daxi20/smartdns
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: daxi20:Release32-RC1
Branches Tags
daxi20:master daxi20:doc daxi20:quic daxi20:https-svcb daxi20:multi-thread-server daxi20:luci-dns-forwarding
daxi20:Release43 daxi20:Release42 daxi20:Release41 daxi20:Release41-RC3 daxi20:Release41-RC2 daxi20:Release41-RC1 daxi20:Release40 daxi20:feature-dns-forwarding daxi20:Release39 daxi20:Release38.1 daxi20:Release38 daxi20:Release37.2 daxi20:Release37.1 daxi20:Release37 daxi20:Release37-RC3 daxi20:Release37-RC2 daxi20:Release37-RC1 daxi20:all-best-ip daxi20:Release36.1 daxi20:Release36 daxi20:Release35 daxi20:Release34 daxi20:Release33 daxi20:Release32 daxi20:Release32-RC4 daxi20:Release32-RC3 daxi20:Release32-RC2 daxi20:Release32-RC1 daxi20:Release31 daxi20:Release30 daxi20:Release29 daxi20:Release28 daxi20:Release27 daxi20:Release26-Special daxi20:Release25 daxi20:Release24 daxi20:Release23 daxi20:Release22 daxi20:Release21 daxi20:Release20 daxi20:Release18
...
compare: daxi20:Release36
Branches Tags
daxi20:master daxi20:doc daxi20:quic daxi20:https-svcb daxi20:multi-thread-server daxi20:luci-dns-forwarding
daxi20:Release43 daxi20:Release42 daxi20:Release41 daxi20:Release41-RC3 daxi20:Release41-RC2 daxi20:Release41-RC1 daxi20:Release40 daxi20:feature-dns-forwarding daxi20:Release39 daxi20:Release38.1 daxi20:Release38 daxi20:Release37.2 daxi20:Release37.1 daxi20:Release37 daxi20:Release37-RC3 daxi20:Release37-RC2 daxi20:Release37-RC1 daxi20:all-best-ip daxi20:Release36.1 daxi20:Release36 daxi20:Release35 daxi20:Release34 daxi20:Release33 daxi20:Release32 daxi20:Release32-RC4 daxi20:Release32-RC3 daxi20:Release32-RC2 daxi20:Release32-RC1 daxi20:Release31 daxi20:Release30 daxi20:Release29 daxi20:Release28 daxi20:Release27 daxi20:Release26-Special daxi20:Release25 daxi20:Release24 daxi20:Release23 daxi20:Release22 daxi20:Release21 daxi20:Release20 daxi20:Release18

70 Commits
Release32- ... Release36

Author SHA1 Message Date
Nick Peng
1efa1942cc tlog: bump tlog to v1.6 2022-03-29 19:20:41 +08:00
WhiredPlanck
1fd18601e7 doc: polish ReadMe.md 2022-03-02 15:08:30 +08:00
Nick Peng
d7d7ef48cd cache: optimize cname TTL 2022-02-17 16:34:24 +08:00
Nick Peng
0652316e98 server: strict result, discard result without query type 2022-02-17 13:00:50 +08:00
Nick Peng
ee9059bb37 server: Support specific qtype to return SOA 2022-02-17 11:33:09 +08:00
Nick Peng
45180c0dd6 readme: Add instructions on how to get SPKI 2022-02-16 20:49:02 +08:00
Nick Peng
f29e292a41 cache: fix SOA cache issue when dns server timeout. 2022-02-16 20:49:02 +08:00
Nick Peng
cf34cbc045 tls: remove deprecated API, support openssl 3.0 2022-02-16 20:48:57 +08:00
Nick Peng
8d7c54d382 audit: fix audit log for no-speed-check 2022-02-16 17:31:12 +08:00
Nick Peng
75d91096ca cache: make cname ttl countdown 2022-02-16 17:05:43 +08:00
Nick Peng
e98cf5b711 cache: fix cache not update issue when serve-expired enabled. 2022-02-15 17:35:39 +08:00
paldier
a33d09f80b fix openssl1.1 without 0.9.8 api compile error 
when `./Configure --api=1.0.0`, we should not use CRYPTO_set_id_callback().
 2022-02-15 10:56:40 +08:00
whiler
ba282c8c60 use type uint32_t for timeout 
Ref. https://github.com/torvalds/linux/blob/master/include/linux/netfilter/ipset/ip_set.h#L268
 2021-11-26 17:34:24 +08:00
Nick Cao
a588793221 remove extraneous unit file 2021-09-16 12:03:19 +08:00
FH0
cd88dd4854 fix x86_64-linux-gnu-gcc compile error 
```
util.c: In function ‘parse_uri’:
util.c:389:17: error: ‘PATH_MAX’ undeclared (first use in this function); did you mean ‘AF_MAX’?
  389 |  char host_name[PATH_MAX];
      |                 ^~~~~~~~
      |                 AF_MAX
util.c:389:17: note: each undeclared identifier is reported only once for each function it appears in
```
 2021-09-16 12:00:42 +08:00
FH0
8973acad44 fix tlog_set_permission parameters type 2021-09-14 22:47:58 +08:00
Nick Peng
f50e4dd081 Revert "http: Fix http overflow bug" 
This reverts commit ea8c1f47f8.
 2021-08-27 19:22:20 +08:00
Nick Peng
ca6a9613d9 http: Fix http not working issue 2021-08-25 16:59:10 +08:00
Jian Chang
c88b334902 improve #754 (#756) 
* improve #754
 2021-08-25 16:55:16 +08:00
Jian Chang
017cd5cdc1 fix #689 2021-08-24 21:53:11 +08:00
Nick Peng
0e89d05ee7 Create c-cpp.yml 2021-08-24 16:44:44 +08:00
Nick Peng
772229c826 fast_ping: Avoid ping race condition crash issue 2021-08-23 14:19:22 +08:00
Nick Peng
7f1dc8a311 utils: Add print_stack function for debugging 2021-08-22 16:01:37 +08:00
Nick Peng
eff1f1b4c7 Updat readme 2021-08-21 20:42:25 +08:00
Nick Peng
ea8c1f47f8 http: Fix http overflow bug 2021-08-21 20:38:32 +08:00
Nick Peng
106ec6789c Make: update script mode 2021-08-21 20:38:32 +08:00
Nyaasu
8c271e34c1 Translate: Add units to reduce misunderstandings (#746) 
* Translate: Add units to reduce misunderstandings
 2021-08-09 22:21:35 +08:00
Nick Peng
756029f5e9 dns-client: avoid crash 2021-08-01 15:16:58 +08:00
Nick Peng
6338f1257c Update tlog 2021-08-01 15:12:41 +08:00
LoveSy
b77cea63e9 Update dns_server.c 2021-07-30 13:54:35 +08:00
LoveSy
f1ce462989 Support dual stack ipset 2021-07-30 13:54:35 +08:00
edison0354
e5eb562dee Update make.sh 2021-02-06 10:05:09 +08:00
Nick Peng
c53a87b8d9 SSL: reduce memory usage. 2021-01-31 03:04:17 +08:00
Nick Peng
f2fc970561 dns_client: check whether ssl cert is loaded. 2021-01-29 20:37:17 +08:00
J7S-xvH-rQV-sYR
328f44e800 Update ReadMe.md 
点击第 20 行 的链接无法正常跳到对应 223 行的 openwrt 
因为 https://github.com/pymumu/smartdns#openwrtlede 不存在 对应的应该是 https://github.com/pymumu/smartdns#openwrt
修改后可以正常跳转。
 2021-01-29 20:31:52 +08:00
Nick Peng
11cf7b614c dualstack: cache SOA record for speed. 2021-01-24 14:16:35 +08:00
Nick Peng
51e1e6565f MemLeak: fix memory leak when cache size is 0 2021-01-24 11:13:06 +08:00
dkadioglu
3ba8c418f7 Update luci-app-smartdns.json 
With this small fix, the menu entry for smartdns is not shown anymore on the login page of openwrt.
 2021-01-24 01:19:42 +08:00
Nick Peng
3e3859cfb1 BugFix: fix ssl cert load crash issue 2021-01-24 01:03:57 +08:00
Nick Peng
ac0ab0c916 Update ReadMe.md 2021-01-10 03:41:31 +08:00
Nick Peng
98be18f926 Domain-Rule: Support configuration of dualstack selection 2021-01-10 02:39:59 +08:00
Nick Peng
ed63c617bc BugFix: Fix issue #669, Contributed by Enna1 2021-01-09 12:31:15 +08:00
Felix Yan
81ce05e6af Improve systemd service description 
It's used in journals.
 2021-01-09 12:22:54 +08:00
Nick Peng
4e5248ebf3 BugFix: Fix issue #670, Contributed by Enna1 2021-01-09 12:19:07 +08:00
Nick Peng
ccd0f203fb dns-client: add some log 2021-01-09 12:06:58 +08:00
huyz-git
29d61d9373 Update ReadMe_en.md 2021-01-08 11:10:04 +08:00
huyz-git
4dcfd2c729 Update ReadMe.md 2021-01-08 11:10:04 +08:00
Purple Grape
42b3e98b2a drop el6 support 
version of openssl must be 1.0.2 or higher
 2020-09-29 23:46:07 +08:00
Purple Grape
81ecfa5dab Update smartdns.spec 
mainly fix BuildRequires

now it's possiable to build rpm with the follow commands 
rpmbuild -ta smartdns-*.tar.gz
 2020-09-19 21:19:53 +08:00
Felix Yan
baa1397fb0 Move TimeoutStopSec to [Service] 
It belongs here. Setting it in [Unit] produces the following warning:

```
systemd[1]: /usr/lib/systemd/system/smartdns.service:6: Unknown key name 'TimeoutStopSec' in section 'Unit', ignoring.
```
 2020-09-10 23:29:16 +08:00
Nick Peng
86902d2e34 serve-expired: support config reply ttl 2020-09-06 15:21:37 +08:00
Nick Peng
6f30fe6d05 compile: remove O_CLOEXEC flags 2020-09-05 19:37:50 +08:00
Nick Peng
0b45da29c7 cache: support persist cache when restart smartdns 2020-09-05 12:55:30 +08:00
Nick Peng
2b81fffb7e dns_client: fix ssl race condition issue. 2020-09-02 22:03:24 +08:00
Nick Peng
7af6f475da dns-client: reduce ssl session cache size 2020-08-27 23:34:22 +08:00
Purple Grape
c3b6560b46 add rpm support 2020-08-25 22:02:45 +08:00
Nick Peng
a3d3364a32 dns_client: avoid disconnect with server after query complete 2020-08-24 23:54:06 +08:00
Nick Peng
b8a36ccb8c dns_client: avoid connect failure 2020-08-24 23:18:35 +08:00
Nick Peng
aee19be262 dns-cache: support cache when speed check is disabled 2020-08-23 20:12:50 +08:00
Nick Peng
98429e88f1 speed_check: fix query failure when speed-check is none and dualstack-selection is enable. 2020-08-23 15:28:56 +08:00
Nick Peng
80cb27c795 tlog: update tlog 2020-08-22 08:13:55 +08:00
Kevin Zhou
cb73eadf01 Make the ipset working as expected when the domain passthrough 2020-08-22 07:57:00 +08:00
Nick Peng
69ba3f8789 pending: fix pending server resolve issue 2020-08-16 17:05:51 +08:00
Nick Peng
c380bbe0e3 tlog: update tlog 2020-08-13 01:23:40 +08:00
Nick Peng
da74e877c5 dns_client: repeat same arguments with SSL_write 2020-08-13 00:56:51 +08:00
Nick Peng
a300873b3f dns-client: fix ssl send request issue 2020-08-11 00:09:38 +08:00
Nick Peng
a9829f6155 dns-server: fix race condition issue 2020-08-09 23:54:23 +08:00
Nick Peng
1923271630 compile: fix comile warnings 2020-08-09 18:01:33 +08:00
Nick Peng
c23ec7ea8f client: suppress log. 2020-08-03 01:07:47 +08:00
rhettor
aad751c1f5 Support docker 2020-08-02 18:10:31 +08:00
36 changed files with 2983 additions and 1023 deletions
Expand all files Collapse all files

17
.github/workflows/c-cpp.yml vendored Normal file
View File

@@ -0,0 +1,17 @@
name: C/C++ CI
on:
push:
branches: [ master ]
pull_request:
branches: [ master ]
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: make
run: make

4
.gitignore vendored
View File

@@ -1,4 +1,4 @@
.vscode
.o
*.o
.DS_Store
.swp.
*.swp.

18
Dockerfile Normal file
View File

@@ -0,0 +1,18 @@
FROM debian:buster-slim
RUN apt update && \
apt install -y git make gcc libssl-dev && \
git clone https://github.com/pymumu/smartdns.git --depth 1 && \
cd smartdns && \
sh ./package/build-pkg.sh --platform debian --arch `dpkg --print-architecture` && \
dpkg -i package/*.deb && \
cd / && \
rm -rf smartdns/ && \
apt autoremove -y git make gcc libssl-dev && \
apt clean && \
rm -rf /var/lib/apt/lists/*
EXPOSE 53/udp
VOLUME "/etc/smartdns/"
CMD ["/usr/sbin/smartdns", "-f"]

1106
ReadMe.md
View File

File diff suppressed because it is too large Load Diff

17
ReadMe_en.md
View File

@@ -498,6 +498,8 @@ Note: Merlin firmware is derived from ASUS firmware and can theoretically be use
|bind|DNS listening port number|[::]:53|Support binding multiple ports<br>`IP:PORT`: server IP, port number. <br>`[-group]`: The DNS server group used when requesting. <br>`[-no-rule-addr]`: Skip the address rule. <br>`[-no-rule-nameserver]`: Skip the Nameserver rule. <br>`[-no-rule-ipset]`: Skip the Ipset rule. <br>`[-no-rule-soa]`: Skip address SOA(#) rules.<br>`[-no-dualstack-selection]`: Disable dualstack ip selection.<br>`[-no-speed-check]`: Disable speed measurement. <br>`[-no-cache]`: stop caching |bind :53
|bind-tcp|TCP mode DNS listening port number|[::]:53|Support binding multiple ports<br>`IP:PORT`: server IP, port number. <br>`[-group]`: The DNS server group used when requesting. <br>`[-no-rule-addr]`: Skip the address rule. <br>`[-no-rule-nameserver]`: Skip the Nameserver rule. <br>`[-no-rule-ipset]`: Skip the Ipset rule. <br>`[-no-rule-soa]`: Skip address SOA(#) rules.<br>`[-no-dualstack-selection]`: Disable dualstack ip selection.<br>`[-no-speed-check]`: Disable speed measurement. <br>`[-no-cache]`: stop caching |bind-tcp :53
|cache-size|Domain name result cache number|512|integer|cache-size 512
|cache-persist|enable persist cache|Auto: Enabled if the location of `cache-file` has more than 128MB of free space.|[yes\|no]|cache-persist yes
|cache-file|cache persist file|/tmp/smartdns.cache|路径|cache-file /tmp/smartdns.cache
|tcp-idle-time|TCP connection idle timeout|120|integer|tcp-idle-time 120
|rr-ttl|Domain name TTL|Remote query result|number greater than 0|rr-ttl 600
|rr-ttl-min|Domain name Minimum TTL|Remote query result|number greater than 0|rr-ttl-min 60
@@ -518,17 +520,19 @@ Note: Merlin firmware is derived from ASUS firmware and can theoretically be use
|speed-check-mode|Speed mode|None|[ping\|tcp:[80]\|none]|speed-check-mode ping,tcp:443
|address|Domain IP address|None|address /domain/[ip\|-\|-4\|-6\|#\|#4\|#6], `-` for ignore, `#` for return SOA, `4` for IPV4, `6` for IPV6| address /www.example.com/1.2.3.4
|nameserver|To query domain with specific server group|None|nameserver /domain/[group\|-], `group` is the group name, `-` means ignore this rule, use the `-group` parameter in the related server|nameserver /www.example.com/office
|ipset|Domain IPSet|None|ipset /domain/[ipset\|-], `-` for ignore|ipset /www.example.com/pass
|ipset|Domain IPSet|None|ipset /domain/[ipset\|-\|#[4\|6]:[ipset\|-][,#[4\|6]:[ipset\|-]]], `-` for ignore|ipset /www.example.com/#4:dns4,#6:-
|ipset-timeout|ipset timeout enable|auto|[yes]|ipset-timeout yes
|domain-rules|set domain rules|None|domain-rules /domain/ [-rules...]<br>`[-speed-check-mode]`: set speed check modesame as parameter `speed-check-mode`<br>`[-address]`: same as parameter `address` <br>`[-nameserver]`: same as parameter `nameserver`<br>`[-ipset]`: same as parameter `ipset`|domain-rules /www.example.com/ -speed-check-mode none
|domain-rules|set domain rules|None|domain-rules /domain/ [-rules...]<br>`[-c\|-speed-check-mode]`: set speed check modesame as parameter `speed-check-mode`<br>`[-a\|-address]`: same as parameter `address` <br>`[-n\|-nameserver]`: same as parameter `nameserver`<br>`[-p\|-ipset]`: same as parameter `ipset`<br>`[-d\|-dualstack-ip-selection]`: same as parameter `dualstack-ip-selection`|domain-rules /www.example.com/ -speed-check-mode none
|bogus-nxdomain|bogus IP address|None|[IP/subnet], Repeatable| bogus-nxdomain 1.2.3.4/16
|ignore-ip|ignore ip address|None|[ip/subnet], Repeatable| ignore-ip 1.2.3.4/16
|whitelist-ip|ip whitelist|None|[ip/subnet], RepeatableWhen the filtering server responds IPs in the IP whitelist, only result in whitelist will be accepted| whitelist-ip 1.2.3.4/16
|blacklist-ip|ip blacklist|None|[ip/subnet], RepeatableWhen the filtering server responds IPs in the IP blacklist, The result will be discarded directly| blacklist-ip 1.2.3.4/16
|force-AAAA-SOA|force AAAA query return SOA|no|[yes\|no]|force-AAAA-SOA yes
|force-qtype-SOA|force specific qtype return SOA|qtype id|[qtypeid | ...]|force-qtype-SOA 65 28
|prefetch-domain|domain prefetch feature|no|[yes\|no]|prefetch-domain yes
|serve-expired|Cache serve expired feature|no|[yes\|no], Attempts to serve old responses from cache with a TTL of 0 in the response without waiting for the actual resolution to finish.|serve-expired yes
|serve-expired-ttl|Cache serve expired limite TTL|0|second0disable> 0 seconds after expiration|serve-expired-ttl 0
|serve-expired-reply-ttl|TTL value to use when replying with expired data|5|second0disable> 0 seconds after expiration|serve-expired-reply-ttl 30
|dualstack-ip-selection|Dualstack ip selection|no|[yes\|no]|dualstack-ip-selection yes
|dualstack-ip-selection-threshold|Dualstack ip select threadhold|30ms|millisecond|dualstack-ip-selection-threshold [0-1000]
|ca-file|certificate file|/etc/ssl/certs/ca-certificates.crt|path|ca-file /etc/ssl/certs/ca-certificates.crt
@@ -635,7 +639,7 @@ Note: Merlin firmware is derived from ASUS firmware and can theoretically be use
Enable cache serve expired feature with `serve-expired yes` to improve the cache hit rate and reduce the CPU consumption.
This feature will return TTL = 0 to the client after the TTL timeout, and send a new query request again at the same time, and cache the new results for later query.
1. How does the second DNS customize more behavior?
1. How does the second DNS customize more behavior?
The second DNS can be used as the upstream of other DNS servers to provide more query behaviors. Bind configuration support can bind multiple ports. Different ports can be set with different flags to implement different functions, such as
```sh
@@ -643,6 +647,13 @@ Note: Merlin firmware is derived from ASUS firmware and can theoretically be use
bind [::]:6053 -no-speed-check -group office -no-rule-addr
```
1. How to get SPKI of DOT
The SPKI can be obtained from the page published by the DNS service provider. If it is not published, it can be obtained by the following command, replace IP with your own IP.
````sh
echo | openssl s_client -connect '1.0.0.1:853' 2>/dev/null | openssl x509 -pubkey -noout | openssl pkey -pubin -outform der | openssl dgst -sha256 -binary | openssl enc -base64
````
## Compile
smartdns contains scripts for compiling packages, supports compiling luci, debian, openwrt, opare installation packages, and can execute `package/build-pkg.sh` compilation.

25
etc/smartdns/smartdns.conf
View File

@@ -38,7 +38,13 @@ bind [::]:53
# dns cache size
# cache-size [number]
# 0: for no cache
cache-size 512
cache-size 4096
# enable persist cache when restart
# cache-persist yes
# cache persist file
# cache-file /tmp/smartdns.cache
# prefetch domain
# prefetch-domain [yes|no]
@@ -52,6 +58,10 @@ cache-size 512
# serve-expired-ttl [num]
# serve-expired-ttl 0
# reply TTL value to use when replying with expired data
# serve-expired-reply-ttl [num]
# serve-expired-reply-ttl 30
# List of hosts that supply bogus NX domain results
# bogus-nxdomain [ip/subnet]
@@ -74,6 +84,10 @@ cache-size 512
# force AAAA query return SOA
# force-AAAA-SOA [yes|no]
# force specific qtype return soa
# force-qtype-SOA [qtypeid |...]
# force-qtype-SOA 65 28
# Enable IPV4, IPV6 dual stack IP optimization selection strategy
# dualstack-ip-selection-threshold [num] (0~1000)
# dualstack-ip-selection [yes|no]
@@ -179,8 +193,9 @@ log-level info
# set domain rules
# domain-rules /domain/ [-speed-check-mode [...]]
# rules:
# -speed-check-mode [mode]: speed check mode
# [-c] -speed-check-mode [mode]: speed check mode
# speed-check-mode [ping|tcp:port|none|,]
# -address [address|-]: same as address option
# -nameserver [group|-]: same as nameserver option
# -ipset [ipset|-]: same as ipset option
# [-a] -address [address|-]: same as address option
# [-n] -nameserver [group|-]: same as nameserver option
# [-p] -ipset [ipset|-]: same as ipset option
# [-d] -dualstack-ip-selection [yes|no]: same as dualstack-ip-selection option

0
package/build-pkg.sh Normal file → Executable file
View File

0
package/debian/make.sh Normal file → Executable file
View File

0
package/linux/make.sh Normal file → Executable file
View File

4
package/luci-compat/files/luci/i18n/smartdns.zh-cn.po
View File

@@ -104,13 +104,13 @@ msgid "Cache Size"
msgstr "缓存大小"
msgid "DNS domain result cache size"
msgstr "缓存DNS的结果缓存大小配置零则不缓存"
msgstr "缓存DNS的结果缓存大小配置零则不缓存(单位:条)"
msgid "Domain TTL"
msgstr "域名TTL"
msgid "TTL for all domain result."
msgstr "设置所有域名的TTL值"
msgstr "设置所有域名的TTL值(单位:秒,下同)"
msgid "Domain TTL Min"
msgstr "域名TTL最小值"

0
package/luci-compat/make.sh Normal file → Executable file
View File

4
package/luci/files/luci/i18n/smartdns.zh-cn.po
View File

@@ -110,13 +110,13 @@ msgid "Cache Size"
msgstr "缓存大小"
msgid "DNS domain result cache size"
msgstr "缓存DNS的结果缓存大小配置零则不缓存"
msgstr "缓存DNS的结果缓存大小配置零则不缓存(单位:条)"
msgid "Domain TTL"
msgstr "域名TTL"
msgid "TTL for all domain result."
msgstr "设置所有域名的TTL值"
msgstr "设置所有域名的TTL值(单位:秒,下同)"
msgid "Domain TTL Min"
msgstr "域名TTL最小值"

1
package/luci/files/root/usr/share/luci/menu.d/luci-app-smartdns.json
View File

@@ -6,6 +6,7 @@
"path": "smartdns/smartdns"
},
"depends": {
"acl": [ "luci-app-smartdns" ],
"uci": { "smartdns": true }
}
}

0
package/luci/make.sh Normal file → Executable file
View File

2
package/openwrt/make.sh Normal file → Executable file
View File

@@ -74,7 +74,7 @@ build()
cd $ROOT
tar zcf $ROOT/data.tar.gz -C root --owner=0 --group=0 .
tar zcf $OUTPUTDIR/smartdns.$VER.$FILEARCH.ipk --owner=0 --group=0 control.tar.gz data.tar.gz debian-binary
tar zcf $OUTPUTDIR/smartdns.$VER.$FILEARCH.ipk --owner=0 --group=0 ./control.tar.gz ./data.tar.gz ./debian-binary
rm -fr $ROOT/
}

23
package/optware/S50smartdns
View File

@@ -332,9 +332,28 @@ case "$1" in
return 0
fi
if [ ! -d "/proc/$pid" ]; then
return 0;
kill -15 "$pid" 2>/dev/null
SLEEP=`which usleep`
SLEEPTIME=200000
if [ -z "$SLEEP" ]; then
SLEEP="sleep"
SLEEPTIME=0.2
fi
N=30
while [ $N -gt 0 ]
do
pid="$(cat "$SMARTDNS_PID" | head -n 1 2>/dev/null)"
if [ -z "$pid" ]; then
return 0
fi
if [ ! -d "/proc/$pid" ]; then
return 0;
fi
$SLEEP $SLEEPTIME 2>/dev/null
N=$((N-1))
done
kill -9 "$pid" 2>/dev/null
;;

0
package/optware/make.sh Normal file → Executable file
View File

66
package/redhat/smartdns.spec Normal file
View File

@@ -0,0 +1,66 @@
Name: smartdns
Version: 1.2020.09.08
Release: 2235%{?dist}
Summary: smartdns
License: GPL 3.0
URL: https://github.com/pymumu/smartdns
Source0: %{name}-%{version}.tar.gz
BuildRequires: glibc
BuildRequires: centos-release >= 7
BuildRequires: openssl-devel
Requires: glibc
Requires: openssl
Requires: systemd
%description
A local DNS server to obtain the fastest website IP for the best Internet experience.
%prep
%setup -q
%build
cd src
make %{?_smp_mflags}
%install
rm -rf $RPM_BUILD_ROOT
%{__install} -D -m 755 src/smartdns $RPM_BUILD_ROOT%{_sbindir}/smartdns
%{__install} -D -m 644 etc/smartdns/smartdns.conf $RPM_BUILD_ROOT%{_sysconfdir}/smartdns/smartdns.conf
%{__install} -D -m 644 systemd/smartdns.service.in $RPM_BUILD_ROOT%{_unitdir}/smartdns.service
cat > $RPM_BUILD_ROOT%{_unitdir}/smartdns.service <<EOF
[Unit]
Description=smartdns
ConditionFileIsExecutable=/usr/sbin/smartdns
After=syslog.target network-online.target
[Service]
Type=simple
ExecStart=/usr/sbin/smartdns -c /etc/smartdns/smartdns.conf -f
PIDFile=/run/smartdns.pid
Restart=on-failure
KillMode=process
[Install]
WantedBy=multi-user.target
EOF
%files
%defattr(-,root,root,-)
%{_sbindir}/smartdns
%config(noreplace) %{_sysconfdir}/smartdns/smartdns.conf
%{_unitdir}/smartdns.service
%post
%systemd_post %{name}.service
%preun
%systemd_preun %{name}.service
%postun
%systemd_postun_with_restart %{name}.service

5
src/.gitignore vendored Normal file
View File

@@ -0,0 +1,5 @@
.vscode
.o
.DS_Store
.swp.
smartdns

4
src/Makefile
View File

@@ -20,7 +20,7 @@ OBJS=smartdns.o fast_ping.o dns_client.o dns_server.o dns.o util.o tlog.o dns_co
# cflags
ifndef CFLAGS
CFLAGS =-O2 -g -Wall -Wstrict-prototypes -fno-omit-frame-pointer -Wstrict-aliasing
CFLAGS =-O2 -g -Wall -Wstrict-prototypes -fno-omit-frame-pointer -Wstrict-aliasing -funwind-tables
endif
override CFLAGS +=-Iinclude
override CFLAGS += -DBASE_FILE_NAME=\"$(notdir $<)\"
@@ -35,7 +35,7 @@ override CXXFLAGS +=-Iinclude
ifeq ($(STATIC), yes)
override LDFLAGS += -lssl -lcrypto -Wl,--whole-archive -lpthread -Wl,--no-whole-archive -ldl -static
else
override LDFLAGS += -lssl -lcrypto -lpthread
override LDFLAGS += -lssl -lcrypto -lpthread -ldl
endif
.PHONY: all clean

76
src/dns.c
View File

@@ -253,11 +253,8 @@ static int _dns_add_qr_head(struct dns_data_context *data_context, char *domain,
return -1;
}
*((unsigned short *)(data_context->ptr)) = qtype;
data_context->ptr += 2;
*((unsigned short *)(data_context->ptr)) = qclass;
data_context->ptr += 2;
_dns_write_short(&data_context->ptr, qtype);
_dns_write_short(&data_context->ptr, qclass);
return 0;
}
@@ -266,6 +263,10 @@ static int _dns_get_qr_head(struct dns_data_context *data_context, char *domain,
{
int i;
int is_read_all = 0;
if (domain == NULL || data_context == NULL) {
return -1;
}
/* question head */
/* |domain |
* |qtype | qclass |
@@ -296,11 +297,8 @@ static int _dns_get_qr_head(struct dns_data_context *data_context, char *domain,
return -1;
}
*qtype = *((unsigned short *)(data_context->ptr));
data_context->ptr += 2;
*qclass = *((unsigned short *)(data_context->ptr));
data_context->ptr += 2;
*qtype = _dns_read_short(&data_context->ptr);
*qclass = _dns_read_short(&data_context->ptr);
return 0;
}
@@ -325,11 +323,8 @@ static int _dns_add_rr_head(struct dns_data_context *data_context, char *domain,
return -1;
}
*((unsigned int *)(data_context->ptr)) = ttl;
data_context->ptr += 4;
*((unsigned short *)(data_context->ptr)) = rr_len;
data_context->ptr += 2;
_dns_write_int(&data_context->ptr, ttl);
_dns_write_short(&data_context->ptr, rr_len);
return 0;
}
@@ -351,11 +346,8 @@ static int _dns_get_rr_head(struct dns_data_context *data_context, char *domain,
return -1;
}
*ttl = *((unsigned int *)(data_context->ptr));
data_context->ptr += 4;
*rr_len = *((unsigned short *)(data_context->ptr));
data_context->ptr += 2;
*ttl = _dns_read_int(&data_context->ptr);
*rr_len = _dns_read_short(&data_context->ptr);
return len;
}
@@ -940,7 +932,7 @@ static int _dns_decode_domain(struct dns_context *context, char *output, int siz
/*[len]string[len]string...[0]0 */
while (1) {
if (ptr > context->data + context->maxsize || ptr < context->data || output_len >= size - 1 || ptr_jump > 4) {
if (ptr >= context->data + context->maxsize || ptr < context->data || output_len >= size - 1 || ptr_jump > 4) {
return -1;
}
@@ -1363,7 +1355,7 @@ static int _dns_decode_opt_ecs(struct dns_context *context, struct dns_opt_ecs *
len = (ecs->source_prefix / 8);
len += (ecs->source_prefix % 8 > 0) ? 1 : 0;
if (_dns_left_len(context) < len) {
if (_dns_left_len(context) < len || len > sizeof(ecs->addr)) {
return -1;
}
@@ -1377,6 +1369,38 @@ static int _dns_decode_opt_ecs(struct dns_context *context, struct dns_opt_ecs *
return 0;
}
static int _dns_decode_opt_cookie(struct dns_context *context, struct dns_opt_cookie *cookie)
{
// TODO
int len = _dns_left_len(context);
if (len < 8) {
return -1;
}
len = 8;
memcpy(cookie->client_cookie, context->ptr, len);
context->ptr += len;
len = _dns_left_len(context);
if (len == 0) {
cookie->server_cookie_len = 0;
return 0;
}
if (len < 8) {
return -1;
}
memcpy(cookie->server_cookie, context->ptr, len);
cookie->server_cookie_len = len;
context->ptr += len;
tlog(TLOG_DEBUG, "OPT COOKIE");
return 0;
}
static int _dns_encode_OPT(struct dns_context *context, struct dns_rrs *rrs)
{
int ret;
@@ -1559,6 +1583,14 @@ static int _dns_decode_opt(struct dns_context *context, dns_rr_type type, unsign
return -1;
}
} break;
case DNS_OPT_T_COOKIE: {
struct dns_opt_cookie cookie;
ret = _dns_decode_opt_cookie(context, &cookie);
if (ret != 0) {
tlog(TLOG_ERROR, "decode cookie failed.");
return -1;
}
} break;
default:
context->ptr += opt_len;
tlog(TLOG_DEBUG, "DNS opt type = %d not supported", opt_code);

10
src/dns.h
View File

@@ -68,6 +68,7 @@ typedef enum dns_type {
typedef enum dns_opt_code {
DNS_OPT_T_ECS = 8, // OPT ECS
DNS_OPT_T_COOKIE = 10, //OPT Cookie
DNS_OPT_T_TCP_KEEPALIVE = 11,
DNS_OPT_T_ALL = 255
} dns_opt_code_t;
@@ -110,7 +111,7 @@ struct dns_head {
unsigned short ancount; /* number of answer entries */
unsigned short nscount; /* number of authority entries */
unsigned short nrcount; /* number of addititional resource entries */
} __attribute__((packed));
} __attribute__((packed, aligned(2)));
struct dns_rrs {
unsigned short next;
@@ -171,6 +172,13 @@ struct dns_opt_ecs {
unsigned char addr[DNS_RR_AAAA_LEN];
};
/* OPT COOLIE */
struct dns_opt_cookie {
char server_cookie_len;
unsigned char client_cookie[8];
unsigned char server_cookie[32];
};
/* OPT */
struct dns_opt {
unsigned short code;

537
src/dns_cache.c
View File

@@ -19,7 +19,11 @@
#include "dns_cache.h"
#include "stringutil.h"
#include "tlog.h"
#include <errno.h>
#include <fcntl.h>
#include <pthread.h>
#include <string.h>
#include <sys/types.h>
#define DNS_CACHE_MAX_HITNUM 5000
#define DNS_CACHE_HITNUM_STEP 2
@@ -65,7 +69,7 @@ static __attribute__((unused)) struct dns_cache *_dns_cache_last(void)
return list_last_entry(&dns_cache_head.cache_list, struct dns_cache, list);
}
static struct dns_cache *_dns_cache_first(void)
static struct dns_cache *_dns_inactive_cache_first(void)
{
struct dns_cache *dns_cache = NULL;
@@ -82,6 +86,7 @@ static void _dns_cache_delete(struct dns_cache *dns_cache)
hash_del(&dns_cache->node);
list_del_init(&dns_cache->list);
atomic_dec(&dns_cache_head.num);
dns_cache_data_free(dns_cache->cache_data);
free(dns_cache);
}
@@ -118,10 +123,124 @@ static void _dns_cache_move_inactive(struct dns_cache *dns_cache)
list_add_tail(&dns_cache->list, &dns_cache_head.inactive_list);
}
int dns_cache_replace(char *domain, char *cname, int cname_ttl, int ttl, dns_type_t qtype, unsigned char *addr,
int addr_len, int speed)
enum CACHE_TYPE dns_cache_data_type(struct dns_cache_data *cache_data)
{
return cache_data->head.cache_type;
}
uint32_t dns_cache_get_cache_flag(struct dns_cache_data *cache_data)
{
return cache_data->head.cache_flag;
}
void dns_cache_data_free(struct dns_cache_data *data)
{
if (data == NULL) {
return;
}
free(data);
}
struct dns_cache_data *dns_cache_new_data(void)
{
struct dns_cache_addr *cache_addr = malloc(sizeof(struct dns_cache_addr));
memset(cache_addr, 0, sizeof(struct dns_cache_addr));
if (cache_addr == NULL) {
return NULL;
}
cache_addr->head.cache_type = CACHE_TYPE_NONE;
cache_addr->head.size = sizeof(struct dns_cache_addr) - sizeof(struct dns_cache_data_head);
return (struct dns_cache_data *)cache_addr;
}
void dns_cache_set_data_soa(struct dns_cache_data *dns_cache, int32_t cache_flag, char *cname, int cname_ttl)
{
if (dns_cache == NULL) {
goto errout;
}
struct dns_cache_addr *cache_addr = (struct dns_cache_addr *)dns_cache;
if (cache_addr == NULL) {
goto errout;
}
memset(cache_addr->addr_data.addr, 0, sizeof(cache_addr->addr_data.addr));
if (cname) {
safe_strncpy(cache_addr->addr_data.cname, cname, DNS_MAX_CNAME_LEN);
cache_addr->addr_data.cname_ttl = cname_ttl;
}
cache_addr->head.cache_flag = cache_flag;
cache_addr->addr_data.soa = 1;
cache_addr->head.cache_type = CACHE_TYPE_ADDR;
cache_addr->head.size = sizeof(struct dns_cache_addr) - sizeof(struct dns_cache_data_head);
errout:
return;
}
void dns_cache_set_data_addr(struct dns_cache_data *dns_cache, uint32_t cache_flag, char *cname, int cname_ttl,
unsigned char *addr, int addr_len)
{
if (dns_cache == NULL) {
goto errout;
}
struct dns_cache_addr *cache_addr = (struct dns_cache_addr *)dns_cache;
if (cache_addr == NULL) {
goto errout;
}
if (addr_len == DNS_RR_A_LEN) {
memcpy(cache_addr->addr_data.addr, addr, DNS_RR_A_LEN);
} else if (addr_len != DNS_RR_AAAA_LEN) {
memcpy(cache_addr->addr_data.addr, addr, DNS_RR_AAAA_LEN);
} else {
goto errout;
}
if (cname) {
safe_strncpy(cache_addr->addr_data.cname, cname, DNS_MAX_CNAME_LEN);
cache_addr->addr_data.cname_ttl = cname_ttl;
}
cache_addr->head.cache_flag = cache_flag;
cache_addr->head.cache_type = CACHE_TYPE_ADDR;
cache_addr->head.size = sizeof(struct dns_cache_addr) - sizeof(struct dns_cache_data_head);
errout:
return;
}
struct dns_cache_data *dns_cache_new_data_packet(uint32_t cache_flag, void *packet, size_t packet_len)
{
struct dns_cache_packet *cache_packet = NULL;
size_t data_size = 0;
if (packet == NULL || packet_len <= 0) {
return NULL;
}
data_size = sizeof(*cache_packet) + packet_len;
cache_packet = malloc(data_size);
if (cache_packet == NULL) {
return NULL;
}
memcpy(cache_packet->data, packet, packet_len);
cache_packet->head.cache_flag = cache_flag;
cache_packet->head.cache_type = CACHE_TYPE_PACKET;
cache_packet->head.size = packet_len;
return (struct dns_cache_data *)cache_packet;
}
int dns_cache_replace(char *domain, int ttl, dns_type_t qtype, int speed, struct dns_cache_data *cache_data)
{
struct dns_cache *dns_cache = NULL;
struct dns_cache_data *old_cache_data = NULL;
if (dns_cache_head.size <= 0) {
return 0;
@@ -130,7 +249,7 @@ int dns_cache_replace(char *domain, char *cname, int cname_ttl, int ttl, dns_typ
/* lookup existing cache */
dns_cache = dns_cache_lookup(domain, qtype);
if (dns_cache == NULL) {
return dns_cache_insert(domain, cname, cname_ttl, ttl, qtype, addr, addr_len, speed);
return dns_cache_insert(domain, ttl, qtype, speed, cache_data);
}
if (ttl < DNS_CACHE_TTL_MIN) {
@@ -139,58 +258,30 @@ int dns_cache_replace(char *domain, char *cname, int cname_ttl, int ttl, dns_typ
/* update cache data */
pthread_mutex_lock(&dns_cache_head.lock);
dns_cache->ttl = ttl;
dns_cache->qtype = qtype;
dns_cache->ttl = ttl;
dns_cache->del_pending = 0;
dns_cache->speed = speed;
time(&dns_cache->insert_time);
if (qtype == DNS_T_A) {
if (addr_len != DNS_RR_A_LEN) {
goto errout_unlock;
}
memcpy(dns_cache->addr, addr, DNS_RR_A_LEN);
} else if (qtype == DNS_T_AAAA) {
if (addr_len != DNS_RR_AAAA_LEN) {
goto errout_unlock;
}
memcpy(dns_cache->addr, addr, DNS_RR_AAAA_LEN);
} else {
goto errout_unlock;
}
if (cname) {
safe_strncpy(dns_cache->cname, cname, DNS_MAX_CNAME_LEN);
dns_cache->cname_ttl = cname_ttl;
}
dns_cache->info.ttl = ttl;
dns_cache->info.qtype = qtype;
dns_cache->info.ttl = ttl;
dns_cache->info.speed = speed;
time(&dns_cache->info.insert_time);
old_cache_data = dns_cache->cache_data;
dns_cache->cache_data = cache_data;
list_del_init(&dns_cache->list);
list_add_tail(&dns_cache->list, &dns_cache_head.cache_list);
pthread_mutex_unlock(&dns_cache_head.lock);
dns_cache_data_free(old_cache_data);
dns_cache_release(dns_cache);
return 0;
errout_unlock:
pthread_mutex_unlock(&dns_cache_head.lock);
// errout:
if (dns_cache) {
dns_cache_release(dns_cache);
}
return -1;
}
int dns_cache_insert(char *domain, char *cname, int cname_ttl, int ttl, dns_type_t qtype, unsigned char *addr,
int addr_len, int speed)
int _dns_cache_insert(struct dns_cache_info *info, struct dns_cache_data *cache_data, struct list_head *head)
{
uint32_t key = 0;
struct dns_cache *dns_cache = NULL;
if (dns_cache_head.size <= 0) {
return 0;
}
/* if cache already exists, free */
dns_cache = dns_cache_lookup(domain, qtype);
dns_cache = dns_cache_lookup(info->domain, info->qtype);
if (dns_cache) {
dns_cache_delete(dns_cache);
dns_cache_release(dns_cache);
@@ -202,50 +293,22 @@ int dns_cache_insert(char *domain, char *cname, int cname_ttl, int ttl, dns_type
goto errout;
}
if (ttl < DNS_CACHE_TTL_MIN) {
ttl = DNS_CACHE_TTL_MIN;
}
key = hash_string(domain);
key = jhash(&qtype, sizeof(qtype), key);
safe_strncpy(dns_cache->domain, domain, DNS_MAX_CNAME_LEN);
dns_cache->cname[0] = 0;
dns_cache->qtype = qtype;
dns_cache->ttl = ttl;
atomic_set(&dns_cache->hitnum, 3);
dns_cache->hitnum_update_add = DNS_CACHE_HITNUM_STEP;
dns_cache->del_pending = 0;
dns_cache->speed = speed;
memset(dns_cache, 0, sizeof(*dns_cache));
key = hash_string(info->domain);
key = jhash(&info->qtype, sizeof(info->qtype), key);
atomic_set(&dns_cache->ref, 1);
time(&dns_cache->insert_time);
if (qtype == DNS_T_A) {
if (addr_len != DNS_RR_A_LEN) {
goto errout;
}
memcpy(dns_cache->addr, addr, DNS_RR_A_LEN);
} else if (qtype == DNS_T_AAAA) {
if (addr_len != DNS_RR_AAAA_LEN) {
goto errout;
}
memcpy(dns_cache->addr, addr, DNS_RR_AAAA_LEN);
} else {
goto errout;
}
if (cname) {
safe_strncpy(dns_cache->cname, cname, DNS_MAX_CNAME_LEN);
dns_cache->cname_ttl = cname_ttl;
}
memcpy(&dns_cache->info, info, sizeof(*info));
dns_cache->del_pending = 0;
dns_cache->cache_data = cache_data;
pthread_mutex_lock(&dns_cache_head.lock);
hash_add(dns_cache_head.cache_hash, &dns_cache->node, key);
list_add_tail(&dns_cache->list, &dns_cache_head.cache_list);
list_add_tail(&dns_cache->list, head);
INIT_LIST_HEAD(&dns_cache->check_list);
/* Release extra cache, remove oldest cache record */
if (atomic_inc_return(&dns_cache_head.num) > dns_cache_head.size) {
struct dns_cache *del_cache;
del_cache = _dns_cache_first();
del_cache = _dns_inactive_cache_first();
if (del_cache) {
_dns_cache_remove(del_cache);
}
@@ -261,6 +324,34 @@ errout:
return -1;
}
int dns_cache_insert(char *domain, int ttl, dns_type_t qtype, int speed, struct dns_cache_data *cache_data)
{
struct dns_cache_info info;
if (cache_data == NULL || domain == NULL) {
return -1;
}
if (dns_cache_head.size <= 0) {
dns_cache_data_free(cache_data);
return 0;
}
if (ttl < DNS_CACHE_TTL_MIN) {
ttl = DNS_CACHE_TTL_MIN;
}
info.hitnum = 3;
safe_strncpy(info.domain, domain, DNS_MAX_CNAME_LEN);
info.qtype = qtype;
info.ttl = ttl;
info.hitnum_update_add = DNS_CACHE_HITNUM_STEP;
info.speed = speed;
time(&info.insert_time);
return _dns_cache_insert(&info, cache_data, &dns_cache_head.cache_list);
}
struct dns_cache *dns_cache_lookup(char *domain, dns_type_t qtype)
{
uint32_t key = 0;
@@ -280,11 +371,11 @@ struct dns_cache *dns_cache_lookup(char *domain, dns_type_t qtype)
pthread_mutex_lock(&dns_cache_head.lock);
hash_for_each_possible(dns_cache_head.cache_hash, dns_cache, node, key)
{
if (dns_cache->qtype != qtype) {
if (dns_cache->info.qtype != qtype) {
continue;
}
if (strncmp(domain, dns_cache->domain, DNS_MAX_CNAME_LEN) != 0) {
if (strncmp(domain, dns_cache->info.domain, DNS_MAX_CNAME_LEN) != 0) {
continue;
}
@@ -294,7 +385,7 @@ struct dns_cache *dns_cache_lookup(char *domain, dns_type_t qtype)
if (dns_cache_ret) {
/* Return NULL if the cache times out */
if (dns_cache_head.enable_inactive == 0 && (now - dns_cache_ret->insert_time > dns_cache_ret->ttl)) {
if (dns_cache_head.enable_inactive == 0 && (now - dns_cache_ret->info.insert_time > dns_cache_ret->info.ttl)) {
_dns_cache_remove(dns_cache_ret);
dns_cache_ret = NULL;
} else {
@@ -313,7 +404,7 @@ int dns_cache_get_ttl(struct dns_cache *dns_cache)
int ttl = 0;
time(&now);
ttl = dns_cache->insert_time + dns_cache->ttl - now;
ttl = dns_cache->info.insert_time + dns_cache->info.ttl - now;
if (ttl < 0) {
return 0;
}
@@ -321,6 +412,53 @@ int dns_cache_get_ttl(struct dns_cache *dns_cache)
return ttl;
}
int dns_cache_get_cname_ttl(struct dns_cache *dns_cache)
{
time_t now;
int ttl = 0;
time(&now);
struct dns_cache_addr *cache_addr = (struct dns_cache_addr *)dns_cache_get_data(dns_cache);
if (cache_addr->head.cache_type != CACHE_TYPE_ADDR) {
return 0;
}
ttl = dns_cache->info.insert_time + cache_addr->addr_data.cname_ttl - now;
if (ttl < 0) {
return 0;
}
int addr_ttl = dns_cache_get_ttl(dns_cache);
if (ttl < addr_ttl && ttl < 0) {
return addr_ttl;
}
if (ttl < 0) {
return 0;
}
return ttl;
}
int dns_cache_is_soa(struct dns_cache *dns_cache)
{
if (dns_cache == NULL) {
return 0;
}
struct dns_cache_addr *cache_addr = (struct dns_cache_addr *)dns_cache_get_data(dns_cache);
if (cache_addr->head.cache_type == CACHE_TYPE_ADDR && cache_addr->addr_data.soa) {
return 1;
}
return 0;
}
struct dns_cache_data *dns_cache_get_data(struct dns_cache *dns_cache)
{
return dns_cache->cache_data;
}
void dns_cache_delete(struct dns_cache *dns_cache)
{
pthread_mutex_lock(&dns_cache_head.lock);
@@ -330,15 +468,14 @@ void dns_cache_delete(struct dns_cache *dns_cache)
int dns_cache_hitnum_dec_get(struct dns_cache *dns_cache)
{
int hitnum = 0;
pthread_mutex_lock(&dns_cache_head.lock);
hitnum = atomic_dec_return(&dns_cache->hitnum);
if (dns_cache->hitnum_update_add > DNS_CACHE_HITNUM_STEP) {
dns_cache->hitnum_update_add--;
dns_cache->info.hitnum--;
if (dns_cache->info.hitnum_update_add > DNS_CACHE_HITNUM_STEP) {
dns_cache->info.hitnum_update_add--;
}
pthread_mutex_unlock(&dns_cache_head.lock);
return hitnum;
return dns_cache->info.hitnum;
}
void dns_cache_update(struct dns_cache *dns_cache)
@@ -347,13 +484,13 @@ void dns_cache_update(struct dns_cache *dns_cache)
if (!list_empty(&dns_cache->list)) {
list_del_init(&dns_cache->list);
list_add_tail(&dns_cache->list, &dns_cache_head.cache_list);
atomic_add(dns_cache->hitnum_update_add, &dns_cache->hitnum);
if (atomic_read(&dns_cache->hitnum) > DNS_CACHE_MAX_HITNUM) {
atomic_set(&dns_cache->hitnum, DNS_CACHE_MAX_HITNUM);
dns_cache->info.hitnum += dns_cache->info.hitnum_update_add;
if (dns_cache->info.hitnum > DNS_CACHE_MAX_HITNUM) {
dns_cache->info.hitnum = DNS_CACHE_MAX_HITNUM;
}
if (dns_cache->hitnum_update_add < DNS_CACHE_HITNUM_STEP_MAX) {
dns_cache->hitnum_update_add++;
if (dns_cache->info.hitnum_update_add < DNS_CACHE_HITNUM_STEP_MAX) {
dns_cache->info.hitnum_update_add++;
}
}
pthread_mutex_unlock(&dns_cache_head.lock);
@@ -367,7 +504,7 @@ void _dns_cache_remove_expired_ttl(time_t *now)
list_for_each_entry_safe(dns_cache, tmp, &dns_cache_head.inactive_list, list)
{
ttl = dns_cache->insert_time + dns_cache->ttl - *now;
ttl = dns_cache->info.insert_time + dns_cache->info.ttl - *now;
if (ttl > 0) {
continue;
}
@@ -396,7 +533,7 @@ void dns_cache_invalidate(dns_cache_preinvalid_callback callback, int ttl_pre)
pthread_mutex_lock(&dns_cache_head.lock);
list_for_each_entry_safe(dns_cache, tmp, &dns_cache_head.cache_list, list)
{
ttl = dns_cache->insert_time + dns_cache->ttl - now;
ttl = dns_cache->info.insert_time + dns_cache->info.ttl - now;
if (ttl > 0 && ttl < ttl_pre) {
/* If the TTL time is in the pre-timeout range, call callback function */
if (callback && dns_cache->del_pending == 0) {
@@ -408,7 +545,7 @@ void dns_cache_invalidate(dns_cache_preinvalid_callback callback, int ttl_pre)
}
if (ttl < 0) {
if (dns_cache_head.enable_inactive) {
if (dns_cache_head.enable_inactive && (dns_cache_is_soa(dns_cache) == 0)) {
_dns_cache_move_inactive(dns_cache);
} else {
_dns_cache_remove(dns_cache);
@@ -432,6 +569,216 @@ void dns_cache_invalidate(dns_cache_preinvalid_callback callback, int ttl_pre)
}
}
static int _dns_cache_read_record(int fd, uint32_t cache_number)
{
int i = 0;
int ret = 0;
struct dns_cache_record cache_record;
struct dns_cache_data_head data_head;
struct dns_cache_data *cache_data = NULL;
struct list_head *head = NULL;
for (i = 0; i < cache_number; i++) {
ret = read(fd, &cache_record, sizeof(cache_record));
if (ret != sizeof(cache_record)) {
tlog(TLOG_ERROR, "read cache failed, %s", strerror(errno));
goto errout;
}
if (cache_record.magic != MAGIC_CACHE_DATA) {
tlog(TLOG_ERROR, "magic is invalid.");
goto errout;
}
if (cache_record.type == CACHE_RECORD_TYPE_ACTIVE) {
head = &dns_cache_head.cache_list;
} else {
head = &dns_cache_head.inactive_list;
}
ret = read(fd, &data_head, sizeof(data_head));
if (ret != sizeof(data_head)) {
tlog(TLOG_ERROR, "read data head failed, %s", strerror(errno));
goto errout;
}
if (data_head.size > 1024 * 8) {
tlog(TLOG_ERROR, "data may invalid, skip load cache.");
goto errout;
}
cache_data = malloc(data_head.size + sizeof(data_head));
if (cache_data == NULL) {
tlog(TLOG_ERROR, "malloc cache data failed %s", strerror(errno));
goto errout;
}
memcpy(&cache_data->head, &data_head, sizeof(data_head));
ret = read(fd, cache_data->data, data_head.size);
if (ret != data_head.size) {
tlog(TLOG_ERROR, "read cache data failed, %s", strerror(errno));
goto errout;
}
if (_dns_cache_insert(&cache_record.info, cache_data, head) != 0) {
tlog(TLOG_ERROR, "insert cache data failed.");
cache_data = NULL;
goto errout;
}
cache_data = NULL;
}
return 0;
errout:
if (cache_data) {
free(cache_data);
}
return -1;
}
int dns_cache_load(const char *file)
{
int fd = -1;
int ret = 0;
fd = open(file, O_RDONLY);
if (fd < 0) {
return 0;
}
struct dns_cache_file cache_file;
ret = read(fd, &cache_file, sizeof(cache_file));
if (ret != sizeof(cache_file)) {
tlog(TLOG_ERROR, "read cache head failed.");
goto errout;
}
if (cache_file.magic != MAGIC_NUMBER) {
tlog(TLOG_ERROR, "cache file is invalid.");
goto errout;
}
if (strncmp(cache_file.version, __TIMESTAMP__, DNS_CACHE_VERSION_LEN) != 0) {
tlog(TLOG_WARN, "cache version is different, skip load cache.");
goto errout;
}
if (_dns_cache_read_record(fd, cache_file.cache_number) != 0) {
goto errout;
}
close(fd);
return 0;
errout:
if (fd > 0) {
close(fd);
}
return -1;
}
static int _dns_cache_write_record(int fd, uint32_t *cache_number, enum CACHE_RECORD_TYPE type, struct list_head *head)
{
struct dns_cache *dns_cache = NULL;
struct dns_cache *tmp = NULL;
struct dns_cache_record cache_record;
pthread_mutex_lock(&dns_cache_head.lock);
list_for_each_entry_safe_reverse(dns_cache, tmp, head, list)
{
cache_record.magic = MAGIC_CACHE_DATA;
cache_record.type = type;
memcpy(&cache_record.info, &dns_cache->info, sizeof(struct dns_cache_info));
int ret = write(fd, &cache_record, sizeof(cache_record));
if (ret != sizeof(cache_record)) {
tlog(TLOG_ERROR, "write cache failed, %s", strerror(errno));
goto errout;
}
struct dns_cache_data *cache_data = dns_cache->cache_data;
ret = write(fd, cache_data, sizeof(*cache_data) + cache_data->head.size);
if (ret != sizeof(*cache_data) + cache_data->head.size) {
tlog(TLOG_ERROR, "write cache data failed, %s", strerror(errno));
goto errout;
}
(*cache_number)++;
}
pthread_mutex_unlock(&dns_cache_head.lock);
return 0;
errout:
pthread_mutex_unlock(&dns_cache_head.lock);
return -1;
}
static int _dns_cache_write_records(int fd, uint32_t *cache_number)
{
if (_dns_cache_write_record(fd, cache_number, CACHE_RECORD_TYPE_ACTIVE, &dns_cache_head.cache_list) != 0) {
return -1;
}
if (_dns_cache_write_record(fd, cache_number, CACHE_RECORD_TYPE_INACTIVE, &dns_cache_head.inactive_list) != 0) {
return -1;
}
return 0;
}
int dns_cache_save(const char *file)
{
int fd = -1;
uint32_t cache_number = 0;
tlog(TLOG_DEBUG, "write cache file %s", file);
fd = open(file, O_TRUNC | O_CREAT | O_WRONLY, 0640);
if (fd < 0) {
tlog(TLOG_ERROR, "create file %s failed, %s", file, strerror(errno));
goto errout;
}
struct dns_cache_file cache_file;
memset(&cache_file, 0, sizeof(cache_file));
cache_file.magic = MAGIC_NUMBER;
safe_strncpy(cache_file.version, __TIMESTAMP__, DNS_CACHE_VERSION_LEN);
cache_file.cache_number = 0;
if (lseek(fd, sizeof(cache_file), SEEK_SET) < 0) {
tlog(TLOG_ERROR, "seek file %s failed, %s", file, strerror(errno));
goto errout;
}
if (_dns_cache_write_records(fd, &cache_number) != 0) {
tlog(TLOG_ERROR, "write record to file %s failed.", file);
goto errout;
}
if (lseek(fd, 0, SEEK_SET) < 0) {
tlog(TLOG_ERROR, "seek file %s failed, %s", file, strerror(errno));
goto errout;
}
cache_file.cache_number = cache_number;
if (write(fd, &cache_file, sizeof(cache_file)) != sizeof(cache_file)) {
tlog(TLOG_ERROR, "write file head %s failed, %s, %d", file, strerror(errno), fd);
goto errout;
}
tlog(TLOG_DEBUG, "wrote total %d records.", cache_number);
close(fd);
return 0;
errout:
if (fd > 0) {
close(fd);
}
return -1;
}
void dns_cache_destroy(void)
{
struct dns_cache *dns_cache = NULL;

115
src/dns_cache.h
View File

@@ -32,36 +32,98 @@ extern "C" {
#endif
#define DNS_CACHE_TTL_MIN 30
#define DNS_CACHE_VERSION_LEN 32
#define MAGIC_NUMBER 0x6548634163536e44
#define MAGIC_CACHE_DATA 0x44615461
enum CACHE_TYPE {
CACHE_TYPE_NONE,
CACHE_TYPE_ADDR,
CACHE_TYPE_PACKET,
};
enum CACHE_RECORD_TYPE {
CACHE_RECORD_TYPE_ACTIVE,
CACHE_RECORD_TYPE_INACTIVE,
};
struct dns_cache_data_head {
uint32_t cache_flag;
enum CACHE_TYPE cache_type;
size_t size;
};
struct dns_cache_data {
struct dns_cache_data_head head;
unsigned char data[0];
};
struct dns_cache_addr {
struct dns_cache_data_head head;
struct dns_cache_addr_data {
unsigned int cname_ttl;
char soa;
char cname[DNS_MAX_CNAME_LEN];
union {
unsigned char ipv4_addr[DNS_RR_A_LEN];
unsigned char ipv6_addr[DNS_RR_AAAA_LEN];
unsigned char addr[0];
};
} addr_data;
};
struct dns_cache_packet {
struct dns_cache_data_head head;
unsigned char data[0];
};
struct dns_cache_info {
char domain[DNS_MAX_CNAME_LEN];
int ttl;
int hitnum;
int speed;
int hitnum_update_add;
time_t insert_time;
dns_type_t qtype;
};
struct dns_cache_record {
uint32_t magic;
enum CACHE_RECORD_TYPE type;
struct dns_cache_info info;
};
struct dns_cache {
struct hlist_node node;
struct list_head list;
struct list_head check_list;
atomic_t ref;
char domain[DNS_MAX_CNAME_LEN];
char cname[DNS_MAX_CNAME_LEN];
unsigned int cname_ttl;
unsigned int ttl;
int speed;
atomic_t hitnum;
int hitnum_update_add;
int del_pending;
time_t insert_time;
dns_type_t qtype;
union {
unsigned char ipv4_addr[DNS_RR_A_LEN];
unsigned char ipv6_addr[DNS_RR_AAAA_LEN];
unsigned char addr[0];
};
struct dns_cache_info info;
struct dns_cache_data *cache_data;
};
struct dns_cache_file {
uint64_t magic;
char version[DNS_CACHE_VERSION_LEN];
uint32_t cache_number;
};
enum CACHE_TYPE dns_cache_data_type(struct dns_cache_data *cache_data);
uint32_t dns_cache_get_cache_flag(struct dns_cache_data *cache_data);
void dns_cache_data_free(struct dns_cache_data *data);
struct dns_cache_data *dns_cache_new_data_packet(uint32_t cache_flag, void *packet, size_t packet_len);
int dns_cache_init(int size, int enable_inactive, int inactive_list_expired);
int dns_cache_replace(char *domain, char *cname, int cname_ttl, int ttl, dns_type_t qtype, unsigned char *addr,
int addr_len, int speed);
int dns_cache_replace(char *domain, int ttl, dns_type_t qtype, int speed, struct dns_cache_data *cache_data);
int dns_cache_insert(char *domain, char *cname, int cname_ttl, int ttl, dns_type_t qtype, unsigned char *addr,
int addr_len, int speed);
int dns_cache_insert(char *domain, int ttl, dns_type_t qtype, int speed, struct dns_cache_data *cache_data);
struct dns_cache *dns_cache_lookup(char *domain, dns_type_t qtype);
@@ -81,8 +143,25 @@ void dns_cache_invalidate(dns_cache_preinvalid_callback callback, int ttl_pre);
int dns_cache_get_ttl(struct dns_cache *dns_cache);
int dns_cache_get_cname_ttl(struct dns_cache *dns_cache);
int dns_cache_is_soa(struct dns_cache *dns_cache);
struct dns_cache_data *dns_cache_new_data(void);
struct dns_cache_data *dns_cache_get_data(struct dns_cache *dns_cache);
void dns_cache_set_data_addr(struct dns_cache_data *dns_cache, uint32_t cache_flag, char *cname, int cname_ttl,
unsigned char *addr, int addr_len);
void dns_cache_set_data_soa(struct dns_cache_data *dns_cache, int32_t cache_flag, char *cname, int cname_ttl);
void dns_cache_destroy(void);
int dns_cache_load(const char *file);
int dns_cache_save(const char *file);
#ifdef __cpluscplus
}
#endif

474
src/dns_client.c
View File

@@ -105,8 +105,10 @@ struct dns_server_info {
int ttl;
int ttl_range;
SSL *ssl;
int ssl_write_len;
SSL_CTX *ssl_ctx;
SSL_SESSION *ssl_session;
pthread_mutex_t lock;
char skip_check_cert;
dns_server_status status;
@@ -182,6 +184,9 @@ struct dns_client {
struct list_head dns_server_list;
struct dns_server_group *default_group;
SSL_CTX *ssl_ctx;
int ssl_verify_skip;
/* query list */
pthread_mutex_t dns_request_lock;
struct list_head dns_request_list;
@@ -248,6 +253,96 @@ static LIST_HEAD(pending_servers);
static pthread_mutex_t pending_server_mutex = PTHREAD_MUTEX_INITIALIZER;
static int dns_client_has_bootstrap_dns = 0;
int _ssl_read(struct dns_server_info *server, void *buff, int num)
{
int ret = 0;
if (server == NULL || buff == NULL) {
return SSL_ERROR_SYSCALL;
}
pthread_mutex_lock(&server->lock);
ret = SSL_read(server->ssl, buff, num);
pthread_mutex_unlock(&server->lock);
return ret;
}
int _ssl_write(struct dns_server_info *server, const void *buff, int num)
{
int ret = 0;
if (server == NULL || buff == NULL || server->ssl == NULL) {
return SSL_ERROR_SYSCALL;
}
pthread_mutex_lock(&server->lock);
ret = SSL_write(server->ssl, buff, num);
pthread_mutex_unlock(&server->lock);
return ret;
}
int _ssl_shutdown(struct dns_server_info *server)
{
int ret = 0;
if (server == NULL || server->ssl == NULL) {
return SSL_ERROR_SYSCALL;
}
pthread_mutex_lock(&server->lock);
ret = SSL_shutdown(server->ssl);
pthread_mutex_unlock(&server->lock);
return ret;
}
int _ssl_get_error(struct dns_server_info *server, int ret)
{
int err = 0;
if (server == NULL || server->ssl == NULL) {
return SSL_ERROR_SYSCALL;
}
pthread_mutex_lock(&server->lock);
err = SSL_get_error(server->ssl, ret);
pthread_mutex_unlock(&server->lock);
return err;
}
int _ssl_do_handshake(struct dns_server_info *server)
{
int err = 0;
if (server == NULL || server->ssl == NULL) {
return SSL_ERROR_SYSCALL;
}
pthread_mutex_lock(&server->lock);
err = SSL_do_handshake(server->ssl);
pthread_mutex_unlock(&server->lock);
return err;
}
int _ssl_session_reused(struct dns_server_info *server)
{
int err = 0;
if (server == NULL || server->ssl == NULL) {
return SSL_ERROR_SYSCALL;
}
pthread_mutex_lock(&server->lock);
err = SSL_session_reused(server->ssl);
pthread_mutex_unlock(&server->lock);
return err;
}
SSL_SESSION *_ssl_get1_session(struct dns_server_info *server)
{
SSL_SESSION *ret = 0;
if (server == NULL || server->ssl == NULL) {
return NULL;
}
pthread_mutex_lock(&server->lock);
ret = SSL_get1_session(server->ssl);
pthread_mutex_unlock(&server->lock);
return ret;
}
const char *_dns_server_get_type_string(dns_server_type_t type)
{
const char *type_str = "";
@@ -342,6 +437,10 @@ static struct dns_server_info *_dns_client_get_server(char *server_ip, int port,
struct dns_server_info *server_info, *tmp;
struct dns_server_info *server_info_return = NULL;
if (server_ip == NULL) {
return NULL;
}
pthread_mutex_lock(&client.server_list_lock);
list_for_each_entry_safe(server_info, tmp, &client.dns_server_list, list)
{
@@ -444,6 +543,10 @@ static int _dns_client_add_to_pending_group(char *group_name, char *server_ip, i
struct dns_server_pending *pending = NULL;
struct dns_server_pending_group *group = NULL;
if (group_name == NULL || server_ip == NULL) {
goto errout;
}
pthread_mutex_lock(&pending_server_mutex);
list_for_each_entry_safe(item, tmp, &pending_servers, list)
{
@@ -485,6 +588,10 @@ static int _dns_client_add_to_group_pending(char *group_name, char *server_ip, i
{
struct dns_server_info *server_info = NULL;
if (group_name == NULL || server_ip == NULL) {
return -1;
}
server_info = _dns_client_get_server(server_ip, port, server_type);
if (server_info == NULL) {
if (ispending == 0) {
@@ -565,6 +672,10 @@ int dns_client_add_group(char *group_name)
unsigned long key;
struct dns_server_group *group = NULL;
if (group_name == NULL) {
return -1;
}
if (_dns_client_get_group(group_name) != NULL) {
tlog(TLOG_ERROR, "add group %s failed, group already exists", group_name);
return -1;
@@ -596,6 +707,10 @@ static int _dns_client_remove_group(struct dns_server_group *group)
struct dns_server_group_member *group_member;
struct dns_server_group_member *tmp;
if (group == NULL) {
return 0;
}
list_for_each_entry_safe(group_member, tmp, &group->head, list)
{
_dns_client_remove_member(group_member);
@@ -613,6 +728,10 @@ int dns_client_remove_group(char *group_name)
struct dns_server_group *group = NULL;
struct hlist_node *tmp = NULL;
if (group_name == NULL) {
return -1;
}
key = hash_string(group_name);
hash_for_each_possible_safe(client.group, group, tmp, node, key)
{
@@ -721,6 +840,10 @@ static int _dns_client_set_trusted_cert(SSL_CTX *ssl_ctx)
char *capath = NULL;
int cert_path_set = 0;
if (ssl_ctx == NULL) {
return -1;
}
if (dns_conf_ca_file[0]) {
cafile = dns_conf_ca_file;
}
@@ -731,15 +854,19 @@ static int _dns_client_set_trusted_cert(SSL_CTX *ssl_ctx)
if (cafile == NULL && capath == NULL) {
if (SSL_CTX_set_default_verify_paths(ssl_ctx)) {
cert_path_set = 1;
}
const STACK_OF(X509_NAME) *cas = SSL_CTX_get_client_CA_list(ssl_ctx);
if (cas && sk_X509_NAME_num(cas) == 0) {
cafile = "/etc/ssl/certs/ca-certificates.crt";
capath = "/etc/ssl/certs";
} else {
cert_path_set = 1;
cert_path_set = 0;
}
}
if (cert_path_set == 0) {
if (!SSL_CTX_load_verify_locations(ssl_ctx, cafile, capath)) {
if (SSL_CTX_load_verify_locations(ssl_ctx, cafile, capath) == 0) {
tlog(TLOG_WARN, "load certificate from %s:%s failed.", cafile, capath);
return -1;
}
@@ -748,6 +875,47 @@ static int _dns_client_set_trusted_cert(SSL_CTX *ssl_ctx)
return 0;
}
SSL_CTX *_ssl_ctx_get(void)
{
pthread_mutex_lock(&client.server_list_lock);
SSL_CTX *ssl_ctx = client.ssl_ctx;
if (ssl_ctx) {
pthread_mutex_unlock(&client.server_list_lock);
return ssl_ctx;
}
#if (OPENSSL_VERSION_NUMBER >= 0x10100000L)
ssl_ctx = SSL_CTX_new(TLS_client_method());
#else
ssl_ctx = SSL_CTX_new(SSLv23_client_method());
#endif
if (ssl_ctx == NULL) {
tlog(TLOG_ERROR, "init ssl failed.");
goto errout;
}
SSL_CTX_set_options(ssl_ctx, SSL_OP_ALL | SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION);
SSL_CTX_set_session_cache_mode(ssl_ctx, SSL_SESS_CACHE_CLIENT);
SSL_CTX_sess_set_cache_size(ssl_ctx, DNS_MAX_SERVERS);
if (_dns_client_set_trusted_cert(ssl_ctx) != 0) {
SSL_CTX_set_verify(ssl_ctx, SSL_VERIFY_NONE, NULL);
client.ssl_verify_skip = 1;
}
client.ssl_ctx = ssl_ctx;
pthread_mutex_unlock(&client.server_list_lock);
return client.ssl_ctx;
errout:
pthread_mutex_unlock(&client.server_list_lock);
if (ssl_ctx) {
SSL_CTX_free(ssl_ctx);
}
return NULL;
}
/* add dns server information */
static int _dns_client_server_add(char *server_ip, char *server_host, int port, dns_server_type_t server_type,
struct client_dns_server_flags *flags)
@@ -836,6 +1004,7 @@ static int _dns_client_server_add(char *server_ip, char *server_host, int port,
server_info->ttl = ttl;
server_info->ttl_range = 0;
server_info->skip_check_cert = skip_check_cert;
pthread_mutex_init(&server_info->lock, NULL);
memcpy(&server_info->flags, flags, sizeof(server_info->flags));
/* exclude this server from default group */
@@ -848,23 +1017,14 @@ static int _dns_client_server_add(char *server_ip, char *server_host, int port,
/* if server type is TLS, create ssl context */
if (server_type == DNS_SERVER_TLS || server_type == DNS_SERVER_HTTPS) {
#if (OPENSSL_VERSION_NUMBER >= 0x10100000L)
server_info->ssl_ctx = SSL_CTX_new(TLS_client_method());
#else
server_info->ssl_ctx = SSL_CTX_new(SSLv23_client_method());
#endif
server_info->ssl_ctx = _ssl_ctx_get();
if (server_info->ssl_ctx == NULL) {
tlog(TLOG_ERROR, "init ssl failed.");
goto errout;
}
SSL_CTX_set_options(server_info->ssl_ctx, SSL_OP_ALL | SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION);
if (_dns_client_set_trusted_cert(server_info->ssl_ctx) != 0) {
tlog(TLOG_WARN, "disable check certificate for %s.", server_info->ip);
if (client.ssl_verify_skip) {
server_info->skip_check_cert = 1;
SSL_CTX_set_verify(server_info->ssl_ctx, SSL_VERIFY_NONE, NULL);
}
}
@@ -909,11 +1069,7 @@ errout:
fast_ping_stop(server_info->ping_host);
}
if (server_info->ssl_ctx) {
SSL_CTX_free(server_info->ssl_ctx);
server_info->ssl_ctx = NULL;
}
pthread_mutex_destroy(&server_info->lock);
free(server_info);
}
@@ -932,9 +1088,12 @@ static void _dns_client_close_socket(struct dns_server_info *server_info)
if (server_info->ssl) {
/* Shutdown ssl */
SSL_shutdown(server_info->ssl);
if (server_info->status == DNS_SERVER_STATUS_CONNECTED) {
_ssl_shutdown(server_info);
}
SSL_free(server_info->ssl);
server_info->ssl = NULL;
server_info->ssl_write_len = -1;
}
/* remove fd from epoll */
@@ -949,6 +1108,36 @@ static void _dns_client_close_socket(struct dns_server_info *server_info)
tlog(TLOG_DEBUG, "server %s closed.", server_info->ip);
}
static void _dns_client_shutdown_socket(struct dns_server_info *server_info)
{
if (server_info->fd <= 0) {
return;
}
switch (server_info->type) {
case DNS_SERVER_UDP:
return;
break;
case DNS_SERVER_TCP:
if (server_info->fd > 0) {
shutdown(server_info->fd, SHUT_RDWR);
}
break;
case DNS_SERVER_TLS:
case DNS_SERVER_HTTPS:
if (server_info->ssl) {
/* Shutdown ssl */
if (server_info->status == DNS_SERVER_STATUS_CONNECTED) {
_ssl_shutdown(server_info);
}
shutdown(server_info->fd, SHUT_RDWR);
}
break;
default:
break;
}
}
static void _dns_client_server_close(struct dns_server_info *server_info)
{
/* stop ping task */
@@ -965,10 +1154,7 @@ static void _dns_client_server_close(struct dns_server_info *server_info)
server_info->ssl_session = NULL;
}
if (server_info->ssl_ctx) {
SSL_CTX_free(server_info->ssl_ctx);
server_info->ssl_ctx = NULL;
}
server_info->ssl_ctx = NULL;
}
/* remove all servers information */
@@ -980,6 +1166,7 @@ static void _dns_client_server_remove_all(void)
{
list_del(&server_info->list);
_dns_client_server_close(server_info);
pthread_mutex_destroy(&server_info->lock);
free(server_info);
}
pthread_mutex_unlock(&client.server_list_lock);
@@ -1433,7 +1620,7 @@ static int _dns_client_recv(struct dns_server_info *server_info, unsigned char *
}
_dns_client_query_release(query);
return ret;
return 0;
}
static int _dns_client_create_socket_udp(struct dns_server_info *server_info)
@@ -1513,12 +1700,20 @@ static int _DNS_client_create_socket_tcp(struct dns_server_info *server_info)
set_sock_keepalive(fd, 15, 3, 4);
if (connect(fd, (struct sockaddr *)&server_info->addr, server_info->ai_addrlen) != 0) {
if (errno == ENETUNREACH) {
tlog(TLOG_DEBUG, "connect %s failed, %s", server_info->ip, strerror(errno));
goto errout;
}
if (errno != EINPROGRESS) {
tlog(TLOG_ERROR, "connect %s failed, %s", server_info->ip, strerror(errno));
goto errout;
}
}
server_info->fd = fd;
server_info->status = DNS_SERVER_STATUS_CONNECTING;
memset(&event, 0, sizeof(event));
event.events = EPOLLIN | EPOLLOUT;
event.data.ptr = server_info;
@@ -1527,17 +1722,19 @@ static int _DNS_client_create_socket_tcp(struct dns_server_info *server_info)
return -1;
}
server_info->fd = fd;
server_info->status = DNS_SERVER_STATUS_CONNECTING;
tlog(TLOG_DEBUG, "tcp server %s connecting.\n", server_info->ip);
return 0;
errout:
if (server_info->fd > 0) {
server_info->fd = -1;
}
server_info->status = DNS_SERVER_STATUS_INIT;
if (fd > 0) {
close(fd);
}
return -1;
}
@@ -1551,19 +1748,19 @@ static int _DNS_client_create_socket_tls(struct dns_server_info *server_info, ch
const int ip_tos = SOCKET_IP_TOS;
if (server_info->ssl_ctx == NULL) {
tlog(TLOG_ERROR, "create ssl ctx failed.");
tlog(TLOG_ERROR, "create ssl ctx failed, %s", server_info->ip);
goto errout;
}
ssl = SSL_new(server_info->ssl_ctx);
if (ssl == NULL) {
tlog(TLOG_ERROR, "new ssl failed.");
tlog(TLOG_ERROR, "new ssl failed, %s", server_info->ip);
goto errout;
}
fd = socket(server_info->ai_family, SOCK_STREAM, 0);
if (fd < 0) {
tlog(TLOG_ERROR, "create socket failed.");
tlog(TLOG_ERROR, "create socket failed, %s", strerror(errno));
goto errout;
}
@@ -1585,6 +1782,11 @@ static int _DNS_client_create_socket_tls(struct dns_server_info *server_info, ch
setsockopt(fd, IPPROTO_IP, IP_TOS, &ip_tos, sizeof(ip_tos));
if (connect(fd, (struct sockaddr *)&server_info->addr, server_info->ai_addrlen) != 0) {
if (errno == ENETUNREACH) {
tlog(TLOG_DEBUG, "connect %s failed, %s", server_info->ip, strerror(errno));
goto errout;
}
if (errno != EINPROGRESS) {
tlog(TLOG_ERROR, "connect %s failed, %s", server_info->ip, strerror(errno));
goto errout;
@@ -1607,6 +1809,11 @@ static int _DNS_client_create_socket_tls(struct dns_server_info *server_info, ch
SSL_set_tlsext_host_name(ssl, hostname);
}
server_info->fd = fd;
server_info->ssl = ssl;
server_info->ssl_write_len = -1;
server_info->status = DNS_SERVER_STATUS_CONNECTING;
memset(&event, 0, sizeof(event));
event.events = EPOLLIN | EPOLLOUT;
event.data.ptr = server_info;
@@ -1615,20 +1822,25 @@ static int _DNS_client_create_socket_tls(struct dns_server_info *server_info, ch
goto errout;
}
server_info->fd = fd;
server_info->ssl = ssl;
server_info->status = DNS_SERVER_STATUS_CONNECTING;
tlog(TLOG_DEBUG, "tls server %s connecting.\n", server_info->ip);
return 0;
errout:
if (server_info->fd > 0) {
server_info->fd = -1;
}
if (server_info->ssl) {
server_info->ssl = NULL;
}
server_info->status = DNS_SERVER_STATUS_INIT;
if (fd > 0) {
close(fd);
}
if (ssl) {
SSL_shutdown(ssl);
SSL_free(ssl);
}
@@ -1722,26 +1934,28 @@ static int _dns_client_process_udp(struct dns_server_info *server_info, struct e
return 0;
}
static int _dns_client_socket_ssl_send(SSL *ssl, const void *buf, int num)
static int _dns_client_socket_ssl_send(struct dns_server_info *server, const void *buf, int num)
{
int ret = 0;
int ssl_ret = 0;
unsigned long ssl_err = 0;
if (ssl == NULL) {
if (server->ssl == NULL) {
errno = EINVAL;
return -1;
}
ret = SSL_write(ssl, buf, num);
if (ret >= 0) {
ret = _ssl_write(server, buf, num);
if (ret > 0) {
return ret;
}
ssl_ret = SSL_get_error(ssl, ret);
ssl_ret = _ssl_get_error(server, ret);
switch (ssl_ret) {
case SSL_ERROR_NONE:
return 0;
break;
case SSL_ERROR_ZERO_RETURN:
case SSL_ERROR_WANT_READ:
errno = EAGAIN;
ret = -1;
@@ -1752,12 +1966,15 @@ static int _dns_client_socket_ssl_send(SSL *ssl, const void *buf, int num)
break;
case SSL_ERROR_SSL:
ssl_err = ERR_get_error();
if (ERR_GET_REASON(ssl_err) == SSL_R_UNINITIALIZED || ERR_GET_REASON(ssl_err) == SSL_R_PROTOCOL_IS_SHUTDOWN) {
int ssl_reason = ERR_GET_REASON(ssl_err);
if (ssl_reason == SSL_R_UNINITIALIZED || ssl_reason == SSL_R_PROTOCOL_IS_SHUTDOWN ||
ssl_reason == SSL_R_BAD_LENGTH || ssl_reason == SSL_R_SHUTDOWN_WHILE_IN_INIT ||
ssl_reason == SSL_R_BAD_WRITE_RETRY) {
errno = EAGAIN;
return -1;
}
tlog(TLOG_DEBUG, "SSL write fail error no: %s(%ld)\n", ERR_reason_error_string(ssl_err), ssl_err);
tlog(TLOG_ERROR, "SSL write fail error no: %s(%d)\n", ERR_reason_error_string(ssl_err), ssl_reason);
errno = EFAULT;
ret = -1;
break;
@@ -1773,27 +1990,25 @@ static int _dns_client_socket_ssl_send(SSL *ssl, const void *buf, int num)
return ret;
}
static int _dns_client_socket_ssl_recv(SSL *ssl, void *buf, int num)
static int _dns_client_socket_ssl_recv(struct dns_server_info *server, void *buf, int num)
{
int ret = 0;
int ssl_ret = 0;
unsigned long ssl_err = 0;
if (ssl == NULL) {
if (server->ssl == NULL) {
errno = EFAULT;
return -1;
}
ret = SSL_read(ssl, buf, num);
ret = _ssl_read(server, buf, num);
if (ret >= 0) {
return ret;
}
ssl_ret = SSL_get_error(ssl, ret);
ssl_ret = _ssl_get_error(server, ret);
switch (ssl_ret) {
case SSL_ERROR_NONE:
return 0;
break;
case SSL_ERROR_ZERO_RETURN:
return 0;
break;
@@ -1807,16 +2022,25 @@ static int _dns_client_socket_ssl_recv(SSL *ssl, void *buf, int num)
break;
case SSL_ERROR_SSL:
ssl_err = ERR_get_error();
if (ERR_GET_REASON(ssl_err) == SSL_R_UNINITIALIZED) {
int ssl_reason = ERR_GET_REASON(ssl_err);
if (ssl_reason == SSL_R_UNINITIALIZED) {
errno = EAGAIN;
return -1;
}
tlog(TLOG_ERROR, "SSL read fail error no: %s(%ld)\n", ERR_reason_error_string(ssl_err), ssl_err);
if (ssl_reason == SSL_R_SHUTDOWN_WHILE_IN_INIT || ssl_reason == SSL_R_PROTOCOL_IS_SHUTDOWN) {
return 0;
}
tlog(TLOG_ERROR, "SSL read fail error no: %s(%lx)\n", ERR_reason_error_string(ssl_err), ssl_err);
errno = EFAULT;
ret = -1;
break;
case SSL_ERROR_SYSCALL:
if (errno == 0) {
return 0;
}
if (errno != ECONNRESET) {
tlog(TLOG_INFO, "SSL syscall failed, %s ", strerror(errno));
}
@@ -1838,7 +2062,18 @@ static int _dns_client_socket_send(struct dns_server_info *server_info)
} else if (server_info->type == DNS_SERVER_TCP) {
return send(server_info->fd, server_info->send_buff.data, server_info->send_buff.len, MSG_NOSIGNAL);
} else if (server_info->type == DNS_SERVER_TLS || server_info->type == DNS_SERVER_HTTPS) {
return _dns_client_socket_ssl_send(server_info->ssl, server_info->send_buff.data, server_info->send_buff.len);
int write_len = server_info->send_buff.len;
if (server_info->ssl_write_len > 0) {
write_len = server_info->ssl_write_len;
server_info->ssl_write_len = -1;
}
int ret = _dns_client_socket_ssl_send(server_info, server_info->send_buff.data, write_len);
if (ret != 0) {
if (errno == EAGAIN) {
server_info->ssl_write_len = write_len;
}
}
return ret;
} else {
return -1;
}
@@ -1852,7 +2087,7 @@ static int _dns_client_socket_recv(struct dns_server_info *server_info)
return recv(server_info->fd, server_info->recv_buff.data + server_info->recv_buff.len,
DNS_TCP_BUFFER - server_info->recv_buff.len, 0);
} else if (server_info->type == DNS_SERVER_TLS || server_info->type == DNS_SERVER_HTTPS) {
return _dns_client_socket_ssl_recv(server_info->ssl, server_info->recv_buff.data + server_info->recv_buff.len,
return _dns_client_socket_ssl_recv(server_info, server_info->recv_buff.data + server_info->recv_buff.len,
DNS_TCP_BUFFER - server_info->recv_buff.len);
} else {
return -1;
@@ -1970,6 +2205,11 @@ static int _dns_client_process_tcp(struct dns_server_info *server_info, struct e
goto errout;
}
if (errno == ETIMEDOUT) {
tlog(TLOG_INFO, "recv failed, server %s:%d, %s\n", server_info->ip, server_info->port, strerror(errno));
goto errout;
}
tlog(TLOG_ERROR, "recv failed, server %s:%d, %s\n", server_info->ip, server_info->port, strerror(errno));
goto errout;
}
@@ -2099,11 +2339,31 @@ static int _dns_client_tls_matchName(const char *host, const char *pattern, int
return match;
}
static int _dns_client_tls_get_cert_CN(X509 *cert, char *cn, int max_cn_len)
{
X509_NAME *cert_name = NULL;
cert_name = X509_get_subject_name(cert);
if (cert_name == NULL) {
tlog(TLOG_ERROR, "get subject name failed.");
goto errout;
}
if (X509_NAME_get_text_by_NID(cert_name, NID_commonName, cn, max_cn_len) == -1) {
tlog(TLOG_ERROR, "cannot found x509 name");
goto errout;
}
return 0;
errout:
return -1;
}
static int _dns_client_tls_verify(struct dns_server_info *server_info)
{
X509 *cert = NULL;
X509_PUBKEY *pubkey = NULL;
X509_NAME *cert_name = NULL;
char peer_CN[256];
char cert_fingerprint[256];
int i = 0;
@@ -2118,8 +2378,10 @@ static int _dns_client_tls_verify(struct dns_server_info *server_info)
return -1;
}
pthread_mutex_lock(&server_info->lock);
cert = SSL_get_peer_certificate(server_info->ssl);
if (cert == NULL) {
pthread_mutex_unlock(&server_info->lock);
tlog(TLOG_ERROR, "get peer certificate failed.");
return -1;
}
@@ -2127,24 +2389,22 @@ static int _dns_client_tls_verify(struct dns_server_info *server_info)
if (server_info->skip_check_cert == 0) {
long res = SSL_get_verify_result(server_info->ssl);
if (res != X509_V_OK) {
tlog(TLOG_WARN, "peer server certificate verify failed.");
pthread_mutex_unlock(&server_info->lock);
peer_CN[0] = '\0';
_dns_client_tls_get_cert_CN(cert, peer_CN, sizeof(peer_CN));
tlog(TLOG_WARN, "peer server %s certificate verify failed, ret = %ld", server_info->ip, res);
tlog(TLOG_WARN, "peer CN: %s", peer_CN);
goto errout;
}
}
pthread_mutex_unlock(&server_info->lock);
cert_name = X509_get_subject_name(cert);
if (cert_name == NULL) {
tlog(TLOG_ERROR, "get subject name failed.");
goto errout;
}
if (X509_NAME_get_text_by_NID(cert_name, NID_commonName, peer_CN, 256) == -1) {
tlog(TLOG_ERROR, "cannot found x509 name");
if (_dns_client_tls_get_cert_CN(cert, peer_CN, sizeof(peer_CN)) != 0) {
tlog(TLOG_ERROR, "get cert CN failed.");
goto errout;
}
tlog(TLOG_DEBUG, "peer CN: %s", peer_CN);
/* check tls host */
tls_host_verify = _dns_client_server_get_tls_host_verify(server_info);
if (tls_host_verify) {
@@ -2237,20 +2497,26 @@ static int _dns_client_process_tls(struct dns_server_info *server_info, struct e
if (server_info->status == DNS_SERVER_STATUS_CONNECTING) {
/* do SSL hand shake */
ret = SSL_do_handshake(server_info->ssl);
ret = _ssl_do_handshake(server_info);
if (ret == 0) {
goto errout;
} else if (ret < 0) {
memset(&fd_event, 0, sizeof(fd_event));
ssl_ret = SSL_get_error(server_info->ssl, ret);
ssl_ret = _ssl_get_error(server_info, ret);
if (ssl_ret == SSL_ERROR_WANT_READ) {
fd_event.events = EPOLLIN;
} else if (ssl_ret == SSL_ERROR_WANT_WRITE) {
fd_event.events = EPOLLOUT | EPOLLIN;
} else if (ssl_ret == SSL_ERROR_SYSCALL) {
if (errno != ENETUNREACH) {
tlog(TLOG_WARN, "Handshake with %s failed, %s", server_info->ip, strerror(errno));
}
goto errout;
} else {
unsigned long ssl_err = ERR_get_error();
tlog(TLOG_ERROR, "Handshake with %s failed, error no: %s(%ld)\n", server_info->ip,
ERR_reason_error_string(ssl_err), ssl_err);
int ssl_reason = ERR_GET_REASON(ssl_err);
tlog(TLOG_WARN, "Handshake with %s failed, error no: %s(%d, %d, %d)\n", server_info->ip,
ERR_reason_error_string(ssl_err), ret, ssl_ret, ssl_reason);
goto errout;
}
@@ -2265,7 +2531,7 @@ static int _dns_client_process_tls(struct dns_server_info *server_info, struct e
tlog(TLOG_DEBUG, "tls server %s connected.\n", server_info->ip);
/* Was the stored session reused? */
if (SSL_session_reused(server_info->ssl)) {
if (_ssl_session_reused(server_info)) {
tlog(TLOG_DEBUG, "reused session");
} else {
tlog(TLOG_DEBUG, "new session");
@@ -2283,13 +2549,13 @@ static int _dns_client_process_tls(struct dns_server_info *server_info, struct e
}
/* save ssl session for next request */
server_info->ssl_session = SSL_get1_session(server_info->ssl);
server_info->ssl_session = _ssl_get1_session(server_info);
pthread_mutex_unlock(&client.server_list_lock);
}
server_info->status = DNS_SERVER_STATUS_CONNECTED;
memset(&fd_event, 0, sizeof(fd_event));
fd_event.events = EPOLLIN;
fd_event.events = EPOLLIN | EPOLLOUT;
fd_event.data.ptr = server_info;
if (epoll_ctl(client.epoll_fd, EPOLL_CTL_MOD, server_info->fd, &fd_event) != 0) {
tlog(TLOG_ERROR, "epoll ctl failed, %s", strerror(errno));
@@ -2396,7 +2662,7 @@ static int _dns_client_send_tcp(struct dns_server_info *server_info, void *packe
/* save data to buffer, and retry when EPOLLOUT is available */
return _dns_client_send_data_to_buffer(server_info, inpacket, len);
} else if (errno == EPIPE) {
shutdown(server_info->fd, SHUT_RDWR);
_dns_client_shutdown_socket(server_info);
}
return -1;
} else if (send_len < len) {
@@ -2430,16 +2696,17 @@ static int _dns_client_send_tls(struct dns_server_info *server_info, void *packe
}
if (server_info->ssl == NULL) {
errno = EINVAL;
return -1;
}
send_len = _dns_client_socket_ssl_send(server_info->ssl, inpacket, len);
if (send_len < 0) {
send_len = _dns_client_socket_ssl_send(server_info, inpacket, len);
if (send_len <= 0) {
if (errno == EAGAIN || errno == EPIPE || server_info->ssl == NULL) {
/* save data to buffer, and retry when EPOLLOUT is available */
return _dns_client_send_data_to_buffer(server_info, inpacket, len);
} else if (server_info->ssl && errno != ENOMEM) {
SSL_set_shutdown(server_info->ssl, SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN);
_dns_client_shutdown_socket(server_info);
}
return -1;
} else if (send_len < len) {
@@ -2480,16 +2747,17 @@ static int _dns_client_send_https(struct dns_server_info *server_info, void *pac
}
if (server_info->ssl == NULL) {
errno = EINVAL;
return -1;
}
send_len = _dns_client_socket_ssl_send(server_info->ssl, inpacket, http_len);
if (send_len < 0) {
send_len = _dns_client_socket_ssl_send(server_info, inpacket, http_len);
if (send_len <= 0) {
if (errno == EAGAIN || errno == EPIPE || server_info->ssl == NULL) {
/* save data to buffer, and retry when EPOLLOUT is available */
return _dns_client_send_data_to_buffer(server_info, inpacket, http_len);
} else if (server_info->ssl && errno != ENOMEM) {
SSL_set_shutdown(server_info->ssl, SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN);
_dns_client_shutdown_socket(server_info);
}
return -1;
} else if (send_len < http_len) {
@@ -2507,15 +2775,20 @@ static int _dns_client_send_packet(struct dns_query_struct *query, void *packet,
struct dns_server_group_member *tmp = NULL;
int ret = 0;
int send_err = 0;
int i = 0;
int total_server = 0;
query->send_tick = get_tick_count();
/* send query to all dns servers */
for (int i = 0; i < 2; i++) {
for (i = 0; i < 2; i++) {
total_server = 0;
pthread_mutex_lock(&client.server_list_lock);
list_for_each_entry_safe(group_member, tmp, &query->server_group->head, list)
{
server_info = group_member->server;
total_server++;
tlog(TLOG_DEBUG, "send query to server %s", server_info->ip);
if (server_info->fd <= 0) {
ret = _dns_client_create_socket(server_info);
if (ret != 0) {
@@ -2552,21 +2825,22 @@ static int _dns_client_send_packet(struct dns_query_struct *query, void *packet,
}
if (ret != 0) {
if (send_err != ENOMEM) {
tlog(TLOG_ERROR, "send query to %s failed, %s, type: %d", server_info->ip, strerror(send_err),
server_info->type);
} else {
if (send_err == ENETUNREACH) {
tlog(TLOG_DEBUG, "send query to %s failed, %s, type: %d", server_info->ip, strerror(send_err),
server_info->type);
time_t now;
time(&now);
if (now - 5 > server_info->last_recv) {
server_info->recv_buff.len = 0;
server_info->send_buff.len = 0;
tlog(TLOG_DEBUG, "server %s not response, retry.", server_info->ip);
_dns_client_close_socket(server_info);
}
_dns_client_close_socket(server_info);
atomic_dec(&query->dns_request_sent);
continue;
}
tlog(TLOG_DEBUG, "send query to %s failed, %s, type: %d", server_info->ip, strerror(send_err),
server_info->type);
time_t now;
time(&now);
if (now - 5 > server_info->last_recv || send_err != ENOMEM) {
_dns_client_shutdown_socket(server_info);
}
atomic_dec(&query->dns_request_sent);
continue;
}
@@ -2580,7 +2854,7 @@ static int _dns_client_send_packet(struct dns_query_struct *query, void *packet,
}
if (atomic_read(&query->dns_request_sent) <= 0) {
tlog(TLOG_ERROR, "Send query to upstream server failed.");
tlog(TLOG_ERROR, "Send query to upstream server failed, total server number %d", total_server);
return -1;
}
@@ -2666,6 +2940,10 @@ int dns_client_query(char *domain, int qtype, dns_client_callback callback, void
int ret = 0;
uint32_t key = 0;
if (domain == NULL) {
goto errout;
}
query = malloc(sizeof(*query));
if (query == NULL) {
goto errout;
@@ -2823,7 +3101,7 @@ static void _dns_client_add_pending_servers(void)
if (pending->query_v4 == 0) {
pending->query_v4 = 1;
_dns_client_server_pending_get(pending);
if (dns_server_query(pending->host, DNS_T_A, _dns_client_pending_server_resolve, pending) != 0) {
if (dns_server_query(pending->host, DNS_T_A, 0, _dns_client_pending_server_resolve, pending) != 0) {
_dns_client_server_pending_release_lck(pending);
}
}
@@ -2831,14 +3109,13 @@ static void _dns_client_add_pending_servers(void)
if (pending->query_v6 == 0) {
pending->query_v6 = 1;
_dns_client_server_pending_get(pending);
if (dns_server_query(pending->host, DNS_T_AAAA, _dns_client_pending_server_resolve, pending) != 0) {
if (dns_server_query(pending->host, DNS_T_AAAA, 0, _dns_client_pending_server_resolve, pending) != 0) {
_dns_client_server_pending_release_lck(pending);
}
}
/* if both A, AAAA has query result, select fastest IP address */
if (pending->has_v4 && pending->has_v6) {
if (pending->ping_time_v4 <= pending->ping_time_v6 && pending->ipv4[0]) {
dnsserver_ip = pending->ipv4;
} else {
@@ -2861,6 +3138,7 @@ static void _dns_client_add_pending_servers(void)
if (add_success == 0) {
tlog(TLOG_WARN, "add pending DNS server %s failed.", pending->host);
}
list_del_init(&pending->list);
_dns_client_server_pending_release_lck(pending);
} else {
tlog(TLOG_DEBUG, "add pending DNS server %s failed, retry %d...", pending->host, pending->retry_cnt);
@@ -3063,4 +3341,8 @@ void dns_client_exit(void)
pthread_mutex_destroy(&client.server_list_lock);
pthread_mutex_destroy(&client.domain_map_lock);
if (client.ssl_ctx) {
SSL_CTX_free(client.ssl_ctx);
client.ssl_ctx = NULL;
}
}

170
src/dns_conf.c
View File

@@ -37,6 +37,8 @@ struct dns_ipset_table {
};
static struct dns_ipset_table dns_ipset_table;
struct dns_qtype_soa_table dns_qtype_soa_table;
/* dns groups */
struct dns_group_table dns_group_table;
@@ -50,6 +52,7 @@ int dns_conf_cachesize = DEFAULT_DNS_CACHE_SIZE;
int dns_conf_prefetch = 0;
int dns_conf_serve_expired = 0;
int dns_conf_serve_expired_ttl = 0;
int dns_conf_serve_expired_reply_ttl = 5;
/* upstream servers */
struct dns_servers dns_conf_servers[DNS_MAX_SERVERS];
@@ -72,6 +75,9 @@ int dns_conf_log_num = 8;
char dns_conf_ca_file[DNS_MAX_PATH];
char dns_conf_ca_path[DNS_MAX_PATH];
char dns_conf_cache_file[DNS_MAX_PATH];
int dns_conf_cache_persist = 2;
/* auditing */
int dns_conf_audit_enable = 0;
int dns_conf_audit_log_SOA;
@@ -107,6 +113,10 @@ static int _get_domain(char *value, char *domain, int max_dmain_size, char **ptr
char *end = NULL;
int len = 0;
if (value == NULL || domain == NULL) {
goto errout;
}
/* first field */
begin = strstr(value, "/");
if (begin == NULL) {
@@ -262,6 +272,7 @@ static int _config_server(int argc, char *argv[], dns_server_type_t type, int de
return -1;
}
ip = argv[1];
if (index >= DNS_MAX_SERVERS) {
tlog(TLOG_WARN, "exceeds max server number, %s", ip);
return 0;
@@ -274,8 +285,6 @@ static int _config_server(int argc, char *argv[], dns_server_type_t type, int de
server->httphost[0] = '\0';
server->tls_host_verify[0] = '\0';
ip = argv[1];
if (type == DNS_SERVER_HTTPS) {
if (parse_uri(ip, NULL, server->server, &port, server->path) != 0) {
return -1;
@@ -475,7 +484,7 @@ errout:
return -1;
}
static int _config_domain_rule_flag_set(char *domain, unsigned int flag)
static int _config_domain_rule_flag_set(char *domain, unsigned int flag, unsigned int is_clear)
{
struct dns_domain_rule *domain_rule = NULL;
struct dns_domain_rule *old_domain_rule = NULL;
@@ -509,12 +518,18 @@ static int _config_domain_rule_flag_set(char *domain, unsigned int flag)
/* add new rule to domain */
if (domain_rule->rules[DOMAIN_RULE_FLAGS] == NULL) {
rule_flags = malloc(sizeof(*rule_flags));
memset(rule_flags, 0, sizeof(*rule_flags));
rule_flags->flags = 0;
domain_rule->rules[DOMAIN_RULE_FLAGS] = rule_flags;
}
rule_flags = domain_rule->rules[DOMAIN_RULE_FLAGS];
rule_flags->flags |= flag;
if (is_clear == false) {
rule_flags->flags |= flag;
} else {
rule_flags->flags &= ~flag;
}
rule_flags->is_flag_set |= flag;
/* update domain rule */
if (add_domain_rule) {
@@ -582,11 +597,40 @@ static int _conf_domain_rule_ipset(char *domain, const char *ipsetname)
{
struct dns_ipset_rule *ipset_rule = NULL;
const char *ipset = NULL;
char *copied_name = NULL;
enum domain_rule type;
int ignore_flag;
copied_name = strdup(ipsetname);
if (copied_name == NULL) {
goto errout;
}
for (char *tok = strtok(copied_name, ","); tok; tok = strtok(NULL, ",")) {
if (tok[0] == '#') {
if (strncmp(tok, "#6:", 3u) == 0) {
type = DOMAIN_RULE_IPSET_IPV6;
ignore_flag = DOMAIN_FLAG_IPSET_IPV6_IGN;
} else if (strncmp(tok, "#4:", 3u) == 0) {
type = DOMAIN_RULE_IPSET_IPV4;
ignore_flag = DOMAIN_FLAG_IPSET_IPV4_IGN;
} else {
goto errout;
}
tok += 3;
} else {
type = DOMAIN_RULE_IPSET;
ignore_flag = DOMAIN_FLAG_IPSET_IGN;
}
if (strncmp(tok, "-", 1) == 0) {
_config_domain_rule_flag_set(domain, ignore_flag, 0);
continue;
}
/* Process domain option */
if (strncmp(ipsetname, "-", sizeof("-")) != 0) {
/* new ipset domain */
ipset = _dns_conf_get_ipset(ipsetname);
ipset = _dns_conf_get_ipset(tok);
if (ipset == NULL) {
goto errout;
}
@@ -597,26 +641,26 @@ static int _conf_domain_rule_ipset(char *domain, const char *ipsetname)
}
ipset_rule->ipsetname = ipset;
} else {
/* ignore this domain */
if (_config_domain_rule_flag_set(domain, DOMAIN_FLAG_IPSET_IGNORE) != 0) {
if (_config_domain_rule_add(domain, type, ipset_rule) != 0) {
goto errout;
}
return 0;
}
if (_config_domain_rule_add(domain, DOMAIN_RULE_IPSET, ipset_rule) != 0) {
goto errout;
}
goto clear;
return 0;
errout:
tlog(TLOG_ERROR, "add ipset %s failed", ipsetname);
if (ipset_rule) {
free(ipset_rule);
}
tlog(TLOG_ERROR, "add ipset %s failed", ipsetname);
clear:
if (copied_name) {
free(copied_name);
}
return 0;
}
@@ -663,7 +707,7 @@ static int _conf_domain_rule_address(char *domain, const char *domain_address)
}
/* add SOA rule */
if (_config_domain_rule_flag_set(domain, flag) != 0) {
if (_config_domain_rule_flag_set(domain, flag, 0) != 0) {
goto errout;
}
@@ -680,7 +724,7 @@ static int _conf_domain_rule_address(char *domain, const char *domain_address)
}
/* ignore rule */
if (_config_domain_rule_flag_set(domain, flag) != 0) {
if (_config_domain_rule_flag_set(domain, flag, 0) != 0) {
goto errout;
}
@@ -871,6 +915,7 @@ static int _config_bind_ip(int argc, char *argv[], DNS_BIND_TYPE type)
goto errout;
}
ip = argv[1];
if (index >= DNS_MAX_SERVERS) {
tlog(TLOG_WARN, "exceeds max server number, %s", ip);
return 0;
@@ -879,7 +924,6 @@ static int _config_bind_ip(int argc, char *argv[], DNS_BIND_TYPE type)
bind_ip = &dns_conf_bind_ip[index];
bind_ip->type = type;
bind_ip->flags = 0;
ip = argv[1];
safe_strncpy(bind_ip->ip, ip, DNS_MAX_IPLEN);
/* process extra options */
@@ -1001,7 +1045,7 @@ static int _conf_domain_rule_nameserver(char *domain, const char *group_name)
nameserver_rule->group_name = group;
} else {
/* ignore this domain */
if (_config_domain_rule_flag_set(domain, DOMAIN_FLAG_NAMESERVER_IGNORE) != 0) {
if (_config_domain_rule_flag_set(domain, DOMAIN_FLAG_NAMESERVER_IGNORE, 0) != 0) {
goto errout;
}
@@ -1022,6 +1066,26 @@ errout:
return 0;
}
static int _conf_domain_rule_dualstack_selection(char *domain, const char *yesno)
{
if (strncmp(yesno, "yes", sizeof("yes")) == 0 || strncmp(yesno, "Yes", sizeof("Yes")) == 0) {
if (_config_domain_rule_flag_set(domain, DOMAIN_FLAG_DUALSTACK_SELECT, 0) != 0) {
goto errout;
}
} else {
/* ignore this domain */
if (_config_domain_rule_flag_set(domain, DOMAIN_FLAG_DUALSTACK_SELECT, 1) != 0) {
goto errout;
}
}
return 0;
errout:
tlog(TLOG_ERROR, "set dualstack for %s failed. ", domain);
return 1;
}
static int _config_nameserver(void *data, int argc, char *argv[])
{
char domain[DNS_MAX_CONF_CNAME_LEN];
@@ -1109,6 +1173,42 @@ static int _config_iplist_rule(char *subnet, enum address_rule rule)
return 0;
}
static int _config_qtype_soa(void *data, int argc, char *argv[])
{
struct dns_qtype_soa_list *soa_list;
if (argc <= 1) {
return -1;
}
for (int i = 1; i < argc; i++) {
soa_list = malloc(sizeof(*soa_list));
if (soa_list == NULL) {
tlog(TLOG_ERROR, "cannot malloc memory");
return -1;
}
memset(soa_list, 0, sizeof(*soa_list));
soa_list->qtypeid = atol(argv[i]);
uint32_t key = hash_32_generic(soa_list->qtypeid, 32);
hash_add(dns_qtype_soa_table.qtype, &soa_list->node, key);
}
return 0;
}
static void _config_qtype_soa_table_destroy(void)
{
struct dns_qtype_soa_list *soa_list = NULL;
struct hlist_node *tmp = NULL;
int i;
hash_for_each_safe(dns_qtype_soa_table.qtype, i, tmp, soa_list, node)
{
hlist_del_init(&soa_list->node);
free(soa_list);
}
}
static int _config_blacklist_ip(void *data, int argc, char *argv[])
{
if (argc <= 1) {
@@ -1232,6 +1332,7 @@ static int _conf_domain_rules(void *data, int argc, char *argv[])
{"address", required_argument, NULL, 'a'},
{"ipset", required_argument, NULL, 'p'},
{"nameserver", required_argument, NULL, 'n'},
{"dualstack-ip-selection", required_argument, NULL, 'd'},
{NULL, no_argument, NULL, 0}
};
/* clang-format on */
@@ -1248,7 +1349,7 @@ static int _conf_domain_rules(void *data, int argc, char *argv[])
/* process extra options */
optind = 1;
while (1) {
opt = getopt_long_only(argc, argv, "", long_options, NULL);
opt = getopt_long_only(argc, argv, "c:a:p:n:d:", long_options, NULL);
if (opt == -1) {
break;
}
@@ -1306,6 +1407,15 @@ static int _conf_domain_rules(void *data, int argc, char *argv[])
break;
}
case 'd': {
const char *yesno = optarg;
if (_conf_domain_rule_dualstack_selection(domain, yesno) != 0) {
tlog(TLOG_ERROR, "set dualstack selection rule failed.");
goto errout;
}
break;
}
default:
break;
}
@@ -1355,9 +1465,12 @@ static struct config_item _config_item[] = {
CONF_CUSTOM("speed-check-mode", _config_speed_check_mode, NULL),
CONF_INT("tcp-idle-time", &dns_conf_tcp_idle_time, 0, 3600),
CONF_INT("cache-size", &dns_conf_cachesize, 0, CONF_INT_MAX),
CONF_STRING("cache-file", (char *)&dns_conf_cache_file, DNS_MAX_PATH),
CONF_YESNO("cache-persist", &dns_conf_cache_persist),
CONF_YESNO("prefetch-domain", &dns_conf_prefetch),
CONF_YESNO("serve-expired", &dns_conf_serve_expired),
CONF_INT("serve-expired-ttl", &dns_conf_serve_expired_ttl, 0, CONF_INT_MAX),
CONF_INT("serve-expired-reply-ttl", &dns_conf_serve_expired_reply_ttl, 0, CONF_INT_MAX),
CONF_YESNO("dualstack-ip-selection", &dns_conf_dualstack_ip_selection),
CONF_INT("dualstack-ip-selection-threshold", &dns_conf_dualstack_ip_selection_threshold, 0, 1000),
CONF_CUSTOM("log-level", _config_log_level, NULL),
@@ -1373,6 +1486,7 @@ static struct config_item _config_item[] = {
CONF_INT("rr-ttl-min", &dns_conf_rr_ttl_min, 0, CONF_INT_MAX),
CONF_INT("rr-ttl-max", &dns_conf_rr_ttl_max, 0, CONF_INT_MAX),
CONF_YESNO("force-AAAA-SOA", &dns_conf_force_AAAA_SOA),
CONF_CUSTOM("force-qtype-SOA", _config_qtype_soa, NULL),
CONF_CUSTOM("blacklist-ip", _config_blacklist_ip, NULL),
CONF_CUSTOM("whitelist-ip", _conf_whitelist_ip, NULL),
CONF_CUSTOM("bogus-nxdomain", _conf_bogus_nxdomain, NULL),
@@ -1409,8 +1523,14 @@ int config_addtional_file(void *data, int argc, char *argv[])
if (conf_file[0] != '/') {
safe_strncpy(file_path_dir, conf_get_conf_file(), DNS_MAX_PATH);
dirname(file_path_dir);
if (snprintf(file_path, DNS_MAX_PATH, "%s/%s", file_path_dir, conf_file) < 0) {
return -1;
if (strncmp(file_path_dir, conf_get_conf_file(), sizeof(file_path_dir)) == 0) {
if (snprintf(file_path, DNS_MAX_PATH, "%s", conf_file) < 0) {
return -1;
}
} else {
if (snprintf(file_path, DNS_MAX_PATH, "%s/%s", file_path_dir, conf_file) < 0) {
return -1;
}
}
} else {
safe_strncpy(file_path, conf_file, DNS_MAX_PATH);
@@ -1437,6 +1557,7 @@ static int _dns_server_load_conf_init(void)
art_tree_init(&dns_conf_domain_rule);
hash_init(dns_ipset_table.ipset);
hash_init(dns_qtype_soa_table.qtype);
hash_init(dns_group_table.group);
return 0;
@@ -1449,6 +1570,7 @@ void dns_server_load_exit(void)
Destroy_Radix(dns_conf_address_rule.ipv6, _config_address_destroy, NULL);
_config_ipset_table_destroy();
_config_group_table_destroy();
_config_qtype_soa_table_destroy();
}
static int _dns_conf_speed_check_mode_verify(void)

27
src/dns_conf.h
View File

@@ -49,12 +49,15 @@ extern "C" {
#define SMARTDNS_CONF_FILE "/etc/smartdns/smartdns.conf"
#define SMARTDNS_LOG_FILE "/var/log/smartdns.log"
#define SMARTDNS_AUDIT_FILE "/var/log/smartdns-audit.log"
#define SMARTDNS_CACHE_FILE "/tmp/smartdns.cache"
enum domain_rule {
DOMAIN_RULE_FLAGS = 0,
DOMAIN_RULE_ADDRESS_IPV4,
DOMAIN_RULE_ADDRESS_IPV6,
DOMAIN_RULE_IPSET,
DOMAIN_RULE_IPSET_IPV4,
DOMAIN_RULE_IPSET_IPV6,
DOMAIN_RULE_NAMESERVER,
DOMAIN_RULE_CHECKSPEED,
DOMAIN_RULE_MAX,
@@ -77,8 +80,11 @@ typedef enum {
#define DOMAIN_FLAG_ADDR_IGN (1 << 3)
#define DOMAIN_FLAG_ADDR_IPV4_IGN (1 << 4)
#define DOMAIN_FLAG_ADDR_IPV6_IGN (1 << 5)
#define DOMAIN_FLAG_IPSET_IGNORE (1 << 6)
#define DOMAIN_FLAG_NAMESERVER_IGNORE (1 << 7)
#define DOMAIN_FLAG_IPSET_IGN (1 << 6)
#define DOMAIN_FLAG_IPSET_IPV4_IGN (1 << 7)
#define DOMAIN_FLAG_IPSET_IPV6_IGN (1 << 8)
#define DOMAIN_FLAG_NAMESERVER_IGNORE (1 << 9)
#define DOMAIN_FLAG_DUALSTACK_SELECT (1 << 10)
#define SERVER_FLAG_EXCLUDE_DEFAULT (1 << 0)
@@ -90,10 +96,11 @@ typedef enum {
#define BIND_FLAG_NO_SPEED_CHECK (1 << 5)
#define BIND_FLAG_NO_CACHE (1 << 6)
#define BIND_FLAG_NO_DUALSTACK_SELECTION (1 << 7)
#define BIND_FLAG_FORCE_AAAA_SOA (1 << 8)
#define BIND_FLAG_FORCE_AAAA_SOA (1 << 8)
struct dns_rule_flags {
unsigned int flags;
unsigned int is_flag_set;
};
struct dns_address_IPV4 {
@@ -196,6 +203,16 @@ struct dns_bind_ip {
const char *group;
};
struct dns_qtype_soa_list {
struct hlist_node node;
uint32_t qtypeid;
};
struct dns_qtype_soa_table {
DECLARE_HASHTABLE(qtype, 8);
};
extern struct dns_qtype_soa_table dns_qtype_soa_table;
extern struct dns_bind_ip dns_conf_bind_ip[DNS_MAX_BIND_IP];
extern int dns_conf_bind_ip_num;
@@ -204,6 +221,7 @@ extern int dns_conf_cachesize;
extern int dns_conf_prefetch;
extern int dns_conf_serve_expired;
extern int dns_conf_serve_expired_ttl;
extern int dns_conf_serve_expired_reply_ttl;
extern struct dns_servers dns_conf_servers[DNS_MAX_SERVERS];
extern int dns_conf_server_num;
@@ -215,6 +233,9 @@ extern int dns_conf_log_num;
extern char dns_conf_ca_file[DNS_MAX_PATH];
extern char dns_conf_ca_path[DNS_MAX_PATH];
extern char dns_conf_cache_file[DNS_MAX_PATH];
extern int dns_conf_cache_persist;
extern struct dns_domain_check_order dns_conf_check_order;
extern struct dns_server_groups dns_conf_server_groups[DNS_NAX_GROUP_NUMBER];

801
src/dns_server.c
View File

File diff suppressed because it is too large Load Diff

3
src/dns_server.h
View File

@@ -20,6 +20,7 @@
#define _SMART_DNS_SERVER_H
#include "dns.h"
#include <stdint.h>
#ifdef __cpluscplus
extern "C" {
@@ -40,7 +41,7 @@ typedef int (*dns_result_callback)(char *domain, dns_rtcode_t rtcode, dns_type_t
unsigned int ping_time, void *user_ptr);
/* query domain */
int dns_server_query(char *domain, int qtype, dns_result_callback callback, void *user_ptr);
int dns_server_query(char *domain, int qtype, uint32_t server_flags, dns_result_callback callback, void *user_ptr);
#ifdef __cpluscplus
}

11
src/fast_ping.c
View File

@@ -365,7 +365,12 @@ static void _fast_ping_close_host_sock(struct ping_host_struct *ping_host)
static void _fast_ping_host_put(struct ping_host_struct *ping_host)
{
if (!atomic_dec_and_test(&ping_host->ref)) {
int ref_cnt = atomic_dec_and_test(&ping_host->ref);
if (!ref_cnt) {
if (ref_cnt < 0) {
tlog(TLOG_ERROR, "invalid refcount of ping_host %s", ping_host->host);
abort();
}
return;
}
@@ -1081,15 +1086,19 @@ struct ping_host_struct *fast_ping_start(PING_TYPE type, const char *host, int c
pthread_mutex_unlock(&ping.map_lock);
_fast_ping_host_get(ping_host);
_fast_ping_host_get(ping_host);
// for ping race condition, get reference count twice
if (_fast_ping_sendping(ping_host) != 0) {
goto errout_remove;
}
ping_host->run = 1;
freeaddrinfo(gai);
_fast_ping_host_put(ping_host);
return ping_host;
errout_remove:
fast_ping_stop(ping_host);
_fast_ping_host_put(ping_host);
ping_host = NULL;
errout:
if (gai) {

5
src/smartdns.c
View File

@@ -363,7 +363,7 @@ static void _sig_error_exit(int signo, siginfo_t *siginfo, void *ct)
"%s %s)\n",
signo, siginfo->si_code, siginfo->si_errno, siginfo->si_pid, getpid(), PC, (unsigned long)siginfo->si_addr,
__DATE__, __TIME__, arch);
print_stack();
sleep(1);
_exit(0);
}
@@ -439,6 +439,7 @@ int main(int argc, char *argv[])
goto errout;
}
signal(SIGPIPE, SIG_IGN);
if (dns_server_load_conf(config_file) != 0) {
fprintf(stderr, "load config failed.\n");
goto errout;
@@ -451,7 +452,7 @@ int main(int argc, char *argv[])
}
signal(SIGINT, _sig_exit);
signal(SIGPIPE, SIG_IGN);
signal(SIGTERM, _sig_exit);
atexit(_smartdns_exit);
return _smartdns_run();

261
src/tlog.c
View File

@@ -1,6 +1,6 @@
/*
* tinylog
* Copyright (C) 2018-2019 Nick Peng <pymumu@gmail.com>
* Copyright (C) 2018-2020 Nick Peng <pymumu@gmail.com>
* https://github.com/pymumu/tinylog
*/
#ifndef _GNU_SOURCE
@@ -10,6 +10,7 @@
#include <dirent.h>
#include <errno.h>
#include <fcntl.h>
#include <libgen.h>
#include <limits.h>
#include <pthread.h>
#include <stdarg.h>
@@ -21,7 +22,6 @@
#include <sys/time.h>
#include <sys/types.h>
#include <sys/wait.h>
#include <libgen.h>
#include <unistd.h>
#ifndef likely
@@ -40,6 +40,8 @@
#define TLOG_BUFF_LEN (PATH_MAX + TLOG_LOG_NAME_LEN * 3)
#define TLOG_SUFFIX_GZ ".gz"
#define TLOG_SUFFIX_LOG ""
#define TLOG_MAX_LINE_SIZE_SET (1024 * 8)
#define TLOG_MIN_LINE_SIZE_SET (128)
#define TLOG_SEGMENT_MAGIC 0xFF446154
@@ -57,6 +59,9 @@ struct tlog_log {
char logdir[PATH_MAX];
char logname[TLOG_LOG_NAME_LEN];
char suffix[TLOG_LOG_NAME_LEN];
char pending_logfile[PATH_MAX];
int rename_pending;
int fail;
int logsize;
int logcount;
int block;
@@ -66,12 +71,15 @@ struct tlog_log {
int multi_log;
int logscreen;
int segment_log;
unsigned int max_line_size;
tlog_output_func output_func;
void *private_data;
time_t last_try;
time_t last_waitpid;
mode_t file_perm;
mode_t archive_perm;
int waiters;
int is_exit;
@@ -97,13 +105,13 @@ struct tlog_segment_log_head {
struct tlog_loginfo info;
unsigned short len;
char data[0];
} __attribute__((packed));
} __attribute__((packed));
struct tlog_segment_head {
unsigned int magic;
unsigned short len;
char data[0];
} __attribute__((packed));
} __attribute__((packed));
struct oldest_log {
char name[TLOG_LOG_NAME_LEN];
@@ -166,8 +174,8 @@ static int _tlog_mkdir(const char *path)
if (access(path, F_OK) == 0) {
return 0;
}
while(*path == ' ' && *path != '\0') {
while (*path == ' ' && *path != '\0') {
path++;
}
@@ -283,11 +291,37 @@ static int _tlog_gettime(struct tlog_time *cur_time)
return 0;
}
void tlog_set_maxline_size(struct tlog_log *log, int size)
{
if (log == NULL) {
return;
}
if (size < TLOG_MIN_LINE_SIZE_SET) {
size = TLOG_MIN_LINE_SIZE_SET;
} else if (size > TLOG_MAX_LINE_SIZE_SET) {
size = TLOG_MAX_LINE_SIZE_SET;
}
log->max_line_size = size;
}
void tlog_set_permission(struct tlog_log *log, unsigned int file, unsigned int archive)
{
log->file_perm = file;
log->archive_perm = archive;
}
int tlog_localtime(struct tlog_time *tm)
{
return _tlog_gettime(tm);
}
tlog_log *tlog_get_root(void)
{
return tlog.root;
}
void tlog_set_private(tlog_log *log, void *private_data)
{
if (log == NULL) {
@@ -311,19 +345,19 @@ static int _tlog_format(char *buff, int maxlen, struct tlog_loginfo *info, void
int len = 0;
int total_len = 0;
struct tlog_time *tm = &info->time;
void* unused __attribute__ ((unused));
void *unused __attribute__((unused));
unused = userptr;
if (tlog.root->multi_log) {
/* format prefix */
len = snprintf(buff, maxlen, "[%.4d-%.2d-%.2d %.2d:%.2d:%.2d,%.3d][%5d][%4s][%17s:%-4d] ",
tm->year, tm->mon, tm->mday, tm->hour, tm->min, tm->sec, tm->usec / 1000, getpid(),
len = snprintf(buff, maxlen, "[%.4d-%.2d-%.2d %.2d:%.2d:%.2d,%.3d][%5d][%4s][%17s:%-4d] ",
tm->year, tm->mon, tm->mday, tm->hour, tm->min, tm->sec, tm->usec / 1000, getpid(),
tlog_get_level_string(info->level), info->file, info->line);
} else {
/* format prefix */
len = snprintf(buff, maxlen, "[%.4d-%.2d-%.2d %.2d:%.2d:%.2d,%.3d][%5s][%17s:%-4d] ",
tm->year, tm->mon, tm->mday, tm->hour, tm->min, tm->sec, tm->usec / 1000,
len = snprintf(buff, maxlen, "[%.4d-%.2d-%.2d %.2d:%.2d:%.2d,%.3d][%5s][%17s:%-4d] ",
tm->year, tm->mon, tm->mday, tm->hour, tm->min, tm->sec, tm->usec / 1000,
tlog_get_level_string(info->level), info->file, info->line);
}
@@ -359,7 +393,7 @@ static int _tlog_root_log_buffer(char *buff, int maxlen, void *userptr, const ch
}
if (tlog.root->segment_log) {
log_head = (struct tlog_segment_log_head *) buff;
log_head = (struct tlog_segment_log_head *)buff;
len += sizeof(*log_head);
memcpy(&log_head->info, &info_inter->info, sizeof(log_head->info));
}
@@ -400,7 +434,7 @@ static int _tlog_print_buffer(char *buff, int maxlen, void *userptr, const char
{
int len;
int total_len = 0;
void* unused __attribute__ ((unused));
void *unused __attribute__((unused));
unused = userptr;
@@ -438,7 +472,7 @@ static int _tlog_need_drop(struct tlog_log *log)
}
/* if free buffer length is less than min line length */
if (maxlen < TLOG_MAX_LINE_LEN) {
if (maxlen < log->max_line_size) {
log->dropped++;
ret = 0;
}
@@ -450,14 +484,14 @@ static int _tlog_vprintf(struct tlog_log *log, vprint_callback print_callback, v
{
int len;
int maxlen = 0;
char buff[TLOG_MAX_LINE_LEN];
struct tlog_segment_head *segment_head = NULL;
if (log == NULL || format == NULL) {
return -1;
}
char buff[log->max_line_size];
if (log->buff == NULL) {
return -1;
}
@@ -469,7 +503,7 @@ static int _tlog_vprintf(struct tlog_log *log, vprint_callback print_callback, v
len = print_callback(buff, sizeof(buff), userptr, format, ap);
if (len <= 0) {
return -1;
} else if (len >= TLOG_MAX_LINE_LEN) {
} else if (len >= log->max_line_size) {
strncpy(buff, "[LOG TOO LONG, DISCARD]\n", sizeof(buff));
buff[sizeof(buff) - 1] = '\0';
len = strnlen(buff, sizeof(buff));
@@ -490,7 +524,7 @@ static int _tlog_vprintf(struct tlog_log *log, vprint_callback print_callback, v
}
/* if free buffer length is less than min line length */
if (maxlen < TLOG_MAX_LINE_LEN) {
if (maxlen < log->max_line_size) {
if (log->end != log->start) {
tlog.notify_log = log;
pthread_cond_signal(&tlog.cond);
@@ -502,7 +536,7 @@ static int _tlog_vprintf(struct tlog_log *log, vprint_callback print_callback, v
pthread_mutex_unlock(&tlog.lock);
return -1;
}
pthread_mutex_unlock(&tlog.lock);
pthread_mutex_lock(&log->lock);
log->waiters++;
@@ -516,7 +550,7 @@ static int _tlog_vprintf(struct tlog_log *log, vprint_callback print_callback, v
pthread_mutex_lock(&tlog.lock);
}
} while (maxlen < TLOG_MAX_LINE_LEN);
} while (maxlen < log->max_line_size);
if (log->segment_log) {
segment_head = (struct tlog_segment_head *)(log->buff + log->end);
@@ -532,7 +566,7 @@ static int _tlog_vprintf(struct tlog_log *log, vprint_callback print_callback, v
}
/* if remain buffer is not enough for a line, move end to start of buffer. */
if (log->end > log->buffsize - TLOG_MAX_LINE_LEN) {
if (log->end > log->buffsize - log->max_line_size) {
log->ext_end = log->end;
log->end = 0;
}
@@ -562,12 +596,12 @@ int tlog_printf(struct tlog_log *log, const char *format, ...)
return len;
}
static int _tlog_early_print(const char *format, va_list ap)
static int _tlog_early_print(const char *format, va_list ap)
{
char log_buf[TLOG_MAX_LINE_LEN];
size_t len = 0;
size_t out_len = 0;
int unused __attribute__ ((unused));
int unused __attribute__((unused));
if (tlog_disable_early_print) {
return 0;
@@ -643,13 +677,13 @@ static int _tlog_rename_logfile(struct tlog_log *log, const char *log_file)
return -1;
}
snprintf(archive_file, sizeof(archive_file), "%s/%s-%.4d%.2d%.2d-%.2d%.2d%.2d%s",
snprintf(archive_file, sizeof(archive_file), "%s/%s-%.4d%.2d%.2d-%.2d%.2d%.2d%s",
log->logdir, log->logname, logtime.year, logtime.mon, logtime.mday,
logtime.hour, logtime.min, logtime.sec, log->suffix);
while (access(archive_file, F_OK) == 0) {
i++;
snprintf(archive_file, sizeof(archive_file), "%s/%s-%.4d%.2d%.2d-%.2d%.2d%.2d-%d%s",
snprintf(archive_file, sizeof(archive_file), "%s/%s-%.4d%.2d%.2d-%.2d%.2d%.2d-%d%s",
log->logdir, log->logname, logtime.year, logtime.mon,
logtime.mday, logtime.hour, logtime.min, logtime.sec, i, log->suffix);
}
@@ -658,6 +692,8 @@ static int _tlog_rename_logfile(struct tlog_log *log, const char *log_file)
return -1;
}
chmod(archive_file, log->archive_perm);
return 0;
}
@@ -666,7 +702,7 @@ static int _tlog_list_dir(const char *path, list_callback callback, void *userpt
DIR *dir = NULL;
struct dirent *ent;
int ret = 0;
const char* unused __attribute__ ((unused)) = path;
const char *unused __attribute__((unused)) = path;
dir = opendir(path);
if (dir == NULL) {
@@ -699,7 +735,7 @@ static int _tlog_count_log_callback(const char *path, struct dirent *entry, void
struct count_log *count_log = (struct count_log *)userptr;
struct tlog_log *log = count_log->log;
char logname[TLOG_LOG_NAME_LEN * 2];
const char* unused __attribute__ ((unused)) = path;
const char *unused __attribute__((unused)) = path;
if (strstr(entry->d_name, log->suffix) == NULL) {
return 0;
@@ -1023,16 +1059,41 @@ static int _tlog_archive_log(struct tlog_log *log)
}
}
void _tlog_get_log_name_dir(struct tlog_log *log)
{
char log_file[PATH_MAX];
if (log->fd > 0) {
close(log->fd);
log->fd = -1;
}
pthread_mutex_lock(&tlog.lock);
strncpy(log_file, log->pending_logfile, sizeof(log_file) - 1);
log_file[sizeof(log_file) - 1] = '\0';
strncpy(log->logdir, dirname(log_file), sizeof(log->logdir));
log->logdir[sizeof(log->logdir) - 1] = '\0';
strncpy(log_file, log->pending_logfile, PATH_MAX);
log_file[sizeof(log_file) - 1] = '\0';
strncpy(log->logname, basename(log_file), sizeof(log->logname));
log->logname[sizeof(log->logname) - 1] = '\0';
pthread_mutex_unlock(&tlog.lock);
}
static int _tlog_write(struct tlog_log *log, const char *buff, int bufflen)
{
int len;
int unused __attribute__ ((unused));
int unused __attribute__((unused));
if (bufflen <= 0) {
if (bufflen <= 0 || log->fail) {
return 0;
}
/* output log to screen */
if (log->rename_pending) {
_tlog_get_log_name_dir(log);
log->rename_pending = 0;
}
/* output log to screen */
if (log->logscreen) {
unused = write(STDOUT_FILENO, buff, bufflen);
}
@@ -1072,7 +1133,7 @@ static int _tlog_write(struct tlog_log *log, const char *buff, int bufflen)
}
snprintf(logfile, sizeof(logfile), "%s/%s", log->logdir, log->logname);
log->filesize = 0;
log->fd = open(logfile, O_APPEND | O_CREAT | O_WRONLY | O_CLOEXEC, 0640);
log->fd = open(logfile, O_APPEND | O_CREAT | O_WRONLY | O_CLOEXEC, log->file_perm);
if (log->fd < 0) {
if (print_errmsg == 0) {
return -1;
@@ -1131,7 +1192,6 @@ static int _tlog_any_has_data_locked(void)
return 0;
}
static int _tlog_any_has_data(void)
{
int ret = 0;
@@ -1162,7 +1222,7 @@ static int _tlog_wait_pids(void)
continue;
}
last_log = next;
last_log = next;
next->last_waitpid = now;
pthread_mutex_unlock(&tlog.lock);
_tlog_wait_pid(next, 0);
@@ -1263,7 +1323,6 @@ static void _tlog_wakeup_waiters(struct tlog_log *log)
pthread_mutex_unlock(&log->lock);
}
static void _tlog_write_one_segment_log(struct tlog_log *log, char *buff, int bufflen)
{
struct tlog_segment_head *segment_head = NULL;
@@ -1336,6 +1395,35 @@ static int _tlog_root_write_log(struct tlog_log *log, const char *buff, int buff
return tlog.output_func(&empty_info.info, buff, bufflen, tlog_get_private(log));
}
static void tlog_wait_zip_fini(void)
{
tlog_log *next;
if (tlog.root == NULL) {
return;
}
int wait_zip = 1;
int time_out = 0;
while (wait_zip) {
wait_zip = 0;
time_out++;
next = tlog.log;
while (next) {
if (next->zip_pid > 0 && wait_zip == 0) {
wait_zip = 1;
usleep(1000);
}
if (kill(next->zip_pid, 0) != 0 || time_out >= 5000) {
next->zip_pid = -1;
}
next = next->next;
}
}
return;
}
static void *_tlog_work(void *arg)
{
int log_len = 0;
@@ -1345,10 +1433,13 @@ static void *_tlog_work(void *arg)
int log_dropped = 0;
struct tlog_log *log = NULL;
struct tlog_log *loop_log = NULL;
void* unused __attribute__ ((unused));
void *unused __attribute__((unused));
unused = arg;
// for child process
tlog_wait_zip_fini();
while (1) {
log_len = 0;
log_extlen = 0;
@@ -1377,7 +1468,7 @@ static void *_tlog_work(void *arg)
log = _tlog_wait_log_locked(log);
if (log == NULL) {
pthread_mutex_unlock(&tlog.lock);
if (errno != ETIMEDOUT) {
if (errno != ETIMEDOUT && tlog.run) {
sleep(1);
}
continue;
@@ -1430,7 +1521,7 @@ static void *_tlog_work(void *arg)
void tlog_set_early_printf(int enable)
{
tlog_disable_early_print = (enable == 0) ? 1 : 0;
tlog_disable_early_print = (enable == 0) ? 1 : 0;
}
const char *tlog_get_level_string(tlog_level level)
@@ -1518,10 +1609,14 @@ tlog_level tlog_getlevel(void)
return tlog_set_level;
}
void tlog_set_logfile(const char *logfile)
{
tlog_rename_logfile(tlog.root, logfile);
}
tlog_log *tlog_open(const char *logfile, int maxlogsize, int maxlogcount, int buffsize, unsigned int flag)
{
struct tlog_log *log = NULL;
char log_file[PATH_MAX];
if (tlog.run == 0) {
fprintf(stderr, "tlog is not initialized.");
@@ -1546,22 +1641,19 @@ tlog_log *tlog_open(const char *logfile, int maxlogsize, int maxlogcount, int bu
log->filesize = 0;
log->zip_pid = -1;
log->is_exit = 0;
log->fail = 0;
log->waiters = 0;
log->block = ((flag & TLOG_NONBLOCK) == 0) ? 1 : 0;
log->nocompress = ((flag & TLOG_NOCOMPRESS) == 0) ? 0 : 1;
log->logscreen = ((flag & TLOG_SCREEN) == 0) ? 0 : 1;
log->multi_log = ((flag & TLOG_MULTI_WRITE) == 0) ? 0 : 1;
log->segment_log = ((flag & TLOG_SEGMENT) == 0) ? 0 : 1;
log->max_line_size = TLOG_MAX_LINE_LEN;
log->output_func = _tlog_write;
log->file_perm = S_IRUSR | S_IWUSR | S_IRGRP;
log->archive_perm = S_IRUSR | S_IRGRP;
strncpy(log_file, logfile, sizeof(log_file) - 1);
log_file[sizeof(log_file) - 1] = '\0';
strncpy(log->logdir, dirname(log_file), sizeof(log->logdir));
log->logdir[sizeof(log->logdir) - 1] = '\0';
strncpy(log_file, logfile, PATH_MAX);
log_file[sizeof(log_file) - 1] = '\0';
strncpy(log->logname, basename(log_file), sizeof(log->logname));
log->logname[sizeof(log->logname) - 1] = '\0';
tlog_rename_logfile(log, logfile);
if (log->nocompress) {
strncpy(log->suffix, TLOG_SUFFIX_LOG, sizeof(log->suffix));
} else {
@@ -1605,6 +1697,74 @@ void tlog_close(tlog_log *log)
log->is_exit = 1;
}
void tlog_rename_logfile(struct tlog_log *log, const char *logfile)
{
pthread_mutex_lock(&tlog.lock);
strncpy(log->pending_logfile, logfile, sizeof(log->pending_logfile) - 1);
pthread_mutex_unlock(&tlog.lock);
log->rename_pending = 1;
}
static void tlog_fork_prepare(void)
{
if (tlog.root == NULL) {
return;
}
pthread_mutex_lock(&tlog.lock);
tlog_log *next;
next = tlog.log;
while (next) {
next->multi_log = 1;
next = next->next;
}
}
static void tlog_fork_parent(void)
{
if (tlog.root == NULL) {
return;
}
pthread_mutex_unlock(&tlog.lock);
}
static void tlog_fork_child(void)
{
pthread_attr_t attr;
tlog_log *next;
if (tlog.root == NULL) {
return;
}
next = tlog.log;
while (next) {
next->start = 0;
next->end = 0;
next->ext_end = 0;
next->dropped = 0;
next->filesize = 0;
next = next->next;
}
pthread_attr_init(&attr);
int ret = pthread_create(&tlog.tid, &attr, _tlog_work, NULL);
if (ret != 0) {
fprintf(stderr, "create tlog work thread failed, %s\n", strerror(errno));
goto errout;
}
goto out;
errout:
next = tlog.log;
while (next) {
next->fail = 1;
next = next->next;
}
out:
pthread_mutex_unlock(&tlog.lock);
}
int tlog_init(const char *logfile, int maxlogsize, int maxlogcount, int buffsize, unsigned int flag)
{
pthread_attr_t attr;
@@ -1616,7 +1776,7 @@ int tlog_init(const char *logfile, int maxlogsize, int maxlogcount, int buffsize
return -1;
}
if (buffsize > 0 && buffsize < TLOG_MAX_LINE_LEN * 2) {
if (buffsize > 0 && buffsize < TLOG_MAX_LINE_SIZE_SET * 2) {
fprintf(stderr, "buffer size is invalid.\n");
return -1;
}
@@ -1645,6 +1805,9 @@ int tlog_init(const char *logfile, int maxlogsize, int maxlogcount, int buffsize
}
tlog.root = log;
if (flag & TLOG_SUPPORT_FORK) {
pthread_atfork(&tlog_fork_prepare, &tlog_fork_parent, &tlog_fork_child);
}
return 0;
errout:
if (tlog.tid > 0) {

118
src/tlog.h
View File

@@ -1,19 +1,20 @@
/*
* tinylog
* Copyright (C) 2018-2019 Ruilin Peng (Nick) <pymumu@gmail.com>
* Copyright (C) 2018-2021 Ruilin Peng (Nick) <pymumu@gmail.com>
* https://github.com/pymumu/tinylog
*/
#ifndef TLOG_H
#define TLOG_H
#include <stdarg.h>
#include <sys/stat.h>
#ifdef __cplusplus
#include <string>
#include <functional>
#include <iostream>
#include <memory>
#include <sstream>
#include <iostream>
#include <functional>
#include <string>
extern "C" {
#endif /*__cplusplus */
@@ -60,6 +61,9 @@ struct tlog_time {
/* enable log to screen */
#define TLOG_SCREEN (1 << 4)
/* enable suppport fork process */
#define TLOG_SUPPORT_FORK (1 << 5)
struct tlog_loginfo {
tlog_level level;
const char *file;
@@ -74,12 +78,14 @@ level: Current log Levels
format: Log formats
*/
#ifndef BASE_FILE_NAME
#define BASE_FILE_NAME __FILE__
#define BASE_FILE_NAME \
(__builtin_strrchr(__FILE__, '/') ? __builtin_strrchr(__FILE__, '/') + 1 \
: __FILE__)
#endif
#define tlog(level, format, ...) tlog_ext(level, BASE_FILE_NAME, __LINE__, __func__, NULL, format, ##__VA_ARGS__)
extern int tlog_ext(tlog_level level, const char *file, int line, const char *func, void *userptr, const char *format, ...)
__attribute__((format(printf, 6, 7))) __attribute__((nonnull (6)));
__attribute__((format(printf, 6, 7))) __attribute__((nonnull(6)));
extern int tlog_vext(tlog_level level, const char *file, int line, const char *func, void *userptr, const char *format, va_list ap);
/* write buff to log file */
@@ -91,6 +97,9 @@ extern int tlog_setlevel(tlog_level level);
/* get log level */
extern tlog_level tlog_getlevel(void);
/* set log file */
extern void tlog_set_logfile(const char *logfile);
/* enalbe log to screen */
extern void tlog_setlogscreen(int enable);
@@ -132,6 +141,10 @@ extern int tlog_reg_log_output_func(tlog_log_output_func output, void *private_d
struct tlog_log;
typedef struct tlog_log tlog_log;
/* get root log handler */
extern tlog_log *tlog_get_root(void);
/*
Function: open a new log stream, handler should close by tlog_close
logfile: log file.
@@ -149,12 +162,15 @@ extern int tlog_write(struct tlog_log *log, const char *buff, int bufflen);
/* close log stream */
extern void tlog_close(tlog_log *log);
/* change log file */
extern void tlog_rename_logfile(struct tlog_log *log, const char *logfile);
/*
Function: Print log to log stream
log: log stream
format: Log formats
*/
extern int tlog_printf(tlog_log *log, const char *format, ...) __attribute__((format(printf, 2, 3))) __attribute__((nonnull (1, 2)));
extern int tlog_printf(tlog_log *log, const char *format, ...) __attribute__((format(printf, 2, 3))) __attribute__((nonnull(1, 2)));
/*
Function: Print log to log stream with ap
@@ -180,47 +196,78 @@ extern void *tlog_get_private(tlog_log *log);
/* get local time */
extern int tlog_localtime(struct tlog_time *tm);
/* set max line size */
extern void tlog_set_maxline_size(struct tlog_log *log, int size);
/*
Function: set log file and archive permission
log: log stream
file: log file permission, default is 640
archive: archive file permission, default is 440
*/
extern void tlog_set_permission(struct tlog_log *log, mode_t file, mode_t archive);
#ifdef __cplusplus
class Tlog {
using Stream = std::ostringstream;
using Buffer = std::unique_ptr<Stream, std::function<void(Stream*)>>;
public:
Tlog(){}
~Tlog(){}
static Tlog &Instance() {
static Tlog logger;
return logger;
Tlog(tlog_level level, const char *file, int line, const char *func, void *userptr)
{
level_ = level;
file_ = file;
line_ = line;
func_ = func;
userptr_ = userptr;
}
Buffer LogStream(tlog_level level, const char *file, int line, const char *func, void *userptr) {
return Buffer(new Stream, [=](Stream *st) {
tlog_ext(level, file, line, func, userptr, "%s", st->str().c_str());
});
~Tlog()
{
tlog_ext(level_, file_, line_, func_, userptr_, "%s", msg_.str().c_str());
}
std::ostream &Stream()
{
return msg_;
}
private:
tlog_level level_;
const char *file_;
int line_;
const char *func_;
void *userptr_;
std::ostringstream msg_;
};
class TlogOut {
using Stream = std::ostringstream;
using Buffer = std::unique_ptr<Stream, std::function<void(Stream*)>>;
public:
TlogOut(){}
~TlogOut(){}
static TlogOut &Instance() {
static TlogOut logger;
return logger;
TlogOut(tlog_log *log)
{
log_ = log;
}
Buffer Out(tlog_log *log) {
return Buffer(new Stream, [=](Stream *st) {
tlog_printf(log, "%s", st->str().c_str());
});
~TlogOut()
{
if (log_ == nullptr) {
return;
}
tlog_printf(log_, "%s", msg_.str().c_str());
}
std::ostream &Stream()
{
return msg_;
}
private:
tlog_log *log_;
std::ostringstream msg_;
};
#define Tlog_logger (Tlog::Instance())
#define Tlog_stream(level) if (tlog_getlevel() <= level) *Tlog_logger.LogStream(level, BASE_FILE_NAME, __LINE__, __func__, NULL)
#define Tlog_stream(level) \
if (tlog_getlevel() <= level) \
Tlog(level, BASE_FILE_NAME, __LINE__, __func__, NULL).Stream()
#define tlog_debug Tlog_stream(TLOG_DEBUG)
#define tlog_info Tlog_stream(TLOG_INFO)
#define tlog_notice Tlog_stream(TLOG_NOTICE)
@@ -228,8 +275,7 @@ public:
#define tlog_error Tlog_stream(TLOG_ERROR)
#define tlog_fatal Tlog_stream(TLOG_FATAL)
#define Tlog_out_logger (TlogOut::Instance())
#define tlog_out(stream) (*Tlog_out_logger.Out(stream))
#define tlog_out(stream) TlogOut(stream).Stream()
} /*__cplusplus */
#else
@@ -239,5 +285,5 @@ public:
#define tlog_warn(...) tlog(TLOG_WARN, ##__VA_ARGS__)
#define tlog_error(...) tlog(TLOG_ERROR, ##__VA_ARGS__)
#define tlog_fatal(...) tlog(TLOG_FATAL, ##__VA_ARGS__)
#endif
#endif
#endif // !TLOG_H

95
src/util.c
View File

@@ -21,11 +21,14 @@
#endif
#include "util.h"
#include "dns_conf.h"
#include "tlog.h"
#include <arpa/inet.h>
#include <dlfcn.h>
#include <errno.h>
#include <fcntl.h>
#include <inttypes.h>
#include <linux/capability.h>
#include <linux/limits.h>
#include <linux/netlink.h>
#include <netinet/tcp.h>
#include <openssl/crypto.h>
@@ -35,9 +38,11 @@
#include <string.h>
#include <sys/prctl.h>
#include <sys/stat.h>
#include <sys/statvfs.h>
#include <sys/types.h>
#include <time.h>
#include <unistd.h>
#include <unwind.h>
#define TMP_BUFF_LEN_32 32
@@ -513,6 +518,7 @@ static int _ipset_operate(const char *ipsetname, const unsigned char addr[], int
ssize_t rc;
int af = 0;
static const struct sockaddr_nl snl = {.nl_family = AF_NETLINK};
uint32_t expire;
if (addr_len != IPV4_ADDR_LEN && addr_len != IPV6_ADDR_LEN) {
errno = EINVAL;
@@ -567,8 +573,8 @@ static int _ipset_operate(const char *ipsetname, const unsigned char addr[], int
nested[1]->len = (void *)buffer + NETLINK_ALIGN(netlink_head->nlmsg_len) - (void *)nested[1];
if (timeout > 0 && _ipset_support_timeout(ipsetname) == 0) {
timeout = htonl(timeout);
_ipset_add_attr(netlink_head, IPSET_ATTR_TIMEOUT | NLA_F_NET_BYTEORDER, sizeof(timeout), &timeout);
expire = htonl(timeout);
_ipset_add_attr(netlink_head, IPSET_ATTR_TIMEOUT | NLA_F_NET_BYTEORDER, sizeof(expire), &expire);
}
nested[0]->len = (void *)buffer + NETLINK_ALIGN(netlink_head->nlmsg_len) - (void *)nested[0];
@@ -603,15 +609,22 @@ int ipset_del(const char *ipsetname, const unsigned char addr[], int addr_len)
unsigned char *SSL_SHA256(const unsigned char *d, size_t n, unsigned char *md)
{
SHA256_CTX c;
static unsigned char m[SHA256_DIGEST_LENGTH];
if (md == NULL)
md = m;
SHA256_Init(&c);
SHA256_Update(&c, d, n);
SHA256_Final(md, &c);
OPENSSL_cleanse(&c, sizeof(c));
EVP_MD_CTX* ctx = EVP_MD_CTX_create();
if (ctx == NULL) {
return NULL;
}
EVP_MD_CTX_init(ctx);
EVP_DigestInit_ex(ctx, EVP_sha256(), NULL);
EVP_DigestUpdate(ctx, d, n);
EVP_DigestFinal_ex(ctx, m, NULL);
EVP_MD_CTX_destroy(ctx);
return (md);
}
@@ -732,7 +745,11 @@ void SSL_CRYPTO_thread_setup(void)
pthread_mutex_init(&(lock_cs[i]), NULL);
}
#if OPENSSL_API_COMPAT < 0x10000000
CRYPTO_set_id_callback(_pthreads_thread_id);
#else
CRYPTO_THREADID_set_callback(_pthreads_thread_id);
#endif
CRYPTO_set_locking_callback(_pthreads_locking_callback);
}
@@ -935,7 +952,7 @@ void get_compiled_time(struct tm *tm)
int hour, min, sec;
static const char *month_names = "JanFebMarAprMayJunJulAugSepOctNovDec";
sscanf(__DATE__, "%5s %d %d", s_month, &day, &year);
sscanf(__DATE__, "%4s %d %d", s_month, &day, &year);
month = (strstr(month_names, s_month) - month_names) / 3;
sscanf(__TIME__, "%d:%d:%d", &hour, &min, &sec);
tm->tm_year = year - 1900;
@@ -994,4 +1011,64 @@ int set_sock_lingertime(int fd, int time)
}
return 0;
}
}
uint64_t get_free_space(const char *path)
{
uint64_t size = 0;
struct statvfs buf;
if (statvfs(path, &buf) != 0) {
return 0;
}
size = (uint64_t)buf.f_frsize * buf.f_bavail;
return size;
}
struct backtrace_state {
void **current;
void **end;
};
static _Unwind_Reason_Code unwind_callback(struct _Unwind_Context *context, void *arg)
{
struct backtrace_state *state = (struct backtrace_state *)(arg);
uintptr_t pc = _Unwind_GetIP(context);
if (pc) {
if (state->current == state->end) {
return _URC_END_OF_STACK;
} else {
*state->current++ = (void *)(pc);
}
}
return _URC_NO_REASON;
}
void print_stack(void)
{
const size_t max_buffer = 30;
void *buffer[max_buffer];
struct backtrace_state state = {buffer, buffer + max_buffer};
_Unwind_Backtrace(unwind_callback, &state);
int frame_num = state.current - buffer;
if (frame_num == 0) {
return;
}
tlog(TLOG_FATAL, "Stack:");
for (int idx = 0; idx < frame_num; ++idx) {
const void *addr = buffer[idx];
const char *symbol = "";
Dl_info info;
memset(&info, 0, sizeof(info));
if (dladdr(addr, &info) && info.dli_sname) {
symbol = info.dli_sname;
}
void *offset = (void *)((char *)(addr) - (char *)(info.dli_fbase));
tlog(TLOG_FATAL, "#%.2d: %p %s from %s+%p", idx + 1, addr, symbol, info.dli_fname, offset);
}
}

4
src/util.h
View File

@@ -106,6 +106,10 @@ int set_sock_keepalive(int fd, int keepidle, int keepinterval, int keepcnt);
int set_sock_lingertime(int fd, int time);
uint64_t get_free_space(const char *path);
void print_stack(void);
#ifdef __cplusplus
}
#endif /*__cplusplus */

3
systemd/smartdns.service.in
View File

@@ -1,5 +1,5 @@
[Unit]
Description=smart dns server
Description=SmartDNS Server
After=network.target
StartLimitBurst=0
StartLimitIntervalSec=60
@@ -12,6 +12,7 @@ ExecStart=@SBINDIR@/smartdns -p @RUNSTATEDIR@/smartdns.pid $SMART_DNS_OPTS
KillMode=process
Restart=always
RestartSec=2
TimeoutStopSec=5
[Install]
WantedBy=multi-user.target