TunEndpoint::ObtainAddrForIP(), identity tun range better, actually return revdns for tunmapaddrs, make in-addr.arpa matching smarter, actually send 404s, additional unit test

6 years ago · 3b24b69513
parent db64547ab3
commit 3b24b69513
5 changed files with 83 additions and 20 deletions
--- a/include/llarp/handlers/tun.hpp
+++ b/include/llarp/handlers/tun.hpp
@ -80,6 +80,10 @@ namespace llarp
      static void
      handleTickTun(void* u);

+      /// get a service address for ip address
+      service::Address
+      ObtainAddrForIP(huint32_t ip);
+
     protected:
      typedef llarp::util::CoDelQueue<
          net::IPv4Packet, net::IPv4Packet::GetTime, net::IPv4Packet::PutTime,
@ -92,6 +96,7 @@ namespace llarp
      /// return true if we have a remote loki address for this ip address
      bool
      HasRemoteForIP(huint32_t ipv4) const;
+
      /// get ip address for service address unconditionally
      huint32_t
      ObtainIPForAddr(const service::Address& addr);
--- a/include/llarp/net.hpp
+++ b/include/llarp/net.hpp
@ -76,7 +76,7 @@ namespace llarp

    constexpr bool operator <(huint32_t x) const { return h < x.h; }
    constexpr bool operator ==(huint32_t x) const { return h == x.h; }
-    
+
    struct Hash
    {
      inline size_t
@ -272,7 +272,7 @@ namespace llarp
  {
    // network order
    sockaddr_in6 _addr;
-    sockaddr_in _addr4;  // why do we even have this?
+    sockaddr_in _addr4;  // why do we even have this? favor cpu over memory
    ~Addr(){};

    Addr(){};
--- a/llarp/dns_dotlokilookup.cpp
+++ b/llarp/dns_dotlokilookup.cpp
@ -1,6 +1,7 @@
 #include <llarp/dns_dotlokilookup.hpp>
 #include <llarp/handlers/tun.hpp>
 #include <llarp/service/context.hpp>
+#include <llarp/net.hpp>

 std::string const default_chars =
    "abcdefghijklmnaoqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890";
@ -43,7 +44,8 @@ llarp_dotlokilookup_checkQuery(void *u, uint64_t orig, uint64_t left)
  if(!dll)
  {
    llarp::LogError("DNSd dotLokiLookup is not configured");
-    // FIXME: send 404
+    write404_dnss_response(qr->from, qr->request);
+    delete qr;
    return;
  }

@ -56,7 +58,7 @@ llarp_dotlokilookup_checkQuery(void *u, uint64_t orig, uint64_t left)
  {
    llarp::LogWarn("Could not base32 decode address: ",
                   qr->request->question.name);
-    // FIXME: send 404
+    write404_dnss_response(qr->from, qr->request);
    delete qr;
    return;
  }
@ -64,7 +66,9 @@ llarp_dotlokilookup_checkQuery(void *u, uint64_t orig, uint64_t left)
  auto itr = loki_tld_lookup_cache.find(addr.ToString());
  if(itr != loki_tld_lookup_cache.end())
  {
+    llarp::LogDebug("Found in .loki lookup cache");
    writesend_dnss_response(itr->second->returnThis, qr->from, qr->request);
+    delete qr;
    return;
  }

@ -93,13 +97,16 @@ llarp_dotlokilookup_checkQuery(void *u, uint64_t orig, uint64_t left)
    if(!routerHiddenServiceContext)
    {
      llarp::LogWarn("dotLokiLookup user isnt a service::Context: ", dll->user);
+      write404_dnss_response(qr->from, qr->request);
+      delete qr;
      return;
    }
    bool mapResult = routerHiddenServiceContext->MapAddressAll(
        addr, free_private->hostResult);
    if(!mapResult)
    {
-      // FIXME: send 404
+      llarp::LogWarn("dotLokiLookup failed to map address");
+      write404_dnss_response(qr->from, qr->request);
      delete qr;
      return;
    }
@ -139,13 +146,13 @@ split(std::string str)
  while((pos = s.find(".")) != std::string::npos)
  {
    token = s.substr(0, pos);
-    llarp::LogInfo("token [", token, "]");
+    //llarp::LogInfo("token [", token, "]");
    tokens.push_back(token);
    s.erase(0, pos + 1);
  }
  token = s.substr(0, pos);
  tokens.push_back(token);
-  llarp::LogInfo("token [", token, "]");
+  //llarp::LogInfo("token [", token, "]");
  return tokens;
 }

@ -174,20 +181,41 @@ ReverseHandlerIter(struct llarp::service::Context::endpoint_iter *endpointCfg)
  std::string checkStr(tunEndpoint->tunif.ifaddr);
  std::vector< std::string > tokensSearch = split(context->lName);
  std::vector< std::string > tokensCheck  = split(checkStr);
-
+  
  // well the tunif is just one ip on a network range...
-  std::string searchIp = tokensSearch[3] + "." + tokensSearch[2] + "."
-      + tokensSearch[1] + "." + tokensSearch[0];
+  // support "b._dns-sd._udp.0.0.200.10.in-addr.arpa"	
+  size_t searchTokens = tokensSearch.size();
+  std::string searchIp = tokensSearch[searchTokens - 3] + "." + tokensSearch[searchTokens - 4] + "."
+      + tokensSearch[searchTokens - 5] + "." + tokensSearch[searchTokens - 6];
  std::string checkIp = tokensCheck[0] + "." + tokensCheck[1] + "."
      + tokensCheck[2] + "." + tokensCheck[3];
-  // llarp::LogInfo(searchIp, " vs ", checkIp);
-  // just assume /24 for now
-  if(tokensSearch[3] == tokensCheck[0] && tokensSearch[2] == tokensCheck[1]
-     && tokensSearch[1] == tokensCheck[2])
+  llarp::LogDebug(searchIp, " vs ", checkIp);
+  
+  llarp::IPRange range = llarp::iprange_ipv4(stoi(tokensCheck[0]), stoi(tokensCheck[1]), stoi(tokensCheck[2]), stoi(tokensCheck[3]), tunEndpoint->tunif.netmask); // create range
+  // hack atm to work around limitations in ipaddr_ipv4_bits and llarp::IPRange
+  llarp::huint32_t searchIPv4_fixed = llarp::ipaddr_ipv4_bits(stoi(tokensSearch[searchTokens - 6]), stoi(tokensSearch[searchTokens - 5]), stoi(tokensSearch[searchTokens - 4]), stoi(tokensSearch[searchTokens - 3])); // create ip (llarp::Addr is untrustworthy atm)
+  llarp::huint32_t searchIPv4_search = llarp::ipaddr_ipv4_bits(stoi(tokensSearch[searchTokens - 3]), stoi(tokensSearch[searchTokens - 4]), stoi(tokensSearch[searchTokens - 5]), stoi(tokensSearch[searchTokens - 6])); // create ip (llarp::Addr is untrustworthy atm)
+
+  //bool inRange = range.Contains(searchAddr.xtohl());
+  bool inRange = range.Contains(searchIPv4_search);
+
+  llarp::Addr searchAddr(searchIp);
+  llarp::Addr checkAddr(checkIp);
+  llarp::LogDebug(searchAddr, " vs ", range.ToString(), " = ", inRange?"inRange":"not match");
+  
+  if (inRange)
  {
-    llarp::LogInfo("Yes, that shit is for us");
-    writesend_dnss_revresponse("loki.network", context->from,
+    llarp::service::Address addr = tunEndpoint->ObtainAddrForIP(searchIPv4_fixed);
+    if (addr.ToString() == "yyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyy.loki")
+    {
+      write404_dnss_response(context->from,
+                             (dnsd_question_request *)context->request);
+    }
+    else
+    {
+      writesend_dnss_revresponse(addr.ToString(), context->from,
                               (dnsd_question_request *)context->request);
+    }
    return false;
  }
  return true;  // we don't do anything with the result yet
@ -240,9 +268,9 @@ llarp_dotlokilookup_handler(std::string name, const struct sockaddr *from,
    {
      llarp::LogInfo("Reverse is not ours");
    }
-  }
-  if(lName.substr(lName.length() - 5, 5) == ".loki"
-     || lName.substr(lName.length() - 6, 6) == ".loki.")
+  } else
+  if((lName.length() > 5 && lName.substr(lName.length() - 5, 5) == ".loki")
+     || (lName.length() > 6 && lName.substr(lName.length() - 6, 6) == ".loki."))
  {
    llarp::LogInfo("Detect Loki Lookup for ", lName);
    auto cache_check = loki_tld_lookup_cache.find(lName);
--- a/llarp/handlers/tun.cpp
+++ b/llarp/handlers/tun.cpp
@ -134,6 +134,7 @@ namespace llarp
      }
      llarp::LogInfo(Name() + " map ", addr.ToString(), " to ",
                     inet_ntoa({nip.n}));
+      
      m_IPToAddr.insert(std::make_pair(ip, addr));
      m_AddrToIP.insert(std::make_pair(addr, ip));
      MarkIPActiveForever(ip);
@ -350,6 +351,22 @@ namespace llarp
                        " bytes from ", inet_ntoa({xhtonl(themIP).n}));
      return true;
    }
+    
+    service::Address
+    TunEndpoint::ObtainAddrForIP(huint32_t ip)
+    {
+      auto itr = m_IPToAddr.find(ip);
+      if(itr == m_IPToAddr.end())
+      {
+        // not found
+        //llarp::Addr test(ip); // "/", test,
+        service::Address addr;
+        llarp::LogWarn(" not found in tun map. Sending ", addr.ToString());
+        return addr;
+      }
+      // found
+      return itr->second;
+    }

    huint32_t
    TunEndpoint::ObtainIPForAddr(const service::Address &addr)
--- a/test/net_unittest.cpp
+++ b/test/net_unittest.cpp
@ -5,12 +5,25 @@ struct NetTest : public ::testing::Test
 {
 };

-TEST_F(NetTest, TestRangeContains)
+TEST_F(NetTest, TestRangeContains8)
 {
  ASSERT_TRUE(llarp::iprange_ipv4(10, 0, 0, 0, 8)
                  .Contains(llarp::ipaddr_ipv4_bits(10, 40, 11, 6)));
 }

+TEST_F(NetTest, TestRangeContains24)
+{
+  ASSERT_TRUE(llarp::iprange_ipv4(10, 200, 0, 1, 24)
+                  .Contains(llarp::ipaddr_ipv4_bits(10, 200, 0, 253)));
+}
+
+TEST_F(NetTest, TestRangeContainsFail)
+{
+  ASSERT_TRUE(!llarp::iprange_ipv4(192, 168, 0, 1, 24)
+                  .Contains(llarp::ipaddr_ipv4_bits(10, 200, 0, 253)));
+}
+
+
 TEST_F(NetTest, TestIPv4Netmask)
 {
  ASSERT_TRUE(llarp::xhtonl(llarp::netmask_ipv4_bits(8))