static DCPluginSyncFilterResult
apply_block_ips(DCPluginDNSPacket *dcp_packet, Blocking * const blocking,
ldns_pkt * const packet)
{
StrList *scanned;
ldns_rr_list *answers;
ldns_rr *answer;
char *answer_str;
ldns_rr_type type;
size_t answers_count;
size_t i;
answers = ldns_pkt_answer(packet);
answers_count = ldns_rr_list_rr_count(answers);
for (i = (size_t) 0U; i < answers_count; i++) {
answer = ldns_rr_list_rr(answers, i);
type = ldns_rr_get_type(answer);
if (type != LDNS_RR_TYPE_A && type != LDNS_RR_TYPE_AAAA) {
continue;
}
if ((answer_str = ldns_rdf2str(ldns_rr_a_address(answer))) == NULL) {
return DCP_SYNC_FILTER_RESULT_FATAL;
}
scanned = blocking->ips;
do {
if (strcasecmp(scanned->str, answer_str) == 0) {
LDNS_RCODE_SET(dcplugin_get_wire_data(dcp_packet),
LDNS_RCODE_REFUSED);
break;
}
} while ((scanned = scanned->next) != NULL);
free(answer_str);
}
return DCP_SYNC_FILTER_RESULT_OK;
}
DCPluginSyncFilterResult
dcplugin_sync_post_filter(DCPlugin *dcplugin, DCPluginDNSPacket *dcp_packet)
{
Blocking *blocking = dcplugin_get_user_data(dcplugin);
ldns_pkt *packet = NULL;
DCPluginSyncFilterResult result = DCP_SYNC_FILTER_RESULT_OK;
if (blocking->domains == NULL && blocking->ips == NULL) {
return DCP_SYNC_FILTER_RESULT_OK;
}
if (ldns_wire2pkt(&packet, dcplugin_get_wire_data(dcp_packet),
dcplugin_get_wire_data_len(dcp_packet))
!= LDNS_STATUS_OK) {
return DCP_SYNC_FILTER_RESULT_ERROR;
}
if (blocking->domains != NULL &&
(result = apply_block_domains(dcp_packet, blocking, packet)
!= DCP_SYNC_FILTER_RESULT_OK)) {
ldns_pkt_free(packet);
return result;
}
if (blocking->ips != NULL &&
(result = apply_block_ips(dcp_packet, blocking, packet)
!= DCP_SYNC_FILTER_RESULT_OK)) {
ldns_pkt_free(packet);
return result;
}
ldns_pkt_free(packet);
return DCP_SYNC_FILTER_RESULT_OK;
}
static DCPluginSyncFilterResult
apply_block_domains(DCPluginDNSPacket *dcp_packet, Blocking * const blocking,
ldns_pkt * const packet)
{
StrList *scanned;
ldns_rr *question;
char *owner_str;
size_t owner_str_len;
scanned = blocking->domains;
question = ldns_rr_list_rr(ldns_pkt_question(packet), 0U);
if ((owner_str = ldns_rdf2str(ldns_rr_owner(question))) == NULL) {
return DCP_SYNC_FILTER_RESULT_FATAL;
}
owner_str_len = strlen(owner_str);
if (owner_str_len > (size_t) 1U && owner_str[--owner_str_len] == '.') {
owner_str[owner_str_len] = 0;
}
do {
if (wildcard_match(owner_str, scanned->str)) {
LDNS_RCODE_SET(dcplugin_get_wire_data(dcp_packet),
LDNS_RCODE_REFUSED);
break;
}
} while ((scanned = scanned->next) != NULL);
free(owner_str);
return DCP_SYNC_FILTER_RESULT_OK;
}
static DCPluginSyncFilterResult
empty_aaa_sync_pre(DCPlugin *dcplugin, DCPluginDNSPacket *dcp_packet)
{
ldns_pkt *packet;
ldns_rr_list *questions;
uint8_t *wire_data;
DCPluginSyncFilterResult result = DCP_SYNC_FILTER_RESULT_OK;
wire_data = dcplugin_get_wire_data(dcp_packet);
ldns_wire2pkt(&packet, wire_data, dcplugin_get_wire_data_len(dcp_packet));
if (packet == NULL) {
return DCP_SYNC_FILTER_RESULT_ERROR;
}
questions = ldns_pkt_question(packet);
if (ldns_rr_list_rr_count(questions) == (size_t) 1U &&
ldns_rr_get_type(ldns_rr_list_rr(questions,
(size_t) 0U)) == LDNS_RR_TYPE_AAAA) {
LDNS_QR_SET(wire_data);
LDNS_RA_SET(wire_data);
result = DCP_SYNC_FILTER_RESULT_DIRECT;
}
ldns_pkt_free(packet);
return result;
}
DCPluginSyncFilterResult
dcplugin_sync_pre_filter(DCPlugin *dcplugin, DCPluginDNSPacket *dcp_packet)
{
uint8_t *new_packet;
ldns_rdf *edns_data;
ldns_pkt *packet;
size_t new_packet_size;
ldns_wire2pkt(&packet, dcplugin_get_wire_data(dcp_packet),
dcplugin_get_wire_data_len(dcp_packet));
edns_data = ldns_rdf_new_frm_str(LDNS_RDF_TYPE_HEX,
dcplugin_get_user_data(dcplugin));
ldns_pkt_set_edns_data(packet, edns_data);
ldns_pkt2wire(&new_packet, packet, &new_packet_size);
if (dcplugin_get_wire_data_max_len(dcp_packet) >= new_packet_size) {
dcplugin_set_wire_data(dcp_packet, new_packet, new_packet_size);
}
free(new_packet);
ldns_pkt_free(packet);
return DCP_SYNC_FILTER_RESULT_OK;
}
DCPluginSyncFilterResult
dcplugin_sync_pre_filter(DCPlugin *dcplugin, DCPluginDNSPacket *dcp_packet)
{
FILE *fp = dcplugin_get_user_data(dcplugin);
const unsigned char *wire_data = dcplugin_get_wire_data(dcp_packet);
size_t wire_data_len = dcplugin_get_wire_data_len(dcp_packet);
size_t i = (size_t) 12U;
size_t csize = (size_t) 0U;
unsigned short type;
unsigned char c;
_Bool first = 1;
if (wire_data_len < 15U || wire_data[4] != 0U || wire_data[5] != 1U) {
return DCP_SYNC_FILTER_RESULT_ERROR;
}
if (wire_data[i] == 0U) {
putc_unlocked('.', fp);
}
while (i < wire_data_len && (csize = wire_data[i]) != 0U &&
csize < wire_data_len - i) {
i++;
if (first != 0) {
first = 0;
} else {
putc_unlocked('.', fp);
}
string_fprint(fp, &wire_data[i], csize);
i += csize;
}
type = 0U;
if (i < wire_data_len - 2U) {
type = (wire_data[i + 1U] << 8) + wire_data[i + 2U];
}
if (type == 0x01) {
fputs("\t[A]\n", fp);
} else if (type == 0x02) {
fputs("\t[NS]\n", fp);
} else if (type == 0x0f) {
fputs("\t[MX]\n", fp);
} else if (type == 0x1c) {
fputs("\t[AAAA]\n", fp);
} else {
fprintf(fp, "\t[0x%02hX]\n", type);
}
fflush(fp);
return DCP_SYNC_FILTER_RESULT_OK;
}
DCPluginSyncFilterResult
dcplugin_sync_post_filter(DCPlugin *dcplugin, DCPluginDNSPacket *dcp_packet)
{
Context *context = dcplugin_get_user_data(dcplugin);
ldns_pkt *packet;
DCPluginSyncFilterResult result = DCP_SYNC_FILTER_RESULT_OK;
if (context->blacklist == NULL) {
return DCP_SYNC_FILTER_RESULT_OK;
}
if (ldns_wire2pkt(&packet, dcplugin_get_wire_data(dcp_packet),
dcplugin_get_wire_data_len(dcp_packet)) != LDNS_STATUS_OK) {
return DCP_SYNC_FILTER_RESULT_ERROR;
}
if ((result = apply_block_ips(dcp_packet, context, packet)
!= DCP_SYNC_FILTER_RESULT_OK)) {
ldns_pkt_free(packet);
return result;
}
ldns_pkt_free(packet);
return DCP_SYNC_FILTER_RESULT_OK;
}
