_public_
int knot_request_free(mm_ctx_t *mm, struct knot_request *request)
{
if (request->fd >= 0) {
close(request->fd);
}
knot_pkt_free(&request->query);
knot_pkt_free(&request->resp);
rem_node(&request->node);
mm_free(mm, request);
return KNOT_EOK;
}
/* Resolve query and check answer for sanity (2 TAP tests). */
static void exec_query(knot_layer_t *query_ctx, const char *name,
knot_pkt_t *query,
uint8_t expected_rcode)
{
knot_pkt_t *answer = knot_pkt_new(NULL, KNOT_WIRE_MAX_PKTSIZE, NULL);
assert(answer);
/* Input packet. */
knot_pkt_parse(query, 0);
int state = knot_layer_consume(query_ctx, query);
ok(state & (KNOT_STATE_PRODUCE|KNOT_STATE_FAIL), "ns: process %s query", name);
/* Create answer. */
state = knot_layer_produce(query_ctx, answer);
if (state & KNOT_STATE_FAIL) {
/* Allow 1 generic error response. */
state = knot_layer_produce(query_ctx, answer);
}
ok(state == KNOT_STATE_DONE, "ns: answer %s query", name);
/* Check answer. */
answer_sanity_check(query->wire, answer->wire, answer->size, expected_rcode, name);
knot_pkt_free(&answer);
}
static int wrk_resolve(lua_State *L)
{
struct worker_ctx *worker = wrk_luaget(L);
if (!worker) {
return 0;
}
/* Create query packet */
knot_pkt_t *pkt = knot_pkt_new(NULL, KNOT_EDNS_MAX_UDP_PAYLOAD, NULL);
if (!pkt) {
lua_pushstring(L, strerror(ENOMEM));
lua_error(L);
}
uint8_t dname[KNOT_DNAME_MAXLEN];
knot_dname_from_str(dname, lua_tostring(L, 1), sizeof(dname));
/* Check class and type */
uint16_t rrtype = lua_tointeger(L, 2);
if (!lua_isnumber(L, 2)) {
lua_pushstring(L, "invalid RR type");
lua_error(L);
}
uint16_t rrclass = lua_tointeger(L, 3);
if (!lua_isnumber(L, 3)) { /* Default class is IN */
rrclass = KNOT_CLASS_IN;
}
knot_pkt_put_question(pkt, dname, rrclass, rrtype);
knot_wire_set_rd(pkt->wire);
/* Add OPT RR */
pkt->opt_rr = knot_rrset_copy(worker->engine->resolver.opt_rr, NULL);
if (!pkt->opt_rr) {
return kr_error(ENOMEM);
}
/* Add completion callback */
int ret = 0;
unsigned options = lua_tointeger(L, 4);
if (lua_isfunction(L, 5)) {
/* Store callback in registry */
lua_pushvalue(L, 5);
int cb = luaL_ref(L, LUA_REGISTRYINDEX);
ret = worker_resolve(worker, pkt, options, resolve_callback, (void *) (intptr_t)cb);
} else {
ret = worker_resolve(worker, pkt, options, NULL, NULL);
}
knot_rrset_free(&pkt->opt_rr, NULL);
knot_pkt_free(&pkt);
lua_pushboolean(L, ret == 0);
return 1;
}
int main(int argc, char *argv[])
{
plan(25);
/* Create memory pool context. */
int ret = 0;
knot_mm_t mm;
mm_ctx_mempool(&mm, MM_DEFAULT_BLKSIZE);
/* Create names and data. */
knot_dname_t* dnames[NAMECOUNT] = {0};
knot_rrset_t* rrsets[NAMECOUNT] = {0};
for (unsigned i = 0; i < NAMECOUNT; ++i) {
dnames[i] = knot_dname_from_str_alloc(g_names[i]);
}
uint8_t *edns_str = (uint8_t *)"ab";
/* Create OPT RR. */
knot_rrset_t opt_rr;
ret = knot_edns_init(&opt_rr, 1024, 0, 0, &mm);
if (ret != KNOT_EOK) {
skip_block(25, "Failed to initialize OPT RR.");
return 0;
}
/* Add NSID */
ret = knot_edns_add_option(&opt_rr, KNOT_EDNS_OPTION_NSID,
strlen((char *)edns_str), edns_str, &mm);
if (ret != KNOT_EOK) {
knot_rrset_clear(&opt_rr, &mm);
skip_block(25, "Failed to add NSID to OPT RR.");
return 0;
}
/*
* Packet writer tests.
*/
/* Create packet. */
knot_pkt_t *out = knot_pkt_new(NULL, MM_DEFAULT_BLKSIZE, &mm);
ok(out != NULL, "pkt: new");
/* Mark as response (not part of the test). */
knot_wire_set_qr(out->wire);
/* Secure packet. */
const char *tsig_secret = "abcd";
knot_tsig_key_t tsig_key;
tsig_key.algorithm = DNSSEC_TSIG_HMAC_MD5;
tsig_key.name = dnames[0];
tsig_key.secret.data = (uint8_t *)strdup(tsig_secret);
tsig_key.secret.size = strlen(tsig_secret);
ret = knot_pkt_reserve(out, knot_tsig_wire_maxsize(&tsig_key));
ok(ret == KNOT_EOK, "pkt: set TSIG key");
/* Write question. */
ret = knot_pkt_put_question(out, dnames[0], KNOT_CLASS_IN, KNOT_RRTYPE_A);
ok(ret == KNOT_EOK, "pkt: put question");
/* Add OPT to packet (empty NSID). */
ret = knot_pkt_reserve(out, knot_edns_wire_size(&opt_rr));
ok(ret == KNOT_EOK, "pkt: reserve OPT RR");
/* Begin ANSWER section. */
ret = knot_pkt_begin(out, KNOT_ANSWER);
ok(ret == KNOT_EOK, "pkt: begin ANSWER");
/* Write ANSWER section. */
rrsets[0] = knot_rrset_new(dnames[0], KNOT_RRTYPE_A, KNOT_CLASS_IN, NULL);
knot_dname_free(&dnames[0], NULL);
knot_rrset_add_rdata(rrsets[0], RDVAL(0), RDLEN(0), TTL, NULL);
ret = knot_pkt_put(out, KNOT_COMPR_HINT_QNAME, rrsets[0], 0);
ok(ret == KNOT_EOK, "pkt: write ANSWER");
/* Begin AUTHORITY. */
ret = knot_pkt_begin(out, KNOT_AUTHORITY);
ok(ret == KNOT_EOK, "pkt: begin AUTHORITY");
/* Write rest to AUTHORITY. */
ret = KNOT_EOK;
for (unsigned i = 1; i < NAMECOUNT; ++i) {
rrsets[i] = knot_rrset_new(dnames[i], KNOT_RRTYPE_NS, KNOT_CLASS_IN, NULL);
knot_dname_free(&dnames[i], NULL);
knot_rrset_add_rdata(rrsets[i], RDVAL(i), RDLEN(i), TTL, NULL);
ret |= knot_pkt_put(out, KNOT_COMPR_HINT_NONE, rrsets[i], 0);
}
ok(ret == KNOT_EOK, "pkt: write AUTHORITY(%u)", NAMECOUNT - 1);
/* Begin ADDITIONALS */
ret = knot_pkt_begin(out, KNOT_ADDITIONAL);
ok(ret == KNOT_EOK, "pkt: begin ADDITIONALS");
/* Encode OPT RR. */
ret = knot_pkt_put(out, KNOT_COMPR_HINT_NONE, &opt_rr, 0);
ok(ret == KNOT_EOK, "pkt: write OPT RR");
/*
* Packet reader tests.
*/
/* Create new packet from query packet. */
knot_pkt_t *in = knot_pkt_new(out->wire, out->size, &out->mm);
ok(in != NULL, "pkt: create packet for parsing");
/* Read packet header. */
ret = knot_pkt_parse_question(in);
ok(ret == KNOT_EOK, "pkt: read header");
/* Read packet payload. */
ret = knot_pkt_parse_payload(in, 0);
ok(ret == KNOT_EOK, "pkt: read payload");
/* Compare parsed packet to written packet. */
packet_match(in, out);
/*
* Copied packet tests.
*/
knot_pkt_t *copy = knot_pkt_new(NULL, in->max_size, &in->mm);
ret = knot_pkt_copy(copy, in);
ok(ret == KNOT_EOK, "pkt: create packet copy");
/* Compare copied packet to original. */
packet_match(in, copy);
/* Free packets. */
knot_pkt_free(©);
knot_pkt_free(&out);
knot_pkt_free(&in);
ok(in == NULL && out == NULL && copy == NULL, "pkt: free");
/* Free extra data. */
for (unsigned i = 0; i < NAMECOUNT; ++i) {
knot_rrset_free(&rrsets[i], NULL);
}
free(tsig_key.secret.data);
mp_delete((struct mempool *)mm.ctx);
return 0;
}
/*!
* \brief TCP event handler function.
*/
static int tcp_handle(tcp_context_t *tcp, int fd,
struct iovec *rx, struct iovec *tx)
{
/* Create query processing parameter. */
struct sockaddr_storage ss;
memset(&ss, 0, sizeof(struct sockaddr_storage));
struct process_query_param param = {0};
param.socket = fd;
param.remote = &ss;
param.server = tcp->server;
param.thread_id = tcp->thread_id;
rx->iov_len = KNOT_WIRE_MAX_PKTSIZE;
tx->iov_len = KNOT_WIRE_MAX_PKTSIZE;
/* Receive peer name. */
socklen_t addrlen = sizeof(struct sockaddr_storage);
if (getpeername(fd, (struct sockaddr *)&ss, &addrlen) < 0) {
;
}
/* Timeout. */
rcu_read_lock();
conf_val_t *val = &conf()->cache.srv_tcp_reply_timeout;
int timeout = conf_int(val) * 1000;
rcu_read_unlock();
/* Receive data. */
int ret = net_dns_tcp_recv(fd, rx->iov_base, rx->iov_len, timeout);
if (ret <= 0) {
if (ret == KNOT_EAGAIN) {
char addr_str[SOCKADDR_STRLEN] = {0};
sockaddr_tostr(addr_str, sizeof(addr_str), &ss);
log_warning("TCP, connection timed out, address '%s'",
addr_str);
}
return KNOT_ECONNREFUSED;
} else {
rx->iov_len = ret;
}
knot_mm_t *mm = tcp->overlay.mm;
/* Initialize processing overlay. */
ret = knot_overlay_init(&tcp->overlay, mm);
if (ret != KNOT_EOK) {
return ret;
}
ret = knot_overlay_add(&tcp->overlay, NS_PROC_QUERY, ¶m);
if (ret != KNOT_EOK) {
return ret;
}
/* Create packets. */
knot_pkt_t *ans = knot_pkt_new(tx->iov_base, tx->iov_len, mm);
knot_pkt_t *query = knot_pkt_new(rx->iov_base, rx->iov_len, mm);
/* Input packet. */
(void) knot_pkt_parse(query, 0);
int state = knot_overlay_consume(&tcp->overlay, query);
/* Resolve until NOOP or finished. */
ret = KNOT_EOK;
while (state & (KNOT_STATE_PRODUCE|KNOT_STATE_FAIL)) {
state = knot_overlay_produce(&tcp->overlay, ans);
/* Send, if response generation passed and wasn't ignored. */
if (ans->size > 0 && !(state & (KNOT_STATE_FAIL|KNOT_STATE_NOOP))) {
if (net_dns_tcp_send(fd, ans->wire, ans->size, timeout) != ans->size) {
ret = KNOT_ECONNREFUSED;
break;
}
}
}
/* Reset after processing. */
knot_overlay_finish(&tcp->overlay);
knot_overlay_deinit(&tcp->overlay);
/* Cleanup. */
knot_pkt_free(&query);
knot_pkt_free(&ans);
return ret;
}
int main(int argc, char *argv[])
{
plan(10);
/* Prepare query. */
knot_pkt_t *query = knot_pkt_new(NULL, 512, NULL);
if (query == NULL) {
return KNOT_ERROR; /* Fatal */
}
knot_dname_t *qname = knot_dname_from_str("beef.");
int ret = knot_pkt_put_question(query, qname, KNOT_CLASS_IN, KNOT_RRTYPE_A);
knot_dname_free(&qname, NULL);
if (ret != KNOT_EOK) {
knot_pkt_free(&query);
return KNOT_ERROR; /* Fatal */
}
/* Prepare response */
uint8_t rbuf[65535];
size_t rlen = sizeof(rbuf);
memcpy(rbuf, query->wire, query->size);
knot_wire_flags_set_qr(rbuf);
rrl_req_t rq;
rq.w = rbuf;
rq.len = rlen;
rq.query = query;
rq.flags = 0;
/* 1. create rrl table */
rrl_table_t *rrl = rrl_create(RRL_SIZE);
ok(rrl != NULL, "rrl: create");
/* 2. set rate limit */
uint32_t rate = 10;
rrl_setrate(rrl, rate);
is_int(rate, rrl_rate(rrl), "rrl: setrate");
/* 3. setlocks */
ret = rrl_setlocks(rrl, RRL_LOCKS);
is_int(KNOT_EOK, ret, "rrl: setlocks");
/* 4. N unlimited requests. */
conf_zone_t *zone_conf = malloc(sizeof(conf_zone_t));
conf_init_zone(zone_conf);
zone_conf->name = strdup("rrl.");
zone_t *zone = zone_new(zone_conf);
struct sockaddr_storage addr;
struct sockaddr_storage addr6;
sockaddr_set(&addr, AF_INET, "1.2.3.4", 0);
sockaddr_set(&addr6, AF_INET6, "1122:3344:5566:7788::aabb", 0);
ret = 0;
for (unsigned i = 0; i < rate; ++i) {
if (rrl_query(rrl, &addr, &rq, zone) != KNOT_EOK ||
rrl_query(rrl, &addr6, &rq, zone) != KNOT_EOK) {
ret = KNOT_ELIMIT;
break;
}
}
is_int(0, ret, "rrl: unlimited IPv4/v6 requests");
#ifdef ENABLE_TIMED_TESTS
/* 5. limited request */
ret = rrl_query(rrl, &addr, &rq, zone);
is_int(0, ret, "rrl: throttled IPv4 request");
/* 6. limited IPv6 request */
ret = rrl_query(rrl, &addr6, &rq, zone);
is_int(0, ret, "rrl: throttled IPv6 request");
#else
skip_block(2, "Timed tests not enabled");
#endif
/* 7. invalid values. */
ret = 0;
rrl_create(0); // NULL
ret += rrl_setrate(0, 0); // 0
ret += rrl_rate(0); // 0
ret += rrl_setlocks(0,0); // -1
ret += rrl_query(0, 0, 0, 0); // -1
ret += rrl_query(rrl, 0, 0, 0); // -1
ret += rrl_query(rrl, (void*)0x1, 0, 0); // -1
ret += rrl_destroy(0); // -1
is_int(-488, ret, "rrl: not crashed while executing functions on NULL context");
#ifdef ENABLE_TIMED_TESTS
/* 8. hopscotch test */
struct runnable_data rd = {
1, rrl, &addr, &rq, zone
};
rrl_hopscotch(&rd);
ok(rd.passed, "rrl: hashtable is ~ consistent");
/* 9. reseed */
is_int(0, rrl_reseed(rrl), "rrl: reseed");
/* 10. hopscotch after reseed. */
rrl_hopscotch(&rd);
ok(rd.passed, "rrl: hashtable is ~ consistent");
#else
skip_block(3, "Timed tests not enabled");
#endif
zone_free(&zone);
knot_pkt_free(&query);
rrl_destroy(rrl);
return 0;
}
/*!
* \brief Create a zone event query, send it, wait for the response and process it.
*
* \note Everything in this function is executed synchronously, returns when
* the query processing is either complete or an error occurs.
*/
static int zone_query_execute(conf_t *conf, zone_t *zone, uint16_t pkt_type,
const conf_remote_t *remote)
{
/* Create a memory pool for this task. */
knot_mm_t mm;
mm_ctx_mempool(&mm, MM_DEFAULT_BLKSIZE);
/* Create a query message. */
knot_pkt_t *query = zone_query(zone, pkt_type, &mm);
if (query == NULL) {
mp_delete(mm.ctx);
return KNOT_ENOMEM;
}
/* Set EDNS section. */
int ret = prepare_edns(conf, zone, query);
if (ret != KNOT_EOK) {
knot_pkt_free(&query);
mp_delete(mm.ctx);
return ret;
}
/* Answer processing parameters. */
struct process_answer_param param = {
.zone = zone,
.conf = conf,
.query = query,
.remote = &remote->addr
};
const knot_tsig_key_t *key = remote->key.name != NULL ?
&remote->key : NULL;
tsig_init(¶m.tsig_ctx, key);
ret = tsig_sign_packet(¶m.tsig_ctx, query);
if (ret != KNOT_EOK) {
tsig_cleanup(¶m.tsig_ctx);
knot_pkt_free(&query);
mp_delete(mm.ctx);
return ret;
}
/* Process the query. */
ret = zone_query_request(query, remote, ¶m, &mm);
/* Cleanup. */
tsig_cleanup(¶m.tsig_ctx);
knot_pkt_free(&query);
mp_delete(mm.ctx);
return ret;
}
/* @note Module specific, expects some variables set. */
#define ZONE_XFER_LOG(severity, pkt_type, msg, ...) \
if (pkt_type == KNOT_QUERY_AXFR) { \
ZONE_QUERY_LOG(severity, zone, master, "AXFR, incoming", msg, ##__VA_ARGS__); \
} else { \
ZONE_QUERY_LOG(severity, zone, master, "IXFR, incoming", msg, ##__VA_ARGS__); \
}
/*! \brief Execute zone transfer request. */
static int zone_query_transfer(conf_t *conf, zone_t *zone, const conf_remote_t *master,
uint16_t pkt_type)
{
assert(zone);
assert(master);
int ret = zone_query_execute(conf, zone, pkt_type, master);
if (ret != KNOT_EOK) {
/* IXFR failed, revert to AXFR. */
if (pkt_type == KNOT_QUERY_IXFR) {
ZONE_XFER_LOG(LOG_NOTICE, pkt_type, "fallback to AXFR");
return zone_query_transfer(conf, zone, master, KNOT_QUERY_AXFR);
}
/* Log connection errors. */
ZONE_XFER_LOG(LOG_WARNING, pkt_type, "failed (%s)", knot_strerror(ret));
}
return ret;
}
/*!
* \brief TCP event handler function.
*/
static int tcp_handle(tcp_context_t *tcp, int fd,
struct iovec *rx, struct iovec *tx)
{
/* Create query processing parameter. */
struct sockaddr_storage ss;
memset(&ss, 0, sizeof(struct sockaddr_storage));
struct process_query_param param = {0};
param.socket = fd;
param.remote = &ss;
param.server = tcp->server;
param.thread_id = tcp->thread_id;
rx->iov_len = KNOT_WIRE_MAX_PKTSIZE;
tx->iov_len = KNOT_WIRE_MAX_PKTSIZE;
/* Receive peer name. */
socklen_t addrlen = sizeof(struct sockaddr_storage);
if (getpeername(fd, (struct sockaddr *)&ss, &addrlen) < 0) {
;
}
/* Timeout. */
struct timeval tmout = { conf()->max_conn_reply, 0 };
/* Receive data. */
int ret = tcp_recv_msg(fd, rx->iov_base, rx->iov_len, &tmout);
if (ret <= 0) {
dbg_net("tcp: client on fd=%d disconnected\n", fd);
if (ret == KNOT_EAGAIN) {
rcu_read_lock();
char addr_str[SOCKADDR_STRLEN] = {0};
sockaddr_tostr(addr_str, sizeof(addr_str), &ss);
log_warning("connection timed out, address '%s', "
"timeout %d seconds",
addr_str, conf()->max_conn_idle);
rcu_read_unlock();
}
return KNOT_ECONNREFUSED;
} else {
rx->iov_len = ret;
}
/* Create packets. */
mm_ctx_t *mm = tcp->overlay.mm;
knot_pkt_t *ans = knot_pkt_new(tx->iov_base, tx->iov_len, mm);
knot_pkt_t *query = knot_pkt_new(rx->iov_base, rx->iov_len, mm);
/* Initialize processing overlay. */
knot_overlay_init(&tcp->overlay, mm);
knot_overlay_add(&tcp->overlay, NS_PROC_QUERY, ¶m);
/* Input packet. */
int state = knot_overlay_in(&tcp->overlay, query);
/* Resolve until NOOP or finished. */
ret = KNOT_EOK;
while (state & (KNOT_NS_PROC_FULL|KNOT_NS_PROC_FAIL)) {
state = knot_overlay_out(&tcp->overlay, ans);
/* Send, if response generation passed and wasn't ignored. */
if (ans->size > 0 && !(state & (KNOT_NS_PROC_FAIL|KNOT_NS_PROC_NOOP))) {
if (tcp_send_msg(fd, ans->wire, ans->size) != ans->size) {
ret = KNOT_ECONNREFUSED;
break;
}
}
}
/* Reset after processing. */
knot_overlay_finish(&tcp->overlay);
knot_overlay_deinit(&tcp->overlay);
/* Cleanup. */
knot_pkt_free(&query);
knot_pkt_free(&ans);
return ret;
}
