static DCPluginSyncFilterResult apply_block_ips(DCPluginDNSPacket *dcp_packet, Blocking * const blocking, ldns_pkt * const packet) { StrList *scanned; ldns_rr_list *answers; ldns_rr *answer; char *answer_str; ldns_rr_type type; size_t answers_count; size_t i; answers = ldns_pkt_answer(packet); answers_count = ldns_rr_list_rr_count(answers); for (i = (size_t) 0U; i < answers_count; i++) { answer = ldns_rr_list_rr(answers, i); type = ldns_rr_get_type(answer); if (type != LDNS_RR_TYPE_A && type != LDNS_RR_TYPE_AAAA) { continue; } if ((answer_str = ldns_rdf2str(ldns_rr_a_address(answer))) == NULL) { return DCP_SYNC_FILTER_RESULT_FATAL; } scanned = blocking->ips; do { if (strcasecmp(scanned->str, answer_str) == 0) { LDNS_RCODE_SET(dcplugin_get_wire_data(dcp_packet), LDNS_RCODE_REFUSED); break; } } while ((scanned = scanned->next) != NULL); free(answer_str); } return DCP_SYNC_FILTER_RESULT_OK; }
DCPluginSyncFilterResult dcplugin_sync_post_filter(DCPlugin *dcplugin, DCPluginDNSPacket *dcp_packet) { Blocking *blocking = dcplugin_get_user_data(dcplugin); ldns_pkt *packet = NULL; DCPluginSyncFilterResult result = DCP_SYNC_FILTER_RESULT_OK; if (blocking->domains == NULL && blocking->ips == NULL) { return DCP_SYNC_FILTER_RESULT_OK; } if (ldns_wire2pkt(&packet, dcplugin_get_wire_data(dcp_packet), dcplugin_get_wire_data_len(dcp_packet)) != LDNS_STATUS_OK) { return DCP_SYNC_FILTER_RESULT_ERROR; } if (blocking->domains != NULL && (result = apply_block_domains(dcp_packet, blocking, packet) != DCP_SYNC_FILTER_RESULT_OK)) { ldns_pkt_free(packet); return result; } if (blocking->ips != NULL && (result = apply_block_ips(dcp_packet, blocking, packet) != DCP_SYNC_FILTER_RESULT_OK)) { ldns_pkt_free(packet); return result; } ldns_pkt_free(packet); return DCP_SYNC_FILTER_RESULT_OK; }
static DCPluginSyncFilterResult apply_block_domains(DCPluginDNSPacket *dcp_packet, Blocking * const blocking, ldns_pkt * const packet) { StrList *scanned; ldns_rr *question; char *owner_str; size_t owner_str_len; scanned = blocking->domains; question = ldns_rr_list_rr(ldns_pkt_question(packet), 0U); if ((owner_str = ldns_rdf2str(ldns_rr_owner(question))) == NULL) { return DCP_SYNC_FILTER_RESULT_FATAL; } owner_str_len = strlen(owner_str); if (owner_str_len > (size_t) 1U && owner_str[--owner_str_len] == '.') { owner_str[owner_str_len] = 0; } do { if (wildcard_match(owner_str, scanned->str)) { LDNS_RCODE_SET(dcplugin_get_wire_data(dcp_packet), LDNS_RCODE_REFUSED); break; } } while ((scanned = scanned->next) != NULL); free(owner_str); return DCP_SYNC_FILTER_RESULT_OK; }
static DCPluginSyncFilterResult empty_aaa_sync_pre(DCPlugin *dcplugin, DCPluginDNSPacket *dcp_packet) { ldns_pkt *packet; ldns_rr_list *questions; uint8_t *wire_data; DCPluginSyncFilterResult result = DCP_SYNC_FILTER_RESULT_OK; wire_data = dcplugin_get_wire_data(dcp_packet); ldns_wire2pkt(&packet, wire_data, dcplugin_get_wire_data_len(dcp_packet)); if (packet == NULL) { return DCP_SYNC_FILTER_RESULT_ERROR; } questions = ldns_pkt_question(packet); if (ldns_rr_list_rr_count(questions) == (size_t) 1U && ldns_rr_get_type(ldns_rr_list_rr(questions, (size_t) 0U)) == LDNS_RR_TYPE_AAAA) { LDNS_QR_SET(wire_data); LDNS_RA_SET(wire_data); result = DCP_SYNC_FILTER_RESULT_DIRECT; } ldns_pkt_free(packet); return result; }
DCPluginSyncFilterResult dcplugin_sync_pre_filter(DCPlugin *dcplugin, DCPluginDNSPacket *dcp_packet) { uint8_t *new_packet; ldns_rdf *edns_data; ldns_pkt *packet; size_t new_packet_size; ldns_wire2pkt(&packet, dcplugin_get_wire_data(dcp_packet), dcplugin_get_wire_data_len(dcp_packet)); edns_data = ldns_rdf_new_frm_str(LDNS_RDF_TYPE_HEX, dcplugin_get_user_data(dcplugin)); ldns_pkt_set_edns_data(packet, edns_data); ldns_pkt2wire(&new_packet, packet, &new_packet_size); if (dcplugin_get_wire_data_max_len(dcp_packet) >= new_packet_size) { dcplugin_set_wire_data(dcp_packet, new_packet, new_packet_size); } free(new_packet); ldns_pkt_free(packet); return DCP_SYNC_FILTER_RESULT_OK; }
DCPluginSyncFilterResult dcplugin_sync_pre_filter(DCPlugin *dcplugin, DCPluginDNSPacket *dcp_packet) { FILE *fp = dcplugin_get_user_data(dcplugin); const unsigned char *wire_data = dcplugin_get_wire_data(dcp_packet); size_t wire_data_len = dcplugin_get_wire_data_len(dcp_packet); size_t i = (size_t) 12U; size_t csize = (size_t) 0U; unsigned short type; unsigned char c; _Bool first = 1; if (wire_data_len < 15U || wire_data[4] != 0U || wire_data[5] != 1U) { return DCP_SYNC_FILTER_RESULT_ERROR; } if (wire_data[i] == 0U) { putc_unlocked('.', fp); } while (i < wire_data_len && (csize = wire_data[i]) != 0U && csize < wire_data_len - i) { i++; if (first != 0) { first = 0; } else { putc_unlocked('.', fp); } string_fprint(fp, &wire_data[i], csize); i += csize; } type = 0U; if (i < wire_data_len - 2U) { type = (wire_data[i + 1U] << 8) + wire_data[i + 2U]; } if (type == 0x01) { fputs("\t[A]\n", fp); } else if (type == 0x02) { fputs("\t[NS]\n", fp); } else if (type == 0x0f) { fputs("\t[MX]\n", fp); } else if (type == 0x1c) { fputs("\t[AAAA]\n", fp); } else { fprintf(fp, "\t[0x%02hX]\n", type); } fflush(fp); return DCP_SYNC_FILTER_RESULT_OK; }
DCPluginSyncFilterResult dcplugin_sync_post_filter(DCPlugin *dcplugin, DCPluginDNSPacket *dcp_packet) { Context *context = dcplugin_get_user_data(dcplugin); ldns_pkt *packet; DCPluginSyncFilterResult result = DCP_SYNC_FILTER_RESULT_OK; if (context->blacklist == NULL) { return DCP_SYNC_FILTER_RESULT_OK; } if (ldns_wire2pkt(&packet, dcplugin_get_wire_data(dcp_packet), dcplugin_get_wire_data_len(dcp_packet)) != LDNS_STATUS_OK) { return DCP_SYNC_FILTER_RESULT_ERROR; } if ((result = apply_block_ips(dcp_packet, context, packet) != DCP_SYNC_FILTER_RESULT_OK)) { ldns_pkt_free(packet); return result; } ldns_pkt_free(packet); return DCP_SYNC_FILTER_RESULT_OK; }