[sr-dev] git:mariuszbihlei/dnssec: core: refactored DNS primitives and removed DNSSEC support from core
Marius Zbihlei
marius.zbihlei at 1and1.ro
Sat Mar 30 11:59:40 CET 2013
Module: sip-router
Branch: mariuszbihlei/dnssec
Commit: 0d279eb512ac6740fe1da6e96f7580303f09c025
URL: http://git.sip-router.org/cgi-bin/gitweb.cgi/sip-router/?a=commit;h=0d279eb512ac6740fe1da6e96f7580303f09c025
Author: Marius Zbihlei <mariuszbi at gmai.com>
Committer: Marius Zbihlei <mariuszbi at gmai.com>
Date: Sat Mar 30 10:44:39 2013 +0000
core: refactored DNS primitives and removed DNSSEC support from core
The library functions can now be easily overwritten by modules(dnssec) to allow enhanced resolving capabilities
---
Makefile.defs | 4 ----
dns_func.c | 51 +++++++++++++++++++++++++++++++++++++++++++++++++++
dns_func.h | 55 +++++++++++++++++++++++++++++++++++++++++++++++++++++++
resolve.c | 21 ++-------------------
resolve.h | 26 ++++----------------------
5 files changed, 112 insertions(+), 45 deletions(-)
diff --git a/Makefile.defs b/Makefile.defs
index 2c7917e..25b30d1 100644
--- a/Makefile.defs
+++ b/Makefile.defs
@@ -1759,10 +1759,6 @@ ifeq ($(OS), linux)
LIBS+=-lpthread
endif
endif
- ifneq (,$(findstring -DUSE_DNSSEC, $(C_DEFS)))
- LIBS+=-lval-threads -lcrypto -lsres -lpthread
-$(info "using libval for DNSSEC validation")
- endif
# check for >= 2.5.44
ifeq ($(shell [ $(OSREL_N) -ge 2005044 ] && echo has_epoll), has_epoll)
diff --git a/dns_func.c b/dns_func.c
new file mode 100644
index 0000000..6eedf0d
--- /dev/null
+++ b/dns_func.c
@@ -0,0 +1,51 @@
+
+/*
+ * $Id$
+ *
+ * Copyright (C) 2013 mariuszbi at gmail.com
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+/*
+ * DNS wrappers
+ */
+/*
+ * History:
+ * --------
+ * 2013-03 initial version (marius)
+*/
+
+#include "dns_func.h"
+
+
+#include <resolv.h>
+#include <sys/types.h>
+#include <netdb.h>
+
+struct hostent;
+
+struct dns_func_t dns_func = {
+ res_init,
+ res_search,
+ gethostbyname,
+ gethostbyname2
+};
+
+
+void load_dnsfunc(struct dns_func_t *d) {
+ dns_func.sr_res_init = d->sr_res_init;
+ dns_func.sr_res_search = d->sr_res_search;
+ dns_func.sr_gethostbyname = d->sr_gethostbyname;
+ dns_func.sr_gethostbyname2 = d->sr_gethostbyname2;
+}
+
diff --git a/dns_func.h b/dns_func.h
new file mode 100644
index 0000000..623c3b8
--- /dev/null
+++ b/dns_func.h
@@ -0,0 +1,55 @@
+/*
+ * $Id$
+ *
+ * Copyright (C) 2013 mariuszbi at gmail.com
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+/*
+ * DNS Wrapper functions
+ */
+/*
+ * History:
+ * --------
+ * 2013-03 initial version (marius)
+*/
+
+#ifndef DNS_FUNC_H
+#define DNS_FUNC_H
+
+#include <sys/socket.h>
+
+struct hostent;
+
+typedef int (*res_init_t)(void);
+typedef int (*res_search_t)(const char*, int, int, unsigned char*, int);
+typedef struct hostent* (*gethostbyname_t)(const char*);
+typedef struct hostent* (*gethostbyname2_t)(const char*, int);
+
+struct dns_func_t {
+ res_init_t sr_res_init;
+ res_search_t sr_res_search;
+ gethostbyname_t sr_gethostbyname;
+ gethostbyname2_t sr_gethostbyname2;
+};
+
+/*
+ * initiate structure with system values
+ */
+//extern struct dns_func_t dns_func;
+
+extern
+void load_dnsfunc(struct dns_func_t *d);
+
+
+#endif
diff --git a/resolve.c b/resolve.c
index 0a77ed7..c77a3a2 100644
--- a/resolve.c
+++ b/resolve.c
@@ -153,7 +153,7 @@ error:
*/
static int _resolv_init(void)
{
- res_init();
+ dns_func.sr_res_init();
#ifdef HAVE_RESOLV_RES
if (cfg_get(core, core_cfg, dns_retr_time)>0)
_res.retrans=cfg_get(core, core_cfg, dns_retr_time);
@@ -714,10 +714,6 @@ struct rdata* get_record(char* name, int type, int flags)
struct rdata* fullname_rd;
char c;
-#ifdef USE_DNSSEC
- val_status_t val_status;
-#endif
-
name_len=strlen(name);
for (i = 0; i < name_len; i++) {
@@ -738,20 +734,7 @@ struct rdata* get_record(char* name, int type, int flags)
}
fullname_rd=0;
-#ifndef USE_DNSSEC
- size=res_search(name, C_IN, type, buff.buff, sizeof(buff));
-#else
- size=val_res_query((val_context_t *) NULL,
- (char *) name,
- (int) C_IN,
- (int) type,
- (unsigned char *) buff.buff,
- (int) sizeof(buff),
- &val_status);
- if(!val_istrusted(val_status)){
- LOG(L_INFO, "INFO: got not trusted record when resolving %s\n",name);
- }
-#endif
+ size=dns_func.sr_res_search(name, C_IN, type, buff.buff, sizeof(buff));
if (unlikely(size<0)) {
DBG("get_record: lookup(%s, %d) failed\n", name, type);
diff --git a/resolve.h b/resolve.h
index 3ff5e23..96db053 100644
--- a/resolve.h
+++ b/resolve.h
@@ -48,6 +48,7 @@
#include <arpa/nameser.h>
#include <resolv.h>
#include "counters.h"
+#include "dns_func.h"
#ifdef __OS_darwin
#include <arpa/nameser_compat.h>
@@ -58,9 +59,6 @@
#include "dns_wrappers.h"
#endif
-#ifdef USE_DNSSEC
-#include <validator/validator.h>
-#endif
/* define RESOLVE_DBG for debugging info (very noisy) */
#define RESOLVE_DBG
@@ -90,6 +88,7 @@ struct dns_counters_h {
};
extern struct dns_counters_h dns_cnts_h;
+extern struct dns_func_t dns_func;
/* query union*/
union dns_query{
@@ -404,9 +403,6 @@ static inline struct hostent* _resolvehost(char* name)
#endif
#endif
#ifdef DNS_IP_HACK
-#ifdef USE_DNSSEC
- val_status_t val_status;
-#endif
struct ip_addr* ip;
str s;
@@ -437,14 +433,7 @@ static inline struct hostent* _resolvehost(char* name)
#endif
#endif
/* ipv4 */
-#ifndef USE_DNSSEC
- he=gethostbyname(name);
-#else
- he=val_gethostbyname( (val_context_t *) 0, name, &val_status);
- if(!val_istrusted(val_status)){
- LOG(L_INFO, "INFO: got not trusted record when resolving %s\n",name);
- }
-#endif
+ he=dns_func.sr_gethostbyname(name);
#ifdef USE_IPV6
if(he==0 && cfg_get(core, core_cfg, dns_try_ipv6)){
@@ -453,14 +442,7 @@ skip_ipv4:
#endif
/*try ipv6*/
#ifdef HAVE_GETHOSTBYNAME2
- #ifndef USE_DNSSEC
- he=gethostbyname2(name, AF_INET6);
- #else
- he=val_gethostbyname2((val_context_t*)0, name, AF_INET6, &val_status);
- if(!val_istrusted(val_status)){
- LOG(L_INFO, "INFO: got not trusted record when resolving %s\n",name);
- }
- #endif //!USE_DNSSEC
+ he=dns_func.sr_gethostbyname2(name, AF_INET6);
#elif defined HAVE_GETIPNODEBYNAME
/* on solaris 8 getipnodebyname has a memory leak,
* after some time calls to it will fail with err=3
More information about the sr-dev
mailing list