#include "config.h"
#include <sys/types.h>
#include <sys/socket.h>
#include <errno.h>
#include <fcntl.h>
#include <unistd.h>
#ifndef USE_MINI_EVENT
# ifdef HAVE_EVENT_H
# include <event.h>
# else
# include <event2/event.h>
# include "event2/event_struct.h"
# include "event2/event_compat.h"
# endif
#else
# include "mini_event.h"
#endif
#include "dnstap/dnstap_collector.h"
#include "dnstap/dnstap.h"
#include "util.h"
#include "nsd.h"
#include "region-allocator.h"
#include "buffer.h"
#include "namedb.h"
#include "options.h"
#include "remote.h"
#include "udb.h"
#include "rrl.h"
struct dt_collector* dt_collector_create(struct nsd* nsd)
{
int i, sv[2];
struct dt_collector* dt_col = (struct dt_collector*)xalloc_zero(
sizeof(*dt_col));
dt_col->count = nsd->child_count * 2;
dt_col->dt_env = NULL;
dt_col->region = region_create(xalloc, free);
dt_col->send_buffer = buffer_create(dt_col->region,
4+1+4+1+4+TCP_MAX_MESSAGE_LEN+4+MAXHOSTNAMELEN + 32 +
#ifdef INET6
sizeof(struct sockaddr_storage) + sizeof(struct sockaddr_storage)
#else
sizeof(struct sockaddr_in) + sizeof(struct sockaddr_in)
#endif
);
nsd->dt_collector_fd_send = (int*)xalloc_array_zero(dt_col->count,
sizeof(int));
nsd->dt_collector_fd_recv = (int*)xalloc_array_zero(dt_col->count,
sizeof(int));
for(i=0; i<dt_col->count; i++) {
int sv[2];
int bufsz = buffer_capacity(dt_col->send_buffer);
sv[0] = -1;
sv[1] = -1;
if(socketpair(AF_UNIX, SOCK_DGRAM
#ifdef SOCK_NONBLOCK
| SOCK_NONBLOCK
#endif
, 0, sv) < 0) {
error("dnstap_collector: cannot create communication channel: %s",
strerror(errno));
}
#ifndef SOCK_NONBLOCK
if (fcntl(sv[0], F_SETFL, O_NONBLOCK) == -1) {
log_msg(LOG_ERR, "dnstap_collector receive fd fcntl "
"failed: %s", strerror(errno));
}
if (fcntl(sv[1], F_SETFL, O_NONBLOCK) == -1) {
log_msg(LOG_ERR, "dnstap_collector send fd fcntl "
"failed: %s", strerror(errno));
}
#endif
if(setsockopt(sv[0], SOL_SOCKET, SO_RCVBUF, &bufsz, sizeof(bufsz))) {
log_msg(LOG_ERR, "setting dnstap_collector "
"receive buffer size failed: %s", strerror(errno));
}
if(setsockopt(sv[1], SOL_SOCKET, SO_SNDBUF, &bufsz, sizeof(bufsz))) {
log_msg(LOG_ERR, "setting dnstap_collector "
"send buffer size failed: %s", strerror(errno));
}
nsd->dt_collector_fd_recv[i] = sv[0];
nsd->dt_collector_fd_send[i] = sv[1];
}
nsd->dt_collector_fd_swap = nsd->dt_collector_fd_send + nsd->child_count;
if(socketpair(AF_UNIX, SOCK_STREAM, 0, sv) == -1) {
error("dnstap_collector: cannot create socketpair: %s",
strerror(errno));
}
if(fcntl(sv[0], F_SETFL, O_NONBLOCK) == -1) {
log_msg(LOG_ERR, "fcntl failed: %s", strerror(errno));
}
if(fcntl(sv[1], F_SETFL, O_NONBLOCK) == -1) {
log_msg(LOG_ERR, "fcntl failed: %s", strerror(errno));
}
dt_col->cmd_socket_dt = sv[0];
dt_col->cmd_socket_nsd = sv[1];
return dt_col;
}
void dt_collector_destroy(struct dt_collector* dt_col, struct nsd* nsd)
{
if(!dt_col) return;
free(nsd->dt_collector_fd_recv);
nsd->dt_collector_fd_recv = NULL;
if (nsd->dt_collector_fd_send < nsd->dt_collector_fd_swap)
free(nsd->dt_collector_fd_send);
else
free(nsd->dt_collector_fd_swap);
nsd->dt_collector_fd_send = NULL;
nsd->dt_collector_fd_swap = NULL;
region_destroy(dt_col->region);
free(dt_col);
}
void dt_collector_close(struct dt_collector* dt_col, struct nsd* nsd)
{
int i, *fd_send;
if(!dt_col) return;
if(dt_col->cmd_socket_dt != -1) {
close(dt_col->cmd_socket_dt);
dt_col->cmd_socket_dt = -1;
}
if(dt_col->cmd_socket_nsd != -1) {
close(dt_col->cmd_socket_nsd);
dt_col->cmd_socket_nsd = -1;
}
fd_send = nsd->dt_collector_fd_send < nsd->dt_collector_fd_swap
? nsd->dt_collector_fd_send : nsd->dt_collector_fd_swap;
for(i=0; i<dt_col->count; i++) {
if(nsd->dt_collector_fd_recv[i] != -1) {
close(nsd->dt_collector_fd_recv[i]);
nsd->dt_collector_fd_recv[i] = -1;
}
if(fd_send[i] != -1) {
close(fd_send[i]);
fd_send[i] = -1;
}
}
}
void
dt_handle_cmd_from_nsd(int ATTR_UNUSED(fd), short event, void* arg)
{
struct dt_collector* dt_col = (struct dt_collector*)arg;
if((event&EV_READ) != 0) {
event_base_loopexit(dt_col->event_base, NULL);
}
}
static int recv_into_buffer(int fd, struct buffer* buf)
{
size_t msglen;
ssize_t r;
assert(buffer_position(buf) == 0);
r = recv(fd, buffer_current(buf), buffer_capacity(buf), MSG_DONTWAIT);
if(r == -1) {
if(errno == EAGAIN || errno == EINTR || errno == EMSGSIZE) {
return 0;
}
log_msg(LOG_ERR, "dnstap collector: receive failed: %s",
strerror(errno));
return -1;
}
if(r == 0) {
log_msg(LOG_ERR, "dnstap collector: remote closed connection");
return -1;
}
assert(r > 4);
msglen = buffer_read_u32_at(buf, 0);
if(msglen != (size_t)(r - 4)) {
log_msg(LOG_ERR, "dnstap collector: out of sync (msglen: %u)",
(unsigned int) msglen);
return 0;
}
buffer_skip(buf, r);
buffer_flip(buf);
return 1;
}
static void
dt_submit_content(struct dt_env* dt_env, struct buffer* buf)
{
uint8_t is_response, is_tcp;
#ifdef INET6
struct sockaddr_storage local_addr, addr;
#else
struct sockaddr_in local_addr, addr;
#endif
socklen_t addrlen;
size_t pktlen;
uint8_t* data;
size_t zonelen;
uint8_t* zone;
if(!buffer_available(buf, 4+1+4)) return;
buffer_skip(buf, 4);
is_response = buffer_read_u8(buf);
addrlen = buffer_read_u32(buf);
if(addrlen > sizeof(local_addr) || addrlen > sizeof(addr)) return;
if(!buffer_available(buf, 2*addrlen)) return;
buffer_read(buf, &local_addr, addrlen);
buffer_read(buf, &addr, addrlen);
if(!buffer_available(buf, 1+4)) return;
is_tcp = buffer_read_u8(buf);
pktlen = buffer_read_u32(buf);
if(!buffer_available(buf, pktlen)) return;
data = buffer_current(buf);
buffer_skip(buf, pktlen);
if(!buffer_available(buf, 4)) return;
zonelen = buffer_read_u32(buf);
if(zonelen == 0) {
zone = NULL;
} else {
if(zonelen > MAXDOMAINLEN) return;
if(!buffer_available(buf, zonelen)) return;
zone = buffer_current(buf);
buffer_skip(buf, zonelen);
}
if(is_response) {
dt_msg_send_auth_response(dt_env, &local_addr, &addr, is_tcp, zone,
zonelen, data, pktlen);
} else {
dt_msg_send_auth_query(dt_env, &local_addr, &addr, is_tcp, zone,
zonelen, data, pktlen);
}
}
void
dt_handle_input(int fd, short event, void* arg)
{
struct dt_collector_input* dt_input = (struct dt_collector_input*)arg;
if((event&EV_READ) != 0) {
int r = recv_into_buffer(fd, dt_input->buffer);
if(r == 0)
return;
else if(r < 0) {
event_base_loopexit(dt_input->dt_collector->event_base, NULL);
return;
}
VERBOSITY(4, (LOG_INFO, "dnstap collector: received msg len %d",
(int)buffer_remaining(dt_input->buffer)));
if(dt_input->dt_collector->dt_env) {
dt_submit_content(dt_input->dt_collector->dt_env,
dt_input->buffer);
}
buffer_clear(dt_input->buffer);
}
}
static void dt_init_dnstap(struct dt_collector* dt_col, struct nsd* nsd)
{
int num_workers = 1;
#ifdef HAVE_CHROOT
if(nsd->chrootdir && nsd->chrootdir[0]) {
int l = strlen(nsd->chrootdir)-1;
if (nsd->options->dnstap_socket_path &&
nsd->options->dnstap_socket_path[0] == '/' &&
strncmp(nsd->options->dnstap_socket_path,
nsd->chrootdir, l) == 0)
nsd->options->dnstap_socket_path += l;
}
#endif
dt_col->dt_env = dt_create(nsd->options->dnstap_socket_path,
nsd->options->dnstap_ip, num_workers, nsd->options->dnstap_tls,
nsd->options->dnstap_tls_server_name,
nsd->options->dnstap_tls_cert_bundle,
nsd->options->dnstap_tls_client_key_file,
nsd->options->dnstap_tls_client_cert_file);
if(!dt_col->dt_env) {
log_msg(LOG_ERR, "could not create dnstap env");
return;
}
dt_apply_cfg(dt_col->dt_env, nsd->options);
dt_init(dt_col->dt_env);
}
static void dt_collector_cleanup(struct dt_collector* dt_col, struct nsd* nsd)
{
int i;
dt_delete(dt_col->dt_env);
event_del(dt_col->cmd_event);
for(i=0; i<dt_col->count; i++) {
event_del(dt_col->inputs[i].event);
}
dt_collector_close(dt_col, nsd);
event_base_free(dt_col->event_base);
#ifdef MEMCLEAN
free(dt_col->cmd_event);
if(dt_col->inputs) {
for(i=0; i<dt_col->count; i++) {
free(dt_col->inputs[i].event);
}
free(dt_col->inputs);
}
dt_collector_destroy(dt_col, nsd);
daemon_remote_delete(nsd->rc);
nsd_options_destroy(nsd->options);
region_destroy(nsd->region);
#endif
}
static void dt_attach_events(struct dt_collector* dt_col, struct nsd* nsd)
{
int i;
dt_col->event_base = nsd_child_event_base();
if(!dt_col->event_base) {
error("dnstap collector: event_base create failed");
}
dt_col->cmd_event = (struct event*)xalloc_zero(
sizeof(*dt_col->cmd_event));
event_set(dt_col->cmd_event, dt_col->cmd_socket_dt,
EV_PERSIST|EV_READ, dt_handle_cmd_from_nsd, dt_col);
if(event_base_set(dt_col->event_base, dt_col->cmd_event) != 0)
log_msg(LOG_ERR, "dnstap collector: event_base_set failed");
if(event_add(dt_col->cmd_event, NULL) != 0)
log_msg(LOG_ERR, "dnstap collector: event_add failed");
dt_col->inputs = xalloc_array_zero(dt_col->count,
sizeof(*dt_col->inputs));
for(i=0; i<dt_col->count; i++) {
dt_col->inputs[i].dt_collector = dt_col;
dt_col->inputs[i].event = (struct event*)xalloc_zero(
sizeof(struct event));
event_set(dt_col->inputs[i].event,
nsd->dt_collector_fd_recv[i], EV_PERSIST|EV_READ,
dt_handle_input, &dt_col->inputs[i]);
if(event_base_set(dt_col->event_base,
dt_col->inputs[i].event) != 0)
log_msg(LOG_ERR, "dnstap collector: event_base_set failed");
if(event_add(dt_col->inputs[i].event, NULL) != 0)
log_msg(LOG_ERR, "dnstap collector: event_add failed");
dt_col->inputs[i].buffer = buffer_create(dt_col->region,
4+1+4+1+4+TCP_MAX_MESSAGE_LEN+4+MAXHOSTNAMELEN + 32 +
#ifdef INET6
sizeof(struct sockaddr_storage) + sizeof(struct sockaddr_storage)
#else
sizeof(struct sockaddr_in) + sizeof(struct sockaddr_in)
#endif
);
assert(buffer_capacity(dt_col->inputs[i].buffer) ==
buffer_capacity(dt_col->send_buffer));
}
}
static void dt_collector_run(struct dt_collector* dt_col, struct nsd* nsd)
{
VERBOSITY(1, (LOG_INFO, "dnstap collector started"));
dt_init_dnstap(dt_col, nsd);
dt_attach_events(dt_col, nsd);
if(event_base_loop(dt_col->event_base, 0) == -1) {
error("dnstap collector: event_base_loop failed");
}
VERBOSITY(1, (LOG_INFO, "dnstap collector stopped"));
dt_collector_cleanup(dt_col, nsd);
exit(0);
}
void dt_collector_start(struct dt_collector* dt_col, struct nsd* nsd)
{
int i, *fd_send;
dt_col->dt_pid = fork();
if(dt_col->dt_pid == -1) {
error("dnstap_collector: fork failed: %s", strerror(errno));
}
if(dt_col->dt_pid == 0) {
close(dt_col->cmd_socket_nsd);
dt_col->cmd_socket_nsd = -1;
assert(nsd->dt_collector_fd_send < nsd->dt_collector_fd_swap);
fd_send = nsd->dt_collector_fd_send < nsd->dt_collector_fd_swap
? nsd->dt_collector_fd_send : nsd->dt_collector_fd_swap;
for(i=0; i<dt_col->count; i++) {
if(fd_send[i] != -1) {
close(fd_send[i]);
fd_send[i] = -1;
}
}
#ifdef HAVE_SETPROCTITLE
setproctitle("dnstap_collector");
#endif
#ifdef USE_LOG_PROCESS_ROLE
log_set_process_role("dnstap_collector");
#endif
#ifdef RATELIMIT
rrl_mmap_deinit_keep_mmap();
#endif
udb_base_free_keep_mmap(nsd->task[0]);
udb_base_free_keep_mmap(nsd->task[1]);
namedb_close(nsd->db);
dt_collector_run(dt_col, nsd);
exit(0);
} else {
close(dt_col->cmd_socket_dt);
dt_col->cmd_socket_dt = -1;
for(i=0; i<dt_col->count; i++) {
if(nsd->dt_collector_fd_recv[i] != -1) {
close(nsd->dt_collector_fd_recv[i]);
nsd->dt_collector_fd_recv[i] = -1;
}
}
}
}
static int
prep_send_data(struct buffer* buf, uint8_t is_response,
#ifdef INET6
struct sockaddr_storage* local_addr,
struct sockaddr_storage* addr,
#else
struct sockaddr_in* local_addr,
struct sockaddr_in* addr,
#endif
socklen_t addrlen, int is_tcp, struct buffer* packet,
struct zone* zone)
{
buffer_clear(buf);
#ifdef INET6
if(local_addr->ss_family != addr->ss_family)
return 0;
#else
if(local_addr->sin_family != addr->sin_family)
return 0;
#endif
if(!buffer_available(buf, 4+1+4+2*addrlen+1+4+buffer_remaining(packet)))
return 0;
buffer_skip(buf, 4);
buffer_write_u8(buf, is_response);
buffer_write_u32(buf, addrlen);
buffer_write(buf, local_addr, (size_t)addrlen);
buffer_write(buf, addr, (size_t)addrlen);
buffer_write_u8(buf, (is_tcp?1:0));
buffer_write_u32(buf, buffer_remaining(packet));
buffer_write(buf, buffer_begin(packet), buffer_remaining(packet));
if(zone && zone->apex && domain_dname(zone->apex)) {
if(!buffer_available(buf, 4 + domain_dname(zone->apex)->name_size))
return 0;
buffer_write_u32(buf, domain_dname(zone->apex)->name_size);
buffer_write(buf, dname_name(domain_dname(zone->apex)),
domain_dname(zone->apex)->name_size);
} else {
if(!buffer_available(buf, 4))
return 0;
buffer_write_u32(buf, 0);
}
buffer_flip(buf);
buffer_write_u32_at(buf, 0, buffer_remaining(buf)-4);
return 1;
}
static int attempt_to_send(int s, uint8_t* data, size_t len)
{
ssize_t r;
if(len == 0)
return 0;
r = send(s, data, len, MSG_DONTWAIT | MSG_NOSIGNAL);
if(r == -1) {
if(errno == EAGAIN || errno == EINTR ||
errno == ENOBUFS || errno == EMSGSIZE) {
return 0;
}
log_msg(LOG_ERR, "dnstap collector: send failed: %s",
strerror(errno));
return -1;
}
assert(r > 0);
if(r > 0) {
assert((size_t)r == len);
return 0;
}
log_msg(LOG_ERR, "dnstap collector: server child closed the channel");
return -1;
}
void dt_collector_submit_auth_query(struct nsd* nsd,
#ifdef INET6
struct sockaddr_storage* local_addr,
struct sockaddr_storage* addr,
#else
struct sockaddr_in* local_addr,
struct sockaddr_in* addr,
#endif
socklen_t addrlen, int is_tcp, struct buffer* packet)
{
if(!nsd->dt_collector) return;
if(!nsd->options->dnstap_log_auth_query_messages) return;
if(nsd->dt_collector_fd_send[nsd->this_child->child_num] == -1) return;
VERBOSITY(4, (LOG_INFO, "dnstap submit auth query"));
if(!prep_send_data(nsd->dt_collector->send_buffer, 0, local_addr, addr, addrlen,
is_tcp, packet, NULL))
return;
if(attempt_to_send(nsd->dt_collector_fd_send[nsd->this_child->child_num],
buffer_begin(nsd->dt_collector->send_buffer),
buffer_remaining(nsd->dt_collector->send_buffer))) {
close(nsd->dt_collector_fd_send[nsd->this_child->child_num]);
nsd->dt_collector_fd_send[nsd->this_child->child_num] = -1;
}
}
void dt_collector_submit_auth_response(struct nsd* nsd,
#ifdef INET6
struct sockaddr_storage* local_addr,
struct sockaddr_storage* addr,
#else
struct sockaddr_in* local_addr,
struct sockaddr_in* addr,
#endif
socklen_t addrlen, int is_tcp, struct buffer* packet,
struct zone* zone)
{
if(!nsd->dt_collector) return;
if(!nsd->options->dnstap_log_auth_response_messages) return;
if(nsd->dt_collector_fd_send[nsd->this_child->child_num] == -1) return;
VERBOSITY(4, (LOG_INFO, "dnstap submit auth response"));
if(!prep_send_data(nsd->dt_collector->send_buffer, 1, local_addr, addr, addrlen,
is_tcp, packet, zone))
return;
if(attempt_to_send(nsd->dt_collector_fd_send[nsd->this_child->child_num],
buffer_begin(nsd->dt_collector->send_buffer),
buffer_remaining(nsd->dt_collector->send_buffer))) {
close(nsd->dt_collector_fd_send[nsd->this_child->child_num]);
nsd->dt_collector_fd_send[nsd->this_child->child_num] = -1;
}
}
