Archives
/
lokinet
mirror of https://github.com/oxen-io/lokinet
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
ubuntu/noble
ubuntu/mantic
quic-wip
dev
dev-next
opensuse/tumbleweed
ubuntu/lunar
ubuntu/kinetic
ubuntu/jammy
ubuntu/focal
ubuntu/bionic
debian/buster
debian/bullseye
debian/bookworm
debian/sid
fedora/36
fedora/37
stable
makepkg
fedora/35
ubuntu/impish
fedora/34
centos/8
ubuntu/hirsute
ubuntu/groovy
v0.9.11
v0.9.10
v0.9.9
v0.9.8
v0.9.7
v0.9.6
v0.9.5
v0.9.4
v0.9.3
v0.9.2
v0.9.1
v0.9.0
v0.8.5
v0.8.4
v0.8.3
v0.8.2
v0.8.1
v0.8.1-rc3
v0.8.1-rc2
v0.8.1-rc1
v0.7.1
v0.7.0
v0.7.0-rc3
v0.7.0-rc2
v0.7.0-rc1
v0.6.4
v0.6.2
v0.6.1
v0.6.0
v0.6.0-rc2
v0.6.0-rc1
v0.5.2
v0.5.0
v0.4.2½
v0.4.2
v0.4.1
v0.4.0-release
0.4.0-release
v0.4.0
v0.4.0-rc3
v0.4.0-rc2
v0.3.1
0.3.0-neuro1
v0.2.3-rc1
v0.2.2
v0.2.1
v0.1.0
v0.0.3
0.2.3-neuro0
0.6.1
rm
v0.0.1
v0.0.2
v0.3.0
v0.4.3
v0.5.1
v0.6.3
v0.7
v0.8.0
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '8b321612da'
${ noResults }
lokinet/llarp/dns/unbound_resolver.cpp

241 lines
6.2 KiB
C++
Raw Normal View History Unescape Escape

standardize include format and pragma once All #ifndef guards on headers have been removed, I think, in favor of #pragma once Headers are now included as `#include "filename"` if the included file resides in the same directory as the file including it, or any subdirectory therein. Otherwise they are included as `#include <project/top/dir/relative/path/filename>` The above does not include system/os headers.
3 years ago
#include "unbound_resolver.hpp"
Implement upstream DNS using libunbound
4 years ago
standardize include format and pragma once All #ifndef guards on headers have been removed, I think, in favor of #pragma once Headers are now included as `#include "filename"` if the included file resides in the same directory as the file including it, or any subdirectory therein. Otherwise they are included as `#include <project/top/dir/relative/path/filename>` The above does not include system/os headers.
3 years ago
#include "server.hpp"
macOS system extension support Adds support for building Lokinet as a system extension, and fixes various problems in the macos implementation found during development of the system extension support.
2 years ago
#include <llarp/constants/apple.hpp>
#include <llarp/constants/platform.hpp>
standardize include format and pragma once All #ifndef guards on headers have been removed, I think, in favor of #pragma once Headers are now included as `#include "filename"` if the included file resides in the same directory as the file including it, or any subdirectory therein. Otherwise they are included as `#include <project/top/dir/relative/path/filename>` The above does not include system/os headers.
3 years ago
#include <llarp/util/buffer.hpp>
fix #1655 * make it so that we don't set up unbound resolver when we have no resolvers provided by config * clean up dns codepath and make it use llarp::SockAddr instead of llarp::IpAddress
3 years ago
#include <sstream>
add dns hosts file option for user side dns filtering
3 years ago
#include <llarp/util/str.hpp>
Implement upstream DNS using libunbound
4 years ago
Forward-declare ub_ctx/ub_result Avoids needing unbound.h in the search path to include the unbound_resolver.hpp header.
3 years ago
#include <unbound.h>
Implement upstream DNS using libunbound
4 years ago
namespace llarp::dns
{
llarp/dns logging refactor Convert everything in llarp/dns to new-style logging.
2 years ago
static auto logcat = log::Cat("dns");
Implement upstream DNS using libunbound
4 years ago
struct PendingUnboundLookup
{
std::weak_ptr<UnboundResolver> resolver;
Message msg;
try to unbreak more
3 years ago
SockAddr resolverAddr;
SockAddr askerAddr;
Implement upstream DNS using libunbound
4 years ago
};
fix crashes on shutdown (#1433)
4 years ago
void
UnboundResolver::Stop()
{
Reset();
}
make format
4 years ago
void
UnboundResolver::Reset()
Implement upstream DNS using libunbound
4 years ago
{
started = false;
redo dns to use event loop on non windows and threading bullshit on windows
3 years ago
#ifdef _WIN32
if (runner.joinable())
enable profiling on clients by default (#1421) * enable client relay profiling by default * macos dns fixes * improve peer profiling algorithm to track timeouts vs failures * remove debug ioctl call in tuntap code * use ub_wait instead of ub_process as that was what was there before * const correctness * DRY out checking for SIIT * typofix * correct name
4 years ago
{
redo dns to use event loop on non windows and threading bullshit on windows
3 years ago
runner.join();
enable profiling on clients by default (#1421) * enable client relay profiling by default * macos dns fixes * improve peer profiling algorithm to track timeouts vs failures * remove debug ioctl call in tuntap code * use ub_wait instead of ub_process as that was what was there before * const correctness * DRY out checking for SIIT * typofix * correct name
4 years ago
}
redo dns to use event loop on non windows and threading bullshit on windows
3 years ago
#else
if (udp)
{
udp->close();
}
udp.reset();
#endif
Implement upstream DNS using libunbound
4 years ago
if (unboundContext)
{
ub_ctx_delete(unboundContext);
}
unboundContext = nullptr;
}
redo dns to use event loop on non windows and threading bullshit on windows
3 years ago
UnboundResolver::UnboundResolver(EventLoop_ptr _loop, ReplyFunction reply, FailFunction fail)
: unboundContext{nullptr}
, started{false}
, replyFunc{_loop->make_caller(std::move(reply))}
, failFunc{_loop->make_caller(std::move(fail))}
{
#ifndef _WIN32
loop = _loop->MaybeGetUVWLoop();
#endif
}
Implement upstream DNS using libunbound
4 years ago
// static callback
make format
4 years ago
void
UnboundResolver::Callback(void* data, int err, ub_result* result)
Implement upstream DNS using libunbound
4 years ago
{
std::unique_ptr<PendingUnboundLookup> lookup{static_cast<PendingUnboundLookup*>(data)};
auto this_ptr = lookup->resolver.lock();
make format
4 years ago
if (not this_ptr)
return; // resolver is gone, so we don't reply.
Implement upstream DNS using libunbound
4 years ago
if (err != 0)
{
Message& msg = lookup->msg;
msg.AddServFail();
Unbound callbacks also need arguments reversed PR #1725 reversed argument orders but UnboundResolver was still using (from,to) ordering in its callbacks, which leaked through to make a wrong order in our reply function (which simply forwards arguments). This fixes that bug by making UnboundResolver callback argument order consistent (i.e. using to, from) with the PacketHandler argument order.
3 years ago
this_ptr->failFunc(lookup->askerAddr, lookup->resolverAddr, msg);
Implement upstream DNS using libunbound
4 years ago
ub_resolve_free(result);
return;
}
Replace libuv with uvw & related refactoring - removes all the llarp_ev_* functions, replacing with methods/classes/functions in the llarp namespace. - banish ev/ev.h to the void - Passes various things by const lvalue ref, especially shared_ptr's that don't need to be copied (to avoid an atomic refcount increment/decrement). - Add a llarp::UDPHandle abstract class for UDP handling - Removes the UDP tick handler; code that needs tick can just do a separate handler on the event loop outside the UDP socket. - Adds an "OwnedBuffer" which owns its own memory but is implicitly convertible to a llarp_buffer_t. This is mostly needed to take over ownership of buffers from uvw without copying them as, currently, uvw does its own allocation (pending some open upstream issues/PRs). - Logic: - add `make_caller`/`call_forever`/`call_every` utility functions to abstract Call wrapping and dependent timed tasks. - Add inLogicThread() so that code can tell its inside the logic thread (typically for debugging assertions). - get rid of janky integer returns and dealing with cancellations on call_later: the other methods added here and the event loop code remove the need for them. - Event loop: - redo everything with uvw instead of libuv - rename EventLoopWakeup::Wakeup to EventLoopWakeup::Trigger to better reflect what it does. - add EventLoopRepeater for repeated events, and replace the code that reschedules itself every time it is called with a repeater. - Split up `EventLoop::run()` into a non-virtual base method and abstract `run_loop()` methods; the base method does a couple extra setup/teardown things that don't need to be in the derived class. - udp_listen is replaced with ev->udp(...) which returns a new UDPHandle object rather that needing gross C-style-but-not-actually-C-compatible structs. - Remove unused register_poll_fd_(un)readable - Use shared_ptr for EventLoopWakeup rather than returning a raw pointer; uvw lets us not have to worry about having the event loop class maintain ownership of it. - Add factory EventLoop::create() function to create a default (uvw-based) event loop (previously this was one of the llarp_ev_blahblah unnamespaced functions). - ev_libuv: this is mostly rewritten; all of the glue code/structs, in particular, are gone as they are no longer needed with uvw. - DNS: - Rename DnsHandler to DnsInterceptor to better describe what it does (this is the code that intercepts all DNS to the tun IP range for Android). - endpoint: - remove unused "isolated network" code - remove distinct (but actually always the same) variables for router/endpoint logic objects - llarp_buffer_t - make constructors type-safe against being called with points to non-size-1 values - tun packet reading: - read all available packets off the device/file descriptor; previously we were reading one packet at a time then returning to the event loop to poll again. - ReadNextPacket() now returns a 0-size packet if the read would block (so that we can implement the previous point). - ReadNextPacket() now throws on I/O error - Miscellaneous code cleanups/simplifications
3 years ago
OwnedBuffer pkt{(size_t)result->answer_len};
std::memcpy(pkt.buf.get(), result->answer_packet, pkt.sz);
enable profiling on clients by default (#1421) * enable client relay profiling by default * macos dns fixes * improve peer profiling algorithm to track timeouts vs failures * remove debug ioctl call in tuntap code * use ub_wait instead of ub_process as that was what was there before * const correctness * DRY out checking for SIIT * typofix * correct name
4 years ago
llarp_buffer_t buf(pkt);
Implement upstream DNS using libunbound
4 years ago
MessageHeader hdr;
hdr.Decode(&buf);
hdr.id = lookup->msg.hdr_id;
restructure how upstream dns replies are handled llarp::dns::Message does not fully support DNS packets, so converting the upstream response to one will not work for all query types. Also it is kinda silly to begin with, as the upstream reply is already a network packet, ready to go.
4 years ago
buf.cur = buf.base;
hdr.Encode(&buf);
Implement upstream DNS using libunbound
4 years ago
Unbound callbacks also need arguments reversed PR #1725 reversed argument orders but UnboundResolver was still using (from,to) ordering in its callbacks, which leaked through to make a wrong order in our reply function (which simply forwards arguments). This fixes that bug by making UnboundResolver callback argument order consistent (i.e. using to, from) with the PacketHandler argument order.
3 years ago
this_ptr->replyFunc(lookup->askerAddr, lookup->resolverAddr, std::move(pkt));
Implement upstream DNS using libunbound
4 years ago
ub_resolve_free(result);
}
make format
4 years ago
bool
UnboundResolver::Init()
Implement upstream DNS using libunbound
4 years ago
{
if (started)
{
Reset();
}
unboundContext = ub_ctx_create();
if (not unboundContext)
{
return false;
}
Some Windows fixes (#1415) * Should fix some windows service issues * fix return condition inversion * Add some Trace level logging also make the logger actually respect the log level you set. * event loop should not queue things to itself... at present, logic thread queue continues until it is empty, so queueing things onto itself is just wasteful. * call_later(foreach thing) is better than foreach thing (call later) also if you already queued those things but they have not happened yet, there is no sense to queue them to happen again. * do not queue read on write finish, only on read finish * failure to start DNS server should be proper startup failure. without the DNS server working lokinet is...kinda pointless, right? * format * don't queue stuff to logic thread if in logic thread the thing that clears the queue...clears it. So you're just delaying and adding overhead. * windows unbound thread sleep instead of just busy-waiting also clang-format decided I can't have a blank line for some reason... * fix unbound async worker on windows
4 years ago
when lokinet looses ip4 connectivity libunbound used to freak out and only use ip6 after such an event. as a result dns queries stop working because we blackhole ip6 routes if exit mode is on. this prevents this case from being hit.
2 years ago
// disable ip6 for upstream dns
ub_ctx_set_option(unboundContext, "prefer-ip6", "0");
// enable async
Some Windows fixes (#1415) * Should fix some windows service issues * fix return condition inversion * Add some Trace level logging also make the logger actually respect the log level you set. * event loop should not queue things to itself... at present, logic thread queue continues until it is empty, so queueing things onto itself is just wasteful. * call_later(foreach thing) is better than foreach thing (call later) also if you already queued those things but they have not happened yet, there is no sense to queue them to happen again. * do not queue read on write finish, only on read finish * failure to start DNS server should be proper startup failure. without the DNS server working lokinet is...kinda pointless, right? * format * don't queue stuff to logic thread if in logic thread the thing that clears the queue...clears it. So you're just delaying and adding overhead. * windows unbound thread sleep instead of just busy-waiting also clang-format decided I can't have a blank line for some reason... * fix unbound async worker on windows
4 years ago
ub_ctx_async(unboundContext, 1);
redo dns to use event loop on non windows and threading bullshit on windows
3 years ago
#ifdef _WIN32
runner = std::thread{[&]() {
enable profiling on clients by default (#1421) * enable client relay profiling by default * macos dns fixes * improve peer profiling algorithm to track timeouts vs failures * remove debug ioctl call in tuntap code * use ub_wait instead of ub_process as that was what was there before * const correctness * DRY out checking for SIIT * typofix * correct name
4 years ago
while (started)
{
if (unboundContext)
ub_wait(unboundContext);
std::this_thread::sleep_for(25ms);
}
redo dns to use event loop on non windows and threading bullshit on windows
3 years ago
if (unboundContext)
ub_process(unboundContext);
}};
#else
if (auto loop_ptr = loop.lock())
{
udp = loop_ptr->resource<uvw::PollHandle>(ub_fd(unboundContext));
udp->on<uvw::PollEvent>([ptr = weak_from_this()](auto&, auto&) {
if (auto self = ptr.lock())
{
if (self->unboundContext)
{
ub_process(self->unboundContext);
}
}
});
udp->start(uvw::PollHandle::Event::READABLE);
}
#endif
attempt fix for libunbound on win32 * run unbound stuff in another thread because LOL windows * because unbound runs in another thread callbacks for libunbound need to be wrapped in a deferred call so they are done in the logic thread * bump sqlite3 dep because it's gone, repin hash.
4 years ago
started = true;
Implement upstream DNS using libunbound
4 years ago
return true;
}
make format
4 years ago
bool
fix #1655 * make it so that we don't set up unbound resolver when we have no resolvers provided by config * clean up dns codepath and make it use llarp::SockAddr instead of llarp::IpAddress
3 years ago
UnboundResolver::AddUpstreamResolver(const SockAddr& upstreamResolver)
Implement upstream DNS using libunbound
4 years ago
{
macOS system extension support Adds support for building Lokinet as a system extension, and fixes various problems in the macos implementation found during development of the system extension support.
2 years ago
const auto hoststr = upstreamResolver.hostString();
std::string upstream = hoststr;
only use @ syntax when the dns port is not port 53
3 years ago
macOS system extension support Adds support for building Lokinet as a system extension, and fixes various problems in the macos implementation found during development of the system extension support.
2 years ago
const auto port = upstreamResolver.getPort();
if (port != 53)
{
upstream += '@';
upstream += std::to_string(port);
}
only use @ syntax when the dns port is not port 53
3 years ago
llarp/dns logging refactor Convert everything in llarp/dns to new-style logging.
2 years ago
log::info("Adding upstream resolver ", upstream);
macOS system extension support Adds support for building Lokinet as a system extension, and fixes various problems in the macos implementation found during development of the system extension support.
2 years ago
if (ub_ctx_set_fwd(unboundContext, upstream.c_str()) != 0)
Implement upstream DNS using libunbound
4 years ago
{
Reset();
return false;
}
Unleak exit mode DNS via unbound DNS trampoline on (macOS) When we enable/disable exit mode on this restarts the unbound DNS responder with the DNS trampoline (or restores upstream, when disabling) to properly route DNS requests through the tunnel (because libunbound's direct requests don't get tunneled because unbound is inside the network extension).
3 years ago
macOS system extension support Adds support for building Lokinet as a system extension, and fixes various problems in the macos implementation found during development of the system extension support.
2 years ago
if constexpr (platform::is_apple)
Reformat
3 years ago
{
macOS system extension support Adds support for building Lokinet as a system extension, and fixes various problems in the macos implementation found during development of the system extension support.
2 years ago
// On Apple, when we turn on exit mode, we can't directly connect to upstream from here
// because, from within the network extension, macOS ignores setting the tunnel as the default
// route and would leak all DNS; instead we have to bounce things through the objective C
// trampoline code so that it can call into Apple's special snowflake API to set up a socket
// that has the magic Apple snowflake sauce added on top so that it actually routes through
// the tunnel instead of around it.
//
// This behaviour is all carefully and explicitly documented by Apple with plenty of examples
// and other exposition, of course, just like all of their wonderful new APIs to reinvent
// standard unix interfaces.
if (hoststr == "127.0.0.1" && port == apple::dns_trampoline_port)
{
// Not at all clear why this is needed but without it we get "send failed: Can't assign
// requested address" when unbound tries to connect to the localhost address using a source
// address of 0.0.0.0. Yay apple.
ub_ctx_set_option(unboundContext, "outgoing-interface:", "127.0.0.1");
// The trampoline expects just a single source port (and sends everything back to it)
ub_ctx_set_option(unboundContext, "outgoing-range:", "1");
ub_ctx_set_option(unboundContext, "outgoing-port-avoid:", "0-65535");
ub_ctx_set_option(
unboundContext,
"outgoing-port-permit:",
std::to_string(apple::dns_trampoline_source_port).c_str());
}
Unleak exit mode DNS via unbound DNS trampoline on (macOS) When we enable/disable exit mode on this restarts the unbound DNS responder with the DNS trampoline (or restores upstream, when disabling) to properly route DNS requests through the tunnel (because libunbound's direct requests don't get tunneled because unbound is inside the network extension).
3 years ago
}
Implement upstream DNS using libunbound
4 years ago
return true;
}
add dns hosts file option for user side dns filtering
3 years ago
void
UnboundResolver::AddHostsFile(const fs::path& file)
{
llarp/dns logging refactor Convert everything in llarp/dns to new-style logging.
2 years ago
log::debug(logcat, "adding hosts file {}", file);
add dns hosts file option for user side dns filtering
3 years ago
const auto str = file.u8string();
if (auto ret = ub_ctx_hosts(unboundContext, str.c_str()))
Replace logging with oxen-logger Replaces custom logging system with spdlog-based oxen logging. This commit mainly replaces the backend logging with the spdlog-based system, but doesn't (yet) convert all the existing LogWarn, etc. to use the new format-based logging. New logging statements will look like: llarp::log::warning(cat, "blah: {}", val); where `cat` should be set up in each .cpp or cluster of .cpp files, as described in the oxen-logging README. As part of spdlog we get fmt, which gives us nice format strings, where are applied generously in this commit. Making types printable now requires two steps: - add a ToString() method - add this specialization: template <> constexpr inline bool llarp::IsToStringFormattable<llarp::Whatever> = true; This will then allow the type to be printed as a "{}" value in a fmt::format string. This is applied to all our printable types here, and all of the `operator<<` are removed. This commit also: - replaces various uses of `operator<<` to ToString() - replaces various uses of std::stringstream with either fmt::format or plain std::string - Rename some to_string and toString() methods to ToString() for consistency (and to work with fmt) - Replace `stringify(...)` and `make_exception` usage with fmt::format (and remove stringify/make_exception from util/str.hpp).
2 years ago
throw std::runtime_error{
fmt::format("Failed to add host file {}: {}", file, ub_strerror(ret))};
llarp/dns logging refactor Convert everything in llarp/dns to new-style logging.
2 years ago
log::info(logcat, "added hosts file {}", file);
add dns hosts file option for user side dns filtering
3 years ago
}
make format
4 years ago
void
Large collection of changes to make android work - Previous android java and jni code updated to work, but with much love still needed to make it work nicely, e.g. handling when the VPN is turned off. - DNS handling refactored to allow android to intercept and handle DNS requests as we can't set the system DNS to use a high port (and apparently Chrome ignores system DNS settings anyway) - add packet router structure to allow separate handling of specific intercepted traffic, e.g. UDP traffic to port 53 gets handled by our DNS handler rather than being naively forwarded as exit traffic. - For now, android lokinet is exit-only and hard-coded to use exit.loki as its exit. The exit will be configurable before release, but allowing to not use exit-only mode is more of a challenge. - some old gitignore remnants which were matching to things we don't want them to (and are no longer relevant) removed - some minor changes to CI configuration
3 years ago
UnboundResolver::Lookup(SockAddr to, SockAddr from, Message msg)
Implement upstream DNS using libunbound
4 years ago
{
if (not unboundContext)
{
msg.AddServFail();
Unbound callbacks also need arguments reversed PR #1725 reversed argument orders but UnboundResolver was still using (from,to) ordering in its callbacks, which leaked through to make a wrong order in our reply function (which simply forwards arguments). This fixes that bug by making UnboundResolver callback argument order consistent (i.e. using to, from) with the PacketHandler argument order.
3 years ago
failFunc(from, to, std::move(msg));
Implement upstream DNS using libunbound
4 years ago
return;
}
const auto& q = msg.questions[0];
try to unbreak more
3 years ago
auto* lookup = new PendingUnboundLookup{weak_from_this(), msg, to, from};
make format
4 years ago
int err = ub_resolve_async(
unboundContext,
q.Name().c_str(),
q.qtype,
q.qclass,
(void*)lookup,
&UnboundResolver::Callback,
nullptr);
Implement upstream DNS using libunbound
4 years ago
if (err != 0)
{
msg.AddServFail();
Unbound callbacks also need arguments reversed PR #1725 reversed argument orders but UnboundResolver was still using (from,to) ordering in its callbacks, which leaked through to make a wrong order in our reply function (which simply forwards arguments). This fixes that bug by making UnboundResolver callback argument order consistent (i.e. using to, from) with the PacketHandler argument order.
3 years ago
failFunc(from, to, std::move(msg));
Implement upstream DNS using libunbound
4 years ago
return;
}
}
make format
4 years ago
} // namespace llarp::dns