiry_ttl(uint32_t ttl)
237 {
238 if (ttl < MIN_DNS_TTL)
239 return MIN_DNS_TTL;
240 else if (ttl > MAX_DNS_ENTRY_AGE)
241 return MAX_DNS_ENTRY_AGE;
242 else
243 return ttl;
244 }
245
246 /** Helper: free storage held by an entry in the DNS cache. */
247 static void
248 _free_cached_resolve(cached_resolve_t *r)
249 {
250 while (r->pending_connections) {
251 pending_connection_t *victim = r->pending_connections;
252 r->pending_connections = victim->next;
253 tor_free(victim);
254 }
255 if (r->is_reverse)
256 tor_free(r->result.hostname);
257 r->magic = 0xFF00FF00;
258 tor_free(r);
259 }
260
261 /** Compare two cached_resolve_t pointers by expiry time, and return
262 * less-than-zero, zero, or greater-than-zero as appropriate. Used for
263 * the priority queue implementation. */
264 static int
265 _compare_cached_resolves_by_expiry(const void *_a, const void *_b)
266 {
267 const cached_resolve_t *a = _a, *b = _b;
268 return a->expire - b->expire;
269 }
270
271 /** Priority queue of cached_resolve_t objects to let us know when they
272 * will expire. */
273 static smartlist_t *cached_resolve_pqueue = NULL;
274
275 /** Set an expiry time for a cached_resolve_t, and add it to the expiry
276 * priority queue */
277 static void
278 set_expiry(cached_resolve_t *resolve, time_t expires)
279 {
280 tor_assert(resolve && resolve->expire == 0);
281 if (!cached_resolve_pqueue)
282 cached_resolve_pqueue = smartlist_create();
283 resolve->expire = expires;
284 smartlist_pqueue_add(cached_resolve_pqueue,
285 _compare_cached_resolves_by_expiry,
286 resolve);
287 }
288
289 /** Free all storage held in the DNS cache and related structures. */
290 void
291 dns_free_all(void)
292 {
293 cached_resolve_t **ptr, **next, *item;
294 for (ptr = HT_START(cache_map, &cache_root); ptr != NULL; ptr = next) {
295 item = *ptr;
296 next = HT_NEXT_RMV(cache_map, &cache_root, ptr);
297 _free_cached_resolve(item);
298 }
299 HT_CLEAR(cache_map, &cache_root);
300 if (cached_resolve_pqueue)
301 smartlist_free(cached_resolve_pqueue);
302 cached_resolve_pqueue = NULL;
303 #ifdef USE_EVENTDNS
304 tor_free(resolv_conf_fname);
305 #endif
306 }
307
308 /** Remove every cached_resolve whose <b>expire</b> time is before <b>now</b>
309 * from the cache. */
310 static void
311 purge_expired_resolves(time_t now)
312 {
313 cached_resolve_t *resolve, *removed;
314 pending_connection_t *pend;
315 edge_connection_t *pendconn;
316
317 assert_cache_ok();
318 if (!cached_resolve_pqueue)
319 return;
320
321 while (smartlist_len(cached_resolve_pqueue)) {
322 resolve = smartlist_get(cached_resolve_pqueue, 0);
323 if (resolve->expire > now)
324 break;
325 smartlist_pqueue_pop(cached_resolve_pqueue,
326 _compare_cached_resolves_by_expiry);
327
328 if (resolve->state == CACHE_STATE_PENDING) {
329 log_debug(LD_EXIT,
330 "Expiring a dns resolve %s that's still pending. Forgot to "
331 "cull it? DNS resolve didn't tell us about the timeout?",
332 escaped_safe_str(resolve->address));
333 } else if (resolve->state == CACHE_STATE_CACHED_VALID ||
334 resolve->state == CACHE_STATE_CACHED_FAILED) {
335 log_debug(LD_EXIT,
336 "Forgetting old cached resolve (address %s, expires %lu)",
337 escaped_safe_str(resolve->address),
338 (unsigned long)resolve->expire);
339 tor_assert(!resolve->pending_connections);
340 } else {
341 tor_assert(resolve->state == CACHE_STATE_DONE);
342 tor_assert(!resolve->pending_connections);
343 }
344
345 if (resolve->pending_connections) {
346 log_debug(LD_EXIT,
347 "Closing pending connections on timed-out DNS resolve!");
348 tor_fragile_assert();
349 while (resolve->pending_connections) {
350 pend = resolve->pending_connections;
351 resolve->pending_connections = pend->next;
352 /* Connections should only be pending if they have no socket. */
353 tor_assert(pend->conn->_base.s == -1);
354 pendconn = pend->conn;
355 connection_edge_end(pendconn, END_STREAM_REASON_TIMEOUT,
356 pendconn->cpath_layer);
357 circuit_detach_stream(circuit_get_by_edge_conn(pendconn), pendconn);
358 connection_free(TO_CONN(pendconn));
359 tor_free(pend);
360 }
361 }
362
363 if (resolve->state == CACHE_STATE_CACHED_VALID ||
364 resolve->state == CACHE_STATE_CACHED_FAILED ||
365 resolve->state == CACHE_STATE_PENDING) {
366 removed = HT_REMOVE(cache_map, &cache_root, resolve);
367 if (removed != resolve) {
368 log_err(LD_BUG, "The expired resolve we purged didn't match any in"
369 " the cache. Tried to purge %s (%p); instead got %s (%p).",
370 resolve->address, (void*)resolve,
371 removed ? removed->address : "NULL", (void*)remove);
372 }
373 tor_assert(removed == resolve);
374 if (resolve->is_reverse)
375 tor_free(resolve->result.hostname);
376 resolve->magic = 0xF0BBF0BB;
377 tor_free(resolve);
378 } else {
379 /* This should be in state DONE. Make sure it's not in the cache. */
380 cached_resolve_t *tmp = HT_FIND(cache_map, &cache_root, resolve);
381 tor_assert(tmp != resolve);
382 }
383 }
384
385 assert_cache_ok();
386 }
387
388 /** Send a response to the RESOLVE request of a connection. answer_type must
389 * be one of RESOLVED_TYPE_(IPV4|ERROR|ERROR_TRANSIENT)
390 *
391 * If <b>circ</b> is provided, and we have a cached answer, send the
392 * answer back along circ; otherwise, send the answer back along *
393 * <b>exitconn</b>'s attached circuit.
394 */
395 static void
396 send_resolved_cell(edge_connection_t *conn, or_circuit_t *circ,
397 uint8_t answer_type)
398 {
399 char buf[RELAY_PAYLOAD_SIZE];
400 size_t buflen;
401 uint32_t ttl;
402
403 buf[0] = answer_type;
404 ttl = dns_clip_ttl(conn->address_ttl);
405
406 switch (answer_type)
407 {
408 case RESOLVED_TYPE_IPV4:
409 buf[1] = 4;
410 set_uint32(buf+2, htonl(conn->_base.addr));
411 set_uint32(buf+6, htonl(ttl));
412 buflen = 10;
413 break;
414 case RESOLVED_TYPE_ERROR_TRANSIENT:
415 case RESOLVED_TYPE_ERROR:
416 {
417 const char *errmsg = "Error resolving hostname";
418 int msglen = strlen(errmsg);
419
420 buf[1] = msglen;
421 strlcpy(buf+2, errmsg, sizeof(buf)-2);
422 set_uint32(buf+2+msglen, htonl(ttl));
423 buflen = 6+msglen;
424 break;
425 }
426 default:
427 tor_assert(0);
428 return;
429 }
430 // log_notice(LD_EXIT, "Sending a regular RESOLVED reply: ");
431
432 if (!circ) {
433 circuit_t *tmp = circuit_get_by_edge_conn(conn);
434 if (! CIRCUIT_IS_ORIGIN(tmp))
435 circ = TO_OR_CIRCUIT(tmp);
436 }
437
438 connection_edge_send_command(conn, TO_CIRCUIT(circ),
439 RELAY_COMMAND_RESOLVED, buf, buflen,
440 conn->cpath_layer);
441 }
442
443 /** Send a response to the RESOLVE request of a connection for an in-addr.arpa
444 * address on connection <b>conn</b> which yielded the result <b>hostname</b>.
445 * The answer type will be RESOLVED_HOSTNAME.
446 *
447 * If <b>circ</b> is provided, and we have a cached answer, send the
448 * answer back along circ; otherwise, send the answer back along
449 * <b>exitconn</b>'s attached circuit.
450 */
451 static void
452 send_resolved_hostname_cell(edge_connection_t *conn, or_circuit_t *circ,
453 const char *hostname)
454 {
455 char buf[RELAY_PAYLOAD_SIZE];
456 size_t buflen;
457 uint32_t ttl;
458 size_t namelen = strlen(hostname);
459
460 tor_assert(namelen < 256);
461 ttl = dns_clip_ttl(conn->address_ttl);
462
463 buf[0] = RESOLVED_TYPE_HOSTNAME;
464 buf[1] = (uint8_t)namelen;
465 memcpy(buf+2, hostname, namelen);
466 set_uint32(buf+2+namelen, htonl(ttl));
467 buflen = 2+namelen+4;
468
469 if (!circ) {
470 circuit_t *tmp = circuit_get_by_edge_conn(conn);
471 if (! CIRCUIT_IS_ORIGIN(tmp))
472 circ = TO_OR_CIRCUIT(tmp);
473 }
474
475 // log_notice(LD_EXIT, "Sending a reply RESOLVED reply: %s", hostname);
476 connection_edge_send_command(conn, TO_CIRCUIT(circ),
477 RELAY_COMMAND_RESOLVED, buf, buflen,
478 conn->cpath_layer);
479 // log_notice(LD_EXIT, "Sent");
480 }
481
482 /** Given a lower-case <b>address</b>, check to see whether it's a
483 * 1.2.3.4.in-addr.arpa address used for reverse lookups. If so,
484 * parse it and place the address in <b>in</b> if present. Return 1 on success;
485 * 0 if the address is not in in-addr.arpa format, and -1 if the address is
486 * malformed. */
487 static int
488 parse_inaddr_arpa_address(const char *address, struct in_addr *in)
489 {
490 char buf[INET_NTOA_BUF_LEN];
491 char *cp;
492 size_t len;
493 struct in_addr inaddr;
494
495 cp = strstr(address, ".in-addr.arpa");
496 if (!cp || *(cp+strlen(".in-addr.arpa")))
497 return 0; /* not an .in-addr.arpa address */
498
499 len = cp - address;
500
501 if (len >= INET_NTOA_BUF_LEN)
502 return -1; /* Too long. */
503
504 memcpy(buf, address, len);
505 buf[len] = '\0';
506 if (tor_inet_aton(buf, &inaddr) == 0)
507 return -1; /* malformed. */
508
509 if (in) {
510 uint32_t a;
511 /* reverse the bytes */
512 a = ( ((inaddr.s_addr & 0x000000fful) << 24)
513 |((inaddr.s_addr & 0x0000ff00ul) << 8)
514 |((inaddr.s_addr & 0x00ff0000ul) >> 8)
515 |((inaddr.s_addr & 0xff000000ul) >> 24));
516 inaddr.s_addr = a;
517
518 memcpy(in, &inaddr, sizeof(inaddr));
519 }
520
521 return 1;
522 }
523
524 /** See if we have a cache entry for <b>exitconn</b>-\>address. if so,
525 * if resolve valid, put it into <b>exitconn</b>-\>addr and return 1.
526 * If resolve failed, unlink exitconn if needed, free it, and return -1.
527 *
528 * If <b>oncirc</b> is provided, and this is a resolve request, we have
529 * a cached answer, send the answer back along oncirc; otherwise, send
530 * the answer back along <b>exitconn</b>'s attached circuit.
531 *
532 * Else, if seen before and pending, add conn to the pending list,
533 * and return 0.
534 *
535 * Else, if not seen before, add conn to pending list, hand to
536 * dns farm, and return 0.
537 */
538 int
539 dns_resolve(edge_connection_t *exitconn, or_circuit_t *oncirc)
540 {
541 cached_resolve_t *resolve;
542 cached_resolve_t search;
543 pending_connection_t *pending_connection;
544 circuit_t *circ;
545 struct in_addr in;
546 time_t now = time(NULL);
547 int is_reverse = 0, is_resolve, r;
548 assert_connection_ok(TO_CONN(exitconn), 0);
549 tor_assert(exitconn->_base.s == -1);
550
551 assert_cache_ok();
552
553 is_resolve = exitconn->_base.purpose == EXIT_PURPOSE_RESOLVE;
554
555 /* first check if exitconn->_base.address is an IP. If so, we already
556 * know the answer. */
557 if (tor_inet_aton(exitconn->_base.address, &in) != 0) {
558 exitconn->_base.addr = ntohl(in.s_addr);
559 exitconn->address_ttl = DEFAULT_DNS_TTL;
560 if (is_resolve)
561 send_resolved_cell(exitconn, oncirc, RESOLVED_TYPE_IPV4);
562 return 1;
563 }
564
565 /* then take this opportunity to see if there are any expired
566 * resolves in the hash table. */
567 purge_expired_resolves(now);
568
569 /* lower-case exitconn->_base.address, so it's in canonical form */
570 tor_strlower(exitconn->_base.address);
571
572 /* Check whether this is a reverse lookup. If it's malformed, or it's a
573 * .in-addr.arpa address but this isn't a resolve request, kill the
574 * connection.
575 */
576 if ((r = parse_inaddr_arpa_address(exitconn->_base.address, NULL)) != 0) {
577 if (r == 1)
578 is_reverse = 1;
579
580 #ifdef USE_EVENTDNS
581 if (!is_reverse || !is_resolve) {
582 if (!is_reverse)
583 log_info(LD_EXIT, "Bad .in-addr.arpa address \"%s\"; sending error.",
584 escaped_safe_str(exitconn->_base.address));
585 else if (!is_resolve)
586 log_info(LD_EXIT,
587 "Attempt to connect to a .in-addr.arpa address \"%s\"; "
588 "sending error.",
589 escaped_safe_str(exitconn->_base.address));
590 #else
591 if (1) {
592 log_info(LD_PROTOCOL, "Dnsworker code does not support in-addr.arpa "
593 "domain, but received a request for \"%s\"; sending error.",
594 escaped_safe_str(exitconn->_base.address));
595 #endif
596
597 if (exitconn->_base.purpose == EXIT_PURPOSE_RESOLVE)
598 send_resolved_cell(exitconn, oncirc, RESOLVED_TYPE_ERROR);
599 circ = circuit_get_by_edge_conn(exitconn);
600 if (circ)
601 circuit_detach_stream(circ, exitconn);
602 if (!exitconn->_base.marked_for_close)
603 connection_free(TO_CONN(exitconn));
604 return -1;
605 }
606 //log_notice(LD_EXIT, "Looks like an address %s",
607 //exitconn->_base.address);
608 }
609
610 /* now check the hash table to see if 'address' is already there. */
611 strlcpy(search.address, exitconn->_base.address, sizeof(search.address));
612 resolve = HT_FIND(cache_map, &cache_root, &search);
613 if (resolve && resolve->expire > now) { /* already there */
614 switch (resolve->state) {
615 case CACHE_STATE_PENDING:
616 /* add us to the pending list */
617 pending_connection = tor_malloc_zero(
618 sizeof(pending_connection_t));
619 pending_connection->conn = exitconn;
620 pending_connection->next = resolve->pending_connections;
621 resolve->pending_connections = pending_connection;
622 log_debug(LD_EXIT,"Connection (fd %d) waiting for pending DNS "
623 "resolve of %s", exitconn->_base.s,
624 escaped_safe_str(exitconn->_base.address));
625 exitconn->_base.state = EXIT_CONN_STATE_RESOLVING;
626 return 0;
627 case CACHE_STATE_CACHED_VALID:
628 log_debug(LD_EXIT,"Connection (fd %d) found cached answer for %s",
629 exitconn->_base.s,
630 escaped_safe_str(resolve->address));
631 exitconn->address_ttl = resolve->ttl;
632 if (resolve->is_reverse) {
633 tor_assert(is_resolve);
634 send_resolved_hostname_cell(exitconn, oncirc,
635 resolve->result.hostname);
636 } else {
637 exitconn->_base.addr = resolve->result.addr;
638 if (is_resolve)
639 send_resolved_cell(exitconn, oncirc, RESOLVED_TYPE_IPV4);
640 }
641 return 1;
642 case CACHE_STATE_CACHED_FAILED:
643 log_debug(LD_EXIT,"Connection (fd %d) found cached error for %s",
644 exitconn->_base.s,
645 escaped_safe_str(exitconn->_base.address));
646 /* XXXX send back indication of failure for connect case? -NM*/
647 if (is_resolve)
648 send_resolved_cell(exitconn, oncirc, RESOLVED_TYPE_ERROR);
649 circ = circuit_get_by_edge_conn(exitconn);
650 if (circ)
651 circuit_detach_stream(circ, exitconn);
652 if (!exitconn->_base.marked_for_close)
653 connection_free(TO_CONN(exitconn));
654 return -1;
655 case CACHE_STATE_DONE:
656 log_err(LD_BUG, "Found a 'DONE' dns resolve still in the cache.");
657 tor_fragile_assert();
658 }
659 tor_assert(0);
660 }
661 /* not there, need to add it */
662 resolve = tor_malloc_zero(sizeof(cached_resolve_t));
663 resolve->magic = CACHED_RESOLVE_MAGIC;
664 resolve->state = CACHE_STATE_PENDING;
665 resolve->is_reverse = is_reverse;
666 strlcpy(resolve->address, exitconn->_base.address, sizeof(resolve->address));
667
668 /* add this connection to the pending list */
669 pending_connection = tor_malloc_zero(sizeof(pending_connection_t));
670 pending_connection->conn = exitconn;
671 resolve->pending_connections = pending_connection;
672 exitconn->_base.state = EXIT_CONN_STATE_RESOLVING;
673
674 /* Add this resolve to the cache and priority queue. */
675 HT_INSERT(cache_map, &cache_root, resolve);
676 set_expiry(resolve, now + RESOLVE_MAX_TIMEOUT);
677
678 log_debug(LD_EXIT,"Launching %s.",
679 escaped_safe_str(exitconn->_base.address));
680 assert_cache_ok();
681 return launch_resolve(exitconn, oncirc);
682 }
683
684 /** Log an error and abort if conn is waiting for a DNS resolve.
685 */
686 void
687 assert_connection_edge_not_dns_pending(edge_connection_t *conn)
688 {
689 pending_connection_t *pend;
690 cached_resolve_t **resolve;
691
692 HT_FOREACH(resolve, cache_map, &cache_root) {
693 for (pend = (*resolve)->pending_connections;
694 pend;
695 pend = pend->next) {
696 tor_assert(pend->conn != conn);
697 }
698 }
699 }
700
701 /** Log an error and abort if any connection waiting for a DNS resolve is
702 * corrupted. */
703 void
704 assert_all_pending_dns_resolves_ok(void)
705 {
706 pending_connection_t *pend;
707 cached_resolve_t **resolve;
708
709 HT_FOREACH(resolve, cache_map, &cache_root) {
710 for (pend = (*resolve)->pending_connections;
711 pend;
712 pend = pend->next) {
713 assert_connection_ok(TO_CONN(pend->conn), 0);
714 tor_assert(pend->conn->_base.s == -1);
715 tor_assert(!connection_in_array(TO_CONN(pend->conn)));
716 }
717 }
718 }
719
720 /** Remove <b>conn</b> from the list of connections waiting for conn-\>address.
721 */
722 void
723 connection_dns_remove(edge_connection_t *conn)
724 {
725 pending_connection_t *pend, *victim;
726 cached_resolve_t search;
727 cached_resolve_t *resolve;
728
729 tor_assert(conn->_base.type == CONN_TYPE_EXIT);
730 tor_assert(conn->_base.state == EXIT_CONN_STATE_RESOLVING);
731
732 strlcpy(search.address, conn->_base.address, sizeof(search.address));
733
734 resolve = HT_FIND(cache_map, &cache_root, &search);
735 if (!resolve) {
736 log_notice(LD_BUG, "Address %s is not pending. Dropping.",
737 escaped_safe_str(conn->_base.address));
738 return;
739 }
740
741 tor_assert(resolve->pending_connections);
742 assert_connection_ok(TO_CONN(conn),0);
743
744 pend = resolve->pending_connections;
745
746 if (pend->conn == conn) {
747 resolve->pending_connections = pend->next;
748 tor_free(pend);
749 log_debug(LD_EXIT, "First connection (fd %d) no longer waiting "
750 "for resolve of %s",
751 conn->_base.s, escaped_safe_str(conn->_base.address));
752 return;
753 } else {
754 for ( ; pend->next; pend = pend->next) {
755 if (pend->next->conn == conn) {
756 victim = pend->next;
757 pend->next = victim->next;
758 tor_free(victim);
759 log_debug(LD_EXIT,
760 "Connection (fd %d) no longer waiting for resolve of %s",
761 conn->_base.s, escaped_safe_str(conn->_base.address));
762 return; /* more are pending */
763 }
764 }
765 tor_assert(0); /* not reachable unless onlyconn not in pending list */
766 }
767 }
768
769 /** Mark all connections waiting for <b>address</b> for close. Then cancel
770 * the resolve for <b>address</b> itself, and remove any cached results for
771 * <b>address</b> from the cache.
772 */
773 void
774 dns_cancel_pending_resolve(const char *address)
775 {
776 pending_connection_t *pend;
777 cached_resolve_t search;
778 cached_resolve_t *resolve, *tmp;
779 edge_connection_t *pendconn;
780 circuit_t *circ;
781
782 strlcpy(search.address, address, sizeof(search.address));
783
784 resolve = HT_FIND(cache_map, &cache_root, &search);
785 if (!resolve || resolve->state != CACHE_STATE_PENDING) {
786 log_notice(LD_BUG,"Address %s is not pending. Dropping.",
787 escaped_safe_str(address));
788 return;
789 }
790
791 if (!resolve->pending_connections) {
792 /* XXX this should never trigger, but sometimes it does */
793 log_warn(LD_BUG,
794 "Bug: Address %s is pending but has no pending connections!",
795 escaped_safe_str(address));
796 tor_fragile_assert();
797 return;
798 }
799 tor_assert(resolve->pending_connections);
800
801 /* mark all pending connections to fail */
802 log_debug(LD_EXIT,
803 "Failing all connections waiting on DNS resolve of %s",
804 escaped_safe_str(address));
805 while (resolve->pending_connections) {
806 pend = resolve->pending_connections;
807 pend->conn->_base.state = EXIT_CONN_STATE_RESOLVEFAILED;
808 pendconn = pend->conn;
809 assert_connection_ok(TO_CONN(pendconn), 0);
810 tor_assert(pendconn->_base.s == -1);
811 if (!pendconn->_base.marked_for_close) {
812 connection_edge_end(pendconn, END_STREAM_REASON_RESOURCELIMIT,
813 pendconn->cpath_layer);
814 }
815 circ = circuit_get_by_edge_conn(pendconn);
816 if (circ)
817 circuit_detach_stream(circ, pendconn);
818 connection_free(TO_CONN(pendconn));
819 resolve->pending_connections = pend->next;
820 tor_free(pend);
821 }
822
823 tmp = HT_REMOVE(cache_map, &cache_root, resolve);
824 if (tmp != resolve) {
825 log_err(LD_BUG, "The cancelled resolve we purged didn't match any in"
826 " the cache. Tried to purge %s (%p); instead got %s (%p).",
827 resolve->address, (void*)resolve,
828 tmp ? tmp->address : "NULL", (void*)tmp);
829 }
830 tor_assert(tmp == resolve);
831
832 resolve->state = CACHE_STATE_DONE;
833 }
834
835 /** Helper: adds an entry to the DNS cache mapping <b>address</b> to the ipv4
836 * address <b>addr</b> (if is_reverse is 0) or the hostname <b>hostname</b> (if
837 * is_reverse is 1). <b>ttl</b> is a cache ttl; <b>outcome</b> is one of
838 * DNS_RESOLVE_{FAILED_TRANSIENT|FAILED_PERMANENT|SUCCEEDED}.
839 **/
840 static void
841 add_answer_to_cache(const char *address, int is_reverse, uint32_t addr,
842 const char *hostname, char outcome, uint32_t ttl)
843 {
844 cached_resolve_t *resolve;
845 if (outcome == DNS_RESOLVE_FAILED_TRANSIENT)
846 return;
847
848 /* XXX This is dumb, but it seems to workaround a bug I can't find. We
849 * should nail this so we can cache reverse DNS answers. -NM */
850 if (is_reverse)
851 return;
852
853 //log_notice(LD_EXIT, "Adding to cache: %s -> %s (%lx, %s), %d",
854 // address, is_reverse?"(reverse)":"", (unsigned long)addr,
855 // hostname?hostname:"NULL",(int)outcome);
856
857 resolve = tor_malloc_zero(sizeof(cached_resolve_t));
858 resolve->magic = CACHED_RESOLVE_MAGIC;
859 resolve->state = (outcome == DNS_RESOLVE_SUCCEEDED) ?
860 CACHE_STATE_CACHED_VALID : CACHE_STATE_CACHED_FAILED;
861 strlcpy(resolve->address, address, sizeof(resolve->address));
862 resolve->is_reverse = is_reverse;
863 if (is_reverse) {
864 if (outcome == DNS_RESOLVE_SUCCEEDED) {
865 tor_assert(hostname);
866 resolve->result.hostname = tor_strdup(hostname);
867 } else {
868 tor_assert(! hostname);
869 resolve->result.hostname = NULL;
870 }
871 } else {
872 tor_assert(!hostname);
873 resolve->result.addr = addr;
874 }
875 resolve->ttl = ttl;
876 assert_resolve_ok(resolve);
877 HT_INSERT(cache_map, &cache_root, resolve);
878 set_expiry(resolve, time(NULL) + dns_get_expiry_ttl(ttl));
879 }
880
881 /** Called on the OR side when a DNS worker or the eventdns library tells us
882 * the outcome of a DNS resolve: tell all pending connections about the result
883 * of the lookup, and cache the value. (<b>address</b> is a NUL-terminated
884 * string containing the address to look up; <b>addr</b> is an IPv4 address in
885 * host order; <b>outcome</b> is one of
886 * DNS_RESOLVE_{FAILED_TRANSIENT|FAILED_PERMANENT|SUCCEEDED}.
887 */
888 static void
889 dns_found_answer(const char *address, int is_reverse, uint32_t addr,
890 const char *hostname, char outcome, uint32_t ttl)
891 {
892 pending_connection_t *pend;
893 cached_resolve_t search;
894 cached_resolve_t *resolve, *removed;
895 edge_connection_t *pendconn;
896 circuit_t *circ;
897
898 assert_cache_ok();
899
900 strlcpy(search.address, address, sizeof(search.address));
901
902 resolve = HT_FIND(cache_map, &cache_root, &search);
903 if (!resolve) {
904 log_info(LD_EXIT,"Resolved unasked address %s; caching anyway.",
905 escaped_safe_str(address));
906 add_answer_to_cache(address, is_reverse, addr, hostname, outcome, ttl);
907 return;
908 }
909 assert_resolve_ok(resolve);
910
911 if (resolve->state != CACHE_STATE_PENDING) {
912 /* XXXX Maybe update addr? or check addr for consistency? Or let
913 * VALID replace FAILED? */
914 log_notice(LD_EXIT, "Resolved %s which was already resolved; ignoring",
915 escaped_safe_str(address));
916 tor_assert(resolve->pending_connections == NULL);
917 return;
918 }
919 /* Removed this assertion: in fact, we'll sometimes get a double answer
920 * to the same question. This can happen when we ask one worker to resolve
921 * X.Y.Z., then we cancel the request, and then we ask another worker to
922 * resolve X.Y.Z. */
923 /* tor_assert(resolve->state == CACHE_STATE_PENDING); */
924
925 while (resolve->pending_connections) {
926 pend = resolve->pending_connections;
927 pendconn = pend->conn; /* don't pass complex things to the
928 connection_mark_for_close macro */
929 assert_connection_ok(TO_CONN(pendconn),time(NULL));
930 pendconn->_base.addr = addr;
931 pendconn->address_ttl = ttl;
932
933 if (outcome != DNS_RESOLVE_SUCCEEDED) {
934 /* prevent double-remove. */
935 pendconn->_base.state = EXIT_CONN_STATE_RESOLVEFAILED;
936 if (pendconn->_base.purpose == EXIT_PURPOSE_CONNECT) {
937 connection_edge_end(pendconn, END_STREAM_REASON_RESOLVEFAILED,
938 pendconn->cpath_layer);
939 /* This detach must happen after we send the end cell. */
940 circuit_detach_stream(circuit_get_by_edge_conn(pendconn), pendconn);
941 } else {
942 send_resolved_cell(pendconn, NULL, RESOLVED_TYPE_ERROR);
943 /* This detach must happen after we send the resolved cell. */
944 circuit_detach_stream(circuit_get_by_edge_conn(pendconn), pendconn);
945 }
946 connection_free(TO_CONN(pendconn));
947 } else {
948 if (pendconn->_base.purpose == EXIT_PURPOSE_CONNECT) {
949 tor_assert(!is_reverse);
950 /* prevent double-remove. */
951 pend->conn->_base.state = EXIT_CONN_STATE_CONNECTING;
952
953 circ = circuit_get_by_edge_conn(pend->conn);
954 tor_assert(circ);
955 tor_assert(!CIRCUIT_IS_ORIGIN(circ));
956 /* unlink pend->conn from resolving_streams, */
957 circuit_detach_stream(circ, pend->conn);
958 /* and link it to n_streams */
959 pend->conn->next_stream = TO_OR_CIRCUIT(circ)->n_streams;
960 pend->conn->on_circuit = circ;
961 TO_OR_CIRCUIT(circ)->n_streams = pend->conn;
962
963 connection_exit_connect(pend->conn);
964 } else {
965 /* prevent double-remove. This isn't really an accurate state,
966 * but it does the right thing. */
967 pendconn->_base.state = EXIT_CONN_STATE_RESOLVEFAILED;
968 if (is_reverse)
969 send_resolved_hostname_cell(pendconn, NULL, hostname);
970 else
971 send_resolved_cell(pendconn, NULL, RESOLVED_TYPE_IPV4);
972 circ = circuit_get_by_edge_conn(pendconn);
973 tor_assert(circ);
974 circuit_detach_stream(circ, pendconn);
975 connection_free(TO_CONN(pendconn));
976 }
977 }
978 resolve->pending_connections = pend->next;
979 tor_free(pend);
980 }
981
982 resolve->state = CACHE_STATE_DONE;
983 removed = HT_REMOVE(cache_map, &cache_root, &search);
984 if (removed != resolve) {
985 log_err(LD_BUG, "The pending resolve we found wasn't removable from"
986 " the cache. Tried to purge %s (%p); instead got %s (%p).",
987 resolve->address, (void*)resolve,
988 removed ? removed->address : "NULL", (void*)removed);
989 }
990 assert_resolve_ok(resolve);
991 assert_cache_ok();
992
993 add_answer_to_cache(address, is_reverse, addr, hostname, outcome, ttl);
994 assert_cache_ok();
995 }
996
997 #ifndef USE_EVENTDNS
998 /** Find or spawn a dns worker process to handle resolving
999 * <b>exitconn</b>-\>address; tell that dns worker to begin resolving.
1000 */
1001 static int
1002 launch_resolve(edge_connection_t *exitconn, or_circuit_t *circ)
1003 {
1004 connection_t *dnsconn;
1005 unsigned char len;
1006
1007 tor_assert(exitconn->_base.state == EXIT_CONN_STATE_RESOLVING);
1008 assert_connection_ok(TO_CONN(exitconn), 0);
1009 tor_assert(exitconn->_base.s == -1);
1010
1011 /* respawn here, to be sure there are enough */
1012 if (spawn_enough_dnsworkers() < 0) {
1013 goto err;
1014 }
1015
1016 dnsconn = connection_get_by_type_state(CONN_TYPE_DNSWORKER,
1017 DNSWORKER_STATE_IDLE);
1018
1019 if (!dnsconn) {
1020 log_warn(LD_EXIT,"no idle dns workers. Failing.");
1021 if (exitconn->_base.purpose == EXIT_PURPOSE_RESOLVE)
1022 send_resolved_cell(exitconn, circ, RESOLVED_TYPE_ERROR_TRANSIENT);
1023 goto err;
1024 }
1025
1026 log_debug(LD_EXIT,
1027 "Connection (fd %d) needs to resolve %s; assigning "
1028 "to DNSWorker (fd %d)", exitconn->_base.s,
1029 escaped_safe_str(exitconn->_base.address), dnsconn->s);
1030
1031 tor_free(dnsconn->address);
1032 dnsconn->address = tor_strdup(exitconn->_base.address);
1033 dnsconn->state = DNSWORKER_STATE_BUSY;
1034 /* touch the lastwritten timestamp, since that's how we check to
1035 * see how long it's been since we asked the question, and sometimes
1036 * we check before the first call to connection_handle_write(). */
1037 dnsconn->timestamp_lastwritten = time(NULL);
1038 num_dnsworkers_busy++;
1039
1040 len = strlen(dnsconn->address);
1041 connection_write_to_buf((char*)&len, 1, dnsconn);
1042 connection_write_to_buf(dnsconn->address, len, dnsconn);
1043
1044 return 0;
1045 err:
1046 /* also sends end and frees */
1047 dns_cancel_pending_resolve(exitconn->_base.address);
1048 return -1;
1049 }
1050
1051 /******************************************************************/
1052
1053 /*
1054 * Connection between OR and dnsworker
1055 */
1056
1057 /** Write handler: called when we've pushed a request to a dnsworker. */
1058 int
1059 connection_dns_finished_flushing(connection_t *conn)
1060 {
1061 tor_assert(conn);
1062 tor_assert(conn->type == CONN_TYPE_DNSWORKER);
1063 connection_stop_writing(conn);
1064 return 0;
1065 }
1066
1067 /** Called when a connection to a dnsworker hits an EOF; this only happens
1068 * when a dnsworker dies unexpectedly. */
1069 int
1070 connection_dns_reached_eof(connection_t *conn)
1071 {
1072 log_warn(LD_EXIT,"Read eof. DNS worker died unexpectedly.");
1073 if (conn->state == DNSWORKER_STATE_BUSY) {
1074 /* don't cancel the resolve here -- it would be cancelled in
1075 * connection_about_to_close_connection(), since conn is still
1076 * in state BUSY
1077 */
1078 num_dnsworkers_busy--;
1079 }
1080 num_dnsworkers--;
1081 connection_mark_for_close(conn);
1082 return 0;
1083 }
1084
1085 /** Read handler: called when we get data from a dnsworker. See
1086 * if we have a complete answer. If so, call dns_found_answer on the
1087 * result. If not, wait. Returns 0. */
1088 int
1089 connection_dns_process_inbuf(connection_t *conn)
1090 {
1091 char success;
1092 uint32_t addr;
1093 int ttl;
1094
1095 tor_assert(conn);
1096 tor_assert(conn->type == CONN_TYPE_DNSWORKER);
1097
1098 if (conn->state != DNSWORKER_STATE_BUSY && buf_datalen(conn->inbuf)) {
1099 log_warn(LD_BUG,
1100 "Bug: read data (%d bytes) from an idle dns worker (fd %d, "
1101 "address %s). Please report.", (int)buf_datalen(conn->inbuf),
1102 conn->s, escaped_safe_str(conn->address));
1103 tor_fragile_assert();
1104
1105 /* Pull it off the buffer anyway, or it will just stay there.
1106 * Keep pulling things off because sometimes we get several
1107 * answers at once (!). */
1108 while (buf_datalen(conn->inbuf)) {
1109 connection_fetch_from_buf(&success,1,conn);
1110 connection_fetch_from_buf((char *)&addr,sizeof(uint32_t),conn);
1111 log_warn(LD_EXIT,"Discarding idle dns answer (success %d, addr %d.)",
1112 success, addr);
1113 }
1114 return 0;
1115 }
1116 if (buf_datalen(conn->inbuf) < 5) /* entire answer available? */
1117 return 0; /* not yet */
1118 tor_assert(conn->state == DNSWORKER_STATE_BUSY);
1119 tor_assert(buf_datalen(conn->inbuf) == 5);
1120
1121 connection_fetch_from_buf(&success,1,conn);
1122 connection_fetch_from_buf((char *)&addr,sizeof(uint32_t),conn);
1123
1124 log_debug(LD_EXIT, "DNSWorker (fd %d) returned answer for %s",
1125 conn->s, escaped_safe_str(conn->address));
1126
1127 tor_assert(success >= DNS_RESOLVE_FAILED_TRANSIENT);
1128 tor_assert(success <= DNS_RESOLVE_SUCCEEDED);
1129
1130 ttl = (success == DNS_RESOLVE_FAILED_TRANSIENT) ? 0 : MAX_DNS_ENTRY_AGE;
1131 dns_found_answer(conn->address, 0, ntohl(addr), NULL, success, ttl);
1132
1133 tor_free(conn->address);
1134 conn->address = tor_strdup("<idle>");
1135 conn->state = DNSWORKER_STATE_IDLE;
1136 num_dnsworkers_busy--;
1137 if (conn->timestamp_created < last_rotation_time) {
1138 connection_mark_for_close(conn);
1139 num_dnsworkers--;
1140 spawn_enough_dnsworkers();
1141 }
1142 return 0;
1143 }
1144
1145 /** Close and re-open all idle dnsworkers; schedule busy ones to be closed
1146 * and re-opened once they're no longer busy.
1147 **/
1148 static void
1149 dnsworkers_rotate(void)
1150 {
1151 connection_t *dnsconn;
1152 while ((dnsconn = connection_get_by_type_state(CONN_TYPE_DNSWORKER,
1153 DNSWORKER_STATE_IDLE))) {
1154 connection_mark_for_close(dnsconn);
1155 num_dnsworkers--;
1156 }
1157 last_rotation_time = time(NULL);
1158 if (server_mode(get_options()))
1159 spawn_enough_dnsworkers();
1160 }
1161
1162 /** Implementation for DNS workers; this code runs in a separate
1163 * execution context. It takes as its argument an fdarray as returned
1164 * by socketpair(), and communicates via fdarray[1]. The protocol is
1165 * as follows:
1166 * - The OR says:
1167 * - ADDRESSLEN [1 byte]
1168 * - ADDRESS [ADDRESSLEN bytes]
1169 * - The DNS worker does the lookup, and replies:
1170 * - OUTCOME [1 byte]
1171 * - IP [4 bytes]
1172 *
1173 * OUTCOME is one of DNS_RESOLVE_{FAILED_TRANSIENT|FAILED_PERMANENT|SUCCEEDED}.
1174 * IP is in host order.
1175 *
1176 * The dnsworker runs indefinitely, until its connection is closed or an error
1177 * occurs.
1178 */
1179 static void
1180 dnsworker_main(void *data)
1181 {
1182 char address[MAX_ADDRESSLEN+1]; /* Plus a byte for a final '.' */
1183 unsigned char address_len;
1184 char *log_address;
1185 char answer[5];
1186 uint32_t ip;
1187 int *fdarray = data;
1188 int fd;
1189 int result;
1190 int search = get_options()->ServerDNSSearchDomains;
1191
1192 /* log_fn(LOG_NOTICE,"After spawn: fdarray @%d has %d:%d", (int)fdarray,
1193 * fdarray[0],fdarray[1]); */
1194
1195 fd = fdarray[1]; /* this side is ours */
1196 #ifndef TOR_IS_MULTITHREADED
1197 tor_close_socket(fdarray[0]); /* this is the side of the socketpair the
1198 * parent uses */
1199 tor_free_all(1); /* so the child doesn't hold the parent's fd's open */
1200 handle_signals(0); /* ignore interrupts from the keyboard, etc */
1201 #endif
1202 tor_free(data);
1203
1204 for (;;) {
1205 int r;
1206
1207 if ((r = recv(fd, &address_len, 1, 0)) != 1) {
1208 if (r == 0) {
1209 log_info(LD_EXIT,"DNS worker exiting because Tor process closed "
1210 "connection (either pruned idle dnsworker or died).");
1211 } else {
1212 log_info(LD_EXIT,"DNS worker exiting because of error on connection "
1213 "to Tor process.");
1214 log_info(LD_EXIT,"(Error on %d was %s)", fd,
1215 tor_socket_strerror(tor_socket_errno(fd)));
1216 }
1217 tor_close_socket(fd);
1218 crypto_thread_cleanup();
1219 spawn_exit();
1220 }
1221
1222 if (address_len && read_all(fd, address, address_len, 1) != address_len) {
1223 log_err(LD_BUG,"read hostname failed. Child exiting.");
1224 tor_close_socket(fd);
1225 crypto_thread_cleanup();
1226 spawn_exit();
1227 }
1228 /* Add a period to prevent local domain search, and NUL-terminate. */
1229 if (address[address_len-1] != '.' && !search) {
1230 address[address_len] = '.';
1231 address[address_len+1] = '\0';
1232 } else {
1233 address[address_len] = '\0';
1234 }
1235
1236 log_address = esc_for_log(safe_str(address));
1237 result = tor_lookup_hostname(address, &ip);
1238 /* Make 0.0.0.0 an error, so that we can use "0" to mean "no addr") */
1239 if (!ip)
1240 result = -1;
1241 switch (result) {
1242 case 1:
1243 /* XXX result can never be 1, because we set it to -1 above on error */
1244 log_info(LD_NET,"Could not resolve dest addr %s (transient)",
1245 log_address);
1246 answer[0] = DNS_RESOLVE_FAILED_TRANSIENT;
1247 break;
1248 case -1:
1249 log_info(LD_NET,"Could not resolve dest addr %s (permanent)",
1250 log_address);
1251 answer[0] = DNS_RESOLVE_FAILED_PERMANENT;
1252 break;
1253 case 0:
1254 log_info(LD_NET,"Resolved address %s", log_address);
1255 answer[0] = DNS_RESOLVE_SUCCEEDED;
1256 break;
1257 }
1258 tor_free(log_address);
1259 set_uint32(answer+1, ip);
1260 if (write_all(fd, answer, 5, 1) != 5) {
1261 log_err(LD_NET,"writing answer failed. Child exiting.");
1262 tor_close_socket(fd);
1263 crypto_thread_cleanup();
1264 spawn_exit();
1265 }
1266 }
1267 }
1268
1269 /** Launch a new DNS worker; return 0 on success, -1 on failure.
1270 */
1271 static int
1272 spawn_dnsworker(void)
1273 {
1274 int *fdarray;
1275 int fd;
1276 connection_t *conn;
1277 int err;
1278
1279 fdarray = tor_malloc(sizeof(int)*2);
1280 if ((err = tor_socketpair(AF_UNIX, SOCK_STREAM, 0, fdarray)) < 0) {
1281 log_warn(LD_NET, "Couldn't construct socketpair for dns worker: %s",
1282 tor_socket_strerror(-err));
1283 tor_free(fdarray);
1284 return -1;
1285 }
1286
1287 tor_assert(fdarray[0] >= 0);
1288 tor_assert(fdarray[1] >= 0);
1289
1290 /* log_fn(LOG_NOTICE,"Before spawn: fdarray @%d has %d:%d",
1291 (int)fdarray, fdarray[0],fdarray[1]); */
1292
1293 fd = fdarray[0]; /* We copy this out here, since dnsworker_main may free
1294 * fdarray */
1295 spawn_func((void*) dnsworker_main, (void*)fdarray);
1296 log_debug(LD_EXIT,"just spawned a dns worker.");
1297 #ifndef TOR_IS_MULTITHREADED
1298 tor_close_socket(fdarray[1]); /* don't need the worker's side of the pipe */
1299 tor_free(fdarray);
1300 #endif
1301
1302 conn = connection_new(CONN_TYPE_DNSWORKER);
1303
1304 set_socket_nonblocking(fd);
1305
1306 /* set up conn so it's got all the data we need to remember */
1307 conn->s = fd;
1308 conn->address = tor_strdup("<unused>");
1309
1310 if (connection_add(conn) < 0) { /* no space, forget it */
1311 log_warn(LD_NET,"connection_add for dnsworker failed. Giving up.");
1312 connection_free(conn); /* this closes fd */
1313 return -1;
1314 }
1315
1316 conn->state = DNSWORKER_STATE_IDLE;
1317 connection_start_reading(conn);
1318
1319 return 0; /* success */
1320 }
1321
1322 /** If we have too many or too few DNS workers, spawn or kill some.
1323 * Return 0 if we are happy, return -1 if we tried to spawn more but
1324 * we couldn't.
1325 */
1326 static int
1327 spawn_enough_dnsworkers(void)
1328 {
1329 int num_dnsworkers_needed; /* aim to have 1 more than needed,
1330 * but no less than min and no more than max */
1331 connection_t *dnsconn;
1332
1333 /* XXX This may not be the best strategy. Maybe we should queue pending
1334 * requests until the old ones finish or time out: otherwise, if the
1335 * connection requests come fast enough, we never get any DNS done. -NM
1336 *
1337 * XXX But if we queue them, then the adversary can pile even more
1338 * queries onto us, blocking legitimate requests for even longer. Maybe
1339 * we should compromise and only kill if it's been at it for more than,
1340 * e.g., 2 seconds. -RD
1341 */
1342 if (num_dnsworkers_busy == MAX_DNSWORKERS) {
1343 /* We always want at least one worker idle.
1344 * So find the oldest busy worker and kill it.
1345 */
1346 dnsconn = connection_get_by_type_state_lastwritten(CONN_TYPE_DNSWORKER,
1347 DNSWORKER_STATE_BUSY);
1348 tor_assert(dnsconn);
1349
1350 log_warn(LD_EXIT, "%d DNS workers are spawned; all are busy. Killing one.",
1351 MAX_DNSWORKERS);
1352
1353 connection_mark_for_close(dnsconn);
1354 num_dnsworkers_busy--;
1355 num_dnsworkers--;
1356 }
1357
1358 if (num_dnsworkers_busy >= MIN_DNSWORKERS)
1359 num_dnsworkers_needed = num_dnsworkers_busy+1;
1360 else
1361 num_dnsworkers_needed = MIN_DNSWORKERS;
1362
1363 while (num_dnsworkers < num_dnsworkers_needed) {
1364 if (spawn_dnsworker() < 0) {
1365 log_warn(LD_EXIT,"DNS worker spawn failed. Will try again later.");
1366 return -1;
1367 }
1368 num_dnsworkers++;
1369 }
1370
1371 while (num_dnsworkers > num_dnsworkers_busy+MAX_IDLE_DNSWORKERS) {
1372 /* too many idle? */
1373 /* cull excess workers */
1374 log_info(LD_EXIT,"%d of %d dnsworkers are idle. Killing one.",
1375 num_dnsworkers-num_dnsworkers_busy, num_dnsworkers);
1376 dnsconn = connection_get_by_type_state(CONN_TYPE_DNSWORKER,
1377 DNSWORKER_STATE_IDLE);
1378 tor_assert(dnsconn);
1379 connection_mark_for_close(dnsconn);
1380 num_dnsworkers--;
1381 }
1382
1383 return 0;
1384 }
1385
1386 void
1387 dns_launch_wildcard_checks(void)
1388 {
1389 }
1390 #else /* !USE_EVENTDNS */
1391
1392 /** Eventdns helper: return true iff the eventdns result <b>err</b> is
1393 * a transient failure. */
1394 static int
1395 evdns_err_is_transient(int err)
1396 {
1397 switch (err)
1398 {
1399 case DNS_ERR_SERVERFAILED:
1400 case DNS_ERR_TRUNCATED:
1401 case DNS_ERR_TIMEOUT:
1402 return 1;
1403 default:
1404 return 0;
1405 }
1406 }
1407 /* Dummy function; never called with eventdns enabled. */
1408 int
1409 connection_dns_finished_flushing(connection_t *conn)
1410 {
1411 (void)conn;
1412 tor_assert(0);
1413 return 0;
1414 }
1415 /* Dummy function; never called with eventdns enabled. */
1416 int
1417 connection_dns_process_inbuf(connection_t *conn)
1418 {
1419 (void)conn;
1420 tor_assert(0);
1421 return 0;
1422 }
1423 /* Dummy function; never called with eventdns enabled. */
1424 int
1425 connection_dns_reached_eof(connection_t *conn)
1426 {
1427 (void)conn;
1428 tor_assert(0);
1429 return 0;
1430 }
1431
1432 /** Configure eventdns nameservers if force is true, or if the configuration
1433 * has changed since the last time we called this function. On Unix, this
1434 * reads from options->ServerDNSResolvConfFile or /etc/resolv.conf; on
1435 * Windows, this reads from options->ServerDNSResolvConfFile or the registry.
1436 * Return 0 on success or -1 on failure. */
1437 static int
1438 configure_nameservers(int force)
1439 {
1440 or_options_t *options;
1441 const char *conf_fname;
1442 struct stat st;
1443 options = get_options();
1444 conf_fname = options->ServerDNSResolvConfFile;
1445 #ifndef MS_WINDOWS
1446 if (!conf_fname)
1447 conf_fname = "/etc/resolv.conf";
1448 #endif
1449
1450 evdns_set_log_fn(evdns_log_cb);
1451 if (conf_fname) {
1452 if (stat(conf_fname, &st)) {
1453 log_warn(LD_EXIT, "Unable to stat resolver configuration in '%s'",
1454 conf_fname);
1455 return -1;
1456 }
1457 if (!force && resolv_conf_fname && !strcmp(conf_fname,resolv_conf_fname)
1458 && st.st_mtime == resolv_conf_mtime) {
1459 log_info(LD_EXIT, "No change to '%s'", conf_fname);
1460 return 0;
1461 }
1462 if (nameservers_configured) {
1463 evdns_search_clear();
1464 evdns_clear_nameservers_and_suspend();
1465 }
1466 log_info(LD_EXIT, "Parsing resolver configuration in '%s'", conf_fname);
1467 if (evdns_resolv_conf_parse(DNS_OPTIONS_ALL, conf_fname))
1468 return -1;
1469 if (evdns_count_nameservers() == 0) {
1470 log_warn(LD_EXIT, "Unable to find any nameservers in '%s'.", conf_fname);
1471 return -1;
1472 }
1473 tor_free(resolv_conf_fname);
1474 resolv_conf_fname = tor_strdup(conf_fname);
1475 resolv_conf_mtime = st.st_mtime;
1476 if (nameservers_configured)
1477 evdns_resume();
1478 }
1479 #ifdef MS_WINDOWS
1480 else {
1481 if (nameservers_configured) {
1482 evdns_search_clear();
1483 evdns_clear_nameservers_and_suspend();
1484 }
1485 if (evdns_config_windows_nameservers()) {
1486 log_warn(LD_EXIT,"Could not config nameservers.");
1487 return -1;
1488 }
1489 if (evdns_count_nameservers() == 0) {
1490 log_warn(LD_EXIT, "Unable to find any platform nameservers in "
1491 "your Windows configuration. Perhaps you should list a "
1492 "ServerDNSResolvConfFile file in your torrc?");
1493 return -1;
1494 }
1495 if (nameservers_configured)
1496 evdns_resume();
1497 tor_free(resolv_conf_fname);
1498 resolv_conf_mtime = 0;
1499 }
1500 #endif
1501
1502 nameservers_configured = 1;
1503 return 0;
1504 }
1505
1506 /** For eventdns: Called when we get an answer for a request we launched.
1507 * See eventdns.h for arguments; 'arg' holds the address we tried to resolve.
1508 */
1509 static void
1510 evdns_callback(int result, char type, int count, int ttl, void *addresses,
1511 void *arg)
1512 {
1513 char *string_address = arg;
1514 int is_reverse = 0;
1515 int status = DNS_RESOLVE_FAILED_PERMANENT;
1516 uint32_t addr = 0;
1517 const char *hostname = NULL;
1518
1519 if (result == DNS_ERR_NONE) {
1520 if (type == DNS_IPv4_A && count) {
1521 char answer_buf[INET_NTOA_BUF_LEN+1];
1522 struct in_addr in;
1523 char *escaped_address;
1524 uint32_t *addrs = addresses;
1525 in.s_addr = addrs[0];
1526 addr = ntohl(addrs[0]);
1527 status = DNS_RESOLVE_SUCCEEDED;
1528 tor_inet_ntoa(&in, answer_buf, sizeof(answer_buf));
1529 escaped_address = esc_for_log(string_address);
1530
1531 if (answer_is_wildcarded(answer_buf)) {
1532 log_debug(LD_EXIT, "eventdns said that %s resolves to ISP-hijacked "
1533 "address %s; treating as a failure.",
1534 safe_str(escaped_address),
1535 escaped_safe_str(answer_buf));
1536 addr = 0;
1537 status = DNS_RESOLVE_FAILED_PERMANENT;
1538 } else {
1539 log_debug(LD_EXIT, "eventdns said that %s resolves to %s",
1540 safe_str(escaped_address),
1541 escaped_safe_str(answer_buf));
1542 }
1543 tor_free(escaped_address);
1544 } else if (type == DNS_PTR && count) {
1545 char *escaped_address;
1546 is_reverse = 1;
1547 hostname = ((char**)addresses)[0];
1548 status = DNS_RESOLVE_SUCCEEDED;
1549 escaped_address = esc_for_log(string_address);
1550 log_debug(LD_EXIT, "eventdns said that %s resolves to %s",
1551 safe_str(escaped_address),
1552 escaped_safe_str(hostname));
1553 tor_free(escaped_address);
1554 } else if (count) {
1555 log_warn(LD_EXIT, "eventdns returned only non-IPv4 answers for %s.",
1556 escaped_safe_str(string_address));
1557 } else {
1558 log_warn(LD_BUG, "eventdns returned no addresses or error for %s!",
1559 escaped_safe_str(string_address));
1560 }
1561 } else {
1562 if (evdns_err_is_transient(result))
1563 status = DNS_RESOLVE_FAILED_TRANSIENT;
1564 }
1565 if (result != DNS_ERR_SHUTDOWN)
1566 dns_found_answer(string_address, is_reverse, addr, hostname, status, ttl);
1567 tor_free(string_address);
1568 }
1569
1570 /** For eventdns: start resolving as necessary to find the target for
1571 * <b>exitconn</b> */
1572 static int
1573 launch_resolve(edge_connection_t *exitconn, or_circuit_t *circ)
1574 {
1575 char *addr = tor_strdup(exitconn->_base.address);
1576 struct in_addr in;
1577 int r;
1578 int options = get_options()->ServerDNSSearchDomains ? 0
1579 : DNS_QUERY_NO_SEARCH;
1580 /* What? Nameservers not configured? Sounds like a bug. */
1581 if (!nameservers_configured) {
1582 log_warn(LD_EXIT, "Harmless bug: nameservers not configured, but resolve "
1583 "launched. Configuring.");
1584 if (configure_nameservers(1) < 0)
1585 return -1;
1586 }
1587
1588 r = parse_inaddr_arpa_address(exitconn->_base.address, &in);
1589 if (r == 0) {
1590 log_info(LD_EXIT, "Launching eventdns request for %s",
1591 escaped_safe_str(exitconn->_base.address));
1592 r = evdns_resolve_ipv4(exitconn->_base.address, options,
1593 evdns_callback, addr);
1594 } else if (r == 1) {
1595 log_info(LD_EXIT, "Launching eventdns reverse request for %s",
1596 escaped_safe_str(exitconn->_base.address));
1597 r = evdns_resolve_reverse(&in, DNS_QUERY_NO_SEARCH,
1598 evdns_callback, addr);
1599 } else if (r == -1) {
1600 log_warn(LD_BUG, "Somehow a malformed in-addr.arpa address reached here.");
1601 }
1602
1603 if (r) {
1604 log_warn(LD_EXIT, "eventdns rejected address %s: error %d.",
1605 escaped_safe_str(addr), r);
1606 if (exitconn->_base.purpose == EXIT_PURPOSE_RESOLVE) {
1607 if (evdns_err_is_transient(r))
1608 send_resolved_cell(exitconn, circ, RESOLVED_TYPE_ERROR_TRANSIENT);
1609 else {
1610 exitconn->address_ttl = DEFAULT_DNS_TTL;
1611 send_resolved_cell(exitconn, circ, RESOLVED_TYPE_ERROR);
1612 }
1613 }
1614 dns_cancel_pending_resolve(addr); /* also sends end and frees */
1615 tor_free(addr);
1616 }
1617 return r ? -1 : 0;
1618 }
1619
1620 /** How many requests for bogus addresses have we launched so far? */
1621 static int n_wildcard_requests = 0;
1622
1623 /** Map from dotted-quad IP address in response to an int holding how many
1624 * times we've seen it for a randomly generated (hopefully bogus) address. It
1625 * would be easier to use definitely-invalid addresses (as specified by
1626 * RFC2606), but see comment in dns_launch_wildcard_checks(). */
1627 static strmap_t *dns_wildcard_response_count = NULL;
1628
1629 /** If present, a list of dotted-quad IP addresses that we are pretty sure our
1630 * nameserver wants to return in response to requests for nonexistent domains.
1631 */
1632 static smartlist_t *dns_wildcard_list = NULL;
1633
1634 /** Called when we see <b>id</b> (a dotted quad) in response to a request for
1635 * a hopefully bogus address. */
1636 static void
1637 wildcard_increment_answer(const char *id)
1638 {
1639 int *ip;
1640 static int notice_given = 0;
1641 if (!dns_wildcard_response_count)
1642 dns_wildcard_response_count = strmap_new();
1643
1644 ip = strmap_get(dns_wildcard_response_count, id); // may be null (0)
1645 if (!ip) {
1646 ip = tor_malloc_zero(sizeof(int));
1647 strmap_set(dns_wildcard_response_count, id, ip);
1648 }
1649 ++*ip;
1650
1651 if (*ip > 5 && n_wildcard_requests > 10) {
1652 if (!dns_wildcard_list) dns_wildcard_list = smartlist_create();
1653 if (!smartlist_string_isin(dns_wildcard_list, id)) {
1654 log(notice_given ? LOG_INFO : LOG_NOTICE, LD_EXIT,
1655 "Your DNS provider has given \"%s\" as an answer for %d different "
1656 "invalid addresses. Apparently they are hijacking DNS failures. "
1657 "I'll trying to correct for this by treating future occurrences of "
1658 "\"%s\" as 'not found'.", id, *ip, id);
1659 smartlist_add(dns_wildcard_list, tor_strdup(id));
1660 }
1661 }
1662 }
1663
1664 /** Callback function when we get an answer (possibly failing) for a request
1665 * for a (hopefully) nonexistent domain. */
1666 static void
1667 evdns_wildcard_check_callback(int result, char type, int count, int ttl,
1668 void *addresses, void *arg)
1669 {
1670 static int notice_given = 0;
1671 (void)ttl;
1672 ++n_wildcard_requests;
1673 if (result == DNS_ERR_NONE && type == DNS_IPv4_A && count) {
1674 uint32_t *addrs = addresses;
1675 int i;
1676 char *string_address = arg;
1677 for (i = 0; i < count; ++i) {
1678 char answer_buf[INET_NTOA_BUF_LEN+1];
1679 struct in_addr in;
1680 in.s_addr = addrs[i];
1681 tor_inet_ntoa(&in, answer_buf, sizeof(answer_buf));
1682 wildcard_increment_answer(answer_buf);
1683 }
1684 log(notice_given ? LOG_INFO : LOG_NOTICE, LD_EXIT,
1685 "Your DNS provider gave an answer for \"%s\", which "
1686 "is not supposed to exist. Apparently they are hijacking "
1687 "DNS failures. Trying to correct for this. We've noticed %d possibly "
1688 "bad addresses so far.",
1689 string_address, strmap_size(dns_wildcard_response_count));
1690 notice_given = 1;
1691 }
1692 tor_free(arg);
1693 }
1694
1695 /** Launch a single request for a nonexistent hostname consisting of between
1696 * <b>min_len</b> and <b>max_len</b> random (plausible) characters followed by
1697 * <b>suffix</b> */
1698 static void
1699 launch_wildcard_check(int min_len, int max_len, const char *suffix)
1700 {
1701 char random_bytes[20], name[64], *addr;
1702 size_t len;
1703 int r;
1704
1705 len = min_len + crypto_rand_int(max_len-min_len+1);
1706 if (crypto_rand(random_bytes, sizeof(random_bytes)) < 0)
1707 return;
1708 base32_encode(name, sizeof(name), random_bytes, sizeof(random_bytes));
1709 name[len] = '\0';
1710 strlcat(name, suffix, sizeof(name));
1711
1712 addr = tor_strdup(name);
1713 r = evdns_resolve_ipv4(name, DNS_QUERY_NO_SEARCH,
1714 evdns_wildcard_check_callback, addr);
1715 if (r)
1716 tor_free(addr);
1717 }
1718
1719 #define N_WILDCARD_CHECKS 2
1720
1721 /** Launch DNS requests for a few nonexistent hostnames, and see if we can
1722 * catch our nameserver trying to hijack them and map them to a stupid "I
1723 * couldn't find ggoogle.com but maybe you'd like to buy these lovely
1724 * encyclopedias" page. */
1725 void
1726 dns_launch_wildcard_checks(void)
1727 {
1728 int i;
1729 if (!get_options()->ServerDNSDetectHijacking)
1730 return;
1731 log_info(LD_EXIT, "Launching checks to see whether our nameservers like "
1732 "to hijack DNS failures.");
1733 for (i = 0; i < N_WILDCARD_CHECKS; ++i) {
1734 /* RFC2606 reserves these. Sadly, some DNS hijackers, in a silly attempt
1735 * to 'comply' with rfc2606, refrain from giving A records for these.
1736 * This is the standards-compliance equivalent of making sure that your
1737 * crackhouse's elevator inspection certificate is up to date.
1738 */
1739 launch_wildcard_check(2, 16, ".invalid");
1740 launch_wildcard_check(2, 16, ".test");
1741
1742 /* These will break specs if there are ever any number of
1743 * 8+-character top-level domains. */
1744 launch_wildcard_check(8, 16, "");
1745
1746 /* Try some random .com/org/net domains. This will work fine so long as
1747 * not too many resolve to the same place. */
1748 launch_wildcard_check(8, 16, ".com");
1749 launch_wildcard_check(8, 16, ".org");
1750 launch_wildcard_check(8, 16, ".net");
1751 }
1752 }
1753
1754 /** Return true iff we have noticed that the dotted-quad <b>ip</b> has been
1755 * returned in response to requests for nonexistent hostnames. */
1756 static int
1757 answer_is_wildcarded(const char *ip)
1758 {
1759 return dns_wildcard_list && smartlist_string_isin(dns_wildcard_list, ip);
1760 }
1761 #endif /* USE_EVENTDNS */
1762
1763 /** Exit with an assertion if <b>resolve</b> is corrupt. */
1764 static void
1765 assert_resolve_ok(cached_resolve_t *resolve)
1766 {
1767 tor_assert(resolve);
1768 tor_assert(resolve->magic == CACHED_RESOLVE_MAGIC);
1769 tor_assert(strlen(resolve->address) < MAX_ADDRESSLEN);
1770 tor_assert(tor_strisnonupper(resolve->address));
1771 if (resolve->state != CACHE_STATE_PENDING) {
1772 tor_assert(!resolve->pending_connections);
1773 }
1774 if (resolve->state == CACHE_STATE_PENDING ||
1775 resolve->state == CACHE_STATE_DONE) {
1776 tor_assert(!resolve->ttl);
1777 if (resolve->is_reverse)
1778 tor_assert(!resolve->result.hostname);
1779 else
1780 tor_assert(!resolve->result.addr);
1781 }
1782 }
1783
1784 #ifdef DEBUG_DNS_CACHE
1785 /** Exit with an assertion if the DNS cache is corrupt. */
1786 static void
1787 _assert_cache_ok(void)
1788 {
1789 cached_resolve_t **resolve;
1790 int bad_rep = _cache_map_HT_REP_IS_BAD(&cache_root);
1791 if (bad_rep) {
1792 log_err(LD_BUG, "Bad rep type %d on dns cache hash table", bad_rep);
1793 tor_assert(!bad_rep);
1794 }
1795
1796 HT_FOREACH(resolve, cache_map, &cache_root) {
1797 assert_resolve_ok(*resolve);
1798 tor_assert((*resolve)->state != CACHE_STATE_DONE);
1799 }
1800 if (!cached_resolve_pqueue)
1801 return;
1802
1803 smartlist_pqueue_assert_ok(cached_resolve_pqueue,
1804 _compare_cached_resolves_by_expiry);
1805 }
1806 #endif
1807
The Onion Router