1 /* 2 * util/netevent.c - event notification 3 * 4 * Copyright (c) 2007, NLnet Labs. All rights reserved. 5 * 6 * This software is open source. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 12 * Redistributions of source code must retain the above copyright notice, 13 * this list of conditions and the following disclaimer. 14 * 15 * Redistributions in binary form must reproduce the above copyright notice, 16 * this list of conditions and the following disclaimer in the documentation 17 * and/or other materials provided with the distribution. 18 * 19 * Neither the name of the NLNET LABS nor the names of its contributors may 20 * be used to endorse or promote products derived from this software without 21 * specific prior written permission. 22 * 23 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 24 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 25 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 26 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 27 * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 28 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED 29 * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR 30 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF 31 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING 32 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS 33 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 34 */ 35 36 /** 37 * \file 38 * 39 * This file contains event notification functions. 40 */ 41 #include "config.h" 42 #include "util/netevent.h" 43 #include "util/ub_event.h" 44 #include "util/log.h" 45 #include "util/net_help.h" 46 #include "util/tcp_conn_limit.h" 47 #include "util/fptr_wlist.h" 48 #include "sldns/pkthdr.h" 49 #include "sldns/sbuffer.h" 50 #include "sldns/str2wire.h" 51 #include "dnstap/dnstap.h" 52 #include "dnscrypt/dnscrypt.h" 53 #include "services/listen_dnsport.h" 54 #ifdef HAVE_OPENSSL_SSL_H 55 #include <openssl/ssl.h> 56 #endif 57 #ifdef HAVE_OPENSSL_ERR_H 58 #include <openssl/err.h> 59 #endif 60 61 /* -------- Start of local definitions -------- */ 62 /** if CMSG_ALIGN is not defined on this platform, a workaround */ 63 #ifndef CMSG_ALIGN 64 # ifdef __CMSG_ALIGN 65 # define CMSG_ALIGN(n) __CMSG_ALIGN(n) 66 # elif defined(CMSG_DATA_ALIGN) 67 # define CMSG_ALIGN _CMSG_DATA_ALIGN 68 # else 69 # define CMSG_ALIGN(len) (((len)+sizeof(long)-1) & ~(sizeof(long)-1)) 70 # endif 71 #endif 72 73 /** if CMSG_LEN is not defined on this platform, a workaround */ 74 #ifndef CMSG_LEN 75 # define CMSG_LEN(len) (CMSG_ALIGN(sizeof(struct cmsghdr))+(len)) 76 #endif 77 78 /** if CMSG_SPACE is not defined on this platform, a workaround */ 79 #ifndef CMSG_SPACE 80 # ifdef _CMSG_HDR_ALIGN 81 # define CMSG_SPACE(l) (CMSG_ALIGN(l)+_CMSG_HDR_ALIGN(sizeof(struct cmsghdr))) 82 # else 83 # define CMSG_SPACE(l) (CMSG_ALIGN(l)+CMSG_ALIGN(sizeof(struct cmsghdr))) 84 # endif 85 #endif 86 87 /** The TCP writing query timeout in milliseconds */ 88 #define TCP_QUERY_TIMEOUT 120000 89 /** The minimum actual TCP timeout to use, regardless of what we advertise, 90 * in msec */ 91 #define TCP_QUERY_TIMEOUT_MINIMUM 200 92 93 #ifndef NONBLOCKING_IS_BROKEN 94 /** number of UDP reads to perform per read indication from select */ 95 #define NUM_UDP_PER_SELECT 100 96 #else 97 #define NUM_UDP_PER_SELECT 1 98 #endif 99 100 /** 101 * The internal event structure for keeping ub_event info for the event. 102 * Possibly other structures (list, tree) this is part of. 103 */ 104 struct internal_event { 105 /** the comm base */ 106 struct comm_base* base; 107 /** ub_event event type */ 108 struct ub_event* ev; 109 }; 110 111 /** 112 * Internal base structure, so that every thread has its own events. 113 */ 114 struct internal_base { 115 /** ub_event event_base type. */ 116 struct ub_event_base* base; 117 /** seconds time pointer points here */ 118 time_t secs; 119 /** timeval with current time */ 120 struct timeval now; 121 /** the event used for slow_accept timeouts */ 122 struct ub_event* slow_accept; 123 /** true if slow_accept is enabled */ 124 int slow_accept_enabled; 125 }; 126 127 /** 128 * Internal timer structure, to store timer event in. 129 */ 130 struct internal_timer { 131 /** the super struct from which derived */ 132 struct comm_timer super; 133 /** the comm base */ 134 struct comm_base* base; 135 /** ub_event event type */ 136 struct ub_event* ev; 137 /** is timer enabled */ 138 uint8_t enabled; 139 }; 140 141 /** 142 * Internal signal structure, to store signal event in. 143 */ 144 struct internal_signal { 145 /** ub_event event type */ 146 struct ub_event* ev; 147 /** next in signal list */ 148 struct internal_signal* next; 149 }; 150 151 /** create a tcp handler with a parent */ 152 static struct comm_point* comm_point_create_tcp_handler( 153 struct comm_base *base, struct comm_point* parent, size_t bufsize, 154 struct sldns_buffer* spoolbuf, comm_point_callback_type* callback, 155 void* callback_arg); 156 157 /* -------- End of local definitions -------- */ 158 159 struct comm_base* 160 comm_base_create(int sigs) 161 { 162 struct comm_base* b = (struct comm_base*)calloc(1, 163 sizeof(struct comm_base)); 164 const char *evnm="event", *evsys="", *evmethod=""; 165 166 if(!b) 167 return NULL; 168 b->eb = (struct internal_base*)calloc(1, sizeof(struct internal_base)); 169 if(!b->eb) { 170 free(b); 171 return NULL; 172 } 173 b->eb->base = ub_default_event_base(sigs, &b->eb->secs, &b->eb->now); 174 if(!b->eb->base) { 175 free(b->eb); 176 free(b); 177 return NULL; 178 } 179 ub_comm_base_now(b); 180 ub_get_event_sys(b->eb->base, &evnm, &evsys, &evmethod); 181 verbose(VERB_ALGO, "%s %s uses %s method.", evnm, evsys, evmethod); 182 return b; 183 } 184 185 struct comm_base* 186 comm_base_create_event(struct ub_event_base* base) 187 { 188 struct comm_base* b = (struct comm_base*)calloc(1, 189 sizeof(struct comm_base)); 190 if(!b) 191 return NULL; 192 b->eb = (struct internal_base*)calloc(1, sizeof(struct internal_base)); 193 if(!b->eb) { 194 free(b); 195 return NULL; 196 } 197 b->eb->base = base; 198 ub_comm_base_now(b); 199 return b; 200 } 201 202 void 203 comm_base_delete(struct comm_base* b) 204 { 205 if(!b) 206 return; 207 if(b->eb->slow_accept_enabled) { 208 if(ub_event_del(b->eb->slow_accept) != 0) { 209 log_err("could not event_del slow_accept"); 210 } 211 ub_event_free(b->eb->slow_accept); 212 } 213 ub_event_base_free(b->eb->base); 214 b->eb->base = NULL; 215 free(b->eb); 216 free(b); 217 } 218 219 void 220 comm_base_delete_no_base(struct comm_base* b) 221 { 222 if(!b) 223 return; 224 if(b->eb->slow_accept_enabled) { 225 if(ub_event_del(b->eb->slow_accept) != 0) { 226 log_err("could not event_del slow_accept"); 227 } 228 ub_event_free(b->eb->slow_accept); 229 } 230 b->eb->base = NULL; 231 free(b->eb); 232 free(b); 233 } 234 235 void 236 comm_base_timept(struct comm_base* b, time_t** tt, struct timeval** tv) 237 { 238 *tt = &b->eb->secs; 239 *tv = &b->eb->now; 240 } 241 242 void 243 comm_base_dispatch(struct comm_base* b) 244 { 245 int retval; 246 retval = ub_event_base_dispatch(b->eb->base); 247 if(retval < 0) { 248 fatal_exit("event_dispatch returned error %d, " 249 "errno is %s", retval, strerror(errno)); 250 } 251 } 252 253 void comm_base_exit(struct comm_base* b) 254 { 255 if(ub_event_base_loopexit(b->eb->base) != 0) { 256 log_err("Could not loopexit"); 257 } 258 } 259 260 void comm_base_set_slow_accept_handlers(struct comm_base* b, 261 void (*stop_acc)(void*), void (*start_acc)(void*), void* arg) 262 { 263 b->stop_accept = stop_acc; 264 b->start_accept = start_acc; 265 b->cb_arg = arg; 266 } 267 268 struct ub_event_base* comm_base_internal(struct comm_base* b) 269 { 270 return b->eb->base; 271 } 272 273 /** see if errno for udp has to be logged or not uses globals */ 274 static int 275 udp_send_errno_needs_log(struct sockaddr* addr, socklen_t addrlen) 276 { 277 /* do not log transient errors (unless high verbosity) */ 278 #if defined(ENETUNREACH) || defined(EHOSTDOWN) || defined(EHOSTUNREACH) || defined(ENETDOWN) 279 switch(errno) { 280 # ifdef ENETUNREACH 281 case ENETUNREACH: 282 # endif 283 # ifdef EHOSTDOWN 284 case EHOSTDOWN: 285 # endif 286 # ifdef EHOSTUNREACH 287 case EHOSTUNREACH: 288 # endif 289 # ifdef ENETDOWN 290 case ENETDOWN: 291 # endif 292 if(verbosity < VERB_ALGO) 293 return 0; 294 default: 295 break; 296 } 297 #endif 298 /* permission denied is gotten for every send if the 299 * network is disconnected (on some OS), squelch it */ 300 if( ((errno == EPERM) 301 # ifdef EADDRNOTAVAIL 302 /* 'Cannot assign requested address' also when disconnected */ 303 || (errno == EADDRNOTAVAIL) 304 # endif 305 ) && verbosity < VERB_DETAIL) 306 return 0; 307 # ifdef EADDRINUSE 308 /* If SO_REUSEADDR is set, we could try to connect to the same server 309 * from the same source port twice. */ 310 if(errno == EADDRINUSE && verbosity < VERB_DETAIL) 311 return 0; 312 # endif 313 /* squelch errors where people deploy AAAA ::ffff:bla for 314 * authority servers, which we try for intranets. */ 315 if(errno == EINVAL && addr_is_ip4mapped( 316 (struct sockaddr_storage*)addr, addrlen) && 317 verbosity < VERB_DETAIL) 318 return 0; 319 /* SO_BROADCAST sockopt can give access to 255.255.255.255, 320 * but a dns cache does not need it. */ 321 if(errno == EACCES && addr_is_broadcast( 322 (struct sockaddr_storage*)addr, addrlen) && 323 verbosity < VERB_DETAIL) 324 return 0; 325 return 1; 326 } 327 328 int tcp_connect_errno_needs_log(struct sockaddr* addr, socklen_t addrlen) 329 { 330 return udp_send_errno_needs_log(addr, addrlen); 331 } 332 333 /* send a UDP reply */ 334 int 335 comm_point_send_udp_msg(struct comm_point *c, sldns_buffer* packet, 336 struct sockaddr* addr, socklen_t addrlen) 337 { 338 ssize_t sent; 339 log_assert(c->fd != -1); 340 #ifdef UNBOUND_DEBUG 341 if(sldns_buffer_remaining(packet) == 0) 342 log_err("error: send empty UDP packet"); 343 #endif 344 if(addr) { 345 log_assert(addr && addrlen > 0); 346 sent = sendto(c->fd, (void*)sldns_buffer_begin(packet), 347 sldns_buffer_remaining(packet), 0, 348 addr, addrlen); 349 } else { 350 sent = send(c->fd, (void*)sldns_buffer_begin(packet), 351 sldns_buffer_remaining(packet), 0); 352 } 353 if(sent == -1) { 354 /* try again and block, waiting for IO to complete, 355 * we want to send the answer, and we will wait for 356 * the ethernet interface buffer to have space. */ 357 #ifndef USE_WINSOCK 358 if(errno == EAGAIN || 359 # ifdef EWOULDBLOCK 360 errno == EWOULDBLOCK || 361 # endif 362 errno == ENOBUFS) { 363 #else 364 if(WSAGetLastError() == WSAEINPROGRESS || 365 WSAGetLastError() == WSAENOBUFS || 366 WSAGetLastError() == WSAEWOULDBLOCK) { 367 #endif 368 int e; 369 fd_set_block(c->fd); 370 sent = sendto(c->fd, (void*)sldns_buffer_begin(packet), 371 sldns_buffer_remaining(packet), 0, 372 addr, addrlen); 373 e = errno; 374 fd_set_nonblock(c->fd); 375 errno = e; 376 } 377 } 378 if(sent == -1) { 379 if(!udp_send_errno_needs_log(addr, addrlen)) 380 return 0; 381 verbose(VERB_OPS, "sendto failed: %s", sock_strerror(errno)); 382 if(addr) 383 log_addr(VERB_OPS, "remote address is", 384 (struct sockaddr_storage*)addr, addrlen); 385 return 0; 386 } else if((size_t)sent != sldns_buffer_remaining(packet)) { 387 log_err("sent %d in place of %d bytes", 388 (int)sent, (int)sldns_buffer_remaining(packet)); 389 return 0; 390 } 391 return 1; 392 } 393 394 #if defined(AF_INET6) && defined(IPV6_PKTINFO) && (defined(HAVE_RECVMSG) || defined(HAVE_SENDMSG)) 395 /** print debug ancillary info */ 396 static void p_ancil(const char* str, struct comm_reply* r) 397 { 398 if(r->srctype != 4 && r->srctype != 6) { 399 log_info("%s: unknown srctype %d", str, r->srctype); 400 return; 401 } 402 if(r->srctype == 6) { 403 char buf[1024]; 404 if(inet_ntop(AF_INET6, &r->pktinfo.v6info.ipi6_addr, 405 buf, (socklen_t)sizeof(buf)) == 0) { 406 (void)strlcpy(buf, "(inet_ntop error)", sizeof(buf)); 407 } 408 buf[sizeof(buf)-1]=0; 409 log_info("%s: %s %d", str, buf, r->pktinfo.v6info.ipi6_ifindex); 410 } else if(r->srctype == 4) { 411 #ifdef IP_PKTINFO 412 char buf1[1024], buf2[1024]; 413 if(inet_ntop(AF_INET, &r->pktinfo.v4info.ipi_addr, 414 buf1, (socklen_t)sizeof(buf1)) == 0) { 415 (void)strlcpy(buf1, "(inet_ntop error)", sizeof(buf1)); 416 } 417 buf1[sizeof(buf1)-1]=0; 418 #ifdef HAVE_STRUCT_IN_PKTINFO_IPI_SPEC_DST 419 if(inet_ntop(AF_INET, &r->pktinfo.v4info.ipi_spec_dst, 420 buf2, (socklen_t)sizeof(buf2)) == 0) { 421 (void)strlcpy(buf2, "(inet_ntop error)", sizeof(buf2)); 422 } 423 buf2[sizeof(buf2)-1]=0; 424 #else 425 buf2[0]=0; 426 #endif 427 log_info("%s: %d %s %s", str, r->pktinfo.v4info.ipi_ifindex, 428 buf1, buf2); 429 #elif defined(IP_RECVDSTADDR) 430 char buf1[1024]; 431 if(inet_ntop(AF_INET, &r->pktinfo.v4addr, 432 buf1, (socklen_t)sizeof(buf1)) == 0) { 433 (void)strlcpy(buf1, "(inet_ntop error)", sizeof(buf1)); 434 } 435 buf1[sizeof(buf1)-1]=0; 436 log_info("%s: %s", str, buf1); 437 #endif /* IP_PKTINFO or PI_RECVDSTDADDR */ 438 } 439 } 440 #endif /* AF_INET6 && IPV6_PKTINFO && HAVE_RECVMSG||HAVE_SENDMSG */ 441 442 /** send a UDP reply over specified interface*/ 443 static int 444 comm_point_send_udp_msg_if(struct comm_point *c, sldns_buffer* packet, 445 struct sockaddr* addr, socklen_t addrlen, struct comm_reply* r) 446 { 447 #if defined(AF_INET6) && defined(IPV6_PKTINFO) && defined(HAVE_SENDMSG) 448 ssize_t sent; 449 struct msghdr msg; 450 struct iovec iov[1]; 451 union { 452 struct cmsghdr hdr; 453 char buf[256]; 454 } control; 455 #ifndef S_SPLINT_S 456 struct cmsghdr *cmsg; 457 #endif /* S_SPLINT_S */ 458 459 log_assert(c->fd != -1); 460 #ifdef UNBOUND_DEBUG 461 if(sldns_buffer_remaining(packet) == 0) 462 log_err("error: send empty UDP packet"); 463 #endif 464 log_assert(addr && addrlen > 0); 465 466 msg.msg_name = addr; 467 msg.msg_namelen = addrlen; 468 iov[0].iov_base = sldns_buffer_begin(packet); 469 iov[0].iov_len = sldns_buffer_remaining(packet); 470 msg.msg_iov = iov; 471 msg.msg_iovlen = 1; 472 msg.msg_control = control.buf; 473 #ifndef S_SPLINT_S 474 msg.msg_controllen = sizeof(control.buf); 475 #endif /* S_SPLINT_S */ 476 msg.msg_flags = 0; 477 478 #ifndef S_SPLINT_S 479 cmsg = CMSG_FIRSTHDR(&msg); 480 if(r->srctype == 4) { 481 #ifdef IP_PKTINFO 482 void* cmsg_data; 483 msg.msg_controllen = CMSG_SPACE(sizeof(struct in_pktinfo)); 484 log_assert(msg.msg_controllen <= sizeof(control.buf)); 485 cmsg->cmsg_level = IPPROTO_IP; 486 cmsg->cmsg_type = IP_PKTINFO; 487 memmove(CMSG_DATA(cmsg), &r->pktinfo.v4info, 488 sizeof(struct in_pktinfo)); 489 /* unset the ifindex to not bypass the routing tables */ 490 cmsg_data = CMSG_DATA(cmsg); 491 ((struct in_pktinfo *) cmsg_data)->ipi_ifindex = 0; 492 cmsg->cmsg_len = CMSG_LEN(sizeof(struct in_pktinfo)); 493 #elif defined(IP_SENDSRCADDR) 494 msg.msg_controllen = CMSG_SPACE(sizeof(struct in_addr)); 495 log_assert(msg.msg_controllen <= sizeof(control.buf)); 496 cmsg->cmsg_level = IPPROTO_IP; 497 cmsg->cmsg_type = IP_SENDSRCADDR; 498 memmove(CMSG_DATA(cmsg), &r->pktinfo.v4addr, 499 sizeof(struct in_addr)); 500 cmsg->cmsg_len = CMSG_LEN(sizeof(struct in_addr)); 501 #else 502 verbose(VERB_ALGO, "no IP_PKTINFO or IP_SENDSRCADDR"); 503 msg.msg_control = NULL; 504 #endif /* IP_PKTINFO or IP_SENDSRCADDR */ 505 } else if(r->srctype == 6) { 506 void* cmsg_data; 507 msg.msg_controllen = CMSG_SPACE(sizeof(struct in6_pktinfo)); 508 log_assert(msg.msg_controllen <= sizeof(control.buf)); 509 cmsg->cmsg_level = IPPROTO_IPV6; 510 cmsg->cmsg_type = IPV6_PKTINFO; 511 memmove(CMSG_DATA(cmsg), &r->pktinfo.v6info, 512 sizeof(struct in6_pktinfo)); 513 /* unset the ifindex to not bypass the routing tables */ 514 cmsg_data = CMSG_DATA(cmsg); 515 ((struct in6_pktinfo *) cmsg_data)->ipi6_ifindex = 0; 516 cmsg->cmsg_len = CMSG_LEN(sizeof(struct in6_pktinfo)); 517 } else { 518 /* try to pass all 0 to use default route */ 519 msg.msg_controllen = CMSG_SPACE(sizeof(struct in6_pktinfo)); 520 log_assert(msg.msg_controllen <= sizeof(control.buf)); 521 cmsg->cmsg_level = IPPROTO_IPV6; 522 cmsg->cmsg_type = IPV6_PKTINFO; 523 memset(CMSG_DATA(cmsg), 0, sizeof(struct in6_pktinfo)); 524 cmsg->cmsg_len = CMSG_LEN(sizeof(struct in6_pktinfo)); 525 } 526 #endif /* S_SPLINT_S */ 527 if(verbosity >= VERB_ALGO) 528 p_ancil("send_udp over interface", r); 529 sent = sendmsg(c->fd, &msg, 0); 530 if(sent == -1) { 531 /* try again and block, waiting for IO to complete, 532 * we want to send the answer, and we will wait for 533 * the ethernet interface buffer to have space. */ 534 #ifndef USE_WINSOCK 535 if(errno == EAGAIN || 536 # ifdef EWOULDBLOCK 537 errno == EWOULDBLOCK || 538 # endif 539 errno == ENOBUFS) { 540 #else 541 if(WSAGetLastError() == WSAEINPROGRESS || 542 WSAGetLastError() == WSAENOBUFS || 543 WSAGetLastError() == WSAEWOULDBLOCK) { 544 #endif 545 int e; 546 fd_set_block(c->fd); 547 sent = sendmsg(c->fd, &msg, 0); 548 e = errno; 549 fd_set_nonblock(c->fd); 550 errno = e; 551 } 552 } 553 if(sent == -1) { 554 if(!udp_send_errno_needs_log(addr, addrlen)) 555 return 0; 556 verbose(VERB_OPS, "sendmsg failed: %s", strerror(errno)); 557 log_addr(VERB_OPS, "remote address is", 558 (struct sockaddr_storage*)addr, addrlen); 559 #ifdef __NetBSD__ 560 /* netbsd 7 has IP_PKTINFO for recv but not send */ 561 if(errno == EINVAL && r->srctype == 4) 562 log_err("sendmsg: No support for sendmsg(IP_PKTINFO). " 563 "Please disable interface-automatic"); 564 #endif 565 return 0; 566 } else if((size_t)sent != sldns_buffer_remaining(packet)) { 567 log_err("sent %d in place of %d bytes", 568 (int)sent, (int)sldns_buffer_remaining(packet)); 569 return 0; 570 } 571 return 1; 572 #else 573 (void)c; 574 (void)packet; 575 (void)addr; 576 (void)addrlen; 577 (void)r; 578 log_err("sendmsg: IPV6_PKTINFO not supported"); 579 return 0; 580 #endif /* AF_INET6 && IPV6_PKTINFO && HAVE_SENDMSG */ 581 } 582 583 /** return true is UDP receive error needs to be logged */ 584 static int udp_recv_needs_log(int err) 585 { 586 switch(err) { 587 case ECONNREFUSED: 588 # ifdef ENETUNREACH 589 case ENETUNREACH: 590 # endif 591 # ifdef EHOSTDOWN 592 case EHOSTDOWN: 593 # endif 594 # ifdef EHOSTUNREACH 595 case EHOSTUNREACH: 596 # endif 597 # ifdef ENETDOWN 598 case ENETDOWN: 599 # endif 600 if(verbosity >= VERB_ALGO) 601 return 1; 602 return 0; 603 default: 604 break; 605 } 606 return 1; 607 } 608 609 void 610 comm_point_udp_ancil_callback(int fd, short event, void* arg) 611 { 612 #if defined(AF_INET6) && defined(IPV6_PKTINFO) && defined(HAVE_RECVMSG) 613 struct comm_reply rep; 614 struct msghdr msg; 615 struct iovec iov[1]; 616 ssize_t rcv; 617 union { 618 struct cmsghdr hdr; 619 char buf[256]; 620 } ancil; 621 int i; 622 #ifndef S_SPLINT_S 623 struct cmsghdr* cmsg; 624 #endif /* S_SPLINT_S */ 625 626 rep.c = (struct comm_point*)arg; 627 log_assert(rep.c->type == comm_udp); 628 629 if(!(event&UB_EV_READ)) 630 return; 631 log_assert(rep.c && rep.c->buffer && rep.c->fd == fd); 632 ub_comm_base_now(rep.c->ev->base); 633 for(i=0; i<NUM_UDP_PER_SELECT; i++) { 634 sldns_buffer_clear(rep.c->buffer); 635 rep.addrlen = (socklen_t)sizeof(rep.addr); 636 log_assert(fd != -1); 637 log_assert(sldns_buffer_remaining(rep.c->buffer) > 0); 638 msg.msg_name = &rep.addr; 639 msg.msg_namelen = (socklen_t)sizeof(rep.addr); 640 iov[0].iov_base = sldns_buffer_begin(rep.c->buffer); 641 iov[0].iov_len = sldns_buffer_remaining(rep.c->buffer); 642 msg.msg_iov = iov; 643 msg.msg_iovlen = 1; 644 msg.msg_control = ancil.buf; 645 #ifndef S_SPLINT_S 646 msg.msg_controllen = sizeof(ancil.buf); 647 #endif /* S_SPLINT_S */ 648 msg.msg_flags = 0; 649 rcv = recvmsg(fd, &msg, 0); 650 if(rcv == -1) { 651 if(errno != EAGAIN && errno != EINTR 652 && udp_recv_needs_log(errno)) { 653 log_err("recvmsg failed: %s", strerror(errno)); 654 } 655 return; 656 } 657 rep.addrlen = msg.msg_namelen; 658 sldns_buffer_skip(rep.c->buffer, rcv); 659 sldns_buffer_flip(rep.c->buffer); 660 rep.srctype = 0; 661 #ifndef S_SPLINT_S 662 for(cmsg = CMSG_FIRSTHDR(&msg); cmsg != NULL; 663 cmsg = CMSG_NXTHDR(&msg, cmsg)) { 664 if( cmsg->cmsg_level == IPPROTO_IPV6 && 665 cmsg->cmsg_type == IPV6_PKTINFO) { 666 rep.srctype = 6; 667 memmove(&rep.pktinfo.v6info, CMSG_DATA(cmsg), 668 sizeof(struct in6_pktinfo)); 669 break; 670 #ifdef IP_PKTINFO 671 } else if( cmsg->cmsg_level == IPPROTO_IP && 672 cmsg->cmsg_type == IP_PKTINFO) { 673 rep.srctype = 4; 674 memmove(&rep.pktinfo.v4info, CMSG_DATA(cmsg), 675 sizeof(struct in_pktinfo)); 676 break; 677 #elif defined(IP_RECVDSTADDR) 678 } else if( cmsg->cmsg_level == IPPROTO_IP && 679 cmsg->cmsg_type == IP_RECVDSTADDR) { 680 rep.srctype = 4; 681 memmove(&rep.pktinfo.v4addr, CMSG_DATA(cmsg), 682 sizeof(struct in_addr)); 683 break; 684 #endif /* IP_PKTINFO or IP_RECVDSTADDR */ 685 } 686 } 687 if(verbosity >= VERB_ALGO) 688 p_ancil("receive_udp on interface", &rep); 689 #endif /* S_SPLINT_S */ 690 fptr_ok(fptr_whitelist_comm_point(rep.c->callback)); 691 if((*rep.c->callback)(rep.c, rep.c->cb_arg, NETEVENT_NOERROR, &rep)) { 692 /* send back immediate reply */ 693 (void)comm_point_send_udp_msg_if(rep.c, rep.c->buffer, 694 (struct sockaddr*)&rep.addr, rep.addrlen, &rep); 695 } 696 if(!rep.c || rep.c->fd == -1) /* commpoint closed */ 697 break; 698 } 699 #else 700 (void)fd; 701 (void)event; 702 (void)arg; 703 fatal_exit("recvmsg: No support for IPV6_PKTINFO; IP_PKTINFO or IP_RECVDSTADDR. " 704 "Please disable interface-automatic"); 705 #endif /* AF_INET6 && IPV6_PKTINFO && HAVE_RECVMSG */ 706 } 707 708 void 709 comm_point_udp_callback(int fd, short event, void* arg) 710 { 711 struct comm_reply rep; 712 ssize_t rcv; 713 int i; 714 struct sldns_buffer *buffer; 715 716 rep.c = (struct comm_point*)arg; 717 log_assert(rep.c->type == comm_udp); 718 719 if(!(event&UB_EV_READ)) 720 return; 721 log_assert(rep.c && rep.c->buffer && rep.c->fd == fd); 722 ub_comm_base_now(rep.c->ev->base); 723 for(i=0; i<NUM_UDP_PER_SELECT; i++) { 724 sldns_buffer_clear(rep.c->buffer); 725 rep.addrlen = (socklen_t)sizeof(rep.addr); 726 log_assert(fd != -1); 727 log_assert(sldns_buffer_remaining(rep.c->buffer) > 0); 728 rcv = recvfrom(fd, (void*)sldns_buffer_begin(rep.c->buffer), 729 sldns_buffer_remaining(rep.c->buffer), 0, 730 (struct sockaddr*)&rep.addr, &rep.addrlen); 731 if(rcv == -1) { 732 #ifndef USE_WINSOCK 733 if(errno != EAGAIN && errno != EINTR 734 && udp_recv_needs_log(errno)) 735 log_err("recvfrom %d failed: %s", 736 fd, strerror(errno)); 737 #else 738 if(WSAGetLastError() != WSAEINPROGRESS && 739 WSAGetLastError() != WSAECONNRESET && 740 WSAGetLastError()!= WSAEWOULDBLOCK) 741 log_err("recvfrom failed: %s", 742 wsa_strerror(WSAGetLastError())); 743 #endif 744 return; 745 } 746 sldns_buffer_skip(rep.c->buffer, rcv); 747 sldns_buffer_flip(rep.c->buffer); 748 rep.srctype = 0; 749 fptr_ok(fptr_whitelist_comm_point(rep.c->callback)); 750 if((*rep.c->callback)(rep.c, rep.c->cb_arg, NETEVENT_NOERROR, &rep)) { 751 /* send back immediate reply */ 752 #ifdef USE_DNSCRYPT 753 buffer = rep.c->dnscrypt_buffer; 754 #else 755 buffer = rep.c->buffer; 756 #endif 757 (void)comm_point_send_udp_msg(rep.c, buffer, 758 (struct sockaddr*)&rep.addr, rep.addrlen); 759 } 760 if(!rep.c || rep.c->fd != fd) /* commpoint closed to -1 or reused for 761 another UDP port. Note rep.c cannot be reused with TCP fd. */ 762 break; 763 } 764 } 765 766 /** Use a new tcp handler for new query fd, set to read query */ 767 static void 768 setup_tcp_handler(struct comm_point* c, int fd, int cur, int max) 769 { 770 int handler_usage; 771 log_assert(c->type == comm_tcp || c->type == comm_http); 772 log_assert(c->fd == -1); 773 sldns_buffer_clear(c->buffer); 774 #ifdef USE_DNSCRYPT 775 if (c->dnscrypt) 776 sldns_buffer_clear(c->dnscrypt_buffer); 777 #endif 778 c->tcp_is_reading = 1; 779 c->tcp_byte_count = 0; 780 /* if more than half the tcp handlers are in use, use a shorter 781 * timeout for this TCP connection, we need to make space for 782 * other connections to be able to get attention */ 783 /* If > 50% TCP handler structures in use, set timeout to 1/100th 784 * configured value. 785 * If > 65%TCP handler structures in use, set to 1/500th configured 786 * value. 787 * If > 80% TCP handler structures in use, set to 0. 788 * 789 * If the timeout to use falls below 200 milliseconds, an actual 790 * timeout of 200ms is used. 791 */ 792 handler_usage = (cur * 100) / max; 793 if(handler_usage > 50 && handler_usage <= 65) 794 c->tcp_timeout_msec /= 100; 795 else if (handler_usage > 65 && handler_usage <= 80) 796 c->tcp_timeout_msec /= 500; 797 else if (handler_usage > 80) 798 c->tcp_timeout_msec = 0; 799 comm_point_start_listening(c, fd, 800 c->tcp_timeout_msec < TCP_QUERY_TIMEOUT_MINIMUM 801 ? TCP_QUERY_TIMEOUT_MINIMUM 802 : c->tcp_timeout_msec); 803 } 804 805 void comm_base_handle_slow_accept(int ATTR_UNUSED(fd), 806 short ATTR_UNUSED(event), void* arg) 807 { 808 struct comm_base* b = (struct comm_base*)arg; 809 /* timeout for the slow accept, re-enable accepts again */ 810 if(b->start_accept) { 811 verbose(VERB_ALGO, "wait is over, slow accept disabled"); 812 fptr_ok(fptr_whitelist_start_accept(b->start_accept)); 813 (*b->start_accept)(b->cb_arg); 814 b->eb->slow_accept_enabled = 0; 815 } 816 } 817 818 int comm_point_perform_accept(struct comm_point* c, 819 struct sockaddr_storage* addr, socklen_t* addrlen) 820 { 821 int new_fd; 822 *addrlen = (socklen_t)sizeof(*addr); 823 #ifndef HAVE_ACCEPT4 824 new_fd = accept(c->fd, (struct sockaddr*)addr, addrlen); 825 #else 826 /* SOCK_NONBLOCK saves extra calls to fcntl for the same result */ 827 new_fd = accept4(c->fd, (struct sockaddr*)addr, addrlen, SOCK_NONBLOCK); 828 #endif 829 if(new_fd == -1) { 830 #ifndef USE_WINSOCK 831 /* EINTR is signal interrupt. others are closed connection. */ 832 if( errno == EINTR || errno == EAGAIN 833 #ifdef EWOULDBLOCK 834 || errno == EWOULDBLOCK 835 #endif 836 #ifdef ECONNABORTED 837 || errno == ECONNABORTED 838 #endif 839 #ifdef EPROTO 840 || errno == EPROTO 841 #endif /* EPROTO */ 842 ) 843 return -1; 844 #if defined(ENFILE) && defined(EMFILE) 845 if(errno == ENFILE || errno == EMFILE) { 846 /* out of file descriptors, likely outside of our 847 * control. stop accept() calls for some time */ 848 if(c->ev->base->stop_accept) { 849 struct comm_base* b = c->ev->base; 850 struct timeval tv; 851 verbose(VERB_ALGO, "out of file descriptors: " 852 "slow accept"); 853 b->eb->slow_accept_enabled = 1; 854 fptr_ok(fptr_whitelist_stop_accept( 855 b->stop_accept)); 856 (*b->stop_accept)(b->cb_arg); 857 /* set timeout, no mallocs */ 858 tv.tv_sec = NETEVENT_SLOW_ACCEPT_TIME/1000; 859 tv.tv_usec = (NETEVENT_SLOW_ACCEPT_TIME%1000)*1000; 860 b->eb->slow_accept = ub_event_new(b->eb->base, 861 -1, UB_EV_TIMEOUT, 862 comm_base_handle_slow_accept, b); 863 if(b->eb->slow_accept == NULL) { 864 /* we do not want to log here, because 865 * that would spam the logfiles. 866 * error: "event_base_set failed." */ 867 } 868 else if(ub_event_add(b->eb->slow_accept, &tv) 869 != 0) { 870 /* we do not want to log here, 871 * error: "event_add failed." */ 872 } 873 } 874 return -1; 875 } 876 #endif 877 #else /* USE_WINSOCK */ 878 if(WSAGetLastError() == WSAEINPROGRESS || 879 WSAGetLastError() == WSAECONNRESET) 880 return -1; 881 if(WSAGetLastError() == WSAEWOULDBLOCK) { 882 ub_winsock_tcp_wouldblock(c->ev->ev, UB_EV_READ); 883 return -1; 884 } 885 #endif 886 log_err_addr("accept failed", sock_strerror(errno), addr, 887 *addrlen); 888 return -1; 889 } 890 if(c->tcp_conn_limit && c->type == comm_tcp_accept) { 891 c->tcl_addr = tcl_addr_lookup(c->tcp_conn_limit, addr, *addrlen); 892 if(!tcl_new_connection(c->tcl_addr)) { 893 if(verbosity >= 3) 894 log_err_addr("accept rejected", 895 "connection limit exceeded", addr, *addrlen); 896 close(new_fd); 897 return -1; 898 } 899 } 900 #ifndef HAVE_ACCEPT4 901 fd_set_nonblock(new_fd); 902 #endif 903 return new_fd; 904 } 905 906 #ifdef USE_WINSOCK 907 static long win_bio_cb(BIO *b, int oper, const char* ATTR_UNUSED(argp), 908 int ATTR_UNUSED(argi), long argl, long retvalue) 909 { 910 int wsa_err = WSAGetLastError(); /* store errcode before it is gone */ 911 verbose(VERB_ALGO, "bio_cb %d, %s %s %s", oper, 912 (oper&BIO_CB_RETURN)?"return":"before", 913 (oper&BIO_CB_READ)?"read":((oper&BIO_CB_WRITE)?"write":"other"), 914 wsa_err==WSAEWOULDBLOCK?"wsawb":""); 915 /* on windows, check if previous operation caused EWOULDBLOCK */ 916 if( (oper == (BIO_CB_READ|BIO_CB_RETURN) && argl == 0) || 917 (oper == (BIO_CB_GETS|BIO_CB_RETURN) && argl == 0)) { 918 if(wsa_err == WSAEWOULDBLOCK) 919 ub_winsock_tcp_wouldblock((struct ub_event*) 920 BIO_get_callback_arg(b), UB_EV_READ); 921 } 922 if( (oper == (BIO_CB_WRITE|BIO_CB_RETURN) && argl == 0) || 923 (oper == (BIO_CB_PUTS|BIO_CB_RETURN) && argl == 0)) { 924 if(wsa_err == WSAEWOULDBLOCK) 925 ub_winsock_tcp_wouldblock((struct ub_event*) 926 BIO_get_callback_arg(b), UB_EV_WRITE); 927 } 928 /* return original return value */ 929 return retvalue; 930 } 931 932 /** set win bio callbacks for nonblocking operations */ 933 void 934 comm_point_tcp_win_bio_cb(struct comm_point* c, void* thessl) 935 { 936 SSL* ssl = (SSL*)thessl; 937 /* set them both just in case, but usually they are the same BIO */ 938 BIO_set_callback(SSL_get_rbio(ssl), &win_bio_cb); 939 BIO_set_callback_arg(SSL_get_rbio(ssl), (char*)c->ev->ev); 940 BIO_set_callback(SSL_get_wbio(ssl), &win_bio_cb); 941 BIO_set_callback_arg(SSL_get_wbio(ssl), (char*)c->ev->ev); 942 } 943 #endif 944 945 #ifdef HAVE_NGHTTP2 946 /** Create http2 session server. Per connection, after TCP accepted.*/ 947 static int http2_session_server_create(struct http2_session* h2_session) 948 { 949 log_assert(h2_session->callbacks); 950 h2_session->is_drop = 0; 951 if(nghttp2_session_server_new(&h2_session->session, 952 h2_session->callbacks, 953 h2_session) == NGHTTP2_ERR_NOMEM) { 954 log_err("failed to create nghttp2 session server"); 955 return 0; 956 } 957 958 return 1; 959 } 960 961 /** Submit http2 setting to session. Once per session. */ 962 static int http2_submit_settings(struct http2_session* h2_session) 963 { 964 int ret; 965 nghttp2_settings_entry settings[1] = { 966 {NGHTTP2_SETTINGS_MAX_CONCURRENT_STREAMS, 967 h2_session->c->http2_max_streams}}; 968 969 ret = nghttp2_submit_settings(h2_session->session, NGHTTP2_FLAG_NONE, 970 settings, 1); 971 if(ret) { 972 verbose(VERB_QUERY, "http2: submit_settings failed, " 973 "error: %s", nghttp2_strerror(ret)); 974 return 0; 975 } 976 return 1; 977 } 978 #endif /* HAVE_NGHTTP2 */ 979 980 981 void 982 comm_point_tcp_accept_callback(int fd, short event, void* arg) 983 { 984 struct comm_point* c = (struct comm_point*)arg, *c_hdl; 985 int new_fd; 986 log_assert(c->type == comm_tcp_accept); 987 if(!(event & UB_EV_READ)) { 988 log_info("ignoring tcp accept event %d", (int)event); 989 return; 990 } 991 ub_comm_base_now(c->ev->base); 992 /* find free tcp handler. */ 993 if(!c->tcp_free) { 994 log_warn("accepted too many tcp, connections full"); 995 return; 996 } 997 /* accept incoming connection. */ 998 c_hdl = c->tcp_free; 999 /* clear leftover flags from previous use, and then set the 1000 * correct event base for the event structure for libevent */ 1001 ub_event_free(c_hdl->ev->ev); 1002 if((c_hdl->type == comm_tcp && c_hdl->tcp_req_info) || 1003 c_hdl->type == comm_local || c_hdl->type == comm_raw) 1004 c_hdl->tcp_do_toggle_rw = 0; 1005 else c_hdl->tcp_do_toggle_rw = 1; 1006 1007 if(c_hdl->type == comm_http) { 1008 #ifdef HAVE_NGHTTP2 1009 if(!c_hdl->h2_session || 1010 !http2_session_server_create(c_hdl->h2_session)) { 1011 log_warn("failed to create nghttp2"); 1012 return; 1013 } 1014 if(!c_hdl->h2_session || 1015 !http2_submit_settings(c_hdl->h2_session)) { 1016 log_warn("failed to submit http2 settings"); 1017 return; 1018 } 1019 if(!c->ssl) { 1020 c_hdl->tcp_do_toggle_rw = 0; 1021 c_hdl->use_h2 = 1; 1022 } 1023 #endif 1024 c_hdl->ev->ev = ub_event_new(c_hdl->ev->base->eb->base, -1, 1025 UB_EV_PERSIST | UB_EV_READ | UB_EV_TIMEOUT, 1026 comm_point_http_handle_callback, c_hdl); 1027 } else { 1028 c_hdl->ev->ev = ub_event_new(c_hdl->ev->base->eb->base, -1, 1029 UB_EV_PERSIST | UB_EV_READ | UB_EV_TIMEOUT, 1030 comm_point_tcp_handle_callback, c_hdl); 1031 } 1032 if(!c_hdl->ev->ev) { 1033 log_warn("could not ub_event_new, dropped tcp"); 1034 return; 1035 } 1036 log_assert(fd != -1); 1037 (void)fd; 1038 new_fd = comm_point_perform_accept(c, &c_hdl->repinfo.addr, 1039 &c_hdl->repinfo.addrlen); 1040 if(new_fd == -1) 1041 return; 1042 if(c->ssl) { 1043 c_hdl->ssl = incoming_ssl_fd(c->ssl, new_fd); 1044 if(!c_hdl->ssl) { 1045 c_hdl->fd = new_fd; 1046 comm_point_close(c_hdl); 1047 return; 1048 } 1049 c_hdl->ssl_shake_state = comm_ssl_shake_read; 1050 #ifdef USE_WINSOCK 1051 comm_point_tcp_win_bio_cb(c_hdl, c_hdl->ssl); 1052 #endif 1053 } 1054 1055 /* grab the tcp handler buffers */ 1056 c->cur_tcp_count++; 1057 c->tcp_free = c_hdl->tcp_free; 1058 if(!c->tcp_free) { 1059 /* stop accepting incoming queries for now. */ 1060 comm_point_stop_listening(c); 1061 } 1062 setup_tcp_handler(c_hdl, new_fd, c->cur_tcp_count, c->max_tcp_count); 1063 } 1064 1065 /** Make tcp handler free for next assignment */ 1066 static void 1067 reclaim_tcp_handler(struct comm_point* c) 1068 { 1069 log_assert(c->type == comm_tcp); 1070 if(c->ssl) { 1071 #ifdef HAVE_SSL 1072 SSL_shutdown(c->ssl); 1073 SSL_free(c->ssl); 1074 c->ssl = NULL; 1075 #endif 1076 } 1077 comm_point_close(c); 1078 if(c->tcp_parent) { 1079 c->tcp_parent->cur_tcp_count--; 1080 c->tcp_free = c->tcp_parent->tcp_free; 1081 c->tcp_parent->tcp_free = c; 1082 if(!c->tcp_free) { 1083 /* re-enable listening on accept socket */ 1084 comm_point_start_listening(c->tcp_parent, -1, -1); 1085 } 1086 } 1087 c->tcp_more_read_again = NULL; 1088 c->tcp_more_write_again = NULL; 1089 } 1090 1091 /** do the callback when writing is done */ 1092 static void 1093 tcp_callback_writer(struct comm_point* c) 1094 { 1095 log_assert(c->type == comm_tcp); 1096 if(!c->tcp_write_and_read) { 1097 sldns_buffer_clear(c->buffer); 1098 c->tcp_byte_count = 0; 1099 } 1100 if(c->tcp_do_toggle_rw) 1101 c->tcp_is_reading = 1; 1102 /* switch from listening(write) to listening(read) */ 1103 if(c->tcp_req_info) { 1104 tcp_req_info_handle_writedone(c->tcp_req_info); 1105 } else { 1106 comm_point_stop_listening(c); 1107 if(c->tcp_write_and_read) { 1108 fptr_ok(fptr_whitelist_comm_point(c->callback)); 1109 if( (*c->callback)(c, c->cb_arg, NETEVENT_PKT_WRITTEN, 1110 &c->repinfo) ) { 1111 comm_point_start_listening(c, -1, 1112 c->tcp_timeout_msec); 1113 } 1114 } else { 1115 comm_point_start_listening(c, -1, c->tcp_timeout_msec); 1116 } 1117 } 1118 } 1119 1120 /** do the callback when reading is done */ 1121 static void 1122 tcp_callback_reader(struct comm_point* c) 1123 { 1124 log_assert(c->type == comm_tcp || c->type == comm_local); 1125 sldns_buffer_flip(c->buffer); 1126 if(c->tcp_do_toggle_rw) 1127 c->tcp_is_reading = 0; 1128 c->tcp_byte_count = 0; 1129 if(c->tcp_req_info) { 1130 tcp_req_info_handle_readdone(c->tcp_req_info); 1131 } else { 1132 if(c->type == comm_tcp) 1133 comm_point_stop_listening(c); 1134 fptr_ok(fptr_whitelist_comm_point(c->callback)); 1135 if( (*c->callback)(c, c->cb_arg, NETEVENT_NOERROR, &c->repinfo) ) { 1136 comm_point_start_listening(c, -1, c->tcp_timeout_msec); 1137 } 1138 } 1139 } 1140 1141 #ifdef HAVE_SSL 1142 /** true if the ssl handshake error has to be squelched from the logs */ 1143 int 1144 squelch_err_ssl_handshake(unsigned long err) 1145 { 1146 if(verbosity >= VERB_QUERY) 1147 return 0; /* only squelch on low verbosity */ 1148 /* this is very specific, we could filter on ERR_GET_REASON() 1149 * (the third element in ERR_PACK) */ 1150 if(err == ERR_PACK(ERR_LIB_SSL, SSL_F_SSL3_GET_RECORD, SSL_R_HTTPS_PROXY_REQUEST) || 1151 err == ERR_PACK(ERR_LIB_SSL, SSL_F_SSL3_GET_RECORD, SSL_R_HTTP_REQUEST) || 1152 err == ERR_PACK(ERR_LIB_SSL, SSL_F_SSL3_GET_RECORD, SSL_R_WRONG_VERSION_NUMBER) || 1153 err == ERR_PACK(ERR_LIB_SSL, SSL_F_SSL3_READ_BYTES, SSL_R_SSLV3_ALERT_BAD_CERTIFICATE) 1154 #ifdef SSL_F_TLS_POST_PROCESS_CLIENT_HELLO 1155 || err == ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_POST_PROCESS_CLIENT_HELLO, SSL_R_NO_SHARED_CIPHER) 1156 #endif 1157 #ifdef SSL_F_TLS_EARLY_POST_PROCESS_CLIENT_HELLO 1158 || err == ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_EARLY_POST_PROCESS_CLIENT_HELLO, SSL_R_UNKNOWN_PROTOCOL) 1159 || err == ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_EARLY_POST_PROCESS_CLIENT_HELLO, SSL_R_UNSUPPORTED_PROTOCOL) 1160 # ifdef SSL_R_VERSION_TOO_LOW 1161 || err == ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_EARLY_POST_PROCESS_CLIENT_HELLO, SSL_R_VERSION_TOO_LOW) 1162 # endif 1163 #endif 1164 ) 1165 return 1; 1166 return 0; 1167 } 1168 #endif /* HAVE_SSL */ 1169 1170 /** continue ssl handshake */ 1171 #ifdef HAVE_SSL 1172 static int 1173 ssl_handshake(struct comm_point* c) 1174 { 1175 int r; 1176 if(c->ssl_shake_state == comm_ssl_shake_hs_read) { 1177 /* read condition satisfied back to writing */ 1178 comm_point_listen_for_rw(c, 1, 1); 1179 c->ssl_shake_state = comm_ssl_shake_none; 1180 return 1; 1181 } 1182 if(c->ssl_shake_state == comm_ssl_shake_hs_write) { 1183 /* write condition satisfied, back to reading */ 1184 comm_point_listen_for_rw(c, 1, 0); 1185 c->ssl_shake_state = comm_ssl_shake_none; 1186 return 1; 1187 } 1188 1189 ERR_clear_error(); 1190 r = SSL_do_handshake(c->ssl); 1191 if(r != 1) { 1192 int want = SSL_get_error(c->ssl, r); 1193 if(want == SSL_ERROR_WANT_READ) { 1194 if(c->ssl_shake_state == comm_ssl_shake_read) 1195 return 1; 1196 c->ssl_shake_state = comm_ssl_shake_read; 1197 comm_point_listen_for_rw(c, 1, 0); 1198 return 1; 1199 } else if(want == SSL_ERROR_WANT_WRITE) { 1200 if(c->ssl_shake_state == comm_ssl_shake_write) 1201 return 1; 1202 c->ssl_shake_state = comm_ssl_shake_write; 1203 comm_point_listen_for_rw(c, 0, 1); 1204 return 1; 1205 } else if(r == 0) { 1206 return 0; /* closed */ 1207 } else if(want == SSL_ERROR_SYSCALL) { 1208 /* SYSCALL and errno==0 means closed uncleanly */ 1209 #ifdef EPIPE 1210 if(errno == EPIPE && verbosity < 2) 1211 return 0; /* silence 'broken pipe' */ 1212 #endif 1213 #ifdef ECONNRESET 1214 if(errno == ECONNRESET && verbosity < 2) 1215 return 0; /* silence reset by peer */ 1216 #endif 1217 if(errno != 0) 1218 log_err("SSL_handshake syscall: %s", 1219 strerror(errno)); 1220 return 0; 1221 } else { 1222 unsigned long err = ERR_get_error(); 1223 if(!squelch_err_ssl_handshake(err)) { 1224 log_crypto_err_code("ssl handshake failed", err); 1225 log_addr(VERB_OPS, "ssl handshake failed", &c->repinfo.addr, 1226 c->repinfo.addrlen); 1227 } 1228 return 0; 1229 } 1230 } 1231 /* this is where peer verification could take place */ 1232 if((SSL_get_verify_mode(c->ssl)&SSL_VERIFY_PEER)) { 1233 /* verification */ 1234 if(SSL_get_verify_result(c->ssl) == X509_V_OK) { 1235 X509* x = SSL_get_peer_certificate(c->ssl); 1236 if(!x) { 1237 log_addr(VERB_ALGO, "SSL connection failed: " 1238 "no certificate", 1239 &c->repinfo.addr, c->repinfo.addrlen); 1240 return 0; 1241 } 1242 log_cert(VERB_ALGO, "peer certificate", x); 1243 #ifdef HAVE_SSL_GET0_PEERNAME 1244 if(SSL_get0_peername(c->ssl)) { 1245 char buf[255]; 1246 snprintf(buf, sizeof(buf), "SSL connection " 1247 "to %s authenticated", 1248 SSL_get0_peername(c->ssl)); 1249 log_addr(VERB_ALGO, buf, &c->repinfo.addr, 1250 c->repinfo.addrlen); 1251 } else { 1252 #endif 1253 log_addr(VERB_ALGO, "SSL connection " 1254 "authenticated", &c->repinfo.addr, 1255 c->repinfo.addrlen); 1256 #ifdef HAVE_SSL_GET0_PEERNAME 1257 } 1258 #endif 1259 X509_free(x); 1260 } else { 1261 X509* x = SSL_get_peer_certificate(c->ssl); 1262 if(x) { 1263 log_cert(VERB_ALGO, "peer certificate", x); 1264 X509_free(x); 1265 } 1266 log_addr(VERB_ALGO, "SSL connection failed: " 1267 "failed to authenticate", 1268 &c->repinfo.addr, c->repinfo.addrlen); 1269 return 0; 1270 } 1271 } else { 1272 /* unauthenticated, the verify peer flag was not set 1273 * in c->ssl when the ssl object was created from ssl_ctx */ 1274 log_addr(VERB_ALGO, "SSL connection", &c->repinfo.addr, 1275 c->repinfo.addrlen); 1276 } 1277 1278 /* check if http2 use is negotiated */ 1279 if(c->type == comm_http && c->h2_session) { 1280 const unsigned char *alpn; 1281 unsigned int alpnlen = 0; 1282 SSL_get0_alpn_selected(c->ssl, &alpn, &alpnlen); 1283 if(alpnlen == 2 && memcmp("h2", alpn, 2) == 0) { 1284 /* connection upgraded to HTTP2 */ 1285 c->tcp_do_toggle_rw = 0; 1286 c->use_h2 = 1; 1287 } 1288 } 1289 1290 /* setup listen rw correctly */ 1291 if(c->tcp_is_reading) { 1292 if(c->ssl_shake_state != comm_ssl_shake_read) 1293 comm_point_listen_for_rw(c, 1, 0); 1294 } else { 1295 comm_point_listen_for_rw(c, 1, 1); 1296 } 1297 c->ssl_shake_state = comm_ssl_shake_none; 1298 return 1; 1299 } 1300 #endif /* HAVE_SSL */ 1301 1302 /** ssl read callback on TCP */ 1303 static int 1304 ssl_handle_read(struct comm_point* c) 1305 { 1306 #ifdef HAVE_SSL 1307 int r; 1308 if(c->ssl_shake_state != comm_ssl_shake_none) { 1309 if(!ssl_handshake(c)) 1310 return 0; 1311 if(c->ssl_shake_state != comm_ssl_shake_none) 1312 return 1; 1313 } 1314 if(c->tcp_byte_count < sizeof(uint16_t)) { 1315 /* read length bytes */ 1316 ERR_clear_error(); 1317 if((r=SSL_read(c->ssl, (void*)sldns_buffer_at(c->buffer, 1318 c->tcp_byte_count), (int)(sizeof(uint16_t) - 1319 c->tcp_byte_count))) <= 0) { 1320 int want = SSL_get_error(c->ssl, r); 1321 if(want == SSL_ERROR_ZERO_RETURN) { 1322 if(c->tcp_req_info) 1323 return tcp_req_info_handle_read_close(c->tcp_req_info); 1324 return 0; /* shutdown, closed */ 1325 } else if(want == SSL_ERROR_WANT_READ) { 1326 ub_winsock_tcp_wouldblock(c->ev->ev, UB_EV_READ); 1327 return 1; /* read more later */ 1328 } else if(want == SSL_ERROR_WANT_WRITE) { 1329 c->ssl_shake_state = comm_ssl_shake_hs_write; 1330 comm_point_listen_for_rw(c, 0, 1); 1331 return 1; 1332 } else if(want == SSL_ERROR_SYSCALL) { 1333 #ifdef ECONNRESET 1334 if(errno == ECONNRESET && verbosity < 2) 1335 return 0; /* silence reset by peer */ 1336 #endif 1337 if(errno != 0) 1338 log_err("SSL_read syscall: %s", 1339 strerror(errno)); 1340 return 0; 1341 } 1342 log_crypto_err("could not SSL_read"); 1343 return 0; 1344 } 1345 c->tcp_byte_count += r; 1346 if(c->tcp_byte_count < sizeof(uint16_t)) 1347 return 1; 1348 if(sldns_buffer_read_u16_at(c->buffer, 0) > 1349 sldns_buffer_capacity(c->buffer)) { 1350 verbose(VERB_QUERY, "ssl: dropped larger than buffer"); 1351 return 0; 1352 } 1353 sldns_buffer_set_limit(c->buffer, 1354 sldns_buffer_read_u16_at(c->buffer, 0)); 1355 if(sldns_buffer_limit(c->buffer) < LDNS_HEADER_SIZE) { 1356 verbose(VERB_QUERY, "ssl: dropped bogus too short."); 1357 return 0; 1358 } 1359 sldns_buffer_skip(c->buffer, (ssize_t)(c->tcp_byte_count-sizeof(uint16_t))); 1360 verbose(VERB_ALGO, "Reading ssl tcp query of length %d", 1361 (int)sldns_buffer_limit(c->buffer)); 1362 } 1363 if(sldns_buffer_remaining(c->buffer) > 0) { 1364 ERR_clear_error(); 1365 r = SSL_read(c->ssl, (void*)sldns_buffer_current(c->buffer), 1366 (int)sldns_buffer_remaining(c->buffer)); 1367 if(r <= 0) { 1368 int want = SSL_get_error(c->ssl, r); 1369 if(want == SSL_ERROR_ZERO_RETURN) { 1370 if(c->tcp_req_info) 1371 return tcp_req_info_handle_read_close(c->tcp_req_info); 1372 return 0; /* shutdown, closed */ 1373 } else if(want == SSL_ERROR_WANT_READ) { 1374 ub_winsock_tcp_wouldblock(c->ev->ev, UB_EV_READ); 1375 return 1; /* read more later */ 1376 } else if(want == SSL_ERROR_WANT_WRITE) { 1377 c->ssl_shake_state = comm_ssl_shake_hs_write; 1378 comm_point_listen_for_rw(c, 0, 1); 1379 return 1; 1380 } else if(want == SSL_ERROR_SYSCALL) { 1381 #ifdef ECONNRESET 1382 if(errno == ECONNRESET && verbosity < 2) 1383 return 0; /* silence reset by peer */ 1384 #endif 1385 if(errno != 0) 1386 log_err("SSL_read syscall: %s", 1387 strerror(errno)); 1388 return 0; 1389 } 1390 log_crypto_err("could not SSL_read"); 1391 return 0; 1392 } 1393 sldns_buffer_skip(c->buffer, (ssize_t)r); 1394 } 1395 if(sldns_buffer_remaining(c->buffer) <= 0) { 1396 tcp_callback_reader(c); 1397 } 1398 return 1; 1399 #else 1400 (void)c; 1401 return 0; 1402 #endif /* HAVE_SSL */ 1403 } 1404 1405 /** ssl write callback on TCP */ 1406 static int 1407 ssl_handle_write(struct comm_point* c) 1408 { 1409 #ifdef HAVE_SSL 1410 int r; 1411 if(c->ssl_shake_state != comm_ssl_shake_none) { 1412 if(!ssl_handshake(c)) 1413 return 0; 1414 if(c->ssl_shake_state != comm_ssl_shake_none) 1415 return 1; 1416 } 1417 /* ignore return, if fails we may simply block */ 1418 (void)SSL_set_mode(c->ssl, (long)SSL_MODE_ENABLE_PARTIAL_WRITE); 1419 if((c->tcp_write_and_read?c->tcp_write_byte_count:c->tcp_byte_count) < sizeof(uint16_t)) { 1420 uint16_t len = htons(c->tcp_write_and_read?c->tcp_write_pkt_len:sldns_buffer_limit(c->buffer)); 1421 ERR_clear_error(); 1422 if(c->tcp_write_and_read) { 1423 if(c->tcp_write_pkt_len + 2 < LDNS_RR_BUF_SIZE) { 1424 /* combine the tcp length and the query for 1425 * write, this emulates writev */ 1426 uint8_t buf[LDNS_RR_BUF_SIZE]; 1427 memmove(buf, &len, sizeof(uint16_t)); 1428 memmove(buf+sizeof(uint16_t), 1429 c->tcp_write_pkt, 1430 c->tcp_write_pkt_len); 1431 r = SSL_write(c->ssl, 1432 (void*)(buf+c->tcp_write_byte_count), 1433 c->tcp_write_pkt_len + 2 - 1434 c->tcp_write_byte_count); 1435 } else { 1436 r = SSL_write(c->ssl, 1437 (void*)(((uint8_t*)&len)+c->tcp_write_byte_count), 1438 (int)(sizeof(uint16_t)-c->tcp_write_byte_count)); 1439 } 1440 } else if(sizeof(uint16_t)+sldns_buffer_remaining(c->buffer) < 1441 LDNS_RR_BUF_SIZE) { 1442 /* combine the tcp length and the query for write, 1443 * this emulates writev */ 1444 uint8_t buf[LDNS_RR_BUF_SIZE]; 1445 memmove(buf, &len, sizeof(uint16_t)); 1446 memmove(buf+sizeof(uint16_t), 1447 sldns_buffer_current(c->buffer), 1448 sldns_buffer_remaining(c->buffer)); 1449 r = SSL_write(c->ssl, (void*)(buf+c->tcp_byte_count), 1450 (int)(sizeof(uint16_t)+ 1451 sldns_buffer_remaining(c->buffer) 1452 - c->tcp_byte_count)); 1453 } else { 1454 r = SSL_write(c->ssl, 1455 (void*)(((uint8_t*)&len)+c->tcp_byte_count), 1456 (int)(sizeof(uint16_t)-c->tcp_byte_count)); 1457 } 1458 if(r <= 0) { 1459 int want = SSL_get_error(c->ssl, r); 1460 if(want == SSL_ERROR_ZERO_RETURN) { 1461 return 0; /* closed */ 1462 } else if(want == SSL_ERROR_WANT_READ) { 1463 c->ssl_shake_state = comm_ssl_shake_hs_read; 1464 comm_point_listen_for_rw(c, 1, 0); 1465 return 1; /* wait for read condition */ 1466 } else if(want == SSL_ERROR_WANT_WRITE) { 1467 ub_winsock_tcp_wouldblock(c->ev->ev, UB_EV_WRITE); 1468 return 1; /* write more later */ 1469 } else if(want == SSL_ERROR_SYSCALL) { 1470 #ifdef EPIPE 1471 if(errno == EPIPE && verbosity < 2) 1472 return 0; /* silence 'broken pipe' */ 1473 #endif 1474 if(errno != 0) 1475 log_err("SSL_write syscall: %s", 1476 strerror(errno)); 1477 return 0; 1478 } 1479 log_crypto_err("could not SSL_write"); 1480 return 0; 1481 } 1482 if(c->tcp_write_and_read) { 1483 c->tcp_write_byte_count += r; 1484 if(c->tcp_write_byte_count < sizeof(uint16_t)) 1485 return 1; 1486 } else { 1487 c->tcp_byte_count += r; 1488 if(c->tcp_byte_count < sizeof(uint16_t)) 1489 return 1; 1490 sldns_buffer_set_position(c->buffer, c->tcp_byte_count - 1491 sizeof(uint16_t)); 1492 } 1493 if((!c->tcp_write_and_read && sldns_buffer_remaining(c->buffer) == 0) || (c->tcp_write_and_read && c->tcp_write_byte_count == c->tcp_write_pkt_len + 2)) { 1494 tcp_callback_writer(c); 1495 return 1; 1496 } 1497 } 1498 log_assert(c->tcp_write_and_read || sldns_buffer_remaining(c->buffer) > 0); 1499 log_assert(!c->tcp_write_and_read || c->tcp_write_byte_count < c->tcp_write_pkt_len + 2); 1500 ERR_clear_error(); 1501 if(c->tcp_write_and_read) { 1502 r = SSL_write(c->ssl, (void*)(c->tcp_write_pkt + c->tcp_write_byte_count - 2), 1503 (int)(c->tcp_write_pkt_len + 2 - c->tcp_write_byte_count)); 1504 } else { 1505 r = SSL_write(c->ssl, (void*)sldns_buffer_current(c->buffer), 1506 (int)sldns_buffer_remaining(c->buffer)); 1507 } 1508 if(r <= 0) { 1509 int want = SSL_get_error(c->ssl, r); 1510 if(want == SSL_ERROR_ZERO_RETURN) { 1511 return 0; /* closed */ 1512 } else if(want == SSL_ERROR_WANT_READ) { 1513 c->ssl_shake_state = comm_ssl_shake_hs_read; 1514 comm_point_listen_for_rw(c, 1, 0); 1515 return 1; /* wait for read condition */ 1516 } else if(want == SSL_ERROR_WANT_WRITE) { 1517 ub_winsock_tcp_wouldblock(c->ev->ev, UB_EV_WRITE); 1518 return 1; /* write more later */ 1519 } else if(want == SSL_ERROR_SYSCALL) { 1520 #ifdef EPIPE 1521 if(errno == EPIPE && verbosity < 2) 1522 return 0; /* silence 'broken pipe' */ 1523 #endif 1524 if(errno != 0) 1525 log_err("SSL_write syscall: %s", 1526 strerror(errno)); 1527 return 0; 1528 } 1529 log_crypto_err("could not SSL_write"); 1530 return 0; 1531 } 1532 if(c->tcp_write_and_read) { 1533 c->tcp_write_byte_count += r; 1534 } else { 1535 sldns_buffer_skip(c->buffer, (ssize_t)r); 1536 } 1537 1538 if((!c->tcp_write_and_read && sldns_buffer_remaining(c->buffer) == 0) || (c->tcp_write_and_read && c->tcp_write_byte_count == c->tcp_write_pkt_len + 2)) { 1539 tcp_callback_writer(c); 1540 } 1541 return 1; 1542 #else 1543 (void)c; 1544 return 0; 1545 #endif /* HAVE_SSL */ 1546 } 1547 1548 /** handle ssl tcp connection with dns contents */ 1549 static int 1550 ssl_handle_it(struct comm_point* c, int is_write) 1551 { 1552 /* handle case where renegotiation wants read during write call 1553 * or write during read calls */ 1554 if(is_write && c->ssl_shake_state == comm_ssl_shake_hs_write) 1555 return ssl_handle_read(c); 1556 else if(!is_write && c->ssl_shake_state == comm_ssl_shake_hs_read) 1557 return ssl_handle_write(c); 1558 /* handle read events for read operation and write events for a 1559 * write operation */ 1560 else if(!is_write) 1561 return ssl_handle_read(c); 1562 return ssl_handle_write(c); 1563 } 1564 1565 /** Handle tcp reading callback. 1566 * @param fd: file descriptor of socket. 1567 * @param c: comm point to read from into buffer. 1568 * @param short_ok: if true, very short packets are OK (for comm_local). 1569 * @return: 0 on error 1570 */ 1571 static int 1572 comm_point_tcp_handle_read(int fd, struct comm_point* c, int short_ok) 1573 { 1574 ssize_t r; 1575 log_assert(c->type == comm_tcp || c->type == comm_local); 1576 if(c->ssl) 1577 return ssl_handle_it(c, 0); 1578 if(!c->tcp_is_reading && !c->tcp_write_and_read) 1579 return 0; 1580 1581 log_assert(fd != -1); 1582 if(c->tcp_byte_count < sizeof(uint16_t)) { 1583 /* read length bytes */ 1584 r = recv(fd,(void*)sldns_buffer_at(c->buffer,c->tcp_byte_count), 1585 sizeof(uint16_t)-c->tcp_byte_count, 0); 1586 if(r == 0) { 1587 if(c->tcp_req_info) 1588 return tcp_req_info_handle_read_close(c->tcp_req_info); 1589 return 0; 1590 } else if(r == -1) { 1591 #ifndef USE_WINSOCK 1592 if(errno == EINTR || errno == EAGAIN) 1593 return 1; 1594 #ifdef ECONNRESET 1595 if(errno == ECONNRESET && verbosity < 2) 1596 return 0; /* silence reset by peer */ 1597 #endif 1598 #else /* USE_WINSOCK */ 1599 if(WSAGetLastError() == WSAECONNRESET) 1600 return 0; 1601 if(WSAGetLastError() == WSAEINPROGRESS) 1602 return 1; 1603 if(WSAGetLastError() == WSAEWOULDBLOCK) { 1604 ub_winsock_tcp_wouldblock(c->ev->ev, 1605 UB_EV_READ); 1606 return 1; 1607 } 1608 #endif 1609 log_err_addr("read (in tcp s)", sock_strerror(errno), 1610 &c->repinfo.addr, c->repinfo.addrlen); 1611 return 0; 1612 } 1613 c->tcp_byte_count += r; 1614 if(c->tcp_byte_count != sizeof(uint16_t)) 1615 return 1; 1616 if(sldns_buffer_read_u16_at(c->buffer, 0) > 1617 sldns_buffer_capacity(c->buffer)) { 1618 verbose(VERB_QUERY, "tcp: dropped larger than buffer"); 1619 return 0; 1620 } 1621 sldns_buffer_set_limit(c->buffer, 1622 sldns_buffer_read_u16_at(c->buffer, 0)); 1623 if(!short_ok && 1624 sldns_buffer_limit(c->buffer) < LDNS_HEADER_SIZE) { 1625 verbose(VERB_QUERY, "tcp: dropped bogus too short."); 1626 return 0; 1627 } 1628 verbose(VERB_ALGO, "Reading tcp query of length %d", 1629 (int)sldns_buffer_limit(c->buffer)); 1630 } 1631 1632 log_assert(sldns_buffer_remaining(c->buffer) > 0); 1633 r = recv(fd, (void*)sldns_buffer_current(c->buffer), 1634 sldns_buffer_remaining(c->buffer), 0); 1635 if(r == 0) { 1636 if(c->tcp_req_info) 1637 return tcp_req_info_handle_read_close(c->tcp_req_info); 1638 return 0; 1639 } else if(r == -1) { 1640 #ifndef USE_WINSOCK 1641 if(errno == EINTR || errno == EAGAIN) 1642 return 1; 1643 #else /* USE_WINSOCK */ 1644 if(WSAGetLastError() == WSAECONNRESET) 1645 return 0; 1646 if(WSAGetLastError() == WSAEINPROGRESS) 1647 return 1; 1648 if(WSAGetLastError() == WSAEWOULDBLOCK) { 1649 ub_winsock_tcp_wouldblock(c->ev->ev, UB_EV_READ); 1650 return 1; 1651 } 1652 #endif 1653 log_err_addr("read (in tcp r)", sock_strerror(errno), 1654 &c->repinfo.addr, c->repinfo.addrlen); 1655 return 0; 1656 } 1657 sldns_buffer_skip(c->buffer, r); 1658 if(sldns_buffer_remaining(c->buffer) <= 0) { 1659 tcp_callback_reader(c); 1660 } 1661 return 1; 1662 } 1663 1664 /** 1665 * Handle tcp writing callback. 1666 * @param fd: file descriptor of socket. 1667 * @param c: comm point to write buffer out of. 1668 * @return: 0 on error 1669 */ 1670 static int 1671 comm_point_tcp_handle_write(int fd, struct comm_point* c) 1672 { 1673 ssize_t r; 1674 struct sldns_buffer *buffer; 1675 log_assert(c->type == comm_tcp); 1676 #ifdef USE_DNSCRYPT 1677 buffer = c->dnscrypt_buffer; 1678 #else 1679 buffer = c->buffer; 1680 #endif 1681 if(c->tcp_is_reading && !c->ssl && !c->tcp_write_and_read) 1682 return 0; 1683 log_assert(fd != -1); 1684 if(((!c->tcp_write_and_read && c->tcp_byte_count == 0) || (c->tcp_write_and_read && c->tcp_write_byte_count == 0)) && c->tcp_check_nb_connect) { 1685 /* check for pending error from nonblocking connect */ 1686 /* from Stevens, unix network programming, vol1, 3rd ed, p450*/ 1687 int error = 0; 1688 socklen_t len = (socklen_t)sizeof(error); 1689 if(getsockopt(fd, SOL_SOCKET, SO_ERROR, (void*)&error, 1690 &len) < 0){ 1691 #ifndef USE_WINSOCK 1692 error = errno; /* on solaris errno is error */ 1693 #else /* USE_WINSOCK */ 1694 error = WSAGetLastError(); 1695 #endif 1696 } 1697 #ifndef USE_WINSOCK 1698 #if defined(EINPROGRESS) && defined(EWOULDBLOCK) 1699 if(error == EINPROGRESS || error == EWOULDBLOCK) 1700 return 1; /* try again later */ 1701 else 1702 #endif 1703 if(error != 0 && verbosity < 2) 1704 return 0; /* silence lots of chatter in the logs */ 1705 else if(error != 0) { 1706 log_err_addr("tcp connect", strerror(error), 1707 &c->repinfo.addr, c->repinfo.addrlen); 1708 #else /* USE_WINSOCK */ 1709 /* examine error */ 1710 if(error == WSAEINPROGRESS) 1711 return 1; 1712 else if(error == WSAEWOULDBLOCK) { 1713 ub_winsock_tcp_wouldblock(c->ev->ev, UB_EV_WRITE); 1714 return 1; 1715 } else if(error != 0 && verbosity < 2) 1716 return 0; 1717 else if(error != 0) { 1718 log_err_addr("tcp connect", wsa_strerror(error), 1719 &c->repinfo.addr, c->repinfo.addrlen); 1720 #endif /* USE_WINSOCK */ 1721 return 0; 1722 } 1723 } 1724 if(c->ssl) 1725 return ssl_handle_it(c, 1); 1726 1727 #ifdef USE_MSG_FASTOPEN 1728 /* Only try this on first use of a connection that uses tfo, 1729 otherwise fall through to normal write */ 1730 /* Also, TFO support on WINDOWS not implemented at the moment */ 1731 if(c->tcp_do_fastopen == 1) { 1732 /* this form of sendmsg() does both a connect() and send() so need to 1733 look for various flavours of error*/ 1734 uint16_t len = htons(c->tcp_write_and_read?c->tcp_write_pkt_len:sldns_buffer_limit(buffer)); 1735 struct msghdr msg; 1736 struct iovec iov[2]; 1737 c->tcp_do_fastopen = 0; 1738 memset(&msg, 0, sizeof(msg)); 1739 if(c->tcp_write_and_read) { 1740 iov[0].iov_base = (uint8_t*)&len + c->tcp_write_byte_count; 1741 iov[0].iov_len = sizeof(uint16_t) - c->tcp_write_byte_count; 1742 iov[1].iov_base = c->tcp_write_pkt; 1743 iov[1].iov_len = c->tcp_write_pkt_len; 1744 } else { 1745 iov[0].iov_base = (uint8_t*)&len + c->tcp_byte_count; 1746 iov[0].iov_len = sizeof(uint16_t) - c->tcp_byte_count; 1747 iov[1].iov_base = sldns_buffer_begin(buffer); 1748 iov[1].iov_len = sldns_buffer_limit(buffer); 1749 } 1750 log_assert(iov[0].iov_len > 0); 1751 msg.msg_name = &c->repinfo.addr; 1752 msg.msg_namelen = c->repinfo.addrlen; 1753 msg.msg_iov = iov; 1754 msg.msg_iovlen = 2; 1755 r = sendmsg(fd, &msg, MSG_FASTOPEN); 1756 if (r == -1) { 1757 #if defined(EINPROGRESS) && defined(EWOULDBLOCK) 1758 /* Handshake is underway, maybe because no TFO cookie available. 1759 Come back to write the message*/ 1760 if(errno == EINPROGRESS || errno == EWOULDBLOCK) 1761 return 1; 1762 #endif 1763 if(errno == EINTR || errno == EAGAIN) 1764 return 1; 1765 /* Not handling EISCONN here as shouldn't ever hit that case.*/ 1766 if(errno != EPIPE && errno != 0 && verbosity < 2) 1767 return 0; /* silence lots of chatter in the logs */ 1768 if(errno != EPIPE && errno != 0) { 1769 log_err_addr("tcp sendmsg", strerror(errno), 1770 &c->repinfo.addr, c->repinfo.addrlen); 1771 return 0; 1772 } 1773 /* fallthrough to nonFASTOPEN 1774 * (MSG_FASTOPEN on Linux 3 produces EPIPE) 1775 * we need to perform connect() */ 1776 if(connect(fd, (struct sockaddr *)&c->repinfo.addr, c->repinfo.addrlen) == -1) { 1777 #ifdef EINPROGRESS 1778 if(errno == EINPROGRESS) 1779 return 1; /* wait until connect done*/ 1780 #endif 1781 #ifdef USE_WINSOCK 1782 if(WSAGetLastError() == WSAEINPROGRESS || 1783 WSAGetLastError() == WSAEWOULDBLOCK) 1784 return 1; /* wait until connect done*/ 1785 #endif 1786 if(tcp_connect_errno_needs_log( 1787 (struct sockaddr *)&c->repinfo.addr, c->repinfo.addrlen)) { 1788 log_err_addr("outgoing tcp: connect after EPIPE for fastopen", 1789 strerror(errno), &c->repinfo.addr, c->repinfo.addrlen); 1790 } 1791 return 0; 1792 } 1793 1794 } else { 1795 if(c->tcp_write_and_read) { 1796 c->tcp_write_byte_count += r; 1797 if(c->tcp_write_byte_count < sizeof(uint16_t)) 1798 return 1; 1799 } else { 1800 c->tcp_byte_count += r; 1801 if(c->tcp_byte_count < sizeof(uint16_t)) 1802 return 1; 1803 sldns_buffer_set_position(buffer, c->tcp_byte_count - 1804 sizeof(uint16_t)); 1805 } 1806 if((!c->tcp_write_and_read && sldns_buffer_remaining(buffer) == 0) || (c->tcp_write_and_read && c->tcp_write_byte_count == c->tcp_write_pkt_len + 2)) { 1807 tcp_callback_writer(c); 1808 return 1; 1809 } 1810 } 1811 } 1812 #endif /* USE_MSG_FASTOPEN */ 1813 1814 if((c->tcp_write_and_read?c->tcp_write_byte_count:c->tcp_byte_count) < sizeof(uint16_t)) { 1815 uint16_t len = htons(c->tcp_write_and_read?c->tcp_write_pkt_len:sldns_buffer_limit(buffer)); 1816 #ifdef HAVE_WRITEV 1817 struct iovec iov[2]; 1818 if(c->tcp_write_and_read) { 1819 iov[0].iov_base = (uint8_t*)&len + c->tcp_write_byte_count; 1820 iov[0].iov_len = sizeof(uint16_t) - c->tcp_write_byte_count; 1821 iov[1].iov_base = c->tcp_write_pkt; 1822 iov[1].iov_len = c->tcp_write_pkt_len; 1823 } else { 1824 iov[0].iov_base = (uint8_t*)&len + c->tcp_byte_count; 1825 iov[0].iov_len = sizeof(uint16_t) - c->tcp_byte_count; 1826 iov[1].iov_base = sldns_buffer_begin(buffer); 1827 iov[1].iov_len = sldns_buffer_limit(buffer); 1828 } 1829 log_assert(iov[0].iov_len > 0); 1830 r = writev(fd, iov, 2); 1831 #else /* HAVE_WRITEV */ 1832 if(c->tcp_write_and_read) { 1833 r = send(fd, (void*)(((uint8_t*)&len)+c->tcp_write_byte_count), 1834 sizeof(uint16_t)-c->tcp_write_byte_count, 0); 1835 } else { 1836 r = send(fd, (void*)(((uint8_t*)&len)+c->tcp_byte_count), 1837 sizeof(uint16_t)-c->tcp_byte_count, 0); 1838 } 1839 #endif /* HAVE_WRITEV */ 1840 if(r == -1) { 1841 #ifndef USE_WINSOCK 1842 # ifdef EPIPE 1843 if(errno == EPIPE && verbosity < 2) 1844 return 0; /* silence 'broken pipe' */ 1845 #endif 1846 if(errno == EINTR || errno == EAGAIN) 1847 return 1; 1848 #ifdef ECONNRESET 1849 if(errno == ECONNRESET && verbosity < 2) 1850 return 0; /* silence reset by peer */ 1851 #endif 1852 # ifdef HAVE_WRITEV 1853 log_err_addr("tcp writev", strerror(errno), 1854 &c->repinfo.addr, c->repinfo.addrlen); 1855 # else /* HAVE_WRITEV */ 1856 log_err_addr("tcp send s", strerror(errno), 1857 &c->repinfo.addr, c->repinfo.addrlen); 1858 # endif /* HAVE_WRITEV */ 1859 #else 1860 if(WSAGetLastError() == WSAENOTCONN) 1861 return 1; 1862 if(WSAGetLastError() == WSAEINPROGRESS) 1863 return 1; 1864 if(WSAGetLastError() == WSAEWOULDBLOCK) { 1865 ub_winsock_tcp_wouldblock(c->ev->ev, 1866 UB_EV_WRITE); 1867 return 1; 1868 } 1869 if(WSAGetLastError() == WSAECONNRESET && verbosity < 2) 1870 return 0; /* silence reset by peer */ 1871 log_err_addr("tcp send s", 1872 wsa_strerror(WSAGetLastError()), 1873 &c->repinfo.addr, c->repinfo.addrlen); 1874 #endif 1875 return 0; 1876 } 1877 if(c->tcp_write_and_read) { 1878 c->tcp_write_byte_count += r; 1879 if(c->tcp_write_byte_count < sizeof(uint16_t)) 1880 return 1; 1881 } else { 1882 c->tcp_byte_count += r; 1883 if(c->tcp_byte_count < sizeof(uint16_t)) 1884 return 1; 1885 sldns_buffer_set_position(buffer, c->tcp_byte_count - 1886 sizeof(uint16_t)); 1887 } 1888 if((!c->tcp_write_and_read && sldns_buffer_remaining(buffer) == 0) || (c->tcp_write_and_read && c->tcp_write_byte_count == c->tcp_write_pkt_len + 2)) { 1889 tcp_callback_writer(c); 1890 return 1; 1891 } 1892 } 1893 log_assert(c->tcp_write_and_read || sldns_buffer_remaining(buffer) > 0); 1894 log_assert(!c->tcp_write_and_read || c->tcp_write_byte_count < c->tcp_write_pkt_len + 2); 1895 if(c->tcp_write_and_read) { 1896 r = send(fd, (void*)c->tcp_write_pkt + c->tcp_write_byte_count - 2, 1897 c->tcp_write_pkt_len + 2 - c->tcp_write_byte_count, 0); 1898 } else { 1899 r = send(fd, (void*)sldns_buffer_current(buffer), 1900 sldns_buffer_remaining(buffer), 0); 1901 } 1902 if(r == -1) { 1903 #ifndef USE_WINSOCK 1904 if(errno == EINTR || errno == EAGAIN) 1905 return 1; 1906 #ifdef ECONNRESET 1907 if(errno == ECONNRESET && verbosity < 2) 1908 return 0; /* silence reset by peer */ 1909 #endif 1910 #else 1911 if(WSAGetLastError() == WSAEINPROGRESS) 1912 return 1; 1913 if(WSAGetLastError() == WSAEWOULDBLOCK) { 1914 ub_winsock_tcp_wouldblock(c->ev->ev, UB_EV_WRITE); 1915 return 1; 1916 } 1917 if(WSAGetLastError() == WSAECONNRESET && verbosity < 2) 1918 return 0; /* silence reset by peer */ 1919 #endif 1920 log_err_addr("tcp send r", sock_strerror(errno), 1921 &c->repinfo.addr, c->repinfo.addrlen); 1922 return 0; 1923 } 1924 if(c->tcp_write_and_read) { 1925 c->tcp_write_byte_count += r; 1926 } else { 1927 sldns_buffer_skip(buffer, r); 1928 } 1929 1930 if((!c->tcp_write_and_read && sldns_buffer_remaining(buffer) == 0) || (c->tcp_write_and_read && c->tcp_write_byte_count == c->tcp_write_pkt_len + 2)) { 1931 tcp_callback_writer(c); 1932 } 1933 1934 return 1; 1935 } 1936 1937 /** read again to drain buffers when there could be more to read */ 1938 static void 1939 tcp_req_info_read_again(int fd, struct comm_point* c) 1940 { 1941 while(c->tcp_req_info->read_again) { 1942 int r; 1943 c->tcp_req_info->read_again = 0; 1944 if(c->tcp_is_reading) 1945 r = comm_point_tcp_handle_read(fd, c, 0); 1946 else r = comm_point_tcp_handle_write(fd, c); 1947 if(!r) { 1948 reclaim_tcp_handler(c); 1949 if(!c->tcp_do_close) { 1950 fptr_ok(fptr_whitelist_comm_point( 1951 c->callback)); 1952 (void)(*c->callback)(c, c->cb_arg, 1953 NETEVENT_CLOSED, NULL); 1954 } 1955 return; 1956 } 1957 } 1958 } 1959 1960 /** read again to drain buffers when there could be more to read */ 1961 static void 1962 tcp_more_read_again(int fd, struct comm_point* c) 1963 { 1964 /* if the packet is done, but another one could be waiting on 1965 * the connection, the callback signals this, and we try again */ 1966 /* this continues until the read routines get EAGAIN or so, 1967 * and thus does not call the callback, and the bool is 0 */ 1968 int* moreread = c->tcp_more_read_again; 1969 while(moreread && *moreread) { 1970 *moreread = 0; 1971 if(!comm_point_tcp_handle_read(fd, c, 0)) { 1972 reclaim_tcp_handler(c); 1973 if(!c->tcp_do_close) { 1974 fptr_ok(fptr_whitelist_comm_point( 1975 c->callback)); 1976 (void)(*c->callback)(c, c->cb_arg, 1977 NETEVENT_CLOSED, NULL); 1978 } 1979 return; 1980 } 1981 } 1982 } 1983 1984 /** write again to fill up when there could be more to write */ 1985 static void 1986 tcp_more_write_again(int fd, struct comm_point* c) 1987 { 1988 /* if the packet is done, but another is waiting to be written, 1989 * the callback signals it and we try again. */ 1990 /* this continues until the write routines get EAGAIN or so, 1991 * and thus does not call the callback, and the bool is 0 */ 1992 int* morewrite = c->tcp_more_write_again; 1993 while(morewrite && *morewrite) { 1994 *morewrite = 0; 1995 if(!comm_point_tcp_handle_write(fd, c)) { 1996 reclaim_tcp_handler(c); 1997 if(!c->tcp_do_close) { 1998 fptr_ok(fptr_whitelist_comm_point( 1999 c->callback)); 2000 (void)(*c->callback)(c, c->cb_arg, 2001 NETEVENT_CLOSED, NULL); 2002 } 2003 return; 2004 } 2005 } 2006 } 2007 2008 void 2009 comm_point_tcp_handle_callback(int fd, short event, void* arg) 2010 { 2011 struct comm_point* c = (struct comm_point*)arg; 2012 log_assert(c->type == comm_tcp); 2013 ub_comm_base_now(c->ev->base); 2014 2015 #ifdef USE_DNSCRYPT 2016 /* Initialize if this is a dnscrypt socket */ 2017 if(c->tcp_parent) { 2018 c->dnscrypt = c->tcp_parent->dnscrypt; 2019 } 2020 if(c->dnscrypt && c->dnscrypt_buffer == c->buffer) { 2021 c->dnscrypt_buffer = sldns_buffer_new(sldns_buffer_capacity(c->buffer)); 2022 if(!c->dnscrypt_buffer) { 2023 log_err("Could not allocate dnscrypt buffer"); 2024 reclaim_tcp_handler(c); 2025 if(!c->tcp_do_close) { 2026 fptr_ok(fptr_whitelist_comm_point( 2027 c->callback)); 2028 (void)(*c->callback)(c, c->cb_arg, 2029 NETEVENT_CLOSED, NULL); 2030 } 2031 return; 2032 } 2033 } 2034 #endif 2035 2036 if(event&UB_EV_TIMEOUT) { 2037 verbose(VERB_QUERY, "tcp took too long, dropped"); 2038 reclaim_tcp_handler(c); 2039 if(!c->tcp_do_close) { 2040 fptr_ok(fptr_whitelist_comm_point(c->callback)); 2041 (void)(*c->callback)(c, c->cb_arg, 2042 NETEVENT_TIMEOUT, NULL); 2043 } 2044 return; 2045 } 2046 if(event&UB_EV_READ 2047 #ifdef USE_MSG_FASTOPEN 2048 && !(c->tcp_do_fastopen && (event&UB_EV_WRITE)) 2049 #endif 2050 ) { 2051 int has_tcpq = (c->tcp_req_info != NULL); 2052 int* moreread = c->tcp_more_read_again; 2053 if(!comm_point_tcp_handle_read(fd, c, 0)) { 2054 reclaim_tcp_handler(c); 2055 if(!c->tcp_do_close) { 2056 fptr_ok(fptr_whitelist_comm_point( 2057 c->callback)); 2058 (void)(*c->callback)(c, c->cb_arg, 2059 NETEVENT_CLOSED, NULL); 2060 } 2061 return; 2062 } 2063 if(has_tcpq && c->tcp_req_info && c->tcp_req_info->read_again) 2064 tcp_req_info_read_again(fd, c); 2065 if(moreread && *moreread) 2066 tcp_more_read_again(fd, c); 2067 return; 2068 } 2069 if(event&UB_EV_WRITE) { 2070 int has_tcpq = (c->tcp_req_info != NULL); 2071 int* morewrite = c->tcp_more_write_again; 2072 if(!comm_point_tcp_handle_write(fd, c)) { 2073 reclaim_tcp_handler(c); 2074 if(!c->tcp_do_close) { 2075 fptr_ok(fptr_whitelist_comm_point( 2076 c->callback)); 2077 (void)(*c->callback)(c, c->cb_arg, 2078 NETEVENT_CLOSED, NULL); 2079 } 2080 return; 2081 } 2082 if(has_tcpq && c->tcp_req_info && c->tcp_req_info->read_again) 2083 tcp_req_info_read_again(fd, c); 2084 if(morewrite && *morewrite) 2085 tcp_more_write_again(fd, c); 2086 return; 2087 } 2088 log_err("Ignored event %d for tcphdl.", event); 2089 } 2090 2091 /** Make http handler free for next assignment */ 2092 static void 2093 reclaim_http_handler(struct comm_point* c) 2094 { 2095 log_assert(c->type == comm_http); 2096 if(c->ssl) { 2097 #ifdef HAVE_SSL 2098 SSL_shutdown(c->ssl); 2099 SSL_free(c->ssl); 2100 c->ssl = NULL; 2101 #endif 2102 } 2103 comm_point_close(c); 2104 if(c->tcp_parent) { 2105 c->tcp_parent->cur_tcp_count--; 2106 c->tcp_free = c->tcp_parent->tcp_free; 2107 c->tcp_parent->tcp_free = c; 2108 if(!c->tcp_free) { 2109 /* re-enable listening on accept socket */ 2110 comm_point_start_listening(c->tcp_parent, -1, -1); 2111 } 2112 } 2113 } 2114 2115 /** read more data for http (with ssl) */ 2116 static int 2117 ssl_http_read_more(struct comm_point* c) 2118 { 2119 #ifdef HAVE_SSL 2120 int r; 2121 log_assert(sldns_buffer_remaining(c->buffer) > 0); 2122 ERR_clear_error(); 2123 r = SSL_read(c->ssl, (void*)sldns_buffer_current(c->buffer), 2124 (int)sldns_buffer_remaining(c->buffer)); 2125 if(r <= 0) { 2126 int want = SSL_get_error(c->ssl, r); 2127 if(want == SSL_ERROR_ZERO_RETURN) { 2128 return 0; /* shutdown, closed */ 2129 } else if(want == SSL_ERROR_WANT_READ) { 2130 return 1; /* read more later */ 2131 } else if(want == SSL_ERROR_WANT_WRITE) { 2132 c->ssl_shake_state = comm_ssl_shake_hs_write; 2133 comm_point_listen_for_rw(c, 0, 1); 2134 return 1; 2135 } else if(want == SSL_ERROR_SYSCALL) { 2136 #ifdef ECONNRESET 2137 if(errno == ECONNRESET && verbosity < 2) 2138 return 0; /* silence reset by peer */ 2139 #endif 2140 if(errno != 0) 2141 log_err("SSL_read syscall: %s", 2142 strerror(errno)); 2143 return 0; 2144 } 2145 log_crypto_err("could not SSL_read"); 2146 return 0; 2147 } 2148 sldns_buffer_skip(c->buffer, (ssize_t)r); 2149 return 1; 2150 #else 2151 (void)c; 2152 return 0; 2153 #endif /* HAVE_SSL */ 2154 } 2155 2156 /** read more data for http */ 2157 static int 2158 http_read_more(int fd, struct comm_point* c) 2159 { 2160 ssize_t r; 2161 log_assert(sldns_buffer_remaining(c->buffer) > 0); 2162 r = recv(fd, (void*)sldns_buffer_current(c->buffer), 2163 sldns_buffer_remaining(c->buffer), 0); 2164 if(r == 0) { 2165 return 0; 2166 } else if(r == -1) { 2167 #ifndef USE_WINSOCK 2168 if(errno == EINTR || errno == EAGAIN) 2169 return 1; 2170 #else /* USE_WINSOCK */ 2171 if(WSAGetLastError() == WSAECONNRESET) 2172 return 0; 2173 if(WSAGetLastError() == WSAEINPROGRESS) 2174 return 1; 2175 if(WSAGetLastError() == WSAEWOULDBLOCK) { 2176 ub_winsock_tcp_wouldblock(c->ev->ev, UB_EV_READ); 2177 return 1; 2178 } 2179 #endif 2180 log_err_addr("read (in http r)", sock_strerror(errno), 2181 &c->repinfo.addr, c->repinfo.addrlen); 2182 return 0; 2183 } 2184 sldns_buffer_skip(c->buffer, r); 2185 return 1; 2186 } 2187 2188 /** return true if http header has been read (one line complete) */ 2189 static int 2190 http_header_done(sldns_buffer* buf) 2191 { 2192 size_t i; 2193 for(i=sldns_buffer_position(buf); i<sldns_buffer_limit(buf); i++) { 2194 /* there was a \r before the \n, but we ignore that */ 2195 if((char)sldns_buffer_read_u8_at(buf, i) == '\n') 2196 return 1; 2197 } 2198 return 0; 2199 } 2200 2201 /** return character string into buffer for header line, moves buffer 2202 * past that line and puts zero terminator into linefeed-newline */ 2203 static char* 2204 http_header_line(sldns_buffer* buf) 2205 { 2206 char* result = (char*)sldns_buffer_current(buf); 2207 size_t i; 2208 for(i=sldns_buffer_position(buf); i<sldns_buffer_limit(buf); i++) { 2209 /* terminate the string on the \r */ 2210 if((char)sldns_buffer_read_u8_at(buf, i) == '\r') 2211 sldns_buffer_write_u8_at(buf, i, 0); 2212 /* terminate on the \n and skip past the it and done */ 2213 if((char)sldns_buffer_read_u8_at(buf, i) == '\n') { 2214 sldns_buffer_write_u8_at(buf, i, 0); 2215 sldns_buffer_set_position(buf, i+1); 2216 return result; 2217 } 2218 } 2219 return NULL; 2220 } 2221 2222 /** move unread buffer to start and clear rest for putting the rest into it */ 2223 static void 2224 http_moveover_buffer(sldns_buffer* buf) 2225 { 2226 size_t pos = sldns_buffer_position(buf); 2227 size_t len = sldns_buffer_remaining(buf); 2228 sldns_buffer_clear(buf); 2229 memmove(sldns_buffer_begin(buf), sldns_buffer_at(buf, pos), len); 2230 sldns_buffer_set_position(buf, len); 2231 } 2232 2233 /** a http header is complete, process it */ 2234 static int 2235 http_process_initial_header(struct comm_point* c) 2236 { 2237 char* line = http_header_line(c->buffer); 2238 if(!line) return 1; 2239 verbose(VERB_ALGO, "http header: %s", line); 2240 if(strncasecmp(line, "HTTP/1.1 ", 9) == 0) { 2241 /* check returncode */ 2242 if(line[9] != '2') { 2243 verbose(VERB_ALGO, "http bad status %s", line+9); 2244 return 0; 2245 } 2246 } else if(strncasecmp(line, "Content-Length: ", 16) == 0) { 2247 if(!c->http_is_chunked) 2248 c->tcp_byte_count = (size_t)atoi(line+16); 2249 } else if(strncasecmp(line, "Transfer-Encoding: chunked", 19+7) == 0) { 2250 c->tcp_byte_count = 0; 2251 c->http_is_chunked = 1; 2252 } else if(line[0] == 0) { 2253 /* end of initial headers */ 2254 c->http_in_headers = 0; 2255 if(c->http_is_chunked) 2256 c->http_in_chunk_headers = 1; 2257 /* remove header text from front of buffer 2258 * the buffer is going to be used to return the data segment 2259 * itself and we don't want the header to get returned 2260 * prepended with it */ 2261 http_moveover_buffer(c->buffer); 2262 sldns_buffer_flip(c->buffer); 2263 return 1; 2264 } 2265 /* ignore other headers */ 2266 return 1; 2267 } 2268 2269 /** a chunk header is complete, process it, return 0=fail, 1=continue next 2270 * header line, 2=done with chunked transfer*/ 2271 static int 2272 http_process_chunk_header(struct comm_point* c) 2273 { 2274 char* line = http_header_line(c->buffer); 2275 if(!line) return 1; 2276 if(c->http_in_chunk_headers == 3) { 2277 verbose(VERB_ALGO, "http chunk trailer: %s", line); 2278 /* are we done ? */ 2279 if(line[0] == 0 && c->tcp_byte_count == 0) { 2280 /* callback of http reader when NETEVENT_DONE, 2281 * end of data, with no data in buffer */ 2282 sldns_buffer_set_position(c->buffer, 0); 2283 sldns_buffer_set_limit(c->buffer, 0); 2284 fptr_ok(fptr_whitelist_comm_point(c->callback)); 2285 (void)(*c->callback)(c, c->cb_arg, NETEVENT_DONE, NULL); 2286 /* return that we are done */ 2287 return 2; 2288 } 2289 if(line[0] == 0) { 2290 /* continue with header of the next chunk */ 2291 c->http_in_chunk_headers = 1; 2292 /* remove header text from front of buffer */ 2293 http_moveover_buffer(c->buffer); 2294 sldns_buffer_flip(c->buffer); 2295 return 1; 2296 } 2297 /* ignore further trail headers */ 2298 return 1; 2299 } 2300 verbose(VERB_ALGO, "http chunk header: %s", line); 2301 if(c->http_in_chunk_headers == 1) { 2302 /* read chunked start line */ 2303 char* end = NULL; 2304 c->tcp_byte_count = (size_t)strtol(line, &end, 16); 2305 if(end == line) 2306 return 0; 2307 c->http_in_chunk_headers = 0; 2308 /* remove header text from front of buffer */ 2309 http_moveover_buffer(c->buffer); 2310 sldns_buffer_flip(c->buffer); 2311 if(c->tcp_byte_count == 0) { 2312 /* done with chunks, process chunk_trailer lines */ 2313 c->http_in_chunk_headers = 3; 2314 } 2315 return 1; 2316 } 2317 /* ignore other headers */ 2318 return 1; 2319 } 2320 2321 /** handle nonchunked data segment */ 2322 static int 2323 http_nonchunk_segment(struct comm_point* c) 2324 { 2325 /* c->buffer at position..limit has new data we read in. 2326 * the buffer itself is full of nonchunked data. 2327 * we are looking to read tcp_byte_count more data 2328 * and then the transfer is done. */ 2329 size_t remainbufferlen; 2330 size_t got_now = sldns_buffer_limit(c->buffer) - c->http_stored; 2331 if(c->tcp_byte_count <= got_now) { 2332 /* done, this is the last data fragment */ 2333 c->http_stored = 0; 2334 sldns_buffer_set_position(c->buffer, 0); 2335 fptr_ok(fptr_whitelist_comm_point(c->callback)); 2336 (void)(*c->callback)(c, c->cb_arg, NETEVENT_DONE, NULL); 2337 return 1; 2338 } 2339 c->tcp_byte_count -= got_now; 2340 /* if we have the buffer space, 2341 * read more data collected into the buffer */ 2342 remainbufferlen = sldns_buffer_capacity(c->buffer) - 2343 sldns_buffer_limit(c->buffer); 2344 if(remainbufferlen >= c->tcp_byte_count || 2345 remainbufferlen >= 2048) { 2346 size_t total = sldns_buffer_limit(c->buffer); 2347 sldns_buffer_clear(c->buffer); 2348 sldns_buffer_set_position(c->buffer, total); 2349 c->http_stored = total; 2350 /* return and wait to read more */ 2351 return 1; 2352 } 2353 /* call callback with this data amount, then 2354 * wait for more */ 2355 c->http_stored = 0; 2356 sldns_buffer_set_position(c->buffer, 0); 2357 fptr_ok(fptr_whitelist_comm_point(c->callback)); 2358 (void)(*c->callback)(c, c->cb_arg, NETEVENT_NOERROR, NULL); 2359 /* c->callback has to buffer_clear(c->buffer). */ 2360 /* return and wait to read more */ 2361 return 1; 2362 } 2363 2364 /** handle nonchunked data segment, return 0=fail, 1=wait, 2=process more */ 2365 static int 2366 http_chunked_segment(struct comm_point* c) 2367 { 2368 /* the c->buffer has from position..limit new data we read. */ 2369 /* the current chunk has length tcp_byte_count. 2370 * once we read that read more chunk headers. 2371 */ 2372 size_t remainbufferlen; 2373 size_t got_now = sldns_buffer_limit(c->buffer) - c->http_stored; 2374 if(c->tcp_byte_count <= got_now) { 2375 /* the chunk has completed (with perhaps some extra data 2376 * from next chunk header and next chunk) */ 2377 /* save too much info into temp buffer */ 2378 size_t fraglen; 2379 struct comm_reply repinfo; 2380 c->http_stored = 0; 2381 sldns_buffer_skip(c->buffer, (ssize_t)c->tcp_byte_count); 2382 sldns_buffer_clear(c->http_temp); 2383 sldns_buffer_write(c->http_temp, 2384 sldns_buffer_current(c->buffer), 2385 sldns_buffer_remaining(c->buffer)); 2386 sldns_buffer_flip(c->http_temp); 2387 2388 /* callback with this fragment */ 2389 fraglen = sldns_buffer_position(c->buffer); 2390 sldns_buffer_set_position(c->buffer, 0); 2391 sldns_buffer_set_limit(c->buffer, fraglen); 2392 repinfo = c->repinfo; 2393 fptr_ok(fptr_whitelist_comm_point(c->callback)); 2394 (void)(*c->callback)(c, c->cb_arg, NETEVENT_NOERROR, &repinfo); 2395 /* c->callback has to buffer_clear(). */ 2396 2397 /* is commpoint deleted? */ 2398 if(!repinfo.c) { 2399 return 1; 2400 } 2401 /* copy waiting info */ 2402 sldns_buffer_clear(c->buffer); 2403 sldns_buffer_write(c->buffer, 2404 sldns_buffer_begin(c->http_temp), 2405 sldns_buffer_remaining(c->http_temp)); 2406 sldns_buffer_flip(c->buffer); 2407 /* process end of chunk trailer header lines, until 2408 * an empty line */ 2409 c->http_in_chunk_headers = 3; 2410 /* process more data in buffer (if any) */ 2411 return 2; 2412 } 2413 c->tcp_byte_count -= got_now; 2414 2415 /* if we have the buffer space, 2416 * read more data collected into the buffer */ 2417 remainbufferlen = sldns_buffer_capacity(c->buffer) - 2418 sldns_buffer_limit(c->buffer); 2419 if(remainbufferlen >= c->tcp_byte_count || 2420 remainbufferlen >= 2048) { 2421 size_t total = sldns_buffer_limit(c->buffer); 2422 sldns_buffer_clear(c->buffer); 2423 sldns_buffer_set_position(c->buffer, total); 2424 c->http_stored = total; 2425 /* return and wait to read more */ 2426 return 1; 2427 } 2428 2429 /* callback of http reader for a new part of the data */ 2430 c->http_stored = 0; 2431 sldns_buffer_set_position(c->buffer, 0); 2432 fptr_ok(fptr_whitelist_comm_point(c->callback)); 2433 (void)(*c->callback)(c, c->cb_arg, NETEVENT_NOERROR, NULL); 2434 /* c->callback has to buffer_clear(c->buffer). */ 2435 /* return and wait to read more */ 2436 return 1; 2437 } 2438 2439 #ifdef HAVE_NGHTTP2 2440 /** Create new http2 session. Called when creating handling comm point. */ 2441 struct http2_session* http2_session_create(struct comm_point* c) 2442 { 2443 struct http2_session* session = calloc(1, sizeof(*session)); 2444 if(!session) { 2445 log_err("malloc failure while creating http2 session"); 2446 return NULL; 2447 } 2448 session->c = c; 2449 2450 return session; 2451 } 2452 #endif 2453 2454 /** Delete http2 session. After closing connection or on error */ 2455 void http2_session_delete(struct http2_session* h2_session) 2456 { 2457 #ifdef HAVE_NGHTTP2 2458 if(h2_session->callbacks) 2459 nghttp2_session_callbacks_del(h2_session->callbacks); 2460 free(h2_session); 2461 #else 2462 (void)h2_session; 2463 #endif 2464 } 2465 2466 #ifdef HAVE_NGHTTP2 2467 struct http2_stream* http2_stream_create(int32_t stream_id) 2468 { 2469 struct http2_stream* h2_stream = calloc(1, sizeof(*h2_stream)); 2470 if(!h2_stream) { 2471 log_err("malloc failure while creating http2 stream"); 2472 return NULL; 2473 } 2474 h2_stream->stream_id = stream_id; 2475 return h2_stream; 2476 } 2477 2478 /** Delete http2 stream. After session delete or stream close callback */ 2479 static void http2_stream_delete(struct http2_session* h2_session, 2480 struct http2_stream* h2_stream) 2481 { 2482 if(h2_stream->mesh_state) { 2483 mesh_state_remove_reply(h2_stream->mesh, h2_stream->mesh_state, 2484 h2_session->c); 2485 h2_stream->mesh_state = NULL; 2486 } 2487 http2_req_stream_clear(h2_stream); 2488 free(h2_stream); 2489 } 2490 #endif 2491 2492 void http2_stream_add_meshstate(struct http2_stream* h2_stream, 2493 struct mesh_area* mesh, struct mesh_state* m) 2494 { 2495 h2_stream->mesh = mesh; 2496 h2_stream->mesh_state = m; 2497 } 2498 2499 /** delete http2 session server. After closing connection. */ 2500 static void http2_session_server_delete(struct http2_session* h2_session) 2501 { 2502 #ifdef HAVE_NGHTTP2 2503 struct http2_stream* h2_stream, *next; 2504 nghttp2_session_del(h2_session->session); /* NULL input is fine */ 2505 h2_session->session = NULL; 2506 for(h2_stream = h2_session->first_stream; h2_stream;) { 2507 next = h2_stream->next; 2508 http2_stream_delete(h2_session, h2_stream); 2509 h2_stream = next; 2510 } 2511 h2_session->first_stream = NULL; 2512 h2_session->is_drop = 0; 2513 h2_session->postpone_drop = 0; 2514 h2_session->c->h2_stream = NULL; 2515 #endif 2516 (void)h2_session; 2517 } 2518 2519 #ifdef HAVE_NGHTTP2 2520 void http2_session_add_stream(struct http2_session* h2_session, 2521 struct http2_stream* h2_stream) 2522 { 2523 if(h2_session->first_stream) 2524 h2_session->first_stream->prev = h2_stream; 2525 h2_stream->next = h2_session->first_stream; 2526 h2_session->first_stream = h2_stream; 2527 } 2528 2529 /** remove stream from session linked list. After stream close callback or 2530 * closing connection */ 2531 void http2_session_remove_stream(struct http2_session* h2_session, 2532 struct http2_stream* h2_stream) 2533 { 2534 if(h2_stream->prev) 2535 h2_stream->prev->next = h2_stream->next; 2536 else 2537 h2_session->first_stream = h2_stream->next; 2538 if(h2_stream->next) 2539 h2_stream->next->prev = h2_stream->prev; 2540 2541 } 2542 2543 int http2_stream_close_cb(nghttp2_session* ATTR_UNUSED(session), 2544 int32_t stream_id, uint32_t ATTR_UNUSED(error_code), void* cb_arg) 2545 { 2546 struct http2_stream* h2_stream; 2547 struct http2_session* h2_session = (struct http2_session*)cb_arg; 2548 if(!(h2_stream = nghttp2_session_get_stream_user_data( 2549 h2_session->session, stream_id))) { 2550 return 0; 2551 } 2552 http2_session_remove_stream(h2_session, h2_stream); 2553 http2_stream_delete(h2_session, h2_stream); 2554 return 0; 2555 } 2556 2557 ssize_t http2_recv_cb(nghttp2_session* ATTR_UNUSED(session), uint8_t* buf, 2558 size_t len, int ATTR_UNUSED(flags), void* cb_arg) 2559 { 2560 struct http2_session* h2_session = (struct http2_session*)cb_arg; 2561 ssize_t ret; 2562 2563 log_assert(h2_session->c->type == comm_http); 2564 log_assert(h2_session->c->h2_session); 2565 2566 #ifdef HAVE_SSL 2567 if(h2_session->c->ssl) { 2568 int r; 2569 ERR_clear_error(); 2570 r = SSL_read(h2_session->c->ssl, buf, len); 2571 if(r <= 0) { 2572 int want = SSL_get_error(h2_session->c->ssl, r); 2573 if(want == SSL_ERROR_ZERO_RETURN) { 2574 return NGHTTP2_ERR_EOF; 2575 } else if(want == SSL_ERROR_WANT_READ) { 2576 return NGHTTP2_ERR_WOULDBLOCK; 2577 } else if(want == SSL_ERROR_WANT_WRITE) { 2578 h2_session->c->ssl_shake_state = comm_ssl_shake_hs_write; 2579 comm_point_listen_for_rw(h2_session->c, 0, 1); 2580 return NGHTTP2_ERR_WOULDBLOCK; 2581 } else if(want == SSL_ERROR_SYSCALL) { 2582 #ifdef ECONNRESET 2583 if(errno == ECONNRESET && verbosity < 2) 2584 return NGHTTP2_ERR_CALLBACK_FAILURE; 2585 #endif 2586 if(errno != 0) 2587 log_err("SSL_read syscall: %s", 2588 strerror(errno)); 2589 return NGHTTP2_ERR_CALLBACK_FAILURE; 2590 } 2591 log_crypto_err("could not SSL_read"); 2592 return NGHTTP2_ERR_CALLBACK_FAILURE; 2593 } 2594 return r; 2595 } 2596 #endif /* HAVE_SSL */ 2597 2598 ret = recv(h2_session->c->fd, buf, len, 0); 2599 if(ret == 0) { 2600 return NGHTTP2_ERR_EOF; 2601 } else if(ret < 0) { 2602 #ifndef USE_WINSOCK 2603 if(errno == EINTR || errno == EAGAIN) 2604 return NGHTTP2_ERR_WOULDBLOCK; 2605 #ifdef ECONNRESET 2606 if(errno == ECONNRESET && verbosity < 2) 2607 return NGHTTP2_ERR_CALLBACK_FAILURE; 2608 #endif 2609 log_err_addr("could not http2 recv: %s", strerror(errno), 2610 &h2_session->c->repinfo.addr, 2611 h2_session->c->repinfo.addrlen); 2612 #else /* USE_WINSOCK */ 2613 if(WSAGetLastError() == WSAECONNRESET) 2614 return NGHTTP2_ERR_CALLBACK_FAILURE; 2615 if(WSAGetLastError() == WSAEINPROGRESS) 2616 return NGHTTP2_ERR_WOULDBLOCK; 2617 if(WSAGetLastError() == WSAEWOULDBLOCK) { 2618 ub_winsock_tcp_wouldblock(h2_session->c->ev->ev, 2619 UB_EV_READ); 2620 return NGHTTP2_ERR_WOULDBLOCK; 2621 } 2622 log_err_addr("could not http2 recv: %s", 2623 wsa_strerror(WSAGetLastError()), 2624 &h2_session->c->repinfo.addr, 2625 h2_session->c->repinfo.addrlen); 2626 #endif 2627 return NGHTTP2_ERR_CALLBACK_FAILURE; 2628 } 2629 return ret; 2630 } 2631 #endif /* HAVE_NGHTTP2 */ 2632 2633 /** Handle http2 read */ 2634 static int 2635 comm_point_http2_handle_read(int ATTR_UNUSED(fd), struct comm_point* c) 2636 { 2637 #ifdef HAVE_NGHTTP2 2638 int ret; 2639 log_assert(c->h2_session); 2640 2641 /* reading until recv cb returns NGHTTP2_ERR_WOULDBLOCK */ 2642 ret = nghttp2_session_recv(c->h2_session->session); 2643 if(ret) { 2644 if(ret != NGHTTP2_ERR_EOF && 2645 ret != NGHTTP2_ERR_CALLBACK_FAILURE) { 2646 char a[256]; 2647 addr_to_str(&c->repinfo.addr, c->repinfo.addrlen, 2648 a, sizeof(a)); 2649 verbose(VERB_QUERY, "http2: session_recv from %s failed, " 2650 "error: %s", a, nghttp2_strerror(ret)); 2651 } 2652 return 0; 2653 } 2654 if(nghttp2_session_want_write(c->h2_session->session)) { 2655 c->tcp_is_reading = 0; 2656 comm_point_stop_listening(c); 2657 comm_point_start_listening(c, -1, c->tcp_timeout_msec); 2658 } else if(!nghttp2_session_want_read(c->h2_session->session)) 2659 return 0; /* connection can be closed */ 2660 return 1; 2661 #else 2662 (void)c; 2663 return 0; 2664 #endif 2665 } 2666 2667 /** 2668 * Handle http reading callback. 2669 * @param fd: file descriptor of socket. 2670 * @param c: comm point to read from into buffer. 2671 * @return: 0 on error 2672 */ 2673 static int 2674 comm_point_http_handle_read(int fd, struct comm_point* c) 2675 { 2676 log_assert(c->type == comm_http); 2677 log_assert(fd != -1); 2678 2679 /* if we are in ssl handshake, handle SSL handshake */ 2680 #ifdef HAVE_SSL 2681 if(c->ssl && c->ssl_shake_state != comm_ssl_shake_none) { 2682 if(!ssl_handshake(c)) 2683 return 0; 2684 if(c->ssl_shake_state != comm_ssl_shake_none) 2685 return 1; 2686 } 2687 #endif /* HAVE_SSL */ 2688 2689 if(!c->tcp_is_reading) 2690 return 1; 2691 2692 if(c->use_h2) { 2693 return comm_point_http2_handle_read(fd, c); 2694 } 2695 2696 /* http version is <= http/1.1 */ 2697 2698 if(c->http_min_version >= http_version_2) { 2699 /* HTTP/2 failed, not allowed to use lower version. */ 2700 return 0; 2701 } 2702 2703 /* read more data */ 2704 if(c->ssl) { 2705 if(!ssl_http_read_more(c)) 2706 return 0; 2707 } else { 2708 if(!http_read_more(fd, c)) 2709 return 0; 2710 } 2711 2712 sldns_buffer_flip(c->buffer); 2713 2714 while(sldns_buffer_remaining(c->buffer) > 0) { 2715 /* Handle HTTP/1.x data */ 2716 /* if we are reading headers, read more headers */ 2717 if(c->http_in_headers || c->http_in_chunk_headers) { 2718 /* if header is done, process the header */ 2719 if(!http_header_done(c->buffer)) { 2720 /* copy remaining data to front of buffer 2721 * and set rest for writing into it */ 2722 http_moveover_buffer(c->buffer); 2723 /* return and wait to read more */ 2724 return 1; 2725 } 2726 if(!c->http_in_chunk_headers) { 2727 /* process initial headers */ 2728 if(!http_process_initial_header(c)) 2729 return 0; 2730 } else { 2731 /* process chunk headers */ 2732 int r = http_process_chunk_header(c); 2733 if(r == 0) return 0; 2734 if(r == 2) return 1; /* done */ 2735 /* r == 1, continue */ 2736 } 2737 /* see if we have more to process */ 2738 continue; 2739 } 2740 2741 if(!c->http_is_chunked) { 2742 /* if we are reading nonchunks, process that*/ 2743 return http_nonchunk_segment(c); 2744 } else { 2745 /* if we are reading chunks, read the chunk */ 2746 int r = http_chunked_segment(c); 2747 if(r == 0) return 0; 2748 if(r == 1) return 1; 2749 continue; 2750 } 2751 } 2752 /* broke out of the loop; could not process header instead need 2753 * to read more */ 2754 /* moveover any remaining data and read more data */ 2755 http_moveover_buffer(c->buffer); 2756 /* return and wait to read more */ 2757 return 1; 2758 } 2759 2760 /** check pending connect for http */ 2761 static int 2762 http_check_connect(int fd, struct comm_point* c) 2763 { 2764 /* check for pending error from nonblocking connect */ 2765 /* from Stevens, unix network programming, vol1, 3rd ed, p450*/ 2766 int error = 0; 2767 socklen_t len = (socklen_t)sizeof(error); 2768 if(getsockopt(fd, SOL_SOCKET, SO_ERROR, (void*)&error, 2769 &len) < 0){ 2770 #ifndef USE_WINSOCK 2771 error = errno; /* on solaris errno is error */ 2772 #else /* USE_WINSOCK */ 2773 error = WSAGetLastError(); 2774 #endif 2775 } 2776 #ifndef USE_WINSOCK 2777 #if defined(EINPROGRESS) && defined(EWOULDBLOCK) 2778 if(error == EINPROGRESS || error == EWOULDBLOCK) 2779 return 1; /* try again later */ 2780 else 2781 #endif 2782 if(error != 0 && verbosity < 2) 2783 return 0; /* silence lots of chatter in the logs */ 2784 else if(error != 0) { 2785 log_err_addr("http connect", strerror(error), 2786 &c->repinfo.addr, c->repinfo.addrlen); 2787 #else /* USE_WINSOCK */ 2788 /* examine error */ 2789 if(error == WSAEINPROGRESS) 2790 return 1; 2791 else if(error == WSAEWOULDBLOCK) { 2792 ub_winsock_tcp_wouldblock(c->ev->ev, UB_EV_WRITE); 2793 return 1; 2794 } else if(error != 0 && verbosity < 2) 2795 return 0; 2796 else if(error != 0) { 2797 log_err_addr("http connect", wsa_strerror(error), 2798 &c->repinfo.addr, c->repinfo.addrlen); 2799 #endif /* USE_WINSOCK */ 2800 return 0; 2801 } 2802 /* keep on processing this socket */ 2803 return 2; 2804 } 2805 2806 /** write more data for http (with ssl) */ 2807 static int 2808 ssl_http_write_more(struct comm_point* c) 2809 { 2810 #ifdef HAVE_SSL 2811 int r; 2812 log_assert(sldns_buffer_remaining(c->buffer) > 0); 2813 ERR_clear_error(); 2814 r = SSL_write(c->ssl, (void*)sldns_buffer_current(c->buffer), 2815 (int)sldns_buffer_remaining(c->buffer)); 2816 if(r <= 0) { 2817 int want = SSL_get_error(c->ssl, r); 2818 if(want == SSL_ERROR_ZERO_RETURN) { 2819 return 0; /* closed */ 2820 } else if(want == SSL_ERROR_WANT_READ) { 2821 c->ssl_shake_state = comm_ssl_shake_hs_read; 2822 comm_point_listen_for_rw(c, 1, 0); 2823 return 1; /* wait for read condition */ 2824 } else if(want == SSL_ERROR_WANT_WRITE) { 2825 return 1; /* write more later */ 2826 } else if(want == SSL_ERROR_SYSCALL) { 2827 #ifdef EPIPE 2828 if(errno == EPIPE && verbosity < 2) 2829 return 0; /* silence 'broken pipe' */ 2830 #endif 2831 if(errno != 0) 2832 log_err("SSL_write syscall: %s", 2833 strerror(errno)); 2834 return 0; 2835 } 2836 log_crypto_err("could not SSL_write"); 2837 return 0; 2838 } 2839 sldns_buffer_skip(c->buffer, (ssize_t)r); 2840 return 1; 2841 #else 2842 (void)c; 2843 return 0; 2844 #endif /* HAVE_SSL */ 2845 } 2846 2847 /** write more data for http */ 2848 static int 2849 http_write_more(int fd, struct comm_point* c) 2850 { 2851 ssize_t r; 2852 log_assert(sldns_buffer_remaining(c->buffer) > 0); 2853 r = send(fd, (void*)sldns_buffer_current(c->buffer), 2854 sldns_buffer_remaining(c->buffer), 0); 2855 if(r == -1) { 2856 #ifndef USE_WINSOCK 2857 if(errno == EINTR || errno == EAGAIN) 2858 return 1; 2859 #else 2860 if(WSAGetLastError() == WSAEINPROGRESS) 2861 return 1; 2862 if(WSAGetLastError() == WSAEWOULDBLOCK) { 2863 ub_winsock_tcp_wouldblock(c->ev->ev, UB_EV_WRITE); 2864 return 1; 2865 } 2866 #endif 2867 log_err_addr("http send r", sock_strerror(errno), 2868 &c->repinfo.addr, c->repinfo.addrlen); 2869 return 0; 2870 } 2871 sldns_buffer_skip(c->buffer, r); 2872 return 1; 2873 } 2874 2875 #ifdef HAVE_NGHTTP2 2876 ssize_t http2_send_cb(nghttp2_session* ATTR_UNUSED(session), const uint8_t* buf, 2877 size_t len, int ATTR_UNUSED(flags), void* cb_arg) 2878 { 2879 ssize_t ret; 2880 struct http2_session* h2_session = (struct http2_session*)cb_arg; 2881 log_assert(h2_session->c->type == comm_http); 2882 log_assert(h2_session->c->h2_session); 2883 2884 #ifdef HAVE_SSL 2885 if(h2_session->c->ssl) { 2886 int r; 2887 ERR_clear_error(); 2888 r = SSL_write(h2_session->c->ssl, buf, len); 2889 if(r <= 0) { 2890 int want = SSL_get_error(h2_session->c->ssl, r); 2891 if(want == SSL_ERROR_ZERO_RETURN) { 2892 return NGHTTP2_ERR_CALLBACK_FAILURE; 2893 } else if(want == SSL_ERROR_WANT_READ) { 2894 h2_session->c->ssl_shake_state = comm_ssl_shake_hs_read; 2895 comm_point_listen_for_rw(h2_session->c, 1, 0); 2896 return NGHTTP2_ERR_WOULDBLOCK; 2897 } else if(want == SSL_ERROR_WANT_WRITE) { 2898 return NGHTTP2_ERR_WOULDBLOCK; 2899 } else if(want == SSL_ERROR_SYSCALL) { 2900 #ifdef EPIPE 2901 if(errno == EPIPE && verbosity < 2) 2902 return NGHTTP2_ERR_CALLBACK_FAILURE; 2903 #endif 2904 if(errno != 0) 2905 log_err("SSL_write syscall: %s", 2906 strerror(errno)); 2907 return NGHTTP2_ERR_CALLBACK_FAILURE; 2908 } 2909 log_crypto_err("could not SSL_write"); 2910 return NGHTTP2_ERR_CALLBACK_FAILURE; 2911 } 2912 return r; 2913 } 2914 #endif /* HAVE_SSL */ 2915 2916 ret = send(h2_session->c->fd, buf, len, 0); 2917 if(ret == 0) { 2918 return NGHTTP2_ERR_CALLBACK_FAILURE; 2919 } else if(ret < 0) { 2920 #ifndef USE_WINSOCK 2921 if(errno == EINTR || errno == EAGAIN) 2922 return NGHTTP2_ERR_WOULDBLOCK; 2923 #ifdef EPIPE 2924 if(errno == EPIPE && verbosity < 2) 2925 return NGHTTP2_ERR_CALLBACK_FAILURE; 2926 #endif 2927 #ifdef ECONNRESET 2928 if(errno == ECONNRESET && verbosity < 2) 2929 return NGHTTP2_ERR_CALLBACK_FAILURE; 2930 #endif 2931 log_err_addr("could not http2 write: %s", strerror(errno), 2932 &h2_session->c->repinfo.addr, 2933 h2_session->c->repinfo.addrlen); 2934 #else /* USE_WINSOCK */ 2935 if(WSAGetLastError() == WSAENOTCONN) 2936 return NGHTTP2_ERR_WOULDBLOCK; 2937 if(WSAGetLastError() == WSAEINPROGRESS) 2938 return NGHTTP2_ERR_WOULDBLOCK; 2939 if(WSAGetLastError() == WSAEWOULDBLOCK) { 2940 ub_winsock_tcp_wouldblock(h2_session->c->ev->ev, 2941 UB_EV_WRITE); 2942 return NGHTTP2_ERR_WOULDBLOCK; 2943 } 2944 if(WSAGetLastError() == WSAECONNRESET && verbosity < 2) 2945 return NGHTTP2_ERR_CALLBACK_FAILURE; 2946 log_err_addr("could not http2 write: %s", 2947 wsa_strerror(WSAGetLastError()), 2948 &h2_session->c->repinfo.addr, 2949 h2_session->c->repinfo.addrlen); 2950 #endif 2951 return NGHTTP2_ERR_CALLBACK_FAILURE; 2952 } 2953 return ret; 2954 } 2955 #endif /* HAVE_NGHTTP2 */ 2956 2957 /** Handle http2 writing */ 2958 static int 2959 comm_point_http2_handle_write(int ATTR_UNUSED(fd), struct comm_point* c) 2960 { 2961 #ifdef HAVE_NGHTTP2 2962 int ret; 2963 log_assert(c->h2_session); 2964 2965 ret = nghttp2_session_send(c->h2_session->session); 2966 if(ret) { 2967 verbose(VERB_QUERY, "http2: session_send failed, " 2968 "error: %s", nghttp2_strerror(ret)); 2969 return 0; 2970 } 2971 2972 if(nghttp2_session_want_read(c->h2_session->session)) { 2973 c->tcp_is_reading = 1; 2974 comm_point_stop_listening(c); 2975 comm_point_start_listening(c, -1, c->tcp_timeout_msec); 2976 } else if(!nghttp2_session_want_write(c->h2_session->session)) 2977 return 0; /* connection can be closed */ 2978 return 1; 2979 #else 2980 (void)c; 2981 return 0; 2982 #endif 2983 } 2984 2985 /** 2986 * Handle http writing callback. 2987 * @param fd: file descriptor of socket. 2988 * @param c: comm point to write buffer out of. 2989 * @return: 0 on error 2990 */ 2991 static int 2992 comm_point_http_handle_write(int fd, struct comm_point* c) 2993 { 2994 log_assert(c->type == comm_http); 2995 log_assert(fd != -1); 2996 2997 /* check pending connect errors, if that fails, we wait for more, 2998 * or we can continue to write contents */ 2999 if(c->tcp_check_nb_connect) { 3000 int r = http_check_connect(fd, c); 3001 if(r == 0) return 0; 3002 if(r == 1) return 1; 3003 c->tcp_check_nb_connect = 0; 3004 } 3005 /* if we are in ssl handshake, handle SSL handshake */ 3006 #ifdef HAVE_SSL 3007 if(c->ssl && c->ssl_shake_state != comm_ssl_shake_none) { 3008 if(!ssl_handshake(c)) 3009 return 0; 3010 if(c->ssl_shake_state != comm_ssl_shake_none) 3011 return 1; 3012 } 3013 #endif /* HAVE_SSL */ 3014 if(c->tcp_is_reading) 3015 return 1; 3016 3017 if(c->use_h2) { 3018 return comm_point_http2_handle_write(fd, c); 3019 } 3020 3021 /* http version is <= http/1.1 */ 3022 3023 if(c->http_min_version >= http_version_2) { 3024 /* HTTP/2 failed, not allowed to use lower version. */ 3025 return 0; 3026 } 3027 3028 /* if we are writing, write more */ 3029 if(c->ssl) { 3030 if(!ssl_http_write_more(c)) 3031 return 0; 3032 } else { 3033 if(!http_write_more(fd, c)) 3034 return 0; 3035 } 3036 3037 /* we write a single buffer contents, that can contain 3038 * the http request, and then flip to read the results */ 3039 /* see if write is done */ 3040 if(sldns_buffer_remaining(c->buffer) == 0) { 3041 sldns_buffer_clear(c->buffer); 3042 if(c->tcp_do_toggle_rw) 3043 c->tcp_is_reading = 1; 3044 c->tcp_byte_count = 0; 3045 /* switch from listening(write) to listening(read) */ 3046 comm_point_stop_listening(c); 3047 comm_point_start_listening(c, -1, -1); 3048 } 3049 return 1; 3050 } 3051 3052 void 3053 comm_point_http_handle_callback(int fd, short event, void* arg) 3054 { 3055 struct comm_point* c = (struct comm_point*)arg; 3056 log_assert(c->type == comm_http); 3057 ub_comm_base_now(c->ev->base); 3058 3059 if(event&UB_EV_TIMEOUT) { 3060 verbose(VERB_QUERY, "http took too long, dropped"); 3061 reclaim_http_handler(c); 3062 if(!c->tcp_do_close) { 3063 fptr_ok(fptr_whitelist_comm_point(c->callback)); 3064 (void)(*c->callback)(c, c->cb_arg, 3065 NETEVENT_TIMEOUT, NULL); 3066 } 3067 return; 3068 } 3069 if(event&UB_EV_READ) { 3070 if(!comm_point_http_handle_read(fd, c)) { 3071 reclaim_http_handler(c); 3072 if(!c->tcp_do_close) { 3073 fptr_ok(fptr_whitelist_comm_point( 3074 c->callback)); 3075 (void)(*c->callback)(c, c->cb_arg, 3076 NETEVENT_CLOSED, NULL); 3077 } 3078 } 3079 return; 3080 } 3081 if(event&UB_EV_WRITE) { 3082 if(!comm_point_http_handle_write(fd, c)) { 3083 reclaim_http_handler(c); 3084 if(!c->tcp_do_close) { 3085 fptr_ok(fptr_whitelist_comm_point( 3086 c->callback)); 3087 (void)(*c->callback)(c, c->cb_arg, 3088 NETEVENT_CLOSED, NULL); 3089 } 3090 } 3091 return; 3092 } 3093 log_err("Ignored event %d for httphdl.", event); 3094 } 3095 3096 void comm_point_local_handle_callback(int fd, short event, void* arg) 3097 { 3098 struct comm_point* c = (struct comm_point*)arg; 3099 log_assert(c->type == comm_local); 3100 ub_comm_base_now(c->ev->base); 3101 3102 if(event&UB_EV_READ) { 3103 if(!comm_point_tcp_handle_read(fd, c, 1)) { 3104 fptr_ok(fptr_whitelist_comm_point(c->callback)); 3105 (void)(*c->callback)(c, c->cb_arg, NETEVENT_CLOSED, 3106 NULL); 3107 } 3108 return; 3109 } 3110 log_err("Ignored event %d for localhdl.", event); 3111 } 3112 3113 void comm_point_raw_handle_callback(int ATTR_UNUSED(fd), 3114 short event, void* arg) 3115 { 3116 struct comm_point* c = (struct comm_point*)arg; 3117 int err = NETEVENT_NOERROR; 3118 log_assert(c->type == comm_raw); 3119 ub_comm_base_now(c->ev->base); 3120 3121 if(event&UB_EV_TIMEOUT) 3122 err = NETEVENT_TIMEOUT; 3123 fptr_ok(fptr_whitelist_comm_point_raw(c->callback)); 3124 (void)(*c->callback)(c, c->cb_arg, err, NULL); 3125 } 3126 3127 struct comm_point* 3128 comm_point_create_udp(struct comm_base *base, int fd, sldns_buffer* buffer, 3129 comm_point_callback_type* callback, void* callback_arg) 3130 { 3131 struct comm_point* c = (struct comm_point*)calloc(1, 3132 sizeof(struct comm_point)); 3133 short evbits; 3134 if(!c) 3135 return NULL; 3136 c->ev = (struct internal_event*)calloc(1, 3137 sizeof(struct internal_event)); 3138 if(!c->ev) { 3139 free(c); 3140 return NULL; 3141 } 3142 c->ev->base = base; 3143 c->fd = fd; 3144 c->buffer = buffer; 3145 c->timeout = NULL; 3146 c->tcp_is_reading = 0; 3147 c->tcp_byte_count = 0; 3148 c->tcp_parent = NULL; 3149 c->max_tcp_count = 0; 3150 c->cur_tcp_count = 0; 3151 c->tcp_handlers = NULL; 3152 c->tcp_free = NULL; 3153 c->type = comm_udp; 3154 c->tcp_do_close = 0; 3155 c->do_not_close = 0; 3156 c->tcp_do_toggle_rw = 0; 3157 c->tcp_check_nb_connect = 0; 3158 #ifdef USE_MSG_FASTOPEN 3159 c->tcp_do_fastopen = 0; 3160 #endif 3161 #ifdef USE_DNSCRYPT 3162 c->dnscrypt = 0; 3163 c->dnscrypt_buffer = buffer; 3164 #endif 3165 c->inuse = 0; 3166 c->callback = callback; 3167 c->cb_arg = callback_arg; 3168 evbits = UB_EV_READ | UB_EV_PERSIST; 3169 /* ub_event stuff */ 3170 c->ev->ev = ub_event_new(base->eb->base, c->fd, evbits, 3171 comm_point_udp_callback, c); 3172 if(c->ev->ev == NULL) { 3173 log_err("could not baseset udp event"); 3174 comm_point_delete(c); 3175 return NULL; 3176 } 3177 if(fd!=-1 && ub_event_add(c->ev->ev, c->timeout) != 0 ) { 3178 log_err("could not add udp event"); 3179 comm_point_delete(c); 3180 return NULL; 3181 } 3182 return c; 3183 } 3184 3185 struct comm_point* 3186 comm_point_create_udp_ancil(struct comm_base *base, int fd, 3187 sldns_buffer* buffer, 3188 comm_point_callback_type* callback, void* callback_arg) 3189 { 3190 struct comm_point* c = (struct comm_point*)calloc(1, 3191 sizeof(struct comm_point)); 3192 short evbits; 3193 if(!c) 3194 return NULL; 3195 c->ev = (struct internal_event*)calloc(1, 3196 sizeof(struct internal_event)); 3197 if(!c->ev) { 3198 free(c); 3199 return NULL; 3200 } 3201 c->ev->base = base; 3202 c->fd = fd; 3203 c->buffer = buffer; 3204 c->timeout = NULL; 3205 c->tcp_is_reading = 0; 3206 c->tcp_byte_count = 0; 3207 c->tcp_parent = NULL; 3208 c->max_tcp_count = 0; 3209 c->cur_tcp_count = 0; 3210 c->tcp_handlers = NULL; 3211 c->tcp_free = NULL; 3212 c->type = comm_udp; 3213 c->tcp_do_close = 0; 3214 c->do_not_close = 0; 3215 #ifdef USE_DNSCRYPT 3216 c->dnscrypt = 0; 3217 c->dnscrypt_buffer = buffer; 3218 #endif 3219 c->inuse = 0; 3220 c->tcp_do_toggle_rw = 0; 3221 c->tcp_check_nb_connect = 0; 3222 #ifdef USE_MSG_FASTOPEN 3223 c->tcp_do_fastopen = 0; 3224 #endif 3225 c->callback = callback; 3226 c->cb_arg = callback_arg; 3227 evbits = UB_EV_READ | UB_EV_PERSIST; 3228 /* ub_event stuff */ 3229 c->ev->ev = ub_event_new(base->eb->base, c->fd, evbits, 3230 comm_point_udp_ancil_callback, c); 3231 if(c->ev->ev == NULL) { 3232 log_err("could not baseset udp event"); 3233 comm_point_delete(c); 3234 return NULL; 3235 } 3236 if(fd!=-1 && ub_event_add(c->ev->ev, c->timeout) != 0 ) { 3237 log_err("could not add udp event"); 3238 comm_point_delete(c); 3239 return NULL; 3240 } 3241 return c; 3242 } 3243 3244 static struct comm_point* 3245 comm_point_create_tcp_handler(struct comm_base *base, 3246 struct comm_point* parent, size_t bufsize, 3247 struct sldns_buffer* spoolbuf, comm_point_callback_type* callback, 3248 void* callback_arg) 3249 { 3250 struct comm_point* c = (struct comm_point*)calloc(1, 3251 sizeof(struct comm_point)); 3252 short evbits; 3253 if(!c) 3254 return NULL; 3255 c->ev = (struct internal_event*)calloc(1, 3256 sizeof(struct internal_event)); 3257 if(!c->ev) { 3258 free(c); 3259 return NULL; 3260 } 3261 c->ev->base = base; 3262 c->fd = -1; 3263 c->buffer = sldns_buffer_new(bufsize); 3264 if(!c->buffer) { 3265 free(c->ev); 3266 free(c); 3267 return NULL; 3268 } 3269 c->timeout = (struct timeval*)malloc(sizeof(struct timeval)); 3270 if(!c->timeout) { 3271 sldns_buffer_free(c->buffer); 3272 free(c->ev); 3273 free(c); 3274 return NULL; 3275 } 3276 c->tcp_is_reading = 0; 3277 c->tcp_byte_count = 0; 3278 c->tcp_parent = parent; 3279 c->tcp_timeout_msec = parent->tcp_timeout_msec; 3280 c->tcp_conn_limit = parent->tcp_conn_limit; 3281 c->tcl_addr = NULL; 3282 c->tcp_keepalive = 0; 3283 c->max_tcp_count = 0; 3284 c->cur_tcp_count = 0; 3285 c->tcp_handlers = NULL; 3286 c->tcp_free = NULL; 3287 c->type = comm_tcp; 3288 c->tcp_do_close = 0; 3289 c->do_not_close = 0; 3290 c->tcp_do_toggle_rw = 1; 3291 c->tcp_check_nb_connect = 0; 3292 #ifdef USE_MSG_FASTOPEN 3293 c->tcp_do_fastopen = 0; 3294 #endif 3295 #ifdef USE_DNSCRYPT 3296 c->dnscrypt = 0; 3297 /* We don't know just yet if this is a dnscrypt channel. Allocation 3298 * will be done when handling the callback. */ 3299 c->dnscrypt_buffer = c->buffer; 3300 #endif 3301 c->repinfo.c = c; 3302 c->callback = callback; 3303 c->cb_arg = callback_arg; 3304 if(spoolbuf) { 3305 c->tcp_req_info = tcp_req_info_create(spoolbuf); 3306 if(!c->tcp_req_info) { 3307 log_err("could not create tcp commpoint"); 3308 sldns_buffer_free(c->buffer); 3309 free(c->timeout); 3310 free(c->ev); 3311 free(c); 3312 return NULL; 3313 } 3314 c->tcp_req_info->cp = c; 3315 c->tcp_do_close = 1; 3316 c->tcp_do_toggle_rw = 0; 3317 } 3318 /* add to parent free list */ 3319 c->tcp_free = parent->tcp_free; 3320 parent->tcp_free = c; 3321 /* ub_event stuff */ 3322 evbits = UB_EV_PERSIST | UB_EV_READ | UB_EV_TIMEOUT; 3323 c->ev->ev = ub_event_new(base->eb->base, c->fd, evbits, 3324 comm_point_tcp_handle_callback, c); 3325 if(c->ev->ev == NULL) 3326 { 3327 log_err("could not basetset tcphdl event"); 3328 parent->tcp_free = c->tcp_free; 3329 tcp_req_info_delete(c->tcp_req_info); 3330 sldns_buffer_free(c->buffer); 3331 free(c->timeout); 3332 free(c->ev); 3333 free(c); 3334 return NULL; 3335 } 3336 return c; 3337 } 3338 3339 static struct comm_point* 3340 comm_point_create_http_handler(struct comm_base *base, 3341 struct comm_point* parent, size_t bufsize, int harden_large_queries, 3342 uint32_t http_max_streams, char* http_endpoint, 3343 comm_point_callback_type* callback, void* callback_arg) 3344 { 3345 struct comm_point* c = (struct comm_point*)calloc(1, 3346 sizeof(struct comm_point)); 3347 short evbits; 3348 if(!c) 3349 return NULL; 3350 c->ev = (struct internal_event*)calloc(1, 3351 sizeof(struct internal_event)); 3352 if(!c->ev) { 3353 free(c); 3354 return NULL; 3355 } 3356 c->ev->base = base; 3357 c->fd = -1; 3358 c->buffer = sldns_buffer_new(bufsize); 3359 if(!c->buffer) { 3360 free(c->ev); 3361 free(c); 3362 return NULL; 3363 } 3364 c->timeout = (struct timeval*)malloc(sizeof(struct timeval)); 3365 if(!c->timeout) { 3366 sldns_buffer_free(c->buffer); 3367 free(c->ev); 3368 free(c); 3369 return NULL; 3370 } 3371 c->tcp_is_reading = 0; 3372 c->tcp_byte_count = 0; 3373 c->tcp_parent = parent; 3374 c->tcp_timeout_msec = parent->tcp_timeout_msec; 3375 c->tcp_conn_limit = parent->tcp_conn_limit; 3376 c->tcl_addr = NULL; 3377 c->tcp_keepalive = 0; 3378 c->max_tcp_count = 0; 3379 c->cur_tcp_count = 0; 3380 c->tcp_handlers = NULL; 3381 c->tcp_free = NULL; 3382 c->type = comm_http; 3383 c->tcp_do_close = 1; 3384 c->do_not_close = 0; 3385 c->tcp_do_toggle_rw = 1; /* will be set to 0 after http2 upgrade */ 3386 c->tcp_check_nb_connect = 0; 3387 #ifdef USE_MSG_FASTOPEN 3388 c->tcp_do_fastopen = 0; 3389 #endif 3390 #ifdef USE_DNSCRYPT 3391 c->dnscrypt = 0; 3392 c->dnscrypt_buffer = NULL; 3393 #endif 3394 c->repinfo.c = c; 3395 c->callback = callback; 3396 c->cb_arg = callback_arg; 3397 3398 c->http_min_version = http_version_2; 3399 c->http2_stream_max_qbuffer_size = bufsize; 3400 if(harden_large_queries && bufsize > 512) 3401 c->http2_stream_max_qbuffer_size = 512; 3402 c->http2_max_streams = http_max_streams; 3403 if(!(c->http_endpoint = strdup(http_endpoint))) { 3404 log_err("could not strdup http_endpoint"); 3405 sldns_buffer_free(c->buffer); 3406 free(c->timeout); 3407 free(c->ev); 3408 free(c); 3409 return NULL; 3410 } 3411 c->use_h2 = 0; 3412 #ifdef HAVE_NGHTTP2 3413 if(!(c->h2_session = http2_session_create(c))) { 3414 log_err("could not create http2 session"); 3415 free(c->http_endpoint); 3416 sldns_buffer_free(c->buffer); 3417 free(c->timeout); 3418 free(c->ev); 3419 free(c); 3420 return NULL; 3421 } 3422 if(!(c->h2_session->callbacks = http2_req_callbacks_create())) { 3423 log_err("could not create http2 callbacks"); 3424 http2_session_delete(c->h2_session); 3425 free(c->http_endpoint); 3426 sldns_buffer_free(c->buffer); 3427 free(c->timeout); 3428 free(c->ev); 3429 free(c); 3430 return NULL; 3431 } 3432 #endif 3433 3434 /* add to parent free list */ 3435 c->tcp_free = parent->tcp_free; 3436 parent->tcp_free = c; 3437 /* ub_event stuff */ 3438 evbits = UB_EV_PERSIST | UB_EV_READ | UB_EV_TIMEOUT; 3439 c->ev->ev = ub_event_new(base->eb->base, c->fd, evbits, 3440 comm_point_http_handle_callback, c); 3441 if(c->ev->ev == NULL) 3442 { 3443 log_err("could not set http handler event"); 3444 parent->tcp_free = c->tcp_free; 3445 http2_session_delete(c->h2_session); 3446 sldns_buffer_free(c->buffer); 3447 free(c->timeout); 3448 free(c->ev); 3449 free(c); 3450 return NULL; 3451 } 3452 return c; 3453 } 3454 3455 struct comm_point* 3456 comm_point_create_tcp(struct comm_base *base, int fd, int num, 3457 int idle_timeout, int harden_large_queries, 3458 uint32_t http_max_streams, char* http_endpoint, 3459 struct tcl_list* tcp_conn_limit, size_t bufsize, 3460 struct sldns_buffer* spoolbuf, enum listen_type port_type, 3461 comm_point_callback_type* callback, void* callback_arg) 3462 { 3463 struct comm_point* c = (struct comm_point*)calloc(1, 3464 sizeof(struct comm_point)); 3465 short evbits; 3466 int i; 3467 /* first allocate the TCP accept listener */ 3468 if(!c) 3469 return NULL; 3470 c->ev = (struct internal_event*)calloc(1, 3471 sizeof(struct internal_event)); 3472 if(!c->ev) { 3473 free(c); 3474 return NULL; 3475 } 3476 c->ev->base = base; 3477 c->fd = fd; 3478 c->buffer = NULL; 3479 c->timeout = NULL; 3480 c->tcp_is_reading = 0; 3481 c->tcp_byte_count = 0; 3482 c->tcp_timeout_msec = idle_timeout; 3483 c->tcp_conn_limit = tcp_conn_limit; 3484 c->tcl_addr = NULL; 3485 c->tcp_keepalive = 0; 3486 c->tcp_parent = NULL; 3487 c->max_tcp_count = num; 3488 c->cur_tcp_count = 0; 3489 c->tcp_handlers = (struct comm_point**)calloc((size_t)num, 3490 sizeof(struct comm_point*)); 3491 if(!c->tcp_handlers) { 3492 free(c->ev); 3493 free(c); 3494 return NULL; 3495 } 3496 c->tcp_free = NULL; 3497 c->type = comm_tcp_accept; 3498 c->tcp_do_close = 0; 3499 c->do_not_close = 0; 3500 c->tcp_do_toggle_rw = 0; 3501 c->tcp_check_nb_connect = 0; 3502 #ifdef USE_MSG_FASTOPEN 3503 c->tcp_do_fastopen = 0; 3504 #endif 3505 #ifdef USE_DNSCRYPT 3506 c->dnscrypt = 0; 3507 c->dnscrypt_buffer = NULL; 3508 #endif 3509 c->callback = NULL; 3510 c->cb_arg = NULL; 3511 evbits = UB_EV_READ | UB_EV_PERSIST; 3512 /* ub_event stuff */ 3513 c->ev->ev = ub_event_new(base->eb->base, c->fd, evbits, 3514 comm_point_tcp_accept_callback, c); 3515 if(c->ev->ev == NULL) { 3516 log_err("could not baseset tcpacc event"); 3517 comm_point_delete(c); 3518 return NULL; 3519 } 3520 if (ub_event_add(c->ev->ev, c->timeout) != 0) { 3521 log_err("could not add tcpacc event"); 3522 comm_point_delete(c); 3523 return NULL; 3524 } 3525 /* now prealloc the handlers */ 3526 for(i=0; i<num; i++) { 3527 if(port_type == listen_type_tcp || 3528 port_type == listen_type_ssl || 3529 port_type == listen_type_tcp_dnscrypt) { 3530 c->tcp_handlers[i] = comm_point_create_tcp_handler(base, 3531 c, bufsize, spoolbuf, callback, callback_arg); 3532 } else if(port_type == listen_type_http) { 3533 c->tcp_handlers[i] = comm_point_create_http_handler( 3534 base, c, bufsize, harden_large_queries, 3535 http_max_streams, http_endpoint, 3536 callback, callback_arg); 3537 } 3538 else { 3539 log_err("could not create tcp handler, unknown listen " 3540 "type"); 3541 return NULL; 3542 } 3543 if(!c->tcp_handlers[i]) { 3544 comm_point_delete(c); 3545 return NULL; 3546 } 3547 } 3548 3549 return c; 3550 } 3551 3552 struct comm_point* 3553 comm_point_create_tcp_out(struct comm_base *base, size_t bufsize, 3554 comm_point_callback_type* callback, void* callback_arg) 3555 { 3556 struct comm_point* c = (struct comm_point*)calloc(1, 3557 sizeof(struct comm_point)); 3558 short evbits; 3559 if(!c) 3560 return NULL; 3561 c->ev = (struct internal_event*)calloc(1, 3562 sizeof(struct internal_event)); 3563 if(!c->ev) { 3564 free(c); 3565 return NULL; 3566 } 3567 c->ev->base = base; 3568 c->fd = -1; 3569 c->buffer = sldns_buffer_new(bufsize); 3570 if(!c->buffer) { 3571 free(c->ev); 3572 free(c); 3573 return NULL; 3574 } 3575 c->timeout = NULL; 3576 c->tcp_is_reading = 0; 3577 c->tcp_byte_count = 0; 3578 c->tcp_timeout_msec = TCP_QUERY_TIMEOUT; 3579 c->tcp_conn_limit = NULL; 3580 c->tcl_addr = NULL; 3581 c->tcp_keepalive = 0; 3582 c->tcp_parent = NULL; 3583 c->max_tcp_count = 0; 3584 c->cur_tcp_count = 0; 3585 c->tcp_handlers = NULL; 3586 c->tcp_free = NULL; 3587 c->type = comm_tcp; 3588 c->tcp_do_close = 0; 3589 c->do_not_close = 0; 3590 c->tcp_do_toggle_rw = 1; 3591 c->tcp_check_nb_connect = 1; 3592 #ifdef USE_MSG_FASTOPEN 3593 c->tcp_do_fastopen = 1; 3594 #endif 3595 #ifdef USE_DNSCRYPT 3596 c->dnscrypt = 0; 3597 c->dnscrypt_buffer = c->buffer; 3598 #endif 3599 c->repinfo.c = c; 3600 c->callback = callback; 3601 c->cb_arg = callback_arg; 3602 evbits = UB_EV_PERSIST | UB_EV_WRITE; 3603 c->ev->ev = ub_event_new(base->eb->base, c->fd, evbits, 3604 comm_point_tcp_handle_callback, c); 3605 if(c->ev->ev == NULL) 3606 { 3607 log_err("could not baseset tcpout event"); 3608 sldns_buffer_free(c->buffer); 3609 free(c->ev); 3610 free(c); 3611 return NULL; 3612 } 3613 3614 return c; 3615 } 3616 3617 struct comm_point* 3618 comm_point_create_http_out(struct comm_base *base, size_t bufsize, 3619 comm_point_callback_type* callback, void* callback_arg, 3620 sldns_buffer* temp) 3621 { 3622 struct comm_point* c = (struct comm_point*)calloc(1, 3623 sizeof(struct comm_point)); 3624 short evbits; 3625 if(!c) 3626 return NULL; 3627 c->ev = (struct internal_event*)calloc(1, 3628 sizeof(struct internal_event)); 3629 if(!c->ev) { 3630 free(c); 3631 return NULL; 3632 } 3633 c->ev->base = base; 3634 c->fd = -1; 3635 c->buffer = sldns_buffer_new(bufsize); 3636 if(!c->buffer) { 3637 free(c->ev); 3638 free(c); 3639 return NULL; 3640 } 3641 c->timeout = NULL; 3642 c->tcp_is_reading = 0; 3643 c->tcp_byte_count = 0; 3644 c->tcp_parent = NULL; 3645 c->max_tcp_count = 0; 3646 c->cur_tcp_count = 0; 3647 c->tcp_handlers = NULL; 3648 c->tcp_free = NULL; 3649 c->type = comm_http; 3650 c->tcp_do_close = 0; 3651 c->do_not_close = 0; 3652 c->tcp_do_toggle_rw = 1; 3653 c->tcp_check_nb_connect = 1; 3654 c->http_in_headers = 1; 3655 c->http_in_chunk_headers = 0; 3656 c->http_is_chunked = 0; 3657 c->http_temp = temp; 3658 #ifdef USE_MSG_FASTOPEN 3659 c->tcp_do_fastopen = 1; 3660 #endif 3661 #ifdef USE_DNSCRYPT 3662 c->dnscrypt = 0; 3663 c->dnscrypt_buffer = c->buffer; 3664 #endif 3665 c->repinfo.c = c; 3666 c->callback = callback; 3667 c->cb_arg = callback_arg; 3668 evbits = UB_EV_PERSIST | UB_EV_WRITE; 3669 c->ev->ev = ub_event_new(base->eb->base, c->fd, evbits, 3670 comm_point_http_handle_callback, c); 3671 if(c->ev->ev == NULL) 3672 { 3673 log_err("could not baseset tcpout event"); 3674 #ifdef HAVE_SSL 3675 SSL_free(c->ssl); 3676 #endif 3677 sldns_buffer_free(c->buffer); 3678 free(c->ev); 3679 free(c); 3680 return NULL; 3681 } 3682 3683 return c; 3684 } 3685 3686 struct comm_point* 3687 comm_point_create_local(struct comm_base *base, int fd, size_t bufsize, 3688 comm_point_callback_type* callback, void* callback_arg) 3689 { 3690 struct comm_point* c = (struct comm_point*)calloc(1, 3691 sizeof(struct comm_point)); 3692 short evbits; 3693 if(!c) 3694 return NULL; 3695 c->ev = (struct internal_event*)calloc(1, 3696 sizeof(struct internal_event)); 3697 if(!c->ev) { 3698 free(c); 3699 return NULL; 3700 } 3701 c->ev->base = base; 3702 c->fd = fd; 3703 c->buffer = sldns_buffer_new(bufsize); 3704 if(!c->buffer) { 3705 free(c->ev); 3706 free(c); 3707 return NULL; 3708 } 3709 c->timeout = NULL; 3710 c->tcp_is_reading = 1; 3711 c->tcp_byte_count = 0; 3712 c->tcp_parent = NULL; 3713 c->max_tcp_count = 0; 3714 c->cur_tcp_count = 0; 3715 c->tcp_handlers = NULL; 3716 c->tcp_free = NULL; 3717 c->type = comm_local; 3718 c->tcp_do_close = 0; 3719 c->do_not_close = 1; 3720 c->tcp_do_toggle_rw = 0; 3721 c->tcp_check_nb_connect = 0; 3722 #ifdef USE_MSG_FASTOPEN 3723 c->tcp_do_fastopen = 0; 3724 #endif 3725 #ifdef USE_DNSCRYPT 3726 c->dnscrypt = 0; 3727 c->dnscrypt_buffer = c->buffer; 3728 #endif 3729 c->callback = callback; 3730 c->cb_arg = callback_arg; 3731 /* ub_event stuff */ 3732 evbits = UB_EV_PERSIST | UB_EV_READ; 3733 c->ev->ev = ub_event_new(base->eb->base, c->fd, evbits, 3734 comm_point_local_handle_callback, c); 3735 if(c->ev->ev == NULL) { 3736 log_err("could not baseset localhdl event"); 3737 free(c->ev); 3738 free(c); 3739 return NULL; 3740 } 3741 if (ub_event_add(c->ev->ev, c->timeout) != 0) { 3742 log_err("could not add localhdl event"); 3743 ub_event_free(c->ev->ev); 3744 free(c->ev); 3745 free(c); 3746 return NULL; 3747 } 3748 return c; 3749 } 3750 3751 struct comm_point* 3752 comm_point_create_raw(struct comm_base* base, int fd, int writing, 3753 comm_point_callback_type* callback, void* callback_arg) 3754 { 3755 struct comm_point* c = (struct comm_point*)calloc(1, 3756 sizeof(struct comm_point)); 3757 short evbits; 3758 if(!c) 3759 return NULL; 3760 c->ev = (struct internal_event*)calloc(1, 3761 sizeof(struct internal_event)); 3762 if(!c->ev) { 3763 free(c); 3764 return NULL; 3765 } 3766 c->ev->base = base; 3767 c->fd = fd; 3768 c->buffer = NULL; 3769 c->timeout = NULL; 3770 c->tcp_is_reading = 0; 3771 c->tcp_byte_count = 0; 3772 c->tcp_parent = NULL; 3773 c->max_tcp_count = 0; 3774 c->cur_tcp_count = 0; 3775 c->tcp_handlers = NULL; 3776 c->tcp_free = NULL; 3777 c->type = comm_raw; 3778 c->tcp_do_close = 0; 3779 c->do_not_close = 1; 3780 c->tcp_do_toggle_rw = 0; 3781 c->tcp_check_nb_connect = 0; 3782 #ifdef USE_MSG_FASTOPEN 3783 c->tcp_do_fastopen = 0; 3784 #endif 3785 #ifdef USE_DNSCRYPT 3786 c->dnscrypt = 0; 3787 c->dnscrypt_buffer = c->buffer; 3788 #endif 3789 c->callback = callback; 3790 c->cb_arg = callback_arg; 3791 /* ub_event stuff */ 3792 if(writing) 3793 evbits = UB_EV_PERSIST | UB_EV_WRITE; 3794 else evbits = UB_EV_PERSIST | UB_EV_READ; 3795 c->ev->ev = ub_event_new(base->eb->base, c->fd, evbits, 3796 comm_point_raw_handle_callback, c); 3797 if(c->ev->ev == NULL) { 3798 log_err("could not baseset rawhdl event"); 3799 free(c->ev); 3800 free(c); 3801 return NULL; 3802 } 3803 if (ub_event_add(c->ev->ev, c->timeout) != 0) { 3804 log_err("could not add rawhdl event"); 3805 ub_event_free(c->ev->ev); 3806 free(c->ev); 3807 free(c); 3808 return NULL; 3809 } 3810 return c; 3811 } 3812 3813 void 3814 comm_point_close(struct comm_point* c) 3815 { 3816 if(!c) 3817 return; 3818 if(c->fd != -1) { 3819 verbose(5, "comm_point_close of %d: event_del", c->fd); 3820 if(ub_event_del(c->ev->ev) != 0) { 3821 log_err("could not event_del on close"); 3822 } 3823 } 3824 tcl_close_connection(c->tcl_addr); 3825 if(c->tcp_req_info) 3826 tcp_req_info_clear(c->tcp_req_info); 3827 if(c->h2_session) 3828 http2_session_server_delete(c->h2_session); 3829 3830 /* close fd after removing from event lists, or epoll.. is messed up */ 3831 if(c->fd != -1 && !c->do_not_close) { 3832 if(c->type == comm_tcp || c->type == comm_http) { 3833 /* delete sticky events for the fd, it gets closed */ 3834 ub_winsock_tcp_wouldblock(c->ev->ev, UB_EV_READ); 3835 ub_winsock_tcp_wouldblock(c->ev->ev, UB_EV_WRITE); 3836 } 3837 verbose(VERB_ALGO, "close fd %d", c->fd); 3838 sock_close(c->fd); 3839 } 3840 c->fd = -1; 3841 } 3842 3843 void 3844 comm_point_delete(struct comm_point* c) 3845 { 3846 if(!c) 3847 return; 3848 if((c->type == comm_tcp || c->type == comm_http) && c->ssl) { 3849 #ifdef HAVE_SSL 3850 SSL_shutdown(c->ssl); 3851 SSL_free(c->ssl); 3852 #endif 3853 } 3854 if(c->type == comm_http && c->http_endpoint) { 3855 free(c->http_endpoint); 3856 c->http_endpoint = NULL; 3857 } 3858 comm_point_close(c); 3859 if(c->tcp_handlers) { 3860 int i; 3861 for(i=0; i<c->max_tcp_count; i++) 3862 comm_point_delete(c->tcp_handlers[i]); 3863 free(c->tcp_handlers); 3864 } 3865 free(c->timeout); 3866 if(c->type == comm_tcp || c->type == comm_local || c->type == comm_http) { 3867 sldns_buffer_free(c->buffer); 3868 #ifdef USE_DNSCRYPT 3869 if(c->dnscrypt && c->dnscrypt_buffer != c->buffer) { 3870 sldns_buffer_free(c->dnscrypt_buffer); 3871 } 3872 #endif 3873 if(c->tcp_req_info) { 3874 tcp_req_info_delete(c->tcp_req_info); 3875 } 3876 if(c->h2_session) { 3877 http2_session_delete(c->h2_session); 3878 } 3879 } 3880 ub_event_free(c->ev->ev); 3881 free(c->ev); 3882 free(c); 3883 } 3884 3885 void 3886 comm_point_send_reply(struct comm_reply *repinfo) 3887 { 3888 struct sldns_buffer* buffer; 3889 log_assert(repinfo && repinfo->c); 3890 #ifdef USE_DNSCRYPT 3891 buffer = repinfo->c->dnscrypt_buffer; 3892 if(!dnsc_handle_uncurved_request(repinfo)) { 3893 return; 3894 } 3895 #else 3896 buffer = repinfo->c->buffer; 3897 #endif 3898 if(repinfo->c->type == comm_udp) { 3899 if(repinfo->srctype) 3900 comm_point_send_udp_msg_if(repinfo->c, 3901 buffer, (struct sockaddr*)&repinfo->addr, 3902 repinfo->addrlen, repinfo); 3903 else 3904 comm_point_send_udp_msg(repinfo->c, buffer, 3905 (struct sockaddr*)&repinfo->addr, repinfo->addrlen); 3906 #ifdef USE_DNSTAP 3907 if(repinfo->c->dtenv != NULL && 3908 repinfo->c->dtenv->log_client_response_messages) 3909 dt_msg_send_client_response(repinfo->c->dtenv, 3910 &repinfo->addr, repinfo->c->type, repinfo->c->buffer); 3911 #endif 3912 } else { 3913 #ifdef USE_DNSTAP 3914 if(repinfo->c->tcp_parent->dtenv != NULL && 3915 repinfo->c->tcp_parent->dtenv->log_client_response_messages) 3916 dt_msg_send_client_response(repinfo->c->tcp_parent->dtenv, 3917 &repinfo->addr, repinfo->c->type, 3918 ( repinfo->c->tcp_req_info 3919 ? repinfo->c->tcp_req_info->spool_buffer 3920 : repinfo->c->buffer )); 3921 #endif 3922 if(repinfo->c->tcp_req_info) { 3923 tcp_req_info_send_reply(repinfo->c->tcp_req_info); 3924 } else if(repinfo->c->use_h2) { 3925 if(!http2_submit_dns_response(repinfo->c->h2_session)) { 3926 comm_point_drop_reply(repinfo); 3927 return; 3928 } 3929 repinfo->c->h2_stream = NULL; 3930 repinfo->c->tcp_is_reading = 0; 3931 comm_point_stop_listening(repinfo->c); 3932 comm_point_start_listening(repinfo->c, -1, 3933 repinfo->c->tcp_timeout_msec); 3934 return; 3935 } else { 3936 comm_point_start_listening(repinfo->c, -1, 3937 repinfo->c->tcp_timeout_msec); 3938 } 3939 } 3940 } 3941 3942 void 3943 comm_point_drop_reply(struct comm_reply* repinfo) 3944 { 3945 if(!repinfo) 3946 return; 3947 log_assert(repinfo->c); 3948 log_assert(repinfo->c->type != comm_tcp_accept); 3949 if(repinfo->c->type == comm_udp) 3950 return; 3951 if(repinfo->c->tcp_req_info) 3952 repinfo->c->tcp_req_info->is_drop = 1; 3953 if(repinfo->c->type == comm_http) { 3954 if(repinfo->c->h2_session) { 3955 repinfo->c->h2_session->is_drop = 1; 3956 if(!repinfo->c->h2_session->postpone_drop) 3957 reclaim_http_handler(repinfo->c); 3958 return; 3959 } 3960 reclaim_http_handler(repinfo->c); 3961 return; 3962 } 3963 reclaim_tcp_handler(repinfo->c); 3964 } 3965 3966 void 3967 comm_point_stop_listening(struct comm_point* c) 3968 { 3969 verbose(VERB_ALGO, "comm point stop listening %d", c->fd); 3970 if(ub_event_del(c->ev->ev) != 0) { 3971 log_err("event_del error to stoplisten"); 3972 } 3973 } 3974 3975 void 3976 comm_point_start_listening(struct comm_point* c, int newfd, int msec) 3977 { 3978 verbose(VERB_ALGO, "comm point start listening %d (%d msec)", 3979 c->fd==-1?newfd:c->fd, msec); 3980 if(c->type == comm_tcp_accept && !c->tcp_free) { 3981 /* no use to start listening no free slots. */ 3982 return; 3983 } 3984 if(msec != -1 && msec != 0) { 3985 if(!c->timeout) { 3986 c->timeout = (struct timeval*)malloc(sizeof( 3987 struct timeval)); 3988 if(!c->timeout) { 3989 log_err("cpsl: malloc failed. No net read."); 3990 return; 3991 } 3992 } 3993 ub_event_add_bits(c->ev->ev, UB_EV_TIMEOUT); 3994 #ifndef S_SPLINT_S /* splint fails on struct timeval. */ 3995 c->timeout->tv_sec = msec/1000; 3996 c->timeout->tv_usec = (msec%1000)*1000; 3997 #endif /* S_SPLINT_S */ 3998 } 3999 if(c->type == comm_tcp || c->type == comm_http) { 4000 ub_event_del_bits(c->ev->ev, UB_EV_READ|UB_EV_WRITE); 4001 if(c->tcp_write_and_read) { 4002 verbose(5, "startlistening %d mode rw", (newfd==-1?c->fd:newfd)); 4003 ub_event_add_bits(c->ev->ev, UB_EV_READ|UB_EV_WRITE); 4004 } else if(c->tcp_is_reading) { 4005 verbose(5, "startlistening %d mode r", (newfd==-1?c->fd:newfd)); 4006 ub_event_add_bits(c->ev->ev, UB_EV_READ); 4007 } else { 4008 verbose(5, "startlistening %d mode w", (newfd==-1?c->fd:newfd)); 4009 ub_event_add_bits(c->ev->ev, UB_EV_WRITE); 4010 } 4011 } 4012 if(newfd != -1) { 4013 if(c->fd != -1 && c->fd != newfd) { 4014 verbose(5, "cpsl close of fd %d for %d", c->fd, newfd); 4015 sock_close(c->fd); 4016 } 4017 c->fd = newfd; 4018 ub_event_set_fd(c->ev->ev, c->fd); 4019 } 4020 if(ub_event_add(c->ev->ev, msec==0?NULL:c->timeout) != 0) { 4021 log_err("event_add failed. in cpsl."); 4022 } 4023 } 4024 4025 void comm_point_listen_for_rw(struct comm_point* c, int rd, int wr) 4026 { 4027 verbose(VERB_ALGO, "comm point listen_for_rw %d %d", c->fd, wr); 4028 if(ub_event_del(c->ev->ev) != 0) { 4029 log_err("event_del error to cplf"); 4030 } 4031 ub_event_del_bits(c->ev->ev, UB_EV_READ|UB_EV_WRITE); 4032 if(rd) ub_event_add_bits(c->ev->ev, UB_EV_READ); 4033 if(wr) ub_event_add_bits(c->ev->ev, UB_EV_WRITE); 4034 if(ub_event_add(c->ev->ev, c->timeout) != 0) { 4035 log_err("event_add failed. in cplf."); 4036 } 4037 } 4038 4039 size_t comm_point_get_mem(struct comm_point* c) 4040 { 4041 size_t s; 4042 if(!c) 4043 return 0; 4044 s = sizeof(*c) + sizeof(*c->ev); 4045 if(c->timeout) 4046 s += sizeof(*c->timeout); 4047 if(c->type == comm_tcp || c->type == comm_local) { 4048 s += sizeof(*c->buffer) + sldns_buffer_capacity(c->buffer); 4049 #ifdef USE_DNSCRYPT 4050 s += sizeof(*c->dnscrypt_buffer); 4051 if(c->buffer != c->dnscrypt_buffer) { 4052 s += sldns_buffer_capacity(c->dnscrypt_buffer); 4053 } 4054 #endif 4055 } 4056 if(c->type == comm_tcp_accept) { 4057 int i; 4058 for(i=0; i<c->max_tcp_count; i++) 4059 s += comm_point_get_mem(c->tcp_handlers[i]); 4060 } 4061 return s; 4062 } 4063 4064 struct comm_timer* 4065 comm_timer_create(struct comm_base* base, void (*cb)(void*), void* cb_arg) 4066 { 4067 struct internal_timer *tm = (struct internal_timer*)calloc(1, 4068 sizeof(struct internal_timer)); 4069 if(!tm) { 4070 log_err("malloc failed"); 4071 return NULL; 4072 } 4073 tm->super.ev_timer = tm; 4074 tm->base = base; 4075 tm->super.callback = cb; 4076 tm->super.cb_arg = cb_arg; 4077 tm->ev = ub_event_new(base->eb->base, -1, UB_EV_TIMEOUT, 4078 comm_timer_callback, &tm->super); 4079 if(tm->ev == NULL) { 4080 log_err("timer_create: event_base_set failed."); 4081 free(tm); 4082 return NULL; 4083 } 4084 return &tm->super; 4085 } 4086 4087 void 4088 comm_timer_disable(struct comm_timer* timer) 4089 { 4090 if(!timer) 4091 return; 4092 ub_timer_del(timer->ev_timer->ev); 4093 timer->ev_timer->enabled = 0; 4094 } 4095 4096 void 4097 comm_timer_set(struct comm_timer* timer, struct timeval* tv) 4098 { 4099 log_assert(tv); 4100 if(timer->ev_timer->enabled) 4101 comm_timer_disable(timer); 4102 if(ub_timer_add(timer->ev_timer->ev, timer->ev_timer->base->eb->base, 4103 comm_timer_callback, timer, tv) != 0) 4104 log_err("comm_timer_set: evtimer_add failed."); 4105 timer->ev_timer->enabled = 1; 4106 } 4107 4108 void 4109 comm_timer_delete(struct comm_timer* timer) 4110 { 4111 if(!timer) 4112 return; 4113 comm_timer_disable(timer); 4114 /* Free the sub struct timer->ev_timer derived from the super struct timer. 4115 * i.e. assert(timer == timer->ev_timer) 4116 */ 4117 ub_event_free(timer->ev_timer->ev); 4118 free(timer->ev_timer); 4119 } 4120 4121 void 4122 comm_timer_callback(int ATTR_UNUSED(fd), short event, void* arg) 4123 { 4124 struct comm_timer* tm = (struct comm_timer*)arg; 4125 if(!(event&UB_EV_TIMEOUT)) 4126 return; 4127 ub_comm_base_now(tm->ev_timer->base); 4128 tm->ev_timer->enabled = 0; 4129 fptr_ok(fptr_whitelist_comm_timer(tm->callback)); 4130 (*tm->callback)(tm->cb_arg); 4131 } 4132 4133 int 4134 comm_timer_is_set(struct comm_timer* timer) 4135 { 4136 return (int)timer->ev_timer->enabled; 4137 } 4138 4139 size_t 4140 comm_timer_get_mem(struct comm_timer* ATTR_UNUSED(timer)) 4141 { 4142 return sizeof(struct internal_timer); 4143 } 4144 4145 struct comm_signal* 4146 comm_signal_create(struct comm_base* base, 4147 void (*callback)(int, void*), void* cb_arg) 4148 { 4149 struct comm_signal* com = (struct comm_signal*)malloc( 4150 sizeof(struct comm_signal)); 4151 if(!com) { 4152 log_err("malloc failed"); 4153 return NULL; 4154 } 4155 com->base = base; 4156 com->callback = callback; 4157 com->cb_arg = cb_arg; 4158 com->ev_signal = NULL; 4159 return com; 4160 } 4161 4162 void 4163 comm_signal_callback(int sig, short event, void* arg) 4164 { 4165 struct comm_signal* comsig = (struct comm_signal*)arg; 4166 if(!(event & UB_EV_SIGNAL)) 4167 return; 4168 ub_comm_base_now(comsig->base); 4169 fptr_ok(fptr_whitelist_comm_signal(comsig->callback)); 4170 (*comsig->callback)(sig, comsig->cb_arg); 4171 } 4172 4173 int 4174 comm_signal_bind(struct comm_signal* comsig, int sig) 4175 { 4176 struct internal_signal* entry = (struct internal_signal*)calloc(1, 4177 sizeof(struct internal_signal)); 4178 if(!entry) { 4179 log_err("malloc failed"); 4180 return 0; 4181 } 4182 log_assert(comsig); 4183 /* add signal event */ 4184 entry->ev = ub_signal_new(comsig->base->eb->base, sig, 4185 comm_signal_callback, comsig); 4186 if(entry->ev == NULL) { 4187 log_err("Could not create signal event"); 4188 free(entry); 4189 return 0; 4190 } 4191 if(ub_signal_add(entry->ev, NULL) != 0) { 4192 log_err("Could not add signal handler"); 4193 ub_event_free(entry->ev); 4194 free(entry); 4195 return 0; 4196 } 4197 /* link into list */ 4198 entry->next = comsig->ev_signal; 4199 comsig->ev_signal = entry; 4200 return 1; 4201 } 4202 4203 void 4204 comm_signal_delete(struct comm_signal* comsig) 4205 { 4206 struct internal_signal* p, *np; 4207 if(!comsig) 4208 return; 4209 p=comsig->ev_signal; 4210 while(p) { 4211 np = p->next; 4212 ub_signal_del(p->ev); 4213 ub_event_free(p->ev); 4214 free(p); 4215 p = np; 4216 } 4217 free(comsig); 4218 } 4219