daxi20/smartdns
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: daxi20:Release30
Branches Tags
daxi20:master daxi20:doc daxi20:quic daxi20:https-svcb daxi20:multi-thread-server daxi20:luci-dns-forwarding
daxi20:Release43 daxi20:Release42 daxi20:Release41 daxi20:Release41-RC3 daxi20:Release41-RC2 daxi20:Release41-RC1 daxi20:Release40 daxi20:feature-dns-forwarding daxi20:Release39 daxi20:Release38.1 daxi20:Release38 daxi20:Release37.2 daxi20:Release37.1 daxi20:Release37 daxi20:Release37-RC3 daxi20:Release37-RC2 daxi20:Release37-RC1 daxi20:all-best-ip daxi20:Release36.1 daxi20:Release36 daxi20:Release35 daxi20:Release34 daxi20:Release33 daxi20:Release32 daxi20:Release32-RC4 daxi20:Release32-RC3 daxi20:Release32-RC2 daxi20:Release32-RC1 daxi20:Release31 daxi20:Release30 daxi20:Release29 daxi20:Release28 daxi20:Release27 daxi20:Release26-Special daxi20:Release25 daxi20:Release24 daxi20:Release23 daxi20:Release22 daxi20:Release21 daxi20:Release20 daxi20:Release18
..
compare: daxi20:Release33
Branches Tags
daxi20:master daxi20:doc daxi20:quic daxi20:https-svcb daxi20:multi-thread-server daxi20:luci-dns-forwarding
daxi20:Release43 daxi20:Release42 daxi20:Release41 daxi20:Release41-RC3 daxi20:Release41-RC2 daxi20:Release41-RC1 daxi20:Release40 daxi20:feature-dns-forwarding daxi20:Release39 daxi20:Release38.1 daxi20:Release38 daxi20:Release37.2 daxi20:Release37.1 daxi20:Release37 daxi20:Release37-RC3 daxi20:Release37-RC2 daxi20:Release37-RC1 daxi20:all-best-ip daxi20:Release36.1 daxi20:Release36 daxi20:Release35 daxi20:Release34 daxi20:Release33 daxi20:Release32 daxi20:Release32-RC4 daxi20:Release32-RC3 daxi20:Release32-RC2 daxi20:Release32-RC1 daxi20:Release31 daxi20:Release30 daxi20:Release29 daxi20:Release28 daxi20:Release27 daxi20:Release26-Special daxi20:Release25 daxi20:Release24 daxi20:Release23 daxi20:Release22 daxi20:Release21 daxi20:Release20 daxi20:Release18

40 Commits
Release30 ... Release33

Author SHA1 Message Date
Nick Peng
86902d2e34 serve-expired: support config reply ttl 2020-09-06 15:21:37 +08:00
Nick Peng
6f30fe6d05 compile: remove O_CLOEXEC flags 2020-09-05 19:37:50 +08:00
Nick Peng
0b45da29c7 cache: support persist cache when restart smartdns 2020-09-05 12:55:30 +08:00
Nick Peng
2b81fffb7e dns_client: fix ssl race condition issue. 2020-09-02 22:03:24 +08:00
Nick Peng
7af6f475da dns-client: reduce ssl session cache size 2020-08-27 23:34:22 +08:00
Purple Grape
c3b6560b46 add rpm support 2020-08-25 22:02:45 +08:00
Nick Peng
a3d3364a32 dns_client: avoid disconnect with server after query complete 2020-08-24 23:54:06 +08:00
Nick Peng
b8a36ccb8c dns_client: avoid connect failure 2020-08-24 23:18:35 +08:00
Nick Peng
aee19be262 dns-cache: support cache when speed check is disabled 2020-08-23 20:12:50 +08:00
Nick Peng
98429e88f1 speed_check: fix query failure when speed-check is none and dualstack-selection is enable. 2020-08-23 15:28:56 +08:00
Nick Peng
80cb27c795 tlog: update tlog 2020-08-22 08:13:55 +08:00
Kevin Zhou
cb73eadf01 Make the ipset working as expected when the domain passthrough 2020-08-22 07:57:00 +08:00
Nick Peng
69ba3f8789 pending: fix pending server resolve issue 2020-08-16 17:05:51 +08:00
Nick Peng
c380bbe0e3 tlog: update tlog 2020-08-13 01:23:40 +08:00
Nick Peng
da74e877c5 dns_client: repeat same arguments with SSL_write 2020-08-13 00:56:51 +08:00
Nick Peng
a300873b3f dns-client: fix ssl send request issue 2020-08-11 00:09:38 +08:00
Nick Peng
a9829f6155 dns-server: fix race condition issue 2020-08-09 23:54:23 +08:00
Nick Peng
1923271630 compile: fix comile warnings 2020-08-09 18:01:33 +08:00
Nick Peng
c23ec7ea8f client: suppress log. 2020-08-03 01:07:47 +08:00
rhettor
aad751c1f5 Support docker 2020-08-02 18:10:31 +08:00
Nick Peng
138df2fd5d luci: fix no-check-certificate config not working issue 2020-08-02 17:43:38 +08:00
Nick Peng
297ea29639 Client: Fix ssl crash issue. 2020-08-02 01:00:46 +08:00
Nick Peng
bc0d6b89ca tlog: update tlog 2020-07-30 00:03:20 +08:00
Nick Peng
2148efd262 client: retry upstream when network restart 2020-07-12 11:12:55 +08:00
Nick Peng
ce46ac58a7 dns_client: check ssl before set certificate 2020-05-10 22:04:48 +08:00
Nick Peng
c1f9941427 dualstack: update cache when ipv6 not exists 2020-05-04 02:24:55 +08:00
Nick Peng
770ce9e8bc dns-client: fix add pending server issue when AAAA record not exists 2020-05-04 00:03:31 +08:00
Nick Peng
60d0fc856e luci-compate: fix typo 2020-05-03 23:32:49 +08:00
Nick Peng
95472129ee dns-client: increase dns query retry times. 2020-05-03 17:00:50 +08:00
Nick Peng
f79ceeac43 luci: update luci 2020-05-01 00:23:21 +08:00
Nick Peng
54801e1ed6 tls: support certificate verify. 2020-05-01 00:23:19 +08:00
Nick Peng
304e94bc6f fast-ping: force send RST after ping finish. 2020-04-19 09:43:47 +08:00
Nick Peng
3985ea8269 pending-server: retry for 2 minutes when add pending server. 2020-04-17 22:37:49 +08:00
Nick Peng
c2c418ed89 dns-client: fix https memory leak issue. 2020-04-10 23:37:13 +08:00
clay_your
b78c9eb6fe fix missing the FILE field.. 
fix  Download/default is missing the FILE field..  Stop. error on openwrt
 2020-04-06 21:55:37 +08:00
Nick Peng
0aec326d55 QRCode: update QR code. 2020-04-01 22:43:54 +08:00
Nick Peng
29e4d4b48b init-script: fix openwrt init-script issue. 2020-03-22 17:11:33 +08:00
Felix Yan
a6fe329105 Fix hostname option name in conf example 
The hostname option is actually `-host-name` as in the code and README. Setting `-hostname` doesn't work.
 2020-03-09 22:13:37 +08:00
Nick Peng
c824c0abc5 CodeStyle: update clang-format, limite column to 120 2020-03-02 23:45:47 +08:00
Nick Peng
3ad7cd7f45 install-script: Follow FHS rules 2020-02-27 00:50:43 +08:00
44 changed files with 2283 additions and 737 deletions
Expand all files Collapse all files

1
.clang-format
View File

@@ -7,3 +7,4 @@ UseTab: ForContinuationAndIndentation
MaxEmptyLinesToKeep: 1
AllowShortFunctionsOnASingleLine: Empty
BreakBeforeBraces: Linux
ColumnLimit: 120

18
Dockerfile Normal file
View File

@@ -0,0 +1,18 @@
FROM debian:buster-slim
RUN apt update && \
apt install -y git make gcc libssl-dev && \
git clone https://github.com/pymumu/smartdns.git --depth 1 && \
cd smartdns && \
sh ./package/build-pkg.sh --platform debian --arch `dpkg --print-architecture` && \
dpkg -i package/*.deb && \
cd / && \
rm -rf smartdns/ && \
apt autoremove -y git make gcc libssl-dev && \
apt clean && \
rm -rf /var/lib/apt/lists/*
EXPOSE 53/udp
VOLUME "/etc/smartdns/"
CMD ["/usr/sbin/smartdns", "-f"]

47
Makefile Normal file
View File

@@ -0,0 +1,47 @@
# Copyright (C) 2018-2020 Ruilin Peng (Nick) <pymumu@gmail.com>.
#
# smartdns is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# smartdns is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
PKG_CONFIG := pkg-config
DESTDIR :=
PREFIX := /usr
SBINDIR := $(PREFIX)/sbin
SYSCONFDIR := /etc
RUNSTATEDIR := /var/run
SYSTEMDSYSTEMUNITDIR := $(shell ${PKG_CONFIG} --variable=systemdsystemunitdir systemd)
SMARTDNS_SYSTEMD = systemd/smartdns.service
.PHONY: all clean install SMARTDNS_BIN
all: SMARTDNS_BIN
SMARTDNS_BIN: $(SMARTDNS_SYSTEMD)
$(MAKE) $(MFLAGS) -C src all
$(SMARTDNS_SYSTEMD): systemd/smartdns.service.in
cp $< $@
sed -i 's|@SBINDIR@|$(SBINDIR)|' $@
sed -i 's|@SYSCONFDIR@|$(SYSCONFDIR)|' $@
sed -i 's|@RUNSTATEDIR@|$(RUNSTATEDIR)|' $@
clean:
$(MAKE) $(MFLAGS) -C src clean
$(RM) $(SMARTDNS_SYSTEMD)
install: SMARTDNS_BIN
install -v -m 0640 -D -t $(DESTDIR)$(SYSCONFDIR)/default etc/default/smartdns
install -v -m 0755 -D -t $(DESTDIR)$(SYSCONFDIR)/init.d etc/init.d/smartdns
install -v -m 0640 -D -t $(DESTDIR)$(SYSCONFDIR)/smartdns etc/smartdns/smartdns.conf
install -v -m 0755 -D -t $(DESTDIR)$(SBINDIR) src/smartdns
install -v -m 0644 -D -t $(DESTDIR)$(SYSTEMDSYSTEMUNITDIR) systemd/smartdns.service

9
ReadMe.md
View File

@@ -504,6 +504,8 @@ https://github.com/pymumu/smartdns/releases
|bind|DNS监听端口号|[::]:53|可绑定多个端口<br>`IP:PORT`: 服务器IP端口号。<br>`[-group]`: 请求时使用的DNS服务器组。<br>`[-no-rule-addr]`跳过address规则。<br>`[-no-rule-nameserver]`跳过Nameserver规则。<br>`[-no-rule-ipset]`跳过Ipset规则。<br>`[no-rule-soa]`跳过SOA(#)规则.<br>`[no-dualstack-selection]`:停用双栈测速。<br>`[-no-speed-check]`:停用测速。<br>`[-no-cache]`:停止缓存|bind :53
|bind-tcp|TCP DNS监听端口号|[::]:53|可绑定多个端口<br>`IP:PORT`: 服务器IP端口号。<br>`[-group]`: 请求时使用的DNS服务器组。<br>`[-no-rule-addr]`跳过address规则。<br>`[-no-rule-nameserver]`跳过Nameserver规则。<br>`[-no-rule-ipset]`跳过Ipset规则。<br>`[no-rule-soa]`跳过SOA(#)规则.<br>`[no-dualstack-selection]`:停用双栈测速。<br>`[-no-speed-check]`:停用测速。<br>`[-no-cache]`:停止缓存|bind-tcp :53
|cache-size|域名结果缓存个数|512|数字|cache-size 512
|cache-persist|是否持久化缓存|no|[yes\|no]|cache-persist yes
|cache-file|缓存持久化文件路径|/tmp/smartdns.cache|路径|cache-file /tmp/smartdns.cache
|tcp-idle-time|TCP链接空闲超时时间|120|数字|tcp-idle-time 120
|rr-ttl|域名结果TTL|远程查询结果|大于0的数字|rr-ttl 600
|rr-ttl-min|允许的最小TTL值|远程查询结果|大于0的数字|rr-ttl-min 60
@@ -519,8 +521,8 @@ https://github.com/pymumu/smartdns/releases
|conf-file|附加配置文件|无|文件路径|conf-file /etc/smartdns/smartdns.more.conf
|server|上游UDP DNS|无|可重复<br>`[ip][:port]`服务器IP端口可选。<br>`[-blacklist-ip]`blacklist-ip参数指定使用blacklist-ip配置IP过滤结果。<br>`[-whitelist-ip]`whitelist-ip参数指定仅接受whitelist-ip中配置IP范围。<br>`[-group [group] ...]`DNS服务器所属组比如office, foreign和nameserver配套使用。<br>`[-exclude-default-group]`将DNS服务器从默认组中排除| server 8.8.8.8:53 -blacklist-ip -group g1
|server-tcp|上游TCP DNS|无|可重复<br>`[ip][:port]`服务器IP端口可选。<br>`[-blacklist-ip]`blacklist-ip参数指定使用blacklist-ip配置IP过滤结果。<br>`[-whitelist-ip]`whitelist-ip参数指定仅接受whitelist-ip中配置IP范围。<br>`[-group [group] ...]`DNS服务器所属组比如office, foreign和nameserver配套使用。<br>`[-exclude-default-group]`将DNS服务器从默认组中排除| server-tcp 8.8.8.8:53
|server-tls|上游TLS DNS|无|可重复<br>`[ip][:port]`服务器IP端口可选。<br>`[-spki-pin [sha256-pin]]`: TLS合法性校验SPKI值base64编码的sha256 SPKI pin值<br>`[-host-name]`TLS SNI名称。<br>`[-tls-host-verify]`: TLS证书主机名校验。<br>`[-blacklist-ip]`blacklist-ip参数指定使用blacklist-ip配置IP过滤结果。<br>`[-whitelist-ip]`whitelist-ip参数指定仅接受whitelist-ip中配置IP范围。<br>`[-group [group] ...]`DNS服务器所属组比如office, foreign和nameserver配套使用。<br>`[-exclude-default-group]`将DNS服务器从默认组中排除| server-tls 8.8.8.8:853
|server-https|上游HTTPS DNS|无|可重复<br>`https://[host][:port]/path`服务器IP端口可选。<br>`[-spki-pin [sha256-pin]]`: TLS合法性校验SPKI值base64编码的sha256 SPKI pin值<br>`[-host-name]`TLS SNI名称<br>`[-http-host]`http协议头主机名。<br>`[-tls-host-verify]`: TLS证书主机名校验。<br>`[-blacklist-ip]`blacklist-ip参数指定使用blacklist-ip配置IP过滤结果。<br>`[-whitelist-ip]`whitelist-ip参数指定仅接受whitelist-ip中配置IP范围。<br>`[-group [group] ...]`DNS服务器所属组比如office, foreign和nameserver配套使用。<br>`[-exclude-default-group]`将DNS服务器从默认组中排除| server-https https://cloudflare-dns.com/dns-query
|server-tls|上游TLS DNS|无|可重复<br>`[ip][:port]`服务器IP端口可选。<br>`[-spki-pin [sha256-pin]]`: TLS合法性校验SPKI值base64编码的sha256 SPKI pin值<br>`[-host-name]`TLS SNI名称。<br>`[-tls-host-verify]`: TLS证书主机名校验。<br> `-no-check-certificate:`:跳过证书校验。<br>`[-blacklist-ip]`blacklist-ip参数指定使用blacklist-ip配置IP过滤结果。<br>`[-whitelist-ip]`whitelist-ip参数指定仅接受whitelist-ip中配置IP范围。<br>`[-group [group] ...]`DNS服务器所属组比如office, foreign和nameserver配套使用。<br>`[-exclude-default-group]`将DNS服务器从默认组中排除| server-tls 8.8.8.8:853
|server-https|上游HTTPS DNS|无|可重复<br>`https://[host][:port]/path`服务器IP端口可选。<br>`[-spki-pin [sha256-pin]]`: TLS合法性校验SPKI值base64编码的sha256 SPKI pin值<br>`[-host-name]`TLS SNI名称<br>`[-http-host]`http协议头主机名。<br>`[-tls-host-verify]`: TLS证书主机名校验。<br> `-no-check-certificate:`:跳过证书校验。<br>`[-blacklist-ip]`blacklist-ip参数指定使用blacklist-ip配置IP过滤结果。<br>`[-whitelist-ip]`whitelist-ip参数指定仅接受whitelist-ip中配置IP范围。<br>`[-group [group] ...]`DNS服务器所属组比如office, foreign和nameserver配套使用。<br>`[-exclude-default-group]`将DNS服务器从默认组中排除| server-https https://cloudflare-dns.com/dns-query
|speed-check-mode|测速模式选择|无|[ping\|tcp:[80]\|none]|speed-check-mode ping,tcp:80
|address|指定域名IP地址|无|address /domain/[ip\|-\|-4\|-6\|#\|#4\|#6] <br>`-`表示忽略 <br>`#`表示返回SOA <br>`4`表示IPV4 <br>`6`表示IPV6| address /www.example.com/1.2.3.4
|nameserver|指定域名使用server组解析|无|nameserver /domain/[group\|-], `group`为组名,`-`表示忽略此规则配套server中的`-group`参数使用| nameserver /www.example.com/office
@@ -535,8 +537,11 @@ https://github.com/pymumu/smartdns/releases
|prefetch-domain|域名预先获取功能|no|[yes\|no]|prefetch-domain yes
|serve-expired|过期缓存服务功能|no|[yes\|no]开启此功能后如果有请求时尝试回应TTL为0的过期记录并并发查询记录以避免查询等待|serve-expired yes
|serve-expired-ttl|过期缓存服务最长超时时间|0|秒0表示停用超时> 0表示指定的超时的秒数|serve-expired-ttl 0
|serve-expired-reply-ttl|回应的过期缓存TTL|5|秒0表示停用超时> 0表示指定的超时的秒数|serve-expired-reply-ttl 30
|dualstack-ip-selection|双栈IP优选|no|[yes\|no]|dualstack-ip-selection yes
|dualstack-ip-selection-threshold|双栈IP优选阈值|30ms|毫秒|dualstack-ip-selection-threshold [0-1000]
|ca-file|证书文件|/etc/ssl/certs/ca-certificates.crt|路径|ca-file /etc/ssl/certs/ca-certificates.crt
|ca-path|证书文件路径|/etc/ssl/certs|路径|ca-path /etc/ssl/certs
## FAQ

9
ReadMe_en.md
View File

@@ -498,6 +498,8 @@ Note: Merlin firmware is derived from ASUS firmware and can theoretically be use
|bind|DNS listening port number|[::]:53|Support binding multiple ports<br>`IP:PORT`: server IP, port number. <br>`[-group]`: The DNS server group used when requesting. <br>`[-no-rule-addr]`: Skip the address rule. <br>`[-no-rule-nameserver]`: Skip the Nameserver rule. <br>`[-no-rule-ipset]`: Skip the Ipset rule. <br>`[-no-rule-soa]`: Skip address SOA(#) rules.<br>`[-no-dualstack-selection]`: Disable dualstack ip selection.<br>`[-no-speed-check]`: Disable speed measurement. <br>`[-no-cache]`: stop caching |bind :53
|bind-tcp|TCP mode DNS listening port number|[::]:53|Support binding multiple ports<br>`IP:PORT`: server IP, port number. <br>`[-group]`: The DNS server group used when requesting. <br>`[-no-rule-addr]`: Skip the address rule. <br>`[-no-rule-nameserver]`: Skip the Nameserver rule. <br>`[-no-rule-ipset]`: Skip the Ipset rule. <br>`[-no-rule-soa]`: Skip address SOA(#) rules.<br>`[-no-dualstack-selection]`: Disable dualstack ip selection.<br>`[-no-speed-check]`: Disable speed measurement. <br>`[-no-cache]`: stop caching |bind-tcp :53
|cache-size|Domain name result cache number|512|integer|cache-size 512
|cache-persist|enable persist cache|no|[yes\|no]|cache-persist yes
|cache-file|cache persist file|/tmp/smartdns.cache|路径|cache-file /tmp/smartdns.cache
|tcp-idle-time|TCP connection idle timeout|120|integer|tcp-idle-time 120
|rr-ttl|Domain name TTL|Remote query result|number greater than 0|rr-ttl 600
|rr-ttl-min|Domain name Minimum TTL|Remote query result|number greater than 0|rr-ttl-min 60
@@ -513,8 +515,8 @@ Note: Merlin firmware is derived from ASUS firmware and can theoretically be use
|conf-file|additional conf file|None|File path|conf-file /etc/smartdns/smartdns.more.conf
|server|Upstream UDP DNS server|None|Repeatable <br>`[ip][:port]`: Server IP, port optional. <br>`[-blacklist-ip]`: The "-blacklist-ip" parameter is to filtering IPs which is configured by "blacklist-ip". <br>`[-whitelist-ip]`: whitelist-ip parameter specifies that only the IP range configured in whitelist-ip is accepted. <br>`[-group [group] ...]`: The group to which the DNS server belongs, such as office, foreign, use with nameserver. <br>`[-exclude-default-group]`: Exclude DNS servers from the default group| server 8.8.8.8:53 -blacklist-ip
|server-tcp|Upstream TCP DNS server|None|Repeatable <br>`[ip][:port]`: Server IP, port optional. <br>`[-blacklist-ip]`: The "-blacklist-ip" parameter is to filtering IPs which is configured by "blacklist-ip". <br>`[-whitelist-ip]`: whitelist-ip parameter specifies that only the IP range configured in whitelist-ip is accepted. <br>`[-group [group] ...]`: The group to which the DNS server belongs, such as office, foreign, use with nameserver. <br>`[-exclude-default-group]`: Exclude DNS servers from the default group| server-tcp 8.8.8.8:53
|server-tls|Upstream TLS DNS server|None|Repeatable <br>`[ip][:port]`: Server IP, port optional. <br>`[-spki-pin [sha256-pin]]`: TLS verify SPKI value, a base64 encoded SHA256 hash<br>`[-host-name]`:TLS Server name. <br>`[-tls-host-verify]`: TLS cert hostname to verify.<br>`[-blacklist-ip]`: The "-blacklist-ip" parameter is to filtering IPs which is configured by "blacklist-ip". <br>`[-whitelist-ip]`: whitelist-ip parameter specifies that only the IP range configured in whitelist-ip is accepted. <br>`[-group [group] ...]`: The group to which the DNS server belongs, such as office, foreign, use with nameserver. <br>`[-exclude-default-group]`: Exclude DNS servers from the default group| server-tls 8.8.8.8:853
|server-https|Upstream HTTPS DNS server|None|Repeatable <br>`https://[host][:port]/path`: Server IP, port optional. <br>`[-spki-pin [sha256-pin]]`: TLS verify SPKI value, a base64 encoded SHA256 hash<br>`[-host-name]`:TLS Server name<br>`[-http-host]`http header host. <br>`[-tls-host-verify]`: TLS cert hostname to verify.<br>`[-blacklist-ip]`: The "-blacklist-ip" parameter is to filtering IPs which is configured by "blacklist-ip". <br>`[-whitelist-ip]`: whitelist-ip parameter specifies that only the IP range configured in whitelist-ip is accepted. <br>`[-group [group] ...]`: The group to which the DNS server belongs, such as office, foreign, use with nameserver. <br>`[-exclude-default-group]`: Exclude DNS servers from the default group| server-https https://cloudflare-dns.com/dns-query
|server-tls|Upstream TLS DNS server|None|Repeatable <br>`[ip][:port]`: Server IP, port optional. <br>`[-spki-pin [sha256-pin]]`: TLS verify SPKI value, a base64 encoded SHA256 hash<br>`[-host-name]`:TLS Server name. <br>`[-tls-host-verify]`: TLS cert hostname to verify. <br>`-no-check-certificate:`: No check certificate. <br>`[-blacklist-ip]`: The "-blacklist-ip" parameter is to filtering IPs which is configured by "blacklist-ip". <br>`[-whitelist-ip]`: whitelist-ip parameter specifies that only the IP range configured in whitelist-ip is accepted. <br>`[-group [group] ...]`: The group to which the DNS server belongs, such as office, foreign, use with nameserver. <br>`[-exclude-default-group]`: Exclude DNS servers from the default group| server-tls 8.8.8.8:853
|server-https|Upstream HTTPS DNS server|None|Repeatable <br>`https://[host][:port]/path`: Server IP, port optional. <br>`[-spki-pin [sha256-pin]]`: TLS verify SPKI value, a base64 encoded SHA256 hash<br>`[-host-name]`:TLS Server name<br>`[-http-host]`http header host. <br>`[-tls-host-verify]`: TLS cert hostname to verify. <br>`-no-check-certificate:`: No check certificate. <br>`[-blacklist-ip]`: The "-blacklist-ip" parameter is to filtering IPs which is configured by "blacklist-ip". <br>`[-whitelist-ip]`: whitelist-ip parameter specifies that only the IP range configured in whitelist-ip is accepted. <br>`[-group [group] ...]`: The group to which the DNS server belongs, such as office, foreign, use with nameserver. <br>`[-exclude-default-group]`: Exclude DNS servers from the default group| server-https https://cloudflare-dns.com/dns-query
|speed-check-mode|Speed mode|None|[ping\|tcp:[80]\|none]|speed-check-mode ping,tcp:443
|address|Domain IP address|None|address /domain/[ip\|-\|-4\|-6\|#\|#4\|#6], `-` for ignore, `#` for return SOA, `4` for IPV4, `6` for IPV6| address /www.example.com/1.2.3.4
|nameserver|To query domain with specific server group|None|nameserver /domain/[group\|-], `group` is the group name, `-` means ignore this rule, use the `-group` parameter in the related server|nameserver /www.example.com/office
@@ -529,8 +531,11 @@ Note: Merlin firmware is derived from ASUS firmware and can theoretically be use
|prefetch-domain|domain prefetch feature|no|[yes\|no]|prefetch-domain yes
|serve-expired|Cache serve expired feature|no|[yes\|no], Attempts to serve old responses from cache with a TTL of 0 in the response without waiting for the actual resolution to finish.|serve-expired yes
|serve-expired-ttl|Cache serve expired limite TTL|0|second0disable> 0 seconds after expiration|serve-expired-ttl 0
|serve-expired-reply-ttl|TTL value to use when replying with expired data|5|second0disable> 0 seconds after expiration|serve-expired-reply-ttl 30
|dualstack-ip-selection|Dualstack ip selection|no|[yes\|no]|dualstack-ip-selection yes
|dualstack-ip-selection-threshold|Dualstack ip select threadhold|30ms|millisecond|dualstack-ip-selection-threshold [0-1000]
|ca-file|certificate file|/etc/ssl/certs/ca-certificates.crt|path|ca-file /etc/ssl/certs/ca-certificates.crt
|ca-path|certificates path|/etc/ssl/certs|path|ca-path /etc/ssl/certs
## FAQ

BIN
doc/alipay_donate.jpg
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 68 KiB

After

Width:  |  Height:  |  Size: 52 KiB

30
etc/smartdns/smartdns.conf
View File

@@ -38,7 +38,13 @@ bind [::]:53
# dns cache size
# cache-size [number]
# 0: for no cache
cache-size 512
cache-size 4096
# enable persist cache when restart
# cache-persist yes
# cache persist file
# cache-file /tmp/smartdns.cache
# prefetch domain
# prefetch-domain [yes|no]
@@ -52,6 +58,10 @@ cache-size 512
# serve-expired-ttl [num]
# serve-expired-ttl 0
# reply TTL value to use when replying with expired data
# serve-expired-reply-ttl [num]
# serve-expired-reply-ttl 30
# List of hosts that supply bogus NX domain results
# bogus-nxdomain [ip/subnet]
@@ -112,6 +122,14 @@ log-level info
# audit-size 128k
# audit-num 2
# certificate file
# ca-file [file]
# ca-file /etc/ssl/certs/ca-certificates.crt
# certificate path
# ca-path [path]
# ca-path /etc/ss/certs
# remote udp dns server list
# server [IP]:[PORT] [-blacklist-ip] [-whitelist-ip] [-check-edns] [-group [group] ...] [-exclude-default-group]
# default port is 53
@@ -130,8 +148,9 @@ log-level info
# remote tls dns server list
# server-tls [IP]:[PORT] [-blacklist-ip] [-whitelist-ip] [-spki-pin [sha256-pin]] [-group [group] ...] [-exclude-default-group]
# -spki-pin: TLS spki pin to verify.
# -tls-host-check: cert hostname to verify.
# -hostname: TLS sni hostname.
# -tls-host-verify: cert hostname to verify.
# -host-name: TLS sni hostname.
# -no-check-certificate: no check certificate.
# Get SPKI with this command:
# echo | openssl s_client -connect '[ip]:853' | openssl x509 -pubkey -noout | openssl pkey -pubin -outform der | openssl dgst -sha256 -binary | openssl enc -base64
# default port is 853
@@ -141,9 +160,10 @@ log-level info
# remote https dns server list
# server-https https://[host]:[port]/path [-blacklist-ip] [-whitelist-ip] [-spki-pin [sha256-pin]] [-group [group] ...] [-exclude-default-group]
# -spki-pin: TLS spki pin to verify.
# -tls-host-check: cert hostname to verify.
# -hostname: TLS sni hostname.
# -tls-host-verify: cert hostname to verify.
# -host-name: TLS sni hostname.
# -http-host: http host.
# -no-check-certificate: no check certificate.
# default port is 443
# server-https https://cloudflare-dns.com/dns-query

4
package/build-pkg.sh
View File

@@ -43,8 +43,8 @@ showhelp()
build_smartdns()
{
if [ "$PLATFORM" != "luci" ]; then
make -C $CODE_DIR/src clean
make -C $CODE_DIR/src all -j8 VER=$VER $MAKE_ARGS
make -C $CODE_DIR clean $MAKE_ARGS
make -C $CODE_DIR all -j8 VER=$VER $MAKE_ARGS
if [ $? -ne 0 ]; then
echo "make smartdns failed"
exit 1

13
install → package/linux/install
View File

@@ -77,14 +77,18 @@ install_files()
return 1
fi
install -v -m 0755 -t $PREFIX/usr/sbin src/smartdns
install -v -m 0755 -t $PREFIX/usr/sbin usr/sbin/smartdns
if [ $? -ne 0 ]; then
return 1
fi
install -v -m 0640 -t $PREFIX$SMARTDNS_CONF_DIR etc/smartdns/smartdns.conf
if [ $? -ne 0 ]; then
return 1
if [ -e "$PREFIX$SMARTDNS_CONF_DIR/smartdns.conf" ]; then
cp etc/smartdns/smartdns.conf $PREFIX$SMARTDNS_CONF_DIR/smartdns.conf.pkg
else
install -v -m 0640 -t $PREFIX$SMARTDNS_CONF_DIR etc/smartdns/smartdns.conf
if [ $? -ne 0 ]; then
return 1
fi
fi
install -v -m 0640 -t $PREFIX/etc/default etc/default/smartdns
@@ -118,7 +122,6 @@ uninstall_smartdns()
if [ -z "$PREFIX" ]; then
stop_service 2>/dev/null
fi
rm -f $PREFIX$SMARTDNS_CONF_DIR/smartdns.conf
rmdir $PREFIX$SMARTDNS_CONF_DIR 2>/dev/null
rm -f $PREFIX/usr/sbin/smartdns
rm -f $PREFIX/etc/default/smartdns

11
package/linux/make.sh
View File

@@ -23,12 +23,17 @@ build()
cd $PKG_ROOT/
# Generic x86_64
mkdir $PKG_ROOT/smartdns/src -p
mkdir $PKG_ROOT/smartdns/usr/sbin -p
mkdir $PKG_ROOT/smartdns/package -p
mkdir $PKG_ROOT/smartdns/systemd -p
cd $SMARTDNS_DIR
cp package/windows $PKG_ROOT/smartdns/package/ -a
cp etc systemd *.md LICENSE install $PKG_ROOT/smartdns/ -a
cp src/smartdns $PKG_ROOT/smartdns/src -a
cp etc *.md LICENSE package/linux/install $PKG_ROOT/smartdns/ -a
cp systemd/smartdns.service $PKG_ROOT/smartdns/systemd
cp src/smartdns $PKG_ROOT/smartdns/usr/sbin -a
chmod +x $PKG_ROOT/smartdns/install
if [ $? -ne 0 ]; then
echo "copy smartdns file failed"
rm -fr $PKG_ROOT

6
package/luci-compat/files/luci/i18n/smartdns.zh-cn.po
View File

@@ -214,6 +214,12 @@ msgstr "校验TLS主机名"
msgid "Set TLS hostname to verify."
msgstr "设置校验TLS主机名。"
msgid "No check certificate"
msgstr "停用证书校验"
msgid "Do not check certificate."
msgstr "不校验证书的合法性。"
msgid "TLS SNI name"
msgstr "TLS SNI名称"

10
package/luci-compat/files/luci/model/cbi/smartdns/upstream.lua
View File

@@ -78,6 +78,16 @@ o.rempty = true
o:depends("type", "tls")
o:depends("type", "https")
---- certificate verify
o = s:option(Flag, "no_check_certificate", translate("No check certificate"), translate("Do not check certificate."))
o.rmempty = false
o.default = o.disabled
o.cfgvalue = function(...)
return Flag.cfgvalue(...) or "0"
end
o:depends("type", "tls")
o:depends("type", "https")
---- SNI host name
o = s:option(Value, "host_name", translate("TLS SNI name"), translate("Sets the server name indication for query."))
o.default = ""

27
package/luci/files/luci/controller/smartdns.lua
View File

@@ -1,27 +0,0 @@
--
-- Copyright (C) 2018-2020 Ruilin Peng (Nick) <pymumu@gmail.com>.
--
-- smartdns is free software: you can redistribute it and/or modify
-- it under the terms of the GNU General Public License as published by
-- the Free Software Foundation, either version 3 of the License, or
-- (at your option) any later version.
--
-- smartdns is distributed in the hope that it will be useful,
-- but WITHOUT ANY WARRANTY; without even the implied warranty of
-- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-- GNU General Public License for more details.
--
-- You should have received a copy of the GNU General Public License
-- along with this program. If not, see <http://www.gnu.org/licenses/>.
module("luci.controller.smartdns", package.seeall)
function index()
if not nixio.fs.access("/etc/config/smartdns") then
return
end
local page
page = entry({"admin", "services", "smartdns"}, view("smartdns/smartdns"), _("SmartDNS"), 60)
page.dependent = true
end

6
package/luci/files/luci/i18n/smartdns.zh-cn.po
View File

@@ -226,6 +226,12 @@ msgstr "校验TLS主机名"
msgid "Set TLS hostname to verify."
msgstr "设置校验TLS主机名。"
msgid "No check certificate"
msgstr "停用证书校验"
msgid "Do not check certificate."
msgstr "不校验证书的合法性。"
msgid "TLS SNI name"
msgstr "TLS SNI名称"

12
package/luci/files/root/usr/share/luci/menu.d/luci-app-smartdns.json Normal file
View File

@@ -0,0 +1,12 @@
{
"admin/services/smartdns": {
"title": "SmartDNS",
"action": {
"type": "view",
"path": "smartdns/smartdns"
},
"depends": {
"uci": { "smartdns": true }
}
}
}

12
package/luci/files/usr/share/rpcd/acl.d/luci-app-smartdns.json → package/luci/files/root/usr/share/rpcd/acl.d/luci-app-smartdns.json
View File

@@ -4,18 +4,20 @@
"read": {
"file": {
"/etc/smartdns/*": [ "read" ],
"/usr/sbin/iptables": [ "exec" ],
"/usr/sbin/ip6tables": [ "exec" ],
"/usr/sbin/iptables -t nat -nL PREROUTING": [ "exec" ],
"/usr/sbin/ip6tables -t nat -nL PREROUTING": [ "exec" ],
"/usr/sbin/smartdns": [ "exec" ]
},
"ubus": {
"service": [ "list" ]
}
},
"uci": [ "smartdns" ]
},
"write": {
"file": {
"/etc/smartdns/*": [ "write" ]
}
},
"uci": [ "smartdns" ]
}
}
}
}

17
package/luci/files/luci/htdocs/luci-static/resources/view/smartdns/smartdns.js → package/luci/files/root/www/luci-static/resources/view/smartdns/smartdns.js
View File

@@ -201,7 +201,7 @@ return L.view.extend({
_("Attempts to serve old responses from cache with a TTL of 0 in the response without waiting for the actual resolution to finish."));
o.rmempty = false;
o.default = o.disabled;
// Redirect;
o = s.taboption("settings", form.ListValue, "redirect", _("Redirect"), _("SmartDNS redirect mode"));
o.placeholder = "none";
@@ -253,7 +253,7 @@ return L.view.extend({
// dns server group;
o = s.taboption("seconddns", form.Value, "seconddns_server_group", _("Server Group"),
_("Query DNS through specific dns server group, such as office, home."));
_("Query DNS through specific dns server group, such as office, home."));
o.rmempty = true;
o.placeholder = "default";
o.datatype = "hostname";
@@ -305,8 +305,7 @@ return L.view.extend({
// custom settings;
o = s.taboption("custom", form.TextValue, "custom_conf",
_(""),
_("smartdns custom settings"));
"", _("smartdns custom settings"));
o.rows = 20;
o.cfgvalue = function (section_id) {
@@ -390,6 +389,15 @@ return L.view.extend({
o.depends("type", "tls")
o.depends("type", "https")
// certificate verify
o = s.taboption("advanced", form.Flag, "no_check_certificate", _("No check certificate"),
_("Do not check certificate."))
o.rmempty = false
o.default = o.disabled
o.modalonly = true;
o.depends("type", "tls")
o.depends("type", "https")
// SNI host name
o = s.taboption("advanced", form.Value, "host_name", _("TLS SNI name"),
_("Sets the server name indication for query."))
@@ -482,4 +490,3 @@ return L.view.extend({
return m.render();
}
});

10
package/luci/make.sh
View File

@@ -53,21 +53,15 @@ build()
cd $ROOT/
build_tool
mkdir $ROOT/root/usr/lib/lua/ -p
mkdir $ROOT/root/usr/lib/lua/luci/controller/ -p
mkdir $ROOT/root/usr/lib/lua/luci -p
mkdir $ROOT/root/usr/share/rpcd/acl.d/ -p
cp $ROOT/files/luci/controller/* $ROOT/root/usr/lib/lua/luci/controller/ -avf
cp $ROOT/files/luci/i18n $ROOT/root/usr/lib/lua/luci/ -avf
cp $ROOT/files/luci/view $ROOT/root/usr/lib/lua/luci/ -avf
mkdir $ROOT/root/www/luci-static/resources/view -p
cp $ROOT/files/luci/htdocs/luci-static/resources/view/* $ROOT/root/www/luci-static/resources/view/ -avf
#Generate Language
$PO2LMO $ROOT/files/luci/i18n/smartdns.zh-cn.po $ROOT/root/usr/lib/lua/luci/i18n/smartdns.zh-cn.lmo
rm $ROOT/root/usr/lib/lua/luci/i18n/smartdns.zh-cn.po
cp $ROOT/files/usr $ROOT/root/ -avf
cp $ROOT/files/root/* $ROOT/root/ -avf
INST_SIZE="`du -sb $ROOT/root/ | awk '{print $1}'`"
sed -i "s/^Architecture.*/Architecture: all/g" $ROOT/control/control

3
package/openwrt/Makefile
View File

@@ -9,6 +9,9 @@ PKG_NAME:=smartdns
PKG_VERSION:=1.2019.28
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)
PKG_SOURCE_PROTO:=git
PKG_SOURCE_URL:=https://www.github.com/pymumu/smartdns.git
PKG_SOURCE_VERSION:=982002e836e486fb4e360bc10e84e7e7197caf46

7
package/openwrt/files/etc/init.d/smartdns
View File

@@ -46,7 +46,6 @@ set_forward_dnsmasq()
[ "$server" = "$addr" ] && continue
uci add_list dhcp.@dnsmasq[0].server="$server"
done
uci delete dhcp.@dnsmasq[0].resolvfile 2>/dev/null
uci set dhcp.@dnsmasq[0].noresolv=1
uci commit dhcp
/etc/init.d/dnsmasq restart
@@ -57,14 +56,13 @@ stop_forward_dnsmasq()
local OLD_PORT="$1"
addr="127.0.0.1#$OLD_PORT"
OLD_SERVER="$(uci get dhcp.@dnsmasq[0].server 2>/dev/null)"
if echo "$OLD_SERVER" | grep "^$addr" >/dev/null 2>&1; then
if ! echo "$OLD_SERVER" | grep "^$addr" >/dev/null 2>&1; then
return
fi
uci del_list dhcp.@dnsmasq[0].server="$addr" 2>/dev/null
addrlist="$(uci get dhcp.@dnsmasq[0].server 2>/dev/null)"
[ -z "$addrlist" ] && {
uci set dhcp.@dnsmasq[0].resolvfile=/tmp/resolv.conf.auto 2>/dev/null
uci delete dhcp.@dnsmasq[0].noresolv 2>/dev/null
}
uci commit dhcp
@@ -125,7 +123,6 @@ service_triggers() {
procd_add_reload_trigger smartdns
}
conf_append()
{
echo "$1 $2" >> $SMARTDNS_CONF_TMP
@@ -159,6 +156,7 @@ load_server()
config_get type "$section" "type" "udp"
config_get ip "$section" "ip" ""
config_get tls_host_verify "$section" "tls_host_verify" ""
config_get no_check_certificate "$section" "no_check_certificate" "0"
config_get host_name "$section" "host_name" ""
config_get http_host "$section" "http_host" ""
config_get server_group "$section" "server_group" ""
@@ -189,6 +187,7 @@ load_server()
fi
[ -z "$tls_host_verify" ] || ADDITIONAL_ARGS="$ADDITIONAL_ARGS -tls-host-verify $tls_host_verify"
[ "$no_check_certificate" = "0" ] || ADDITIONAL_ARGS="$ADDITIONAL_ARGS -no-check-certificate"
[ -z "$host_name" ] || ADDITIONAL_ARGS="$ADDITIONAL_ARGS -host-name $host_name"
[ -z "$http_host" ] || ADDITIONAL_ARGS="$ADDITIONAL_ARGS -http-host $http_host"
[ -z "$server_group" ] || ADDITIONAL_ARGS="$ADDITIONAL_ARGS -group $server_group"

23
package/optware/S50smartdns
View File

@@ -332,9 +332,28 @@ case "$1" in
return 0
fi
if [ ! -d "/proc/$pid" ]; then
return 0;
kill -15 "$pid" 2>/dev/null
SLEEP=`which usleep`
SLEEPTIME=200000
if [ -z "$SLEEP" ]; then
SLEEP="sleep"
SLEEPTIME=0.2
fi
N=30
while [ $N -gt 0 ]
do
pid="$(cat "$SMARTDNS_PID" | head -n 1 2>/dev/null)"
if [ -z "$pid" ]; then
return 0
fi
if [ ! -d "/proc/$pid" ]; then
return 0;
fi
$SLEEP $SLEEPTIME 2>/dev/null
N=$((N-1))
done
kill -9 "$pid" 2>/dev/null
;;

63
package/redhat/smartdns.spec Normal file
View File

@@ -0,0 +1,63 @@
Name: smartdns
Version: 31
Release: 1%{?dist}
Summary: smartdns
License: GPL 3.0
URL: https://github.com/pymumu/smartdns
Source0: smartdns-Release31.tar.gz
BuildRequires: glibc
Requires: glibc
Requires: systemd
%description
A local DNS server to obtain the fastest website IP for the best Internet experience.
%prep
%setup -q -n smartdns-Release31
%build
cd src
make %{?_smp_mflags}
%install
rm -rf $RPM_BUILD_ROOT
%{__install} -D -m 755 src/smartdns $RPM_BUILD_ROOT%{_sbindir}/smartdns
%{__install} -D -m 644 etc/smartdns/smartdns.conf $RPM_BUILD_ROOT%{_sysconfdir}/smartdns/smartdns.conf
%{__install} -D -m 644 systemd/smartdns.service.in $RPM_BUILD_ROOT%{_unitdir}/smartdns.service
cat > $RPM_BUILD_ROOT%{_unitdir}/smartdns.service <<EOF
[Unit]
Description=smartdns
ConditionFileIsExecutable=/usr/sbin/smartdns
After=syslog.target network-online.target
[Service]
Type=simple
ExecStart=/usr/sbin/smartdns -c /etc/smartdns/smartdns.conf -f
PIDFile=/run/smartdns.pid
Restart=on-failure
KillMode=process
[Install]
WantedBy=multi-user.target
EOF
%files
%defattr(-,root,root,-)
%{_sbindir}/smartdns
%config(noreplace) %{_sysconfdir}/smartdns/smartdns.conf
%{_unitdir}/smartdns.service
%post
%systemd_post %{name}.service
%preun
%systemd_preun %{name}.service
%postun
%systemd_postun_with_restart %{name}.service

2
src/Makefile
View File

@@ -38,7 +38,7 @@ else
override LDFLAGS += -lssl -lcrypto -lpthread
endif
.PHONY: all
.PHONY: all clean
all: $(BIN)

49
src/dns.c
View File

@@ -18,15 +18,15 @@
#define _GNU_SOURCE
#include "dns.h"
#include "tlog.h"
#include "stringutil.h"
#include "tlog.h"
#include <arpa/inet.h>
#include <fcntl.h>
#include <stdio.h>
#include <string.h>
#include <sys/stat.h>
#include <sys/types.h>
#include <unistd.h>
#include <arpa/inet.h>
#define QR_MASK 0x8000
#define OPCODE_MASK 0x7800
@@ -37,9 +37,9 @@
#define RCODE_MASK 0x000F
#define DNS_RR_END (0XFFFF)
#define UNUSED(expr) \
do { \
(void)(expr); \
#define UNUSED(expr) \
do { \
(void)(expr); \
} while (0)
/* read short and move pointer */
@@ -305,7 +305,8 @@ static int _dns_get_qr_head(struct dns_data_context *data_context, char *domain,
return 0;
}
static int _dns_add_rr_head(struct dns_data_context *data_context, char *domain, int qtype, int qclass, int ttl, int rr_len)
static int _dns_add_rr_head(struct dns_data_context *data_context, char *domain, int qtype, int qclass, int ttl,
int rr_len)
{
int len = 0;
@@ -333,7 +334,8 @@ static int _dns_add_rr_head(struct dns_data_context *data_context, char *domain,
return 0;
}
static int _dns_get_rr_head(struct dns_data_context *data_context, char *domain, int maxsize, int *qtype, int *qclass, int *ttl, int *rr_len)
static int _dns_get_rr_head(struct dns_data_context *data_context, char *domain, int maxsize, int *qtype, int *qclass,
int *ttl, int *rr_len)
{
int len = 0;
@@ -358,7 +360,8 @@ static int _dns_get_rr_head(struct dns_data_context *data_context, char *domain,
return len;
}
static int _dns_add_RAW(struct dns_packet *packet, dns_rr_type rrtype, dns_type_t rtype, char *domain, int ttl, void *raw, int raw_len)
static int _dns_add_RAW(struct dns_packet *packet, dns_rr_type rrtype, dns_type_t rtype, char *domain, int ttl,
void *raw, int raw_len)
{
int maxlen = 0;
int len = 0;
@@ -451,14 +454,16 @@ static int _dns_add_opt_RAW(struct dns_packet *packet, dns_opt_code_t opt_rrtype
return _dns_add_RAW(packet, DNS_RRS_OPT, DNS_OPT_T_TCP_KEEPALIVE, "", 0, opt_data, len);
}
static int _dns_get_opt_RAW(struct dns_rrs *rrs, char *domain, int maxsize, int *ttl, struct dns_opt *dns_opt, int *dns_optlen)
static int _dns_get_opt_RAW(struct dns_rrs *rrs, char *domain, int maxsize, int *ttl, struct dns_opt *dns_opt,
int *dns_optlen)
{
*dns_optlen = DNS_MAX_OPT_LEN;
return _dns_get_RAW(rrs, domain, maxsize, ttl, dns_opt, dns_optlen);
}
static int __attribute__((unused)) _dns_add_OPT(struct dns_packet *packet, dns_rr_type type, unsigned short opt_code, unsigned short opt_len, struct dns_opt *opt)
static int __attribute__((unused)) _dns_add_OPT(struct dns_packet *packet, dns_rr_type type, unsigned short opt_code,
unsigned short opt_len, struct dns_opt *opt)
{
// TODO
@@ -508,7 +513,8 @@ static int __attribute__((unused)) _dns_add_OPT(struct dns_packet *packet, dns_
return _dns_rr_add_end(packet, type, DNS_T_OPT, len);
}
static int __attribute__((unused)) _dns_get_OPT(struct dns_rrs *rrs, unsigned short *opt_code, unsigned short *opt_len, struct dns_opt *opt, int *opt_maxlen)
static int __attribute__((unused)) _dns_get_OPT(struct dns_rrs *rrs, unsigned short *opt_code, unsigned short *opt_len,
struct dns_opt *opt, int *opt_maxlen)
{
// TODO
@@ -593,7 +599,8 @@ int dns_get_NS(struct dns_rrs *rrs, char *domain, int maxsize, int *ttl, char *c
return _dns_get_RAW(rrs, domain, maxsize, ttl, cname, &len);
}
int dns_add_AAAA(struct dns_packet *packet, dns_rr_type type, char *domain, int ttl, unsigned char addr[DNS_RR_AAAA_LEN])
int dns_add_AAAA(struct dns_packet *packet, dns_rr_type type, char *domain, int ttl,
unsigned char addr[DNS_RR_AAAA_LEN])
{
return _dns_add_RAW(packet, type, DNS_T_AAAA, domain, ttl, addr, DNS_RR_AAAA_LEN);
}
@@ -749,7 +756,8 @@ int dns_add_OPT_TCP_KEEYALIVE(struct dns_packet *packet, unsigned short timeout)
return _dns_add_opt_RAW(packet, DNS_OPT_T_TCP_KEEPALIVE, &timeout_net, data_len);
}
int dns_get_OPT_TCP_KEEYALIVE(struct dns_rrs *rrs, unsigned short *opt_code, unsigned short *opt_len, unsigned short *timeout)
int dns_get_OPT_TCP_KEEYALIVE(struct dns_rrs *rrs, unsigned short *opt_code, unsigned short *opt_len,
unsigned short *timeout)
{
unsigned char opt_data[DNS_MAX_OPT_LEN];
struct dns_opt *opt = (struct dns_opt *)opt_data;
@@ -961,7 +969,8 @@ static int _dns_decode_domain(struct dns_context *context, char *output, int siz
}
ptr = context->data + len;
if (ptr > context->data + context->maxsize) {
tlog(TLOG_DEBUG, "length is not enough %u:%ld, %p, %p", context->maxsize, (long)(ptr - context->data), context->ptr, context->data);
tlog(TLOG_DEBUG, "length is not enough %u:%ld, %p, %p", context->maxsize, (long)(ptr - context->data),
context->ptr, context->data);
return -1;
}
is_compressed = 1;
@@ -979,7 +988,8 @@ static int _dns_decode_domain(struct dns_context *context, char *output, int siz
}
if (ptr > context->data + context->maxsize) {
tlog(TLOG_DEBUG, "length is not enough %u:%ld, %p, %p", context->maxsize, (long)(ptr - context->data), context->ptr, context->data);
tlog(TLOG_DEBUG, "length is not enough %u:%ld, %p, %p", context->maxsize, (long)(ptr - context->data),
context->ptr, context->data);
return -1;
}
@@ -988,7 +998,8 @@ static int _dns_decode_domain(struct dns_context *context, char *output, int siz
/* copy sub string */
copy_len = (len < size - output_len) ? len : size - 1 - output_len;
if ((ptr + copy_len) > (context->data + context->maxsize)) {
tlog(TLOG_DEBUG, "length is not enough %u:%ld, %p, %p", context->maxsize, (long)(ptr - context->data), context->ptr, context->data);
tlog(TLOG_DEBUG, "length is not enough %u:%ld, %p, %p", context->maxsize, (long)(ptr - context->data),
context->ptr, context->data);
return -1;
}
memcpy(output, ptr, copy_len);
@@ -1089,7 +1100,8 @@ static int _dns_encode_qr_head(struct dns_context *context, char *domain, int qt
return 0;
}
static int _dns_decode_rr_head(struct dns_context *context, char *domain, int domain_size, int *qtype, int *qclass, int *ttl, int *rr_len)
static int _dns_decode_rr_head(struct dns_context *context, char *domain, int domain_size, int *qtype, int *qclass,
int *ttl, int *rr_len)
{
int len = 0;
@@ -1358,7 +1370,8 @@ static int _dns_decode_opt_ecs(struct dns_context *context, struct dns_opt_ecs *
memcpy(ecs->addr, context->ptr, len);
context->ptr += len;
tlog(TLOG_DEBUG, "ECS: family:%d, source_prefix:%d, scope_prefix:%d, len:%d", ecs->family, ecs->source_prefix, ecs->scope_prefix, len);
tlog(TLOG_DEBUG, "ECS: family:%d, source_prefix:%d, scope_prefix:%d, len:%d", ecs->family, ecs->source_prefix,
ecs->scope_prefix, len);
tlog(TLOG_DEBUG, "%d.%d.%d.%d", ecs->addr[0], ecs->addr[1], ecs->addr[2], ecs->addr[3]);
return 0;

19
src/dns.h
View File

@@ -44,7 +44,10 @@ typedef enum dns_rr_type {
DNS_RRS_END,
} dns_rr_type;
typedef enum dns_class { DNS_C_IN = 1, DNS_C_ANY = 255 } dns_class_t;
typedef enum dns_class {
DNS_C_IN = 1, // DNS C IN
DNS_C_ANY = 255
} dns_class_t;
typedef enum dns_type {
DNS_T_A = 1,
@@ -63,10 +66,10 @@ typedef enum dns_type {
DNS_T_ALL = 255
} dns_type_t;
typedef enum dns_opt_code {
DNS_OPT_T_ECS = 8,
typedef enum dns_opt_code {
DNS_OPT_T_ECS = 8, // OPT ECS
DNS_OPT_T_TCP_KEEPALIVE = 11,
DNS_OPT_T_ALL = 255
DNS_OPT_T_ALL = 255
} dns_opt_code_t;
typedef enum dns_opcode {
@@ -107,7 +110,7 @@ struct dns_head {
unsigned short ancount; /* number of answer entries */
unsigned short nscount; /* number of authority entries */
unsigned short nrcount; /* number of addititional resource entries */
} __attribute__((packed));
} __attribute__((packed, aligned(2)));
struct dns_rrs {
unsigned short next;
@@ -196,7 +199,8 @@ int dns_get_A(struct dns_rrs *rrs, char *domain, int maxsize, int *ttl, unsigned
int dns_add_PTR(struct dns_packet *packet, dns_rr_type type, char *domain, int ttl, char *cname);
int dns_get_PTR(struct dns_rrs *rrs, char *domain, int maxsize, int *ttl, char *cname, int cname_size);
int dns_add_AAAA(struct dns_packet *packet, dns_rr_type type, char *domain, int ttl, unsigned char addr[DNS_RR_AAAA_LEN]);
int dns_add_AAAA(struct dns_packet *packet, dns_rr_type type, char *domain, int ttl,
unsigned char addr[DNS_RR_AAAA_LEN]);
int dns_get_AAAA(struct dns_rrs *rrs, char *domain, int maxsize, int *ttl, unsigned char addr[DNS_RR_AAAA_LEN]);
int dns_add_SOA(struct dns_packet *packet, dns_rr_type type, char *domain, int ttl, struct dns_soa *soa);
@@ -212,7 +216,8 @@ int dns_add_OPT_ECS(struct dns_packet *packet, struct dns_opt_ecs *ecs);
int dns_get_OPT_ECS(struct dns_rrs *rrs, unsigned short *opt_code, unsigned short *opt_len, struct dns_opt_ecs *ecs);
int dns_add_OPT_TCP_KEEYALIVE(struct dns_packet *packet, unsigned short timeout);
int dns_get_OPT_TCP_KEEYALIVE(struct dns_rrs *rrs, unsigned short *opt_code, unsigned short *opt_len, unsigned short *timeout);
int dns_get_OPT_TCP_KEEYALIVE(struct dns_rrs *rrs, unsigned short *opt_code, unsigned short *opt_len,
unsigned short *timeout);
/*
* Packet operation
*/

455
src/dns_cache.c
View File

@@ -19,7 +19,11 @@
#include "dns_cache.h"
#include "stringutil.h"
#include "tlog.h"
#include <errno.h>
#include <fcntl.h>
#include <pthread.h>
#include <string.h>
#include <sys/types.h>
#define DNS_CACHE_MAX_HITNUM 5000
#define DNS_CACHE_HITNUM_STEP 2
@@ -65,7 +69,7 @@ static __attribute__((unused)) struct dns_cache *_dns_cache_last(void)
return list_last_entry(&dns_cache_head.cache_list, struct dns_cache, list);
}
static struct dns_cache *_dns_cache_first(void)
static struct dns_cache *_dns_inactive_cache_first(void)
{
struct dns_cache *dns_cache = NULL;
@@ -82,6 +86,7 @@ static void _dns_cache_delete(struct dns_cache *dns_cache)
hash_del(&dns_cache->node);
list_del_init(&dns_cache->list);
atomic_dec(&dns_cache_head.num);
dns_cache_data_free(dns_cache->cache_data);
free(dns_cache);
}
@@ -118,9 +123,89 @@ static void _dns_cache_move_inactive(struct dns_cache *dns_cache)
list_add_tail(&dns_cache->list, &dns_cache_head.inactive_list);
}
int dns_cache_replace(char *domain, char *cname, int cname_ttl, int ttl, dns_type_t qtype, unsigned char *addr, int addr_len, int speed)
enum CACHE_TYPE dns_cache_data_type(struct dns_cache_data *cache_data)
{
return cache_data->head.cache_type;
}
uint32_t dns_cache_get_cache_flag(struct dns_cache_data *cache_data)
{
return cache_data->head.cache_flag;
}
void dns_cache_data_free(struct dns_cache_data *data)
{
if (data == NULL) {
return;
}
free(data);
}
struct dns_cache_data *dns_cache_new_data_addr(uint32_t cache_flag, char *cname, int cname_ttl, unsigned char *addr,
int addr_len)
{
struct dns_cache_addr *cache_addr = malloc(sizeof(struct dns_cache_addr));
memset(cache_addr, 0, sizeof(struct dns_cache_addr));
if (cache_addr == NULL) {
return NULL;
}
if (addr_len == DNS_RR_A_LEN) {
memcpy(cache_addr->addr_data.addr, addr, DNS_RR_A_LEN);
} else if (addr_len != DNS_RR_AAAA_LEN) {
memcpy(cache_addr->addr_data.addr, addr, DNS_RR_AAAA_LEN);
} else {
goto errout;
}
if (cname) {
safe_strncpy(cache_addr->addr_data.cname, cname, DNS_MAX_CNAME_LEN);
cache_addr->addr_data.cname_ttl = cname_ttl;
}
cache_addr->head.cache_flag = cache_flag;
cache_addr->head.cache_type = CACHE_TYPE_ADDR;
cache_addr->head.size = sizeof(struct dns_cache_addr) - sizeof(struct dns_cache_data_head);
return (struct dns_cache_data *)cache_addr;
errout:
if (cache_addr) {
free(cache_addr);
cache_addr = NULL;
}
return NULL;
}
struct dns_cache_data *dns_cache_new_data_packet(uint32_t cache_flag, void *packet, size_t packet_len)
{
struct dns_cache_packet *cache_packet = NULL;
size_t data_size = 0;
if (packet == NULL || packet_len <= 0) {
return NULL;
}
data_size = sizeof(*cache_packet) + packet_len;
cache_packet = malloc(data_size);
if (cache_packet == NULL) {
return NULL;
}
memcpy(cache_packet->data, packet, packet_len);
cache_packet->head.cache_flag = cache_flag;
cache_packet->head.cache_type = CACHE_TYPE_PACKET;
cache_packet->head.size = packet_len;
return (struct dns_cache_data *)cache_packet;
}
int dns_cache_replace(char *domain, int ttl, dns_type_t qtype, int speed, struct dns_cache_data *cache_data)
{
struct dns_cache *dns_cache = NULL;
struct dns_cache_data *old_cache_data = NULL;
if (dns_cache_head.size <= 0) {
return 0;
@@ -129,7 +214,7 @@ int dns_cache_replace(char *domain, char *cname, int cname_ttl, int ttl, dns_typ
/* lookup existing cache */
dns_cache = dns_cache_lookup(domain, qtype);
if (dns_cache == NULL) {
return 0;
return dns_cache_insert(domain, ttl, qtype, speed, cache_data);
}
if (ttl < DNS_CACHE_TTL_MIN) {
@@ -138,57 +223,30 @@ int dns_cache_replace(char *domain, char *cname, int cname_ttl, int ttl, dns_typ
/* update cache data */
pthread_mutex_lock(&dns_cache_head.lock);
dns_cache->ttl = ttl;
dns_cache->qtype = qtype;
dns_cache->ttl = ttl;
dns_cache->del_pending = 0;
dns_cache->speed = speed;
time(&dns_cache->insert_time);
if (qtype == DNS_T_A) {
if (addr_len != DNS_RR_A_LEN) {
goto errout_unlock;
}
memcpy(dns_cache->addr, addr, DNS_RR_A_LEN);
} else if (qtype == DNS_T_AAAA) {
if (addr_len != DNS_RR_AAAA_LEN) {
goto errout_unlock;
}
memcpy(dns_cache->addr, addr, DNS_RR_AAAA_LEN);
} else {
goto errout_unlock;
}
if (cname) {
safe_strncpy(dns_cache->cname, cname, DNS_MAX_CNAME_LEN);
dns_cache->cname_ttl = cname_ttl;
}
dns_cache->info.ttl = ttl;
dns_cache->info.qtype = qtype;
dns_cache->info.ttl = ttl;
dns_cache->info.speed = speed;
time(&dns_cache->info.insert_time);
old_cache_data = dns_cache->cache_data;
dns_cache->cache_data = cache_data;
list_del_init(&dns_cache->list);
list_add_tail(&dns_cache->list, &dns_cache_head.cache_list);
pthread_mutex_unlock(&dns_cache_head.lock);
dns_cache_data_free(old_cache_data);
dns_cache_release(dns_cache);
return 0;
errout_unlock:
pthread_mutex_unlock(&dns_cache_head.lock);
// errout:
if (dns_cache) {
dns_cache_release(dns_cache);
}
return -1;
}
int dns_cache_insert(char *domain, char *cname, int cname_ttl, int ttl, dns_type_t qtype, unsigned char *addr, int addr_len, int speed)
int _dns_cache_insert(struct dns_cache_info *info, struct dns_cache_data *cache_data, struct list_head *head)
{
uint32_t key = 0;
struct dns_cache *dns_cache = NULL;
if (dns_cache_head.size <= 0) {
return 0;
}
/* if cache already exists, free */
dns_cache = dns_cache_lookup(domain, qtype);
dns_cache = dns_cache_lookup(info->domain, info->qtype);
if (dns_cache) {
dns_cache_delete(dns_cache);
dns_cache_release(dns_cache);
@@ -200,50 +258,22 @@ int dns_cache_insert(char *domain, char *cname, int cname_ttl, int ttl, dns_type
goto errout;
}
if (ttl < DNS_CACHE_TTL_MIN) {
ttl = DNS_CACHE_TTL_MIN;
}
key = hash_string(domain);
key = jhash(&qtype, sizeof(qtype), key);
safe_strncpy(dns_cache->domain, domain, DNS_MAX_CNAME_LEN);
dns_cache->cname[0] = 0;
dns_cache->qtype = qtype;
dns_cache->ttl = ttl;
atomic_set(&dns_cache->hitnum, 3);
dns_cache->hitnum_update_add = DNS_CACHE_HITNUM_STEP;
dns_cache->del_pending = 0;
dns_cache->speed = speed;
memset(dns_cache, 0, sizeof(*dns_cache));
key = hash_string(info->domain);
key = jhash(&info->qtype, sizeof(info->qtype), key);
atomic_set(&dns_cache->ref, 1);
time(&dns_cache->insert_time);
if (qtype == DNS_T_A) {
if (addr_len != DNS_RR_A_LEN) {
goto errout;
}
memcpy(dns_cache->addr, addr, DNS_RR_A_LEN);
} else if (qtype == DNS_T_AAAA) {
if (addr_len != DNS_RR_AAAA_LEN) {
goto errout;
}
memcpy(dns_cache->addr, addr, DNS_RR_AAAA_LEN);
} else {
goto errout;
}
if (cname) {
safe_strncpy(dns_cache->cname, cname, DNS_MAX_CNAME_LEN);
dns_cache->cname_ttl = cname_ttl;
}
memcpy(&dns_cache->info, info, sizeof(*info));
dns_cache->del_pending = 0;
dns_cache->cache_data = cache_data;
pthread_mutex_lock(&dns_cache_head.lock);
hash_add(dns_cache_head.cache_hash, &dns_cache->node, key);
list_add_tail(&dns_cache->list, &dns_cache_head.cache_list);
list_add_tail(&dns_cache->list, head);
INIT_LIST_HEAD(&dns_cache->check_list);
/* Release extra cache, remove oldest cache record */
if (atomic_inc_return(&dns_cache_head.num) > dns_cache_head.size) {
struct dns_cache *del_cache;
del_cache = _dns_cache_first();
del_cache = _dns_inactive_cache_first();
if (del_cache) {
_dns_cache_remove(del_cache);
}
@@ -259,6 +289,33 @@ errout:
return -1;
}
int dns_cache_insert(char *domain, int ttl, dns_type_t qtype, int speed, struct dns_cache_data *cache_data)
{
struct dns_cache_info info;
if (cache_data == NULL || domain == NULL) {
return -1;
}
if (dns_cache_head.size <= 0) {
return 0;
}
if (ttl < DNS_CACHE_TTL_MIN) {
ttl = DNS_CACHE_TTL_MIN;
}
info.hitnum = 3;
safe_strncpy(info.domain, domain, DNS_MAX_CNAME_LEN);
info.qtype = qtype;
info.ttl = ttl;
info.hitnum_update_add = DNS_CACHE_HITNUM_STEP;
info.speed = speed;
time(&info.insert_time);
return _dns_cache_insert(&info, cache_data, &dns_cache_head.cache_list);
}
struct dns_cache *dns_cache_lookup(char *domain, dns_type_t qtype)
{
uint32_t key = 0;
@@ -278,11 +335,11 @@ struct dns_cache *dns_cache_lookup(char *domain, dns_type_t qtype)
pthread_mutex_lock(&dns_cache_head.lock);
hash_for_each_possible(dns_cache_head.cache_hash, dns_cache, node, key)
{
if (dns_cache->qtype != qtype) {
if (dns_cache->info.qtype != qtype) {
continue;
}
if (strncmp(domain, dns_cache->domain, DNS_MAX_CNAME_LEN) != 0) {
if (strncmp(domain, dns_cache->info.domain, DNS_MAX_CNAME_LEN) != 0) {
continue;
}
@@ -292,7 +349,7 @@ struct dns_cache *dns_cache_lookup(char *domain, dns_type_t qtype)
if (dns_cache_ret) {
/* Return NULL if the cache times out */
if (dns_cache_head.enable_inactive == 0 && (now - dns_cache_ret->insert_time > dns_cache_ret->ttl)) {
if (dns_cache_head.enable_inactive == 0 && (now - dns_cache_ret->info.insert_time > dns_cache_ret->info.ttl)) {
_dns_cache_remove(dns_cache_ret);
dns_cache_ret = NULL;
} else {
@@ -311,7 +368,7 @@ int dns_cache_get_ttl(struct dns_cache *dns_cache)
int ttl = 0;
time(&now);
ttl = dns_cache->insert_time + dns_cache->ttl - now;
ttl = dns_cache->info.insert_time + dns_cache->info.ttl - now;
if (ttl < 0) {
return 0;
}
@@ -319,6 +376,11 @@ int dns_cache_get_ttl(struct dns_cache *dns_cache)
return ttl;
}
struct dns_cache_data *dns_cache_get_data(struct dns_cache *dns_cache)
{
return dns_cache->cache_data;
}
void dns_cache_delete(struct dns_cache *dns_cache)
{
pthread_mutex_lock(&dns_cache_head.lock);
@@ -328,15 +390,14 @@ void dns_cache_delete(struct dns_cache *dns_cache)
int dns_cache_hitnum_dec_get(struct dns_cache *dns_cache)
{
int hitnum = 0;
pthread_mutex_lock(&dns_cache_head.lock);
hitnum = atomic_dec_return(&dns_cache->hitnum);
if (dns_cache->hitnum_update_add > DNS_CACHE_HITNUM_STEP) {
dns_cache->hitnum_update_add--;
dns_cache->info.hitnum--;
if (dns_cache->info.hitnum_update_add > DNS_CACHE_HITNUM_STEP) {
dns_cache->info.hitnum_update_add--;
}
pthread_mutex_unlock(&dns_cache_head.lock);
return hitnum;
return dns_cache->info.hitnum;
}
void dns_cache_update(struct dns_cache *dns_cache)
@@ -345,13 +406,13 @@ void dns_cache_update(struct dns_cache *dns_cache)
if (!list_empty(&dns_cache->list)) {
list_del_init(&dns_cache->list);
list_add_tail(&dns_cache->list, &dns_cache_head.cache_list);
atomic_add(dns_cache->hitnum_update_add, &dns_cache->hitnum);
if (atomic_read(&dns_cache->hitnum) > DNS_CACHE_MAX_HITNUM) {
atomic_set(&dns_cache->hitnum, DNS_CACHE_MAX_HITNUM);
dns_cache->info.hitnum += dns_cache->info.hitnum_update_add;
if (dns_cache->info.hitnum > DNS_CACHE_MAX_HITNUM) {
dns_cache->info.hitnum = DNS_CACHE_MAX_HITNUM;
}
if (dns_cache->hitnum_update_add < DNS_CACHE_HITNUM_STEP_MAX) {
dns_cache->hitnum_update_add++;
if (dns_cache->info.hitnum_update_add < DNS_CACHE_HITNUM_STEP_MAX) {
dns_cache->info.hitnum_update_add++;
}
}
pthread_mutex_unlock(&dns_cache_head.lock);
@@ -365,7 +426,7 @@ void _dns_cache_remove_expired_ttl(time_t *now)
list_for_each_entry_safe(dns_cache, tmp, &dns_cache_head.inactive_list, list)
{
ttl = dns_cache->insert_time + dns_cache->ttl - *now;
ttl = dns_cache->info.insert_time + dns_cache->info.ttl - *now;
if (ttl > 0) {
continue;
}
@@ -394,7 +455,7 @@ void dns_cache_invalidate(dns_cache_preinvalid_callback callback, int ttl_pre)
pthread_mutex_lock(&dns_cache_head.lock);
list_for_each_entry_safe(dns_cache, tmp, &dns_cache_head.cache_list, list)
{
ttl = dns_cache->insert_time + dns_cache->ttl - now;
ttl = dns_cache->info.insert_time + dns_cache->info.ttl - now;
if (ttl > 0 && ttl < ttl_pre) {
/* If the TTL time is in the pre-timeout range, call callback function */
if (callback && dns_cache->del_pending == 0) {
@@ -430,6 +491,216 @@ void dns_cache_invalidate(dns_cache_preinvalid_callback callback, int ttl_pre)
}
}
static int _dns_cache_read_record(int fd, uint32_t cache_number)
{
int i = 0;
int ret = 0;
struct dns_cache_record cache_record;
struct dns_cache_data_head data_head;
struct dns_cache_data *cache_data = NULL;
struct list_head *head = NULL;
for (i = 0; i < cache_number; i++) {
ret = read(fd, &cache_record, sizeof(cache_record));
if (ret != sizeof(cache_record)) {
tlog(TLOG_ERROR, "read cache failed, %s", strerror(errno));
goto errout;
}
if (cache_record.magic != MAGIC_CACHE_DATA) {
tlog(TLOG_ERROR, "magic is invalid.");
goto errout;
}
if (cache_record.type == CACHE_RECORD_TYPE_ACTIVE) {
head = &dns_cache_head.cache_list;
} else {
head = &dns_cache_head.inactive_list;
}
ret = read(fd, &data_head, sizeof(data_head));
if (ret != sizeof(data_head)) {
tlog(TLOG_ERROR, "read data head failed, %s", strerror(errno));
goto errout;
}
if (data_head.size > 1024 * 8) {
tlog(TLOG_ERROR, "data may invalid, skip load cache.");
goto errout;
}
cache_data = malloc(data_head.size + sizeof(data_head));
if (cache_data == NULL) {
tlog(TLOG_ERROR, "malloc cache data failed %s", strerror(errno));
goto errout;
}
memcpy(&cache_data->head, &data_head, sizeof(data_head));
ret = read(fd, cache_data->data, data_head.size);
if (ret != data_head.size) {
tlog(TLOG_ERROR, "read cache data failed, %s", strerror(errno));
goto errout;
}
if (_dns_cache_insert(&cache_record.info, cache_data, head) != 0) {
tlog(TLOG_ERROR, "insert cache data failed.");
cache_data = NULL;
goto errout;
}
cache_data = NULL;
}
return 0;
errout:
if (cache_data) {
free(cache_data);
}
return -1;
}
int dns_cache_load(const char *file)
{
int fd = -1;
int ret = 0;
fd = open(file, O_RDONLY);
if (fd < 0) {
return 0;
}
struct dns_cache_file cache_file;
ret = read(fd, &cache_file, sizeof(cache_file));
if (ret != sizeof(cache_file)) {
tlog(TLOG_ERROR, "read cache head failed.");
goto errout;
}
if (cache_file.magic != MAGIC_NUMBER) {
tlog(TLOG_ERROR, "cache file is invalid.");
goto errout;
}
if (strncmp(cache_file.version, __TIMESTAMP__, DNS_CACHE_VERSION_LEN) != 0) {
tlog(TLOG_WARN, "cache version is different, skip load cache.");
goto errout;
}
if (_dns_cache_read_record(fd, cache_file.cache_number) != 0) {
goto errout;
}
close(fd);
return 0;
errout:
if (fd > 0) {
close(fd);
}
return -1;
}
static int _dns_cache_write_record(int fd, uint32_t *cache_number, enum CACHE_RECORD_TYPE type, struct list_head *head)
{
struct dns_cache *dns_cache = NULL;
struct dns_cache *tmp = NULL;
struct dns_cache_record cache_record;
pthread_mutex_lock(&dns_cache_head.lock);
list_for_each_entry_safe_reverse(dns_cache, tmp, head, list)
{
cache_record.magic = MAGIC_CACHE_DATA;
cache_record.type = type;
memcpy(&cache_record.info, &dns_cache->info, sizeof(struct dns_cache_info));
int ret = write(fd, &cache_record, sizeof(cache_record));
if (ret != sizeof(cache_record)) {
tlog(TLOG_ERROR, "write cache failed, %s", strerror(errno));
goto errout;
}
struct dns_cache_data *cache_data = dns_cache->cache_data;
ret = write(fd, cache_data, sizeof(*cache_data) + cache_data->head.size);
if (ret != sizeof(*cache_data) + cache_data->head.size) {
tlog(TLOG_ERROR, "write cache data failed, %s", strerror(errno));
goto errout;
}
(*cache_number)++;
}
pthread_mutex_unlock(&dns_cache_head.lock);
return 0;
errout:
pthread_mutex_unlock(&dns_cache_head.lock);
return -1;
}
static int _dns_cache_write_records(int fd, uint32_t *cache_number)
{
if (_dns_cache_write_record(fd, cache_number, CACHE_RECORD_TYPE_ACTIVE, &dns_cache_head.cache_list) != 0) {
return -1;
}
if (_dns_cache_write_record(fd, cache_number, CACHE_RECORD_TYPE_INACTIVE, &dns_cache_head.inactive_list) != 0) {
return -1;
}
return 0;
}
int dns_cache_save(const char *file)
{
int fd = -1;
uint32_t cache_number = 0;
tlog(TLOG_DEBUG, "write cache file %s", file);
fd = open(file, O_TRUNC | O_CREAT | O_WRONLY, 0640);
if (fd < 0) {
tlog(TLOG_ERROR, "create file %s failed, %s", file, strerror(errno));
goto errout;
}
struct dns_cache_file cache_file;
memset(&cache_file, 0, sizeof(cache_file));
cache_file.magic = MAGIC_NUMBER;
safe_strncpy(cache_file.version, __TIMESTAMP__, DNS_CACHE_VERSION_LEN);
cache_file.cache_number = 0;
if (lseek(fd, sizeof(cache_file), SEEK_SET) < 0) {
tlog(TLOG_ERROR, "seek file %s failed, %s", file, strerror(errno));
goto errout;
}
if (_dns_cache_write_records(fd, &cache_number) != 0) {
tlog(TLOG_ERROR, "write record to file %s failed.", file);
goto errout;
}
if (lseek(fd, 0, SEEK_SET) < 0) {
tlog(TLOG_ERROR, "seek file %s failed, %s", file, strerror(errno));
goto errout;
}
cache_file.cache_number = cache_number;
if (write(fd, &cache_file, sizeof(cache_file)) != sizeof(cache_file)) {
tlog(TLOG_ERROR, "write file head %s failed, %s, %d", file, strerror(errno), fd);
goto errout;
}
tlog(TLOG_DEBUG, "wrote total %d records.", cache_number);
close(fd);
return 0;
errout:
if (fd > 0) {
close(fd);
}
return -1;
}
void dns_cache_destroy(void)
{
struct dns_cache *dns_cache = NULL;

104
src/dns_cache.h
View File

@@ -32,34 +32,100 @@ extern "C" {
#endif
#define DNS_CACHE_TTL_MIN 30
#define DNS_CACHE_VERSION_LEN 32
#define MAGIC_NUMBER 0x6548634163536e44
#define MAGIC_CACHE_DATA 0x44615461
enum CACHE_TYPE {
CACHE_TYPE_NONE,
CACHE_TYPE_ADDR,
CACHE_TYPE_PACKET,
};
enum CACHE_RECORD_TYPE {
CACHE_RECORD_TYPE_ACTIVE,
CACHE_RECORD_TYPE_INACTIVE,
};
struct dns_cache_data_head {
uint32_t cache_flag;
enum CACHE_TYPE cache_type;
size_t size;
};
struct dns_cache_data {
struct dns_cache_data_head head;
unsigned char data[0];
};
struct dns_cache_addr {
struct dns_cache_data_head head;
struct dns_cache_addr_data {
unsigned int cname_ttl;
char cname[DNS_MAX_CNAME_LEN];
union {
unsigned char ipv4_addr[DNS_RR_A_LEN];
unsigned char ipv6_addr[DNS_RR_AAAA_LEN];
unsigned char addr[0];
};
} addr_data;
};
struct dns_cache_packet {
struct dns_cache_data_head head;
unsigned char data[0];
};
struct dns_cache_info {
char domain[DNS_MAX_CNAME_LEN];
int ttl;
int hitnum;
int speed;
int hitnum_update_add;
time_t insert_time;
dns_type_t qtype;
};
struct dns_cache_record {
uint32_t magic;
enum CACHE_RECORD_TYPE type;
struct dns_cache_info info;
};
struct dns_cache {
struct hlist_node node;
struct list_head list;
struct list_head check_list;
atomic_t ref;
char domain[DNS_MAX_CNAME_LEN];
char cname[DNS_MAX_CNAME_LEN];
unsigned int cname_ttl;
unsigned int ttl;
int speed;
atomic_t hitnum;
int hitnum_update_add;
int del_pending;
time_t insert_time;
dns_type_t qtype;
union {
unsigned char ipv4_addr[DNS_RR_A_LEN];
unsigned char ipv6_addr[DNS_RR_AAAA_LEN];
unsigned char addr[0];
};
struct dns_cache_info info;
struct dns_cache_data *cache_data;
};
struct dns_cache_file {
uint64_t magic;
char version[DNS_CACHE_VERSION_LEN];
uint32_t cache_number;
};
enum CACHE_TYPE dns_cache_data_type(struct dns_cache_data *cache_data);
uint32_t dns_cache_get_cache_flag(struct dns_cache_data *cache_data);
void dns_cache_data_free(struct dns_cache_data *data);
struct dns_cache_data *dns_cache_new_data_addr(uint32_t cache_flag, char *cname, int cname_ttl, unsigned char *addr,
int addr_len);
struct dns_cache_data *dns_cache_new_data_packet(uint32_t cache_flag, void *packet, size_t packet_len);
int dns_cache_init(int size, int enable_inactive, int inactive_list_expired);
int dns_cache_replace(char *domain, char *cname, int cname_ttl, int ttl, dns_type_t qtype, unsigned char *addr, int addr_len, int speed);
int dns_cache_replace(char *domain, int ttl, dns_type_t qtype, int speed, struct dns_cache_data *cache_data);
int dns_cache_insert(char *domain, char *cname, int cname_ttl, int ttl, dns_type_t qtype, unsigned char *addr, int addr_len, int speed);
int dns_cache_insert(char *domain, int ttl, dns_type_t qtype, int speed, struct dns_cache_data *cache_data);
struct dns_cache *dns_cache_lookup(char *domain, dns_type_t qtype);
@@ -79,8 +145,14 @@ void dns_cache_invalidate(dns_cache_preinvalid_callback callback, int ttl_pre);
int dns_cache_get_ttl(struct dns_cache *dns_cache);
struct dns_cache_data *dns_cache_get_data(struct dns_cache *dns_cache);
void dns_cache_destroy(void);
int dns_cache_load(const char *file);
int dns_cache_save(const char *file);
#ifdef __cpluscplus
}
#endif

647
src/dns_client.c
View File

File diff suppressed because it is too large Load Diff

10
src/dns_client.h
View File

@@ -52,8 +52,9 @@ int dns_client_init(void);
int dns_client_set_ecs(char *ip, int subnet);
/* query result notify function */
typedef int (*dns_client_callback)(char *domain, dns_result_type rtype, unsigned int result_flag, struct dns_packet *packet, unsigned char *inpacket,
int inpacket_len, void *user_ptr);
typedef int (*dns_client_callback)(char *domain, dns_result_type rtype, unsigned int result_flag,
struct dns_packet *packet, unsigned char *inpacket, int inpacket_len,
void *user_ptr);
/* query domain */
int dns_client_query(char *domain, int qtype, dns_client_callback callback, void *user_ptr, const char *group_name);
@@ -69,6 +70,7 @@ struct client_dns_server_flag_tls {
int spi_len;
char hostname[DNS_MAX_CNAME_LEN];
char tls_host_verify[DNS_MAX_CNAME_LEN];
char skip_check_cert;
};
struct client_dns_server_flag_https {
@@ -78,6 +80,7 @@ struct client_dns_server_flag_https {
char httphost[DNS_MAX_CNAME_LEN];
char path[DNS_MAX_CNAME_LEN];
char tls_host_verify[DNS_MAX_CNAME_LEN];
char skip_check_cert;
};
struct client_dns_server_flags {
@@ -95,7 +98,8 @@ struct client_dns_server_flags {
int dns_client_spki_decode(const char *spki, unsigned char *spki_data_out);
/* add remote dns server */
int dns_client_add_server(char *server_ip, int port, dns_server_type_t server_type, struct client_dns_server_flags *flags);
int dns_client_add_server(char *server_ip, int port, dns_server_type_t server_type,
struct client_dns_server_flags *flags);
/* remove remote dns server */
int dns_client_remove_server(char *server_ip, int port, dns_server_type_t server_type);

27
src/dns_conf.c
View File

@@ -50,6 +50,7 @@ int dns_conf_cachesize = DEFAULT_DNS_CACHE_SIZE;
int dns_conf_prefetch = 0;
int dns_conf_serve_expired = 0;
int dns_conf_serve_expired_ttl = 0;
int dns_conf_serve_expired_reply_ttl = 5;
/* upstream servers */
struct dns_servers dns_conf_servers[DNS_MAX_SERVERS];
@@ -68,6 +69,13 @@ char dns_conf_log_file[DNS_MAX_PATH];
size_t dns_conf_log_size = 1024 * 1024;
int dns_conf_log_num = 8;
/* CA file */
char dns_conf_ca_file[DNS_MAX_PATH];
char dns_conf_ca_path[DNS_MAX_PATH];
char dns_conf_cache_file[DNS_MAX_PATH];
int dns_conf_cache_persist = 2;
/* auditing */
int dns_conf_audit_enable = 0;
int dns_conf_audit_log_SOA;
@@ -103,6 +111,10 @@ static int _get_domain(char *value, char *domain, int max_dmain_size, char **ptr
char *end = NULL;
int len = 0;
if (value == NULL || domain == NULL) {
goto errout;
}
/* first field */
begin = strstr(value, "/");
if (begin == NULL) {
@@ -246,6 +258,7 @@ static int _config_server(int argc, char *argv[], dns_server_type_t type, int de
{"spki-pin", required_argument, NULL, 'p'}, /* check SPKI pin */
{"host-name", required_argument, NULL, 'h'}, /* host name */
{"http-host", required_argument, NULL, 'H'}, /* http host */
{"no-check-certificate", no_argument, NULL, 'N'}, /* do not check certificate */
{"tls-host-verify", required_argument, NULL, 'V' }, /* verify tls hostname */
{"group", required_argument, NULL, 'g'}, /* add to group */
{"exclude-default-group", no_argument, NULL, 'E'}, /* ecluse this from default group */
@@ -257,6 +270,7 @@ static int _config_server(int argc, char *argv[], dns_server_type_t type, int de
return -1;
}
ip = argv[1];
if (index >= DNS_MAX_SERVERS) {
tlog(TLOG_WARN, "exceeds max server number, %s", ip);
return 0;
@@ -269,8 +283,6 @@ static int _config_server(int argc, char *argv[], dns_server_type_t type, int de
server->httphost[0] = '\0';
server->tls_host_verify[0] = '\0';
ip = argv[1];
if (type == DNS_SERVER_HTTPS) {
if (parse_uri(ip, NULL, server->server, &port, server->path) != 0) {
return -1;
@@ -340,6 +352,10 @@ static int _config_server(int argc, char *argv[], dns_server_type_t type, int de
safe_strncpy(server->tls_host_verify, optarg, DNS_MAX_CNAME_LEN);
break;
}
case 'N': {
server->skip_check_cert = 1;
break;
}
default:
break;
}
@@ -862,6 +878,7 @@ static int _config_bind_ip(int argc, char *argv[], DNS_BIND_TYPE type)
goto errout;
}
ip = argv[1];
if (index >= DNS_MAX_SERVERS) {
tlog(TLOG_WARN, "exceeds max server number, %s", ip);
return 0;
@@ -870,7 +887,6 @@ static int _config_bind_ip(int argc, char *argv[], DNS_BIND_TYPE type)
bind_ip = &dns_conf_bind_ip[index];
bind_ip->type = type;
bind_ip->flags = 0;
ip = argv[1];
safe_strncpy(bind_ip->ip, ip, DNS_MAX_IPLEN);
/* process extra options */
@@ -1346,9 +1362,12 @@ static struct config_item _config_item[] = {
CONF_CUSTOM("speed-check-mode", _config_speed_check_mode, NULL),
CONF_INT("tcp-idle-time", &dns_conf_tcp_idle_time, 0, 3600),
CONF_INT("cache-size", &dns_conf_cachesize, 0, CONF_INT_MAX),
CONF_STRING("cache-file", (char *)&dns_conf_cache_file, DNS_MAX_PATH),
CONF_YESNO("cache-persist", &dns_conf_cache_persist),
CONF_YESNO("prefetch-domain", &dns_conf_prefetch),
CONF_YESNO("serve-expired", &dns_conf_serve_expired),
CONF_INT("serve-expired-ttl", &dns_conf_serve_expired_ttl, 0, CONF_INT_MAX),
CONF_INT("serve-expired-reply-ttl", &dns_conf_serve_expired_reply_ttl, 0, CONF_INT_MAX),
CONF_YESNO("dualstack-ip-selection", &dns_conf_dualstack_ip_selection),
CONF_INT("dualstack-ip-selection-threshold", &dns_conf_dualstack_ip_selection_threshold, 0, 1000),
CONF_CUSTOM("log-level", _config_log_level, NULL),
@@ -1370,6 +1389,8 @@ static struct config_item _config_item[] = {
CONF_CUSTOM("ignore-ip", _conf_ip_ignore, NULL),
CONF_CUSTOM("edns-client-subnet", _conf_edns_client_subnet, NULL),
CONF_CUSTOM("domain-rules", _conf_domain_rules, NULL),
CONF_STRING("ca-file", (char *)&dns_conf_ca_file, DNS_MAX_PATH),
CONF_STRING("ca-path", (char *)&dns_conf_ca_path, DNS_MAX_PATH),
CONF_CUSTOM("conf-file", config_addtional_file, NULL),
CONF_END(),
};

11
src/dns_conf.h
View File

@@ -49,6 +49,7 @@ extern "C" {
#define SMARTDNS_CONF_FILE "/etc/smartdns/smartdns.conf"
#define SMARTDNS_LOG_FILE "/var/log/smartdns.log"
#define SMARTDNS_AUDIT_FILE "/var/log/smartdns-audit.log"
#define SMARTDNS_CACHE_FILE "/tmp/smartdns.cache"
enum domain_rule {
DOMAIN_RULE_FLAGS = 0,
@@ -90,7 +91,7 @@ typedef enum {
#define BIND_FLAG_NO_SPEED_CHECK (1 << 5)
#define BIND_FLAG_NO_CACHE (1 << 6)
#define BIND_FLAG_NO_DUALSTACK_SELECTION (1 << 7)
#define BIND_FLAG_FORCE_AAAA_SOA (1 << 8)
#define BIND_FLAG_FORCE_AAAA_SOA (1 << 8)
struct dns_rule_flags {
unsigned int flags;
@@ -145,6 +146,7 @@ struct dns_servers {
unsigned int server_flag;
int ttl;
dns_server_type_t type;
char skip_check_cert;
char spki[DNS_MAX_SPKI_LEN];
char hostname[DNS_MAX_CNAME_LEN];
char httphost[DNS_MAX_CNAME_LEN];
@@ -203,6 +205,7 @@ extern int dns_conf_cachesize;
extern int dns_conf_prefetch;
extern int dns_conf_serve_expired;
extern int dns_conf_serve_expired_ttl;
extern int dns_conf_serve_expired_reply_ttl;
extern struct dns_servers dns_conf_servers[DNS_MAX_SERVERS];
extern int dns_conf_server_num;
@@ -211,6 +214,12 @@ extern char dns_conf_log_file[DNS_MAX_PATH];
extern size_t dns_conf_log_size;
extern int dns_conf_log_num;
extern char dns_conf_ca_file[DNS_MAX_PATH];
extern char dns_conf_ca_path[DNS_MAX_PATH];
extern char dns_conf_cache_file[DNS_MAX_PATH];
extern int dns_conf_cache_persist;
extern struct dns_domain_check_order dns_conf_check_order;
extern struct dns_server_groups dns_conf_server_groups[DNS_NAX_GROUP_NUMBER];

840
src/dns_server.c
View File

File diff suppressed because it is too large Load Diff

6
src/dns_server.h
View File

@@ -20,6 +20,7 @@
#define _SMART_DNS_SERVER_H
#include "dns.h"
#include <stdint.h>
#ifdef __cpluscplus
extern "C" {
@@ -36,10 +37,11 @@ void dns_server_stop(void);
void dns_server_exit(void);
/* query result notify function */
typedef int (*dns_result_callback)(char *domain, dns_rtcode_t rtcode, dns_type_t addr_type, char *ip, unsigned int ping_time, void *user_ptr);
typedef int (*dns_result_callback)(char *domain, dns_rtcode_t rtcode, dns_type_t addr_type, char *ip,
unsigned int ping_time, void *user_ptr);
/* query domain */
int dns_server_query(char *domain, int qtype, dns_result_callback callback, void *user_ptr);
int dns_server_query(char *domain, int qtype, uint32_t server_flags, dns_result_callback callback, void *user_ptr);
#ifdef __cpluscplus
}

104
src/fast_ping.c
View File

@@ -219,7 +219,8 @@ static void _fast_ping_install_filter_v4(int sock)
}
}
static int _fast_ping_sockaddr_ip_cmp(struct sockaddr *first_addr, socklen_t first_addr_len, struct sockaddr *second_addr, socklen_t second_addr_len)
static int _fast_ping_sockaddr_ip_cmp(struct sockaddr *first_addr, socklen_t first_addr_len,
struct sockaddr *second_addr, socklen_t second_addr_len)
{
if (first_addr_len != second_addr_len) {
return -1;
@@ -379,8 +380,8 @@ static void _fast_ping_host_put(struct ping_host_struct *ping_host)
tv.tv_sec = 0;
tv.tv_usec = 0;
ping_host->ping_callback(ping_host, ping_host->host, PING_RESULT_END, &ping_host->addr, ping_host->addr_len, ping_host->seq, ping_host->ttl, &tv,
ping_host->userptr);
ping_host->ping_callback(ping_host, ping_host->host, PING_RESULT_END, &ping_host->addr, ping_host->addr_len,
ping_host->seq, ping_host->ttl, &tv, ping_host->userptr);
}
tlog(TLOG_DEBUG, "ping end, id %d", ping_host->sid);
@@ -407,8 +408,8 @@ static void _fast_ping_host_remove(struct ping_host_struct *ping_host)
tv.tv_sec = 0;
tv.tv_usec = 0;
ping_host->ping_callback(ping_host, ping_host->host, PING_RESULT_END, &ping_host->addr, ping_host->addr_len, ping_host->seq, ping_host->ttl, &tv,
ping_host->userptr);
ping_host->ping_callback(ping_host, ping_host->host, PING_RESULT_END, &ping_host->addr, ping_host->addr_len,
ping_host->seq, ping_host->ttl, &tv, ping_host->userptr);
}
_fast_ping_host_put(ping_host);
@@ -435,7 +436,8 @@ static int _fast_ping_sendping_v6(struct ping_host_struct *ping_host)
packet->msg.seq = ping_host->seq;
icmp6->icmp6_cksum = _fast_ping_checksum((void *)packet, sizeof(struct fast_ping_packet));
len = sendto(ping.fd_icmp6, &ping_host->packet, sizeof(struct fast_ping_packet), 0, (struct sockaddr *)&ping_host->addr, ping_host->addr_len);
len = sendto(ping.fd_icmp6, &ping_host->packet, sizeof(struct fast_ping_packet), 0,
(struct sockaddr *)&ping_host->addr, ping_host->addr_len);
if (len < 0 || len != sizeof(struct fast_ping_packet)) {
int err = errno;
if (errno == ENETUNREACH || errno == EINVAL) {
@@ -450,8 +452,9 @@ static int _fast_ping_sendping_v6(struct ping_host_struct *ping_host)
}
char ping_host_name[PING_MAX_HOSTLEN];
tlog(TLOG_ERROR, "sendto %s, id %d, %s", gethost_by_addr(ping_host_name, sizeof(ping_host_name), (struct sockaddr *)&ping_host->addr), ping_host->sid,
strerror(err));
tlog(TLOG_ERROR, "sendto %s, id %d, %s",
gethost_by_addr(ping_host_name, sizeof(ping_host_name), (struct sockaddr *)&ping_host->addr),
ping_host->sid, strerror(err));
goto errout;
}
@@ -482,15 +485,17 @@ static int _fast_ping_sendping_v4(struct ping_host_struct *ping_host)
packet->msg.cookie = ping_host->cookie;
icmp->icmp_cksum = _fast_ping_checksum((void *)packet, sizeof(struct fast_ping_packet));
len = sendto(ping.fd_icmp, packet, sizeof(struct fast_ping_packet), 0, (struct sockaddr *)&ping_host->addr, ping_host->addr_len);
len = sendto(ping.fd_icmp, packet, sizeof(struct fast_ping_packet), 0, (struct sockaddr *)&ping_host->addr,
ping_host->addr_len);
if (len < 0 || len != sizeof(struct fast_ping_packet)) {
int err = errno;
if (errno == ENETUNREACH || errno == EINVAL) {
goto errout;
}
char ping_host_name[PING_MAX_HOSTLEN];
tlog(TLOG_ERROR, "sendto %s, id %d, %s", gethost_by_addr(ping_host_name, sizeof(ping_host_name), (struct sockaddr *)&ping_host->addr), ping_host->sid,
strerror(err));
tlog(TLOG_ERROR, "sendto %s, id %d, %s",
gethost_by_addr(ping_host_name, sizeof(ping_host_name), (struct sockaddr *)&ping_host->addr),
ping_host->sid, strerror(err));
goto errout;
}
@@ -535,8 +540,9 @@ static int _fast_ping_sendping_udp(struct ping_host_struct *ping_host)
goto errout;
}
char ping_host_name[PING_MAX_HOSTLEN];
tlog(TLOG_ERROR, "sendto %s, id %d, %s", gethost_by_addr(ping_host_name, sizeof(ping_host_name), (struct sockaddr *)&ping_host->addr), ping_host->sid,
strerror(err));
tlog(TLOG_ERROR, "sendto %s, id %d, %s",
gethost_by_addr(ping_host_name, sizeof(ping_host_name), (struct sockaddr *)&ping_host->addr),
ping_host->sid, strerror(err));
goto errout;
}
@@ -567,6 +573,11 @@ static int _fast_ping_sendping_tcp(struct ping_host_struct *ping_host)
setsockopt(fd, IPPROTO_TCP, TCP_NODELAY, &yes, sizeof(yes));
setsockopt(fd, SOL_SOCKET, SO_PRIORITY, &priority, sizeof(priority));
setsockopt(fd, IPPROTO_IP, IP_TOS, &ip_tos, sizeof(ip_tos));
set_sock_keepalive(fd, 0, 0, 0);
/* Set the socket lingering so we will RST connections instead of wasting
* bandwidth with the four-step close
*/
set_sock_lingertime(fd, 0);
ping_host->seq++;
if (connect(fd, (struct sockaddr *)&ping_host->addr, ping_host->addr_len) != 0) {
@@ -583,7 +594,8 @@ static int _fast_ping_sendping_tcp(struct ping_host_struct *ping_host)
bool_print_log = 0;
}
tlog(TLOG_ERROR, "connect %s, id %d, %s", gethost_by_addr(ping_host_name, sizeof(ping_host_name), (struct sockaddr *)&ping_host->addr),
tlog(TLOG_ERROR, "connect %s, id %d, %s",
gethost_by_addr(ping_host_name, sizeof(ping_host_name), (struct sockaddr *)&ping_host->addr),
ping_host->sid, strerror(errno));
goto errout;
}
@@ -671,8 +683,8 @@ static int _fast_ping_create_icmp_sock(FAST_PING_TYPE type)
}
struct icmp_filter filt;
filt.data = ~((1 << ICMP_SOURCE_QUENCH) | (1 << ICMP_DEST_UNREACH) | (1 << ICMP_TIME_EXCEEDED) | (1 << ICMP_PARAMETERPROB) | (1 << ICMP_REDIRECT) |
(1 << ICMP_ECHOREPLY));
filt.data = ~((1 << ICMP_SOURCE_QUENCH) | (1 << ICMP_DEST_UNREACH) | (1 << ICMP_TIME_EXCEEDED) |
(1 << ICMP_PARAMETERPROB) | (1 << ICMP_REDIRECT) | (1 << ICMP_ECHOREPLY));
setsockopt(fd, SOL_RAW, ICMP_FILTER, &filt, sizeof filt);
setsockopt(fd, SOL_SOCKET, SO_SNDBUF, (const char *)&buffsize, optlen);
setsockopt(fd, SOL_SOCKET, SO_RCVBUF, (const char *)&buffsize, optlen);
@@ -829,8 +841,9 @@ errout:
return -1;
}
static void _fast_ping_print_result(struct ping_host_struct *ping_host, const char *host, FAST_PING_RESULT result, struct sockaddr *addr, socklen_t addr_len,
int seqno, int ttl, struct timeval *tv, void *userptr)
static void _fast_ping_print_result(struct ping_host_struct *ping_host, const char *host, FAST_PING_RESULT result,
struct sockaddr *addr, socklen_t addr_len, int seqno, int ttl, struct timeval *tv,
void *userptr)
{
if (result == PING_RESULT_RESPONSE) {
double rtt = tv->tv_sec * 1000.0 + tv->tv_usec / 1000.0;
@@ -842,7 +855,8 @@ static void _fast_ping_print_result(struct ping_host_struct *ping_host, const ch
}
}
static int _fast_ping_get_addr_by_icmp(const char *ip_str, int port, struct addrinfo **out_gai, FAST_PING_TYPE *out_ping_type)
static int _fast_ping_get_addr_by_icmp(const char *ip_str, int port, struct addrinfo **out_gai,
FAST_PING_TYPE *out_ping_type)
{
struct addrinfo *gai = NULL;
int socktype = 0;
@@ -891,7 +905,8 @@ errout:
return -1;
}
static int _fast_ping_get_addr_by_tcp(const char *ip_str, int port, struct addrinfo **out_gai, FAST_PING_TYPE *out_ping_type)
static int _fast_ping_get_addr_by_tcp(const char *ip_str, int port, struct addrinfo **out_gai,
FAST_PING_TYPE *out_ping_type)
{
struct addrinfo *gai = NULL;
int socktype = 0;
@@ -926,7 +941,8 @@ errout:
return -1;
}
static int _fast_ping_get_addr_by_dns(const char *ip_str, int port, struct addrinfo **out_gai, FAST_PING_TYPE *out_ping_type)
static int _fast_ping_get_addr_by_dns(const char *ip_str, int port, struct addrinfo **out_gai,
FAST_PING_TYPE *out_ping_type)
{
struct addrinfo *gai = NULL;
int socktype = 0;
@@ -982,7 +998,8 @@ errout:
return -1;
}
static int _fast_ping_get_addr_by_type(PING_TYPE type, const char *ip_str, int port, struct addrinfo **out_gai, FAST_PING_TYPE *out_ping_type)
static int _fast_ping_get_addr_by_type(PING_TYPE type, const char *ip_str, int port, struct addrinfo **out_gai,
FAST_PING_TYPE *out_ping_type)
{
switch (type) {
case PING_TYPE_ICMP:
@@ -1001,14 +1018,15 @@ static int _fast_ping_get_addr_by_type(PING_TYPE type, const char *ip_str, int p
return -1;
}
struct ping_host_struct *fast_ping_start(PING_TYPE type, const char *host, int count, int interval, int timeout, fast_ping_result ping_callback, void *userptr)
struct ping_host_struct *fast_ping_start(PING_TYPE type, const char *host, int count, int interval, int timeout,
fast_ping_result ping_callback, void *userptr)
{
struct ping_host_struct *ping_host = NULL;
struct addrinfo *gai = NULL;
uint32_t addrkey;
char ip_str[PING_MAX_HOSTLEN];
int port = -1;
FAST_PING_TYPE ping_type;
FAST_PING_TYPE ping_type = FAST_PING_END;
unsigned int seed;
int ret = 0;
@@ -1106,7 +1124,8 @@ static void tv_sub(struct timeval *out, struct timeval *in)
out->tv_sec -= in->tv_sec;
}
static struct fast_ping_packet *_fast_ping_icmp6_packet(struct ping_host_struct *ping_host, struct msghdr *msg, u_char *packet_data, int data_len)
static struct fast_ping_packet *_fast_ping_icmp6_packet(struct ping_host_struct *ping_host, struct msghdr *msg,
u_char *packet_data, int data_len)
{
int icmp_len;
struct fast_ping_packet *packet = (struct fast_ping_packet *)packet_data;
@@ -1148,7 +1167,8 @@ static struct fast_ping_packet *_fast_ping_icmp6_packet(struct ping_host_struct
return packet;
}
static struct fast_ping_packet *_fast_ping_icmp_packet(struct ping_host_struct *ping_host, struct msghdr *msg, u_char *packet_data, int data_len)
static struct fast_ping_packet *_fast_ping_icmp_packet(struct ping_host_struct *ping_host, struct msghdr *msg,
u_char *packet_data, int data_len)
{
struct ip *ip = (struct ip *)packet_data;
struct fast_ping_packet *packet;
@@ -1185,8 +1205,8 @@ static struct fast_ping_packet *_fast_ping_icmp_packet(struct ping_host_struct *
return packet;
}
static struct fast_ping_packet *_fast_ping_recv_packet(struct ping_host_struct *ping_host, struct msghdr *msg, u_char *inpacket, int len,
struct timeval *tvrecv)
static struct fast_ping_packet *_fast_ping_recv_packet(struct ping_host_struct *ping_host, struct msghdr *msg,
u_char *inpacket, int len, struct timeval *tvrecv)
{
struct fast_ping_packet *packet = NULL;
@@ -1248,7 +1268,8 @@ static int _fast_ping_process_icmp(struct ping_host_struct *ping_host, struct ti
packet = _fast_ping_recv_packet(ping_host, &msg, inpacket, len, now);
if (packet == NULL) {
char name[PING_MAX_HOSTLEN];
tlog(TLOG_DEBUG, "recv ping packet from %s failed.", gethost_by_addr(name, sizeof(name), (struct sockaddr *)&from));
tlog(TLOG_DEBUG, "recv ping packet from %s failed.",
gethost_by_addr(name, sizeof(name), (struct sockaddr *)&from));
goto errout;
}
@@ -1260,7 +1281,8 @@ static int _fast_ping_process_icmp(struct ping_host_struct *ping_host, struct ti
pthread_mutex_lock(&ping.map_lock);
hash_for_each_possible(ping.addrmap, recv_ping_host, addr_node, addrkey)
{
if (_fast_ping_sockaddr_ip_cmp(&recv_ping_host->addr, recv_ping_host->addr_len, (struct sockaddr *)&from, from_len) == 0 &&
if (_fast_ping_sockaddr_ip_cmp(&recv_ping_host->addr, recv_ping_host->addr_len, (struct sockaddr *)&from,
from_len) == 0 &&
recv_ping_host->sid == sid && recv_ping_host->cookie == cookie) {
_fast_ping_host_get(recv_ping_host);
break;
@@ -1282,8 +1304,9 @@ static int _fast_ping_process_icmp(struct ping_host_struct *ping_host, struct ti
recv_ping_host->ttl = packet->ttl;
tv_sub(&tvresult, tvsend);
if (recv_ping_host->ping_callback) {
recv_ping_host->ping_callback(recv_ping_host, recv_ping_host->host, PING_RESULT_RESPONSE, &recv_ping_host->addr, recv_ping_host->addr_len,
recv_ping_host->seq, recv_ping_host->ttl, &tvresult, recv_ping_host->userptr);
recv_ping_host->ping_callback(recv_ping_host, recv_ping_host->host, PING_RESULT_RESPONSE, &recv_ping_host->addr,
recv_ping_host->addr_len, recv_ping_host->seq, recv_ping_host->ttl, &tvresult,
recv_ping_host->userptr);
}
recv_ping_host->send = 0;
@@ -1316,8 +1339,8 @@ static int _fast_ping_process_tcp(struct ping_host_struct *ping_host, struct epo
}
tv_sub(&tvresult, tvsend);
if (ping_host->ping_callback) {
ping_host->ping_callback(ping_host, ping_host->host, PING_RESULT_RESPONSE, &ping_host->addr, ping_host->addr_len, ping_host->seq, ping_host->ttl,
&tvresult, ping_host->userptr);
ping_host->ping_callback(ping_host, ping_host->host, PING_RESULT_RESPONSE, &ping_host->addr,
ping_host->addr_len, ping_host->seq, ping_host->ttl, &tvresult, ping_host->userptr);
}
ping_host->send = 0;
@@ -1393,7 +1416,8 @@ static int _fast_ping_process_udp(struct ping_host_struct *ping_host, struct tim
pthread_mutex_lock(&ping.map_lock);
hash_for_each_possible(ping.addrmap, recv_ping_host, addr_node, addrkey)
{
if (_fast_ping_sockaddr_ip_cmp(&recv_ping_host->addr, recv_ping_host->addr_len, (struct sockaddr *)&from, from_len) == 0 &&
if (_fast_ping_sockaddr_ip_cmp(&recv_ping_host->addr, recv_ping_host->addr_len, (struct sockaddr *)&from,
from_len) == 0 &&
recv_ping_host->sid == sid) {
_fast_ping_host_get(recv_ping_host);
break;
@@ -1410,8 +1434,9 @@ static int _fast_ping_process_udp(struct ping_host_struct *ping_host, struct tim
tvsend = &recv_ping_host->last;
tv_sub(&tvresult, tvsend);
if (recv_ping_host->ping_callback) {
recv_ping_host->ping_callback(recv_ping_host, recv_ping_host->host, PING_RESULT_RESPONSE, &recv_ping_host->addr, recv_ping_host->addr_len,
recv_ping_host->seq, recv_ping_host->ttl, &tvresult, recv_ping_host->userptr);
recv_ping_host->ping_callback(recv_ping_host, recv_ping_host->host, PING_RESULT_RESPONSE, &recv_ping_host->addr,
recv_ping_host->addr_len, recv_ping_host->seq, recv_ping_host->ttl, &tvresult,
recv_ping_host->userptr);
}
recv_ping_host->send = 0;
@@ -1518,8 +1543,9 @@ static void _fast_ping_period_run(void)
tv_sub(&interval, &ping_host->last);
millisecond = interval.tv_sec * 1000 + interval.tv_usec / 1000;
if (millisecond >= ping_host->timeout && ping_host->send == 1) {
ping_host->ping_callback(ping_host, ping_host->host, PING_RESULT_TIMEOUT, &ping_host->addr, ping_host->addr_len, ping_host->seq, ping_host->ttl,
&interval, ping_host->userptr);
ping_host->ping_callback(ping_host, ping_host->host, PING_RESULT_TIMEOUT, &ping_host->addr,
ping_host->addr_len, ping_host->seq, ping_host->ttl, &interval,
ping_host->userptr);
ping_host->send = 0;
}

8
src/fast_ping.h
View File

@@ -38,11 +38,13 @@ typedef enum {
} FAST_PING_RESULT;
struct ping_host_struct;
typedef void (*fast_ping_result)(struct ping_host_struct *ping_host, const char *host, FAST_PING_RESULT result, struct sockaddr *addr, socklen_t addr_len,
int seqno, int ttl, struct timeval *tv, void *userptr);
typedef void (*fast_ping_result)(struct ping_host_struct *ping_host, const char *host, FAST_PING_RESULT result,
struct sockaddr *addr, socklen_t addr_len, int seqno, int ttl, struct timeval *tv,
void *userptr);
/* start ping */
struct ping_host_struct *fast_ping_start(PING_TYPE type, const char *host, int count, int interval, int timeout, fast_ping_result ping_callback, void *userptr);
struct ping_host_struct *fast_ping_start(PING_TYPE type, const char *host, int count, int interval, int timeout,
fast_ping_result ping_callback, void *userptr);
/* stop ping */
int fast_ping_stop(struct ping_host_struct *ping_host);

29
src/http_parse.c
View File

@@ -19,6 +19,7 @@
#include "http_parse.h"
#include "hash.h"
#include "hashtable.h"
#include "util.h"
#include "jhash.h"
#include "list.h"
#include <stdlib.h>
@@ -214,7 +215,7 @@ static int _http_head_parse_response(struct http_head *http_head, char *key, cha
{
char *field_start = NULL;
char *tmp_ptr = NULL;
char *result = NULL;
char *ret_msg = NULL;
char *ret_code = NULL;
if (strstr(key, "HTTP/") == NULL) {
@@ -226,29 +227,27 @@ static int _http_head_parse_response(struct http_head *http_head, char *key, cha
field_start = tmp_ptr;
}
if (*tmp_ptr == ' ') {
*tmp_ptr = '\0';
if (ret_code == NULL) {
ret_code = field_start;
} else if (result == NULL) {
result = field_start;
break;
}
field_start = NULL;
if (*tmp_ptr != ' ') {
continue;
}
*tmp_ptr = '\0';
ret_code = field_start;
ret_msg = tmp_ptr + 1;
field_start = NULL;
break;
}
if (field_start && result == NULL) {
result = field_start;
if (ret_code == NULL || ret_msg == NULL) {
return -1;
}
if (ret_code == NULL || result == NULL) {
if (is_numeric(ret_code) != 0) {
return -1;
}
http_head->code = atol(ret_code);
http_head->code_msg = result;
http_head->code_msg = ret_msg;
http_head->version = key;
http_head->head_type = HTTP_HEAD_RESPONSE;

6
src/include/atomic.h
View File

@@ -20,12 +20,6 @@
#ifndef _GENERIC_ATOMIC_H
#define _GENERIC_ATOMIC_H
/* Check GCC version, just to be safe */
#if !defined(__GNUC__) || (__GNUC__ < 4) || (__GNUC_MINOR__ < 1)
# error atomic.h works only with GCC newer than version 4.1
#endif /* GNUC >= 4.1 */
/**
* Atomic type.
*/

73
src/include/conf.h
View File

@@ -16,7 +16,6 @@
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#ifndef _GENERIC_CONF_H
#define _GENERIC_CONF_H
@@ -27,9 +26,9 @@
#define CONF_INT_MAX (~(1 << 31))
#define CONF_INT_MIN (1 << 31)
#define CONF_RET_OK 0
#define CONF_RET_ERR -1
#define CONF_RET_WARN -2
#define CONF_RET_OK 0
#define CONF_RET_ERR -1
#define CONF_RET_WARN -2
#define CONF_RET_NOENT -3
struct config_item {
@@ -64,48 +63,48 @@ struct config_item_size {
size_t max;
};
#define CONF_INT(key, value, min_value, max_value) \
{ \
key, conf_int, &(struct config_item_int) \
{ \
.data = value, .min = min_value, .max = max_value \
} \
#define CONF_INT(key, value, min_value, max_value) \
{ \
key, conf_int, &(struct config_item_int) \
{ \
.data = value, .min = min_value, .max = max_value \
} \
}
#define CONF_STRING(key, value, len_value) \
{ \
key, conf_string, &(struct config_item_string) \
{ \
.data = value, .size = len_value \
} \
#define CONF_STRING(key, value, len_value) \
{ \
key, conf_string, &(struct config_item_string) \
{ \
.data = value, .size = len_value \
} \
}
#define CONF_YESNO(key, value) \
{ \
key, conf_yesno, &(struct config_item_yesno) \
{ \
.data = value \
} \
#define CONF_YESNO(key, value) \
{ \
key, conf_yesno, &(struct config_item_yesno) \
{ \
.data = value \
} \
}
#define CONF_SIZE(key, value, min_value, max_value) \
{ \
key, conf_size, &(struct config_item_size) \
{ \
.data = value, .min = min_value, .max = max_value \
} \
#define CONF_SIZE(key, value, min_value, max_value) \
{ \
key, conf_size, &(struct config_item_size) \
{ \
.data = value, .min = min_value, .max = max_value \
} \
}
/*
* func: int (*func)(void *data, int argc, char *argv[]);
*/
#define CONF_CUSTOM(key, func, data) \
{ \
key, conf_custom, &(struct config_item_custom) \
{ \
.custom_data = data, .custom_func = func \
} \
#define CONF_CUSTOM(key, func, data) \
{ \
key, conf_custom, &(struct config_item_custom) \
{ \
.custom_data = data, .custom_func = func \
} \
}
#define CONF_END() \
{ \
NULL, NULL, NULL \
#define CONF_END() \
{ \
NULL, NULL, NULL \
}
extern int conf_custom(const char *item, void *data, int argc, char *argv[]);

34
src/smartdns.c
View File

@@ -79,7 +79,8 @@ static void _show_version(void)
#else
struct tm tm;
get_compiled_time(&tm);
snprintf(str_ver, sizeof(str_ver), "1.%.4d%.2d%.2d-%.2d%.2d", tm.tm_year + 1900, tm.tm_mon + 1, tm.tm_mday, tm.tm_hour, tm.tm_min);
snprintf(str_ver, sizeof(str_ver), "1.%.4d%.2d%.2d-%.2d%.2d", tm.tm_year + 1900, tm.tm_mon + 1, tm.tm_mday,
tm.tm_hour, tm.tm_min);
#endif
printf("smartdns %s\n", str_ver);
}
@@ -157,13 +158,18 @@ static int _smartdns_add_servers(void)
safe_strncpy(flag_http->hostname, dns_conf_servers[i].hostname, sizeof(flag_http->hostname));
safe_strncpy(flag_http->path, dns_conf_servers[i].path, sizeof(flag_http->path));
safe_strncpy(flag_http->httphost, dns_conf_servers[i].httphost, sizeof(flag_http->httphost));
safe_strncpy(flag_http->tls_host_verify, dns_conf_servers[i].tls_host_verify, sizeof(flag_http->tls_host_verify));
safe_strncpy(flag_http->tls_host_verify, dns_conf_servers[i].tls_host_verify,
sizeof(flag_http->tls_host_verify));
flag_http->skip_check_cert = dns_conf_servers[i].skip_check_cert;
} break;
case DNS_SERVER_TLS: {
struct client_dns_server_flag_tls *flag_tls = &flags.tls;
flag_tls->spi_len = dns_client_spki_decode(dns_conf_servers[i].spki, (unsigned char *)flag_tls->spki);
safe_strncpy(flag_tls->hostname, dns_conf_servers[i].hostname, sizeof(flag_tls->hostname));
safe_strncpy(flag_tls->tls_host_verify, dns_conf_servers[i].tls_host_verify, sizeof(flag_tls->tls_host_verify));
safe_strncpy(flag_tls->tls_host_verify, dns_conf_servers[i].tls_host_verify,
sizeof(flag_tls->tls_host_verify));
flag_tls->skip_check_cert = dns_conf_servers[i].skip_check_cert;
} break;
case DNS_SERVER_TCP:
break;
@@ -175,7 +181,8 @@ static int _smartdns_add_servers(void)
flags.type = dns_conf_servers[i].type;
flags.server_flag = dns_conf_servers[i].server_flag;
flags.result_flag = dns_conf_servers[i].result_flag;
ret = dns_client_add_server(dns_conf_servers[i].server, dns_conf_servers[i].port, dns_conf_servers[i].type, &flags);
ret = dns_client_add_server(dns_conf_servers[i].server, dns_conf_servers[i].port, dns_conf_servers[i].type,
&flags);
if (ret != 0) {
tlog(TLOG_ERROR, "add server failed, %s:%d", dns_conf_servers[i].server, dns_conf_servers[i].port);
return -1;
@@ -259,7 +266,8 @@ static int _smartdns_init(void)
tlog_setlogscreen(verbose_screen);
tlog_setlevel(dns_conf_log_level);
tlog(TLOG_NOTICE, "smartdns starting...(Copyright (C) Nick Peng <pymumu@gmail.com>, build:%s %s)", __DATE__, __TIME__);
tlog(TLOG_NOTICE, "smartdns starting...(Copyright (C) Nick Peng <pymumu@gmail.com>, build:%s %s)", __DATE__,
__TIME__);
if (_smartdns_init_ssl() != 0) {
tlog(TLOG_ERROR, "init ssl failed.");
@@ -331,21 +339,30 @@ static void _sig_error_exit(int signo, siginfo_t *siginfo, void *ct)
{
unsigned long PC = 0;
ucontext_t *context = ct;
const char *arch = NULL;
#if defined(__i386__)
int *pgregs = (int *)(&(context->uc_mcontext.gregs));
PC = pgregs[REG_EIP];
arch = "i386";
#elif defined(__x86_64__)
int *pgregs = (int *)(&(context->uc_mcontext.gregs));
PC = pgregs[REG_RIP];
arch = "x86_64";
#elif defined(__arm__)
PC = context->uc_mcontext.arm_pc;
arch = "arm";
#elif defined(__aarch64__)
PC = context->uc_mcontext.pc;
arch = "arm64";
#elif defined(__mips__)
PC = context->uc_mcontext.pc;
arch = "mips";
#endif
tlog(TLOG_FATAL, "process exit with signal %d, code = %d, errno = %d, pid = %d, self = %d, pc = %#lx, addr = %#lx, build(%s %s)\n", signo, siginfo->si_code,
siginfo->si_errno, siginfo->si_pid, getpid(), PC, (unsigned long)siginfo->si_addr, __DATE__, __TIME__);
tlog(TLOG_FATAL,
"process exit with signal %d, code = %d, errno = %d, pid = %d, self = %d, pc = %#lx, addr = %#lx, build(%s "
"%s %s)\n",
signo, siginfo->si_code, siginfo->si_errno, siginfo->si_pid, getpid(), PC, (unsigned long)siginfo->si_addr,
__DATE__, __TIME__, arch);
sleep(1);
_exit(0);
@@ -422,6 +439,7 @@ int main(int argc, char *argv[])
goto errout;
}
signal(SIGPIPE, SIG_IGN);
if (dns_server_load_conf(config_file) != 0) {
fprintf(stderr, "load config failed.\n");
goto errout;
@@ -434,7 +452,7 @@ int main(int argc, char *argv[])
}
signal(SIGINT, _sig_exit);
signal(SIGPIPE, SIG_IGN);
signal(SIGTERM, _sig_exit);
atexit(_smartdns_exit);
return _smartdns_run();

57
src/tlog.c
View File

@@ -94,7 +94,7 @@ struct tlog {
};
struct tlog_segment_log_head {
struct tlog_info info;
struct tlog_loginfo info;
unsigned short len;
char data[0];
} __attribute__((packed));
@@ -117,7 +117,7 @@ struct count_log {
};
struct tlog_info_inter {
struct tlog_info info;
struct tlog_loginfo info;
void *userptr;
};
@@ -166,6 +166,10 @@ static int _tlog_mkdir(const char *path)
if (access(path, F_OK) == 0) {
return 0;
}
while(*path == ' ' && *path != '\0') {
path++;
}
strncpy(path_c, path, sizeof(path_c) - 1);
path_c[sizeof(path_c) - 1] = '\0';
@@ -181,6 +185,11 @@ static int _tlog_mkdir(const char *path)
continue;
}
if (path_end == path_c) {
path_end++;
continue;
}
str = *path_end;
*path_end = '\0';
if (access(path_c, F_OK) == 0) {
@@ -203,8 +212,8 @@ static int _tlog_mkdir(const char *path)
static struct tm *_tlog_localtime(time_t *timep, struct tm *tm)
{
static time_t last_time = {0};
static struct tm last_tm = {0};
static time_t last_time;
static struct tm last_tm;
/* localtime_r has a global timezone lock, it's about 8 times slower than gmtime
* this code is used to speed up localtime_r call.
@@ -297,11 +306,14 @@ void *tlog_get_private(tlog_log *log)
return log->private_data;
}
static int _tlog_format(char *buff, int maxlen, struct tlog_info *info, void *userptr, const char *format, va_list ap)
static int _tlog_format(char *buff, int maxlen, struct tlog_loginfo *info, void *userptr, const char *format, va_list ap)
{
int len = 0;
int total_len = 0;
struct tlog_time *tm = &info->time;
void* unused __attribute__ ((unused));
unused = userptr;
if (tlog.root->multi_log) {
/* format prefix */
@@ -388,6 +400,9 @@ static int _tlog_print_buffer(char *buff, int maxlen, void *userptr, const char
{
int len;
int total_len = 0;
void* unused __attribute__ ((unused));
unused = userptr;
/* format log message */
len = vsnprintf(buff, maxlen, format, ap);
@@ -550,8 +565,9 @@ int tlog_printf(struct tlog_log *log, const char *format, ...)
static int _tlog_early_print(const char *format, va_list ap)
{
char log_buf[TLOG_MAX_LINE_LEN];
int len = 0;
int out_len = 0;
size_t len = 0;
size_t out_len = 0;
int unused __attribute__ ((unused));
if (tlog_disable_early_print) {
return 0;
@@ -565,9 +581,9 @@ static int _tlog_early_print(const char *format, va_list ap)
out_len = sizeof(log_buf);
}
write(STDOUT_FILENO, log_buf, out_len);
unused = write(STDOUT_FILENO, log_buf, out_len);
if (log_buf[out_len - 1] != '\n') {
write(STDOUT_FILENO, "\n", 1);
unused = write(STDOUT_FILENO, "\n", 1);
}
return len;
@@ -650,6 +666,7 @@ static int _tlog_list_dir(const char *path, list_callback callback, void *userpt
DIR *dir = NULL;
struct dirent *ent;
int ret = 0;
const char* unused __attribute__ ((unused)) = path;
dir = opendir(path);
if (dir == NULL) {
@@ -682,6 +699,7 @@ static int _tlog_count_log_callback(const char *path, struct dirent *entry, void
struct count_log *count_log = (struct count_log *)userptr;
struct tlog_log *log = count_log->log;
char logname[TLOG_LOG_NAME_LEN * 2];
const char* unused __attribute__ ((unused)) = path;
if (strstr(entry->d_name, log->suffix) == NULL) {
return 0;
@@ -1005,9 +1023,10 @@ static int _tlog_archive_log(struct tlog_log *log)
}
}
static int _tlog_write(struct tlog_log *log, char *buff, int bufflen)
static int _tlog_write(struct tlog_log *log, const char *buff, int bufflen)
{
int len;
int unused __attribute__ ((unused));
if (bufflen <= 0) {
return 0;
@@ -1015,7 +1034,7 @@ static int _tlog_write(struct tlog_log *log, char *buff, int bufflen)
/* output log to screen */
if (log->logscreen) {
write(STDOUT_FILENO, buff, bufflen);
unused = write(STDOUT_FILENO, buff, bufflen);
}
/* if log file size exceeds threshold, start to compress */
@@ -1027,7 +1046,7 @@ static int _tlog_write(struct tlog_log *log, char *buff, int bufflen)
if (log->filesize < lseek(log->fd, 0, SEEK_END) && log->multi_log == 0) {
const char *msg = "[Auto enable multi-process write mode, log may be lost, please enable multi-process write mode manually]\n";
log->multi_log = 1;
write(log->fd, msg, strlen(msg));
unused = write(log->fd, msg, strlen(msg));
}
close(log->fd);
log->fd = -1;
@@ -1083,7 +1102,7 @@ static int _tlog_write(struct tlog_log *log, char *buff, int bufflen)
return len;
}
int tlog_write(struct tlog_log *log, char *buff, int bufflen)
int tlog_write(struct tlog_log *log, const char *buff, int bufflen)
{
return _tlog_write(log, buff, bufflen);
}
@@ -1297,7 +1316,7 @@ static void _tlog_work_write(struct tlog_log *log, int log_len, int log_extlen,
}
}
static int _tlog_root_write_log(struct tlog_log *log, char *buff, int bufflen)
static int _tlog_root_write_log(struct tlog_log *log, const char *buff, int bufflen)
{
struct tlog_segment_log_head *head = NULL;
static struct tlog_segment_log_head empty_info;
@@ -1326,7 +1345,10 @@ static void *_tlog_work(void *arg)
int log_dropped = 0;
struct tlog_log *log = NULL;
struct tlog_log *loop_log = NULL;
void* unused __attribute__ ((unused));
unused = arg;
while (1) {
log_len = 0;
log_extlen = 0;
@@ -1355,7 +1377,7 @@ static void *_tlog_work(void *arg)
log = _tlog_wait_log_locked(log);
if (log == NULL) {
pthread_mutex_unlock(&tlog.lock);
if (errno != ETIMEDOUT) {
if (errno != ETIMEDOUT && tlog.run) {
sleep(1);
}
continue;
@@ -1491,6 +1513,11 @@ int tlog_setlevel(tlog_level level)
return 0;
}
tlog_level tlog_getlevel(void)
{
return tlog_set_level;
}
tlog_log *tlog_open(const char *logfile, int maxlogsize, int maxlogcount, int buffsize, unsigned int flag)
{
struct tlog_log *log = NULL;

83
src/tlog.h
View File

@@ -9,6 +9,11 @@
#include <stdarg.h>
#ifdef __cplusplus
#include <string>
#include <memory>
#include <sstream>
#include <iostream>
#include <functional>
extern "C" {
#endif /*__cplusplus */
@@ -55,7 +60,7 @@ struct tlog_time {
/* enable log to screen */
#define TLOG_SCREEN (1 << 4)
struct tlog_info {
struct tlog_loginfo {
tlog_level level;
const char *file;
const char *func;
@@ -83,6 +88,9 @@ extern int tlog_write_log(char *buff, int bufflen);
/* set log level */
extern int tlog_setlevel(tlog_level level);
/* get log level */
extern tlog_level tlog_getlevel(void);
/* enalbe log to screen */
extern void tlog_setlogscreen(int enable);
@@ -113,13 +121,13 @@ steps:
read _tlog_format for example.
*/
typedef int (*tlog_format_func)(char *buff, int maxlen, struct tlog_info *info, void *userptr, const char *format, va_list ap);
typedef int (*tlog_format_func)(char *buff, int maxlen, struct tlog_loginfo *info, void *userptr, const char *format, va_list ap);
extern int tlog_reg_format_func(tlog_format_func func);
/* register log output callback
Note: info is invalid when flag TLOG_SEGMENT is not set.
*/
typedef int (*tlog_log_output_func)(struct tlog_info *info, char *buff, int bufflen, void *private_data);
typedef int (*tlog_log_output_func)(struct tlog_loginfo *info, const char *buff, int bufflen, void *private_data);
extern int tlog_reg_log_output_func(tlog_log_output_func output, void *private_data);
struct tlog_log;
@@ -132,11 +140,11 @@ maxlogcount: Number of archived logs.
buffsize: Buffer size, zero for default (128K)
flag: read tlog flags
return: log stream handler.
*/
*/
extern tlog_log *tlog_open(const char *logfile, int maxlogsize, int maxlogcount, int buffsize, unsigned int flag);
/* write buff to log file */
extern int tlog_write(struct tlog_log *log, char *buff, int bufflen);
extern int tlog_write(struct tlog_log *log, const char *buff, int bufflen);
/* close log stream */
extern void tlog_close(tlog_log *log);
@@ -160,7 +168,7 @@ extern int tlog_vprintf(tlog_log *log, const char *format, va_list ap);
extern void tlog_logscreen(tlog_log *log, int enable);
/* register output callback */
typedef int (*tlog_output_func)(struct tlog_log *log, char *buff, int bufflen);
typedef int (*tlog_output_func)(struct tlog_log *log, const char *buff, int bufflen);
extern int tlog_reg_output_func(tlog_log *log, tlog_output_func output);
/* set private data */
@@ -173,6 +181,65 @@ extern void *tlog_get_private(tlog_log *log);
extern int tlog_localtime(struct tlog_time *tm);
#ifdef __cplusplus
}
#endif /*__cplusplus */
class Tlog {
using Stream = std::ostringstream;
using Buffer = std::unique_ptr<Stream, std::function<void(Stream*)>>;
public:
Tlog(){}
~Tlog(){}
static Tlog &Instance() {
static Tlog logger;
return logger;
}
Buffer LogStream(tlog_level level, const char *file, int line, const char *func, void *userptr) {
return Buffer(new Stream, [=](Stream *st) {
tlog_ext(level, file, line, func, userptr, "%s", st->str().c_str());
delete st;
});
}
};
class TlogOut {
using Stream = std::ostringstream;
using Buffer = std::unique_ptr<Stream, std::function<void(Stream*)>>;
public:
TlogOut(){}
~TlogOut(){}
static TlogOut &Instance() {
static TlogOut logger;
return logger;
}
Buffer Out(tlog_log *log) {
return Buffer(new Stream, [=](Stream *st) {
tlog_printf(log, "%s", st->str().c_str());
delete st;
});
}
};
#define Tlog_logger (Tlog::Instance())
#define Tlog_stream(level) if (tlog_getlevel() <= level) *Tlog_logger.LogStream(level, BASE_FILE_NAME, __LINE__, __func__, NULL)
#define tlog_debug Tlog_stream(TLOG_DEBUG)
#define tlog_info Tlog_stream(TLOG_INFO)
#define tlog_notice Tlog_stream(TLOG_NOTICE)
#define tlog_warn Tlog_stream(TLOG_WARN)
#define tlog_error Tlog_stream(TLOG_ERROR)
#define tlog_fatal Tlog_stream(TLOG_FATAL)
#define Tlog_out_logger (TlogOut::Instance())
#define tlog_out(stream) (*Tlog_out_logger.Out(stream))
} /*__cplusplus */
#else
#define tlog_debug(...) tlog(TLOG_DEBUG, ##__VA_ARGS__)
#define tlog_info(...) tlog(TLOG_INFO, ##__VA_ARGS__)
#define tlog_notice(...) tlog(TLOG_NOTICE, ##__VA_ARGS__)
#define tlog_warn(...) tlog(TLOG_WARN, ##__VA_ARGS__)
#define tlog_error(...) tlog(TLOG_ERROR, ##__VA_ARGS__)
#define tlog_fatal(...) tlog(TLOG_FATAL, ##__VA_ARGS__)
#endif
#endif // !TLOG_H

91
src/util.c
View File

@@ -24,20 +24,21 @@
#include <arpa/inet.h>
#include <errno.h>
#include <fcntl.h>
#include <linux/netlink.h>
#include <inttypes.h>
#include <linux/capability.h>
#include <linux/netlink.h>
#include <netinet/tcp.h>
#include <openssl/crypto.h>
#include <openssl/ssl.h>
#include <pthread.h>
#include <netinet/tcp.h>
#include <stdlib.h>
#include <string.h>
#include <sys/prctl.h>
#include <sys/stat.h>
#include <sys/statvfs.h>
#include <sys/types.h>
#include <time.h>
#include <unistd.h>
#include <inttypes.h>
#include <sys/prctl.h>
#define TMP_BUFF_LEN_32 32
@@ -285,14 +286,14 @@ int parse_ip(const char *value, char *ip, int *port)
return 0;
}
static int _check_is_ipv4(const char *ip)
static int _check_is_ipv4(const char *ip)
{
const char *ptr = ip;
char c = 0;
int dot_num = 0;
int dig_num = 0;
while ( (c = *ptr++) != '\0') {
while ((c = *ptr++) != '\0') {
if (c == '.') {
dot_num++;
dig_num = 0;
@@ -326,7 +327,7 @@ static int _check_is_ipv6(const char *ip)
int colon_num = 0;
int dig_num = 0;
while ( (c = *ptr++) != '\0') {
while ((c = *ptr++) != '\0') {
if (c == '[' || c == ']') {
continue;
}
@@ -420,7 +421,7 @@ int parse_uri(char *value, char *scheme, char *host, int *port, char *path)
if (path) {
strncpy(path, process_ptr, PATH_MAX);
}
}
return 0;
}
@@ -456,8 +457,8 @@ char *reverse_string(char *output, const char *input, int len, int to_lower_case
if (to_lower_case) {
if (*output >= 'A' && *output <= 'Z') {
/* To lower case */
*output = *output + 32;
}
*output = *output + 32;
}
}
output++;
len--;
@@ -502,7 +503,8 @@ static int _ipset_support_timeout(const char *ipsetname)
return -1;
}
static int _ipset_operate(const char *ipsetname, const unsigned char addr[], int addr_len, unsigned long timeout, int operate)
static int _ipset_operate(const char *ipsetname, const unsigned char addr[], int addr_len, unsigned long timeout,
int operate)
{
struct nlmsghdr *netlink_head;
struct ipset_netlink_msg *netlink_msg;
@@ -560,7 +562,9 @@ static int _ipset_operate(const char *ipsetname, const unsigned char addr[], int
netlink_head->nlmsg_len += NETLINK_ALIGN(sizeof(struct ipset_netlink_attr));
nested[1]->type = NLA_F_NESTED | IPSET_ATTR_IP;
_ipset_add_attr(netlink_head, (af == AF_INET ? IPSET_ATTR_IPADDR_IPV4 : IPSET_ATTR_IPADDR_IPV6) | NLA_F_NET_BYTEORDER, addr_len, addr);
_ipset_add_attr(netlink_head,
(af == AF_INET ? IPSET_ATTR_IPADDR_IPV4 : IPSET_ATTR_IPADDR_IPV6) | NLA_F_NET_BYTEORDER, addr_len,
addr);
nested[1]->len = (void *)buffer + NETLINK_ALIGN(netlink_head->nlmsg_len) - (void *)nested[1];
if (timeout > 0 && _ipset_support_timeout(ipsetname) == 0) {
@@ -925,25 +929,35 @@ static int parse_server_name_extension(const char *data, size_t data_len, char *
return -2;
}
void get_compiled_time(struct tm *tm)
{
char s_month[5];
int month, day, year;
void get_compiled_time(struct tm *tm)
{
char s_month[5];
int month, day, year;
int hour, min, sec;
static const char *month_names = "JanFebMarAprMayJunJulAugSepOctNovDec";
static const char *month_names = "JanFebMarAprMayJunJulAugSepOctNovDec";
sscanf(__DATE__, "%5s %d %d", s_month, &day, &year);
month = (strstr(month_names, s_month) - month_names) / 3;
sscanf(__DATE__, "%5s %d %d", s_month, &day, &year);
month = (strstr(month_names, s_month) - month_names) / 3;
sscanf(__TIME__, "%d:%d:%d", &hour, &min, &sec);
tm->tm_year = year - 1900;
tm->tm_mon = month;
tm->tm_mday = day;
tm->tm_isdst = -1;
tm->tm_year = year - 1900;
tm->tm_mon = month;
tm->tm_mday = day;
tm->tm_isdst = -1;
tm->tm_hour = hour;
tm->tm_min = min;
tm->tm_sec = sec;
}
int is_numeric(const char *str)
{
while (*str != '\0') {
if (*str < '0' || *str > '9')
return -1;
str++;
}
return 0;
}
int has_network_raw_cap(void)
{
int fd = socket(AF_INET, SOCK_RAW, IPPROTO_ICMP);
@@ -958,7 +972,7 @@ int has_network_raw_cap(void)
int set_sock_keepalive(int fd, int keepidle, int keepinterval, int keepcnt)
{
const int yes = 1;
if (setsockopt(fd, SOL_SOCKET, SO_KEEPALIVE, &yes, sizeof(yes))!= 0) {
if (setsockopt(fd, SOL_SOCKET, SO_KEEPALIVE, &yes, sizeof(yes)) != 0) {
return -1;
}
@@ -967,4 +981,31 @@ int set_sock_keepalive(int fd, int keepidle, int keepinterval, int keepcnt)
setsockopt(fd, IPPROTO_TCP, TCP_KEEPIDLE, &keepcnt, sizeof(keepcnt));
return 0;
}
}
int set_sock_lingertime(int fd, int time)
{
struct linger l;
l.l_onoff = 1;
l.l_linger = 0;
if (setsockopt(fd, SOL_SOCKET, SO_LINGER, (const char *)&l, sizeof(l)) != 0) {
return -1;
}
return 0;
}
uint64_t get_free_space(const char *path)
{
uint64_t size = 0;
struct statvfs buf;
if (statvfs(path, &buf) != 0) {
return 0;
}
size = (uint64_t)buf.f_frsize * buf.f_bavail;
return size;
}

14
src/util.h
View File

@@ -19,27 +19,27 @@
#ifndef SMART_DNS_UTIL_H
#define SMART_DNS_UTIL_H
#include "stringutil.h"
#include <netdb.h>
#include <time.h>
#include "stringutil.h"
#ifdef __cplusplus
extern "C" {
#endif /*__cplusplus */
#ifndef TCP_FASTOPEN
#define TCP_FASTOPEN 23
#define TCP_FASTOPEN 23
#endif
#ifndef TCP_FASTOPEN_CONNECT
#define TCP_FASTOPEN_CONNECT 30
#endif
#ifndef TCP_THIN_LINEAR_TIMEOUTS
#define TCP_THIN_LINEAR_TIMEOUTS 16
#define TCP_THIN_LINEAR_TIMEOUTS 16
#endif
#ifndef TCP_THIN_DUPACK
#define TCP_THIN_DUPACK 17
#define TCP_THIN_DUPACK 17
#endif
#define PORT_NOT_DEFINED -1
@@ -98,10 +98,16 @@ int parse_tls_header(const char *data, size_t data_len, char *hostname, const ch
void get_compiled_time(struct tm *tm);
int is_numeric(const char *str);
int has_network_raw_cap(void);
int set_sock_keepalive(int fd, int keepidle, int keepinterval, int keepcnt);
int set_sock_lingertime(int fd, int time);
uint64_t get_free_space(const char *path);
#ifdef __cplusplus
}
#endif /*__cplusplus */

13
systemd/smartdns.service → systemd/smartdns.service.in
View File

@@ -1,17 +1,18 @@
[Unit]
Description=smart dns server
Description=smartdns server
After=network.target
StartLimitBurst=0
StartLimitIntervalSec=60
TimeoutStopSec=5
[Service]
Type=forking
PIDFile=/var/run/smartdns.pid
EnvironmentFile=/etc/default/smartdns
ExecStart=/usr/sbin/smartdns $SMART_DNS_OPTS
PIDFile=@RUNSTATEDIR@/smartdns.pid
EnvironmentFile=@SYSCONFDIR@/default/smartdns
ExecStart=@SBINDIR@/smartdns -p @RUNSTATEDIR@/smartdns.pid $SMART_DNS_OPTS
KillMode=process
Restart=always
RestartSec=2
StartLimitBurst=0
StartLimitIntervalSec=60
[Install]
WantedBy=multi-user.target