DNS processing. More...

#include "lib/server/rcode.h"
#include <freeradius-devel/server/protocol.h>
#include <freeradius-devel/server/pair.h>
#include <freeradius-devel/util/debug.h>
#include <freeradius-devel/util/pair.h>
#include <freeradius-devel/unlang/interpret.h>
#include <freeradius-devel/dns/dns.h>
#include <freeradius-devel/protocol/dns/rfc1034.h>
#include <freeradius-devel/server/process.h>

Include dependency graph for base.c:

Go to the source code of this file.

Data Structures
struct	process_dns_fields_t
	Records fields from the original request so we have a known good copy. More...

struct	process_dns_sections_t

struct	process_dns_t

Macros
#define	DNS_RCODE_COMMON

#define	ERROR_SECTION(_name, _number)

#define	FR_DNS_RCODE_MAX FR_RCODE_VALUE_BAD_COOKIE
	Update this if new rcodes are added. More...

#define	PROCESS_CODE_DO_NOT_RESPOND FR_DNS_DO_NOT_RESPOND

#define	PROCESS_CODE_MAX FR_DNS_CODE_MAX

#define	PROCESS_INST process_dns_t

#define	PROCESS_PACKET_CODE_VALID FR_DNS_PACKET_CODE_VALID

#define	PROCESS_PACKET_TYPE fr_dns_packet_code_t

#define	PROCESS_STATE_EXTRA_FIELDS fr_value_box_t const **dns_rcode[RLM_MODULE_NUMCODES];
	Map an rlm_rcode_t to a header.rcode value. More...

Functions
static int	dns_fields_restore (request_t request, process_dns_fields_t rctx)
	Copy values from the request header back into the response. More...

static process_dns_fields_t *	dns_fields_store (request_t *request)
	Keep a copy of header fields to prevent them being tampered with. More...

static void	dns_packet_debug (request_t request, fr_packet_t const packet, fr_pair_list_t const *list, bool received)

static void	dns_rcode_add (fr_pair_t *rcode, request_t request, fr_value_box_t const **code)
	Add/update the rcode attribute based on the last rlm_rcode value. More...

static unlang_action_t	mod_process (rlm_rcode_t p_result, module_ctx_t const mctx, request_t *request)
	Entry point into the state machine. More...

	RECV (request)
	Store basic information from the request, and jump into the correct processing section. More...

	RESUME (recv_request)
	Sets the DNS rcode after we get a result from the recv section. More...

	RESUME (send_response)
	Set defaults in the response and values copied from the request like opcode and id. More...

Variables
static fr_dict_attr_t const *	attr_authoritative_bit

static fr_dict_attr_t const *	attr_header

static fr_dict_attr_t const *	attr_id

static fr_dict_attr_t const *	attr_opcode

static fr_dict_attr_t const *	attr_packet_type

static fr_dict_attr_t const *	attr_rcode

static fr_dict_attr_t const *	attr_response_bit

static const virtual_server_compile_t	compile_list []

static fr_dict_t const *	dict_dns

static fr_value_box_t const *	enum_rcode_format_error

static fr_value_box_t const *	enum_rcode_name_error

static fr_value_box_t const *	enum_rcode_no_error

static fr_value_box_t const *	enum_rcode_refused

static fr_value_box_t const *	enum_rcode_server_failure

fr_process_module_t	process_dns

fr_dict_autoload_t	process_dns_dict []

fr_dict_attr_autoload_t	process_dns_dict_attr []

fr_dict_enum_autoload_t	process_dns_dict_enum []

static fr_process_state_t const	process_state []

Detailed Description

DNS processing.

Id: 95990c7207d888aacdc41dceb3c3ba4296c3d3c6

Copyright: 2024 Arran Cudbard-Bell (a.cud.nosp@m.bard.nosp@m.b@fre.nosp@m.erad.nosp@m.ius.o.nosp@m.rg); 2020 Network RADIUS SAS (legal.nosp@m.@net.nosp@m.workr.nosp@m.adiu.nosp@m.s.com)

Definition in file base.c.

Data Structure Documentation

◆ process_dns_fields_t

struct process_dns_fields_t

Records fields from the original request so we have a known good copy.

Definition at line 114 of file base.c.

Data Fields
uint16_t	id	Identity of the request.
uint8_t	opcode	Opcode, what type of query this is.

◆ process_dns_sections_t

struct process_dns_sections_t

Definition at line 82 of file base.c.

Collaboration diagram for process_dns_sections_t:

Data Fields
CONF_SECTION *	do_not_respond
CONF_SECTION *	inverse_query
CONF_SECTION *	inverse_query_response
uint64_t	nothing
CONF_SECTION *	query	Request/response sections.
CONF_SECTION *	query_response
CONF_SECTION *	rcode[FR_DNS_RCODE_MAX]	DNS rcode error sections (not the same as rlm_rcode_t values) These are called after the `recv { ... }` section runs if rcode is non-zero
CONF_SECTION *	stateful_operation
CONF_SECTION *	stateful_operation_response
CONF_SECTION *	status
CONF_SECTION *	status_response
CONF_SECTION *	update
CONF_SECTION *	update_response

◆ process_dns_t

struct process_dns_t

Definition at line 108 of file base.c.

Collaboration diagram for process_dns_t:

Data Fields
process_dns_sections_t	sections

Macro Definition Documentation

◆ DNS_RCODE_COMMON

#define DNS_RCODE_COMMON

Value:

        .dns_rcode = { \
                [RLM_MODULE_NOOP] = &enum_rcode_no_error, \
                [RLM_MODULE_OK] = &enum_rcode_no_error, \
                [RLM_MODULE_UPDATED] = &enum_rcode_no_error, \
                [RLM_MODULE_HANDLED] = &enum_rcode_no_error, \
                [RLM_MODULE_REJECT] = &enum_rcode_refused, \
                [RLM_MODULE_FAIL] = &enum_rcode_server_failure, \
                [RLM_MODULE_INVALID] = &enum_rcode_format_error, \
                [RLM_MODULE_DISALLOW] = &enum_rcode_refused, \
                [RLM_MODULE_NOTFOUND] = &enum_rcode_name_error \
        }

Definition at line 497 of file base.c.

◆ ERROR_SECTION

#define ERROR_SECTION	(	_name,
		_number
	)

Value:

        { \
                .section = SECTION_NAME("error", _name), \
                .actions = &mod_actions_postauth, \
                .offset = PROCESS_CONF_OFFSET(rcode[_number]), \
        }

◆ FR_DNS_RCODE_MAX

#define FR_DNS_RCODE_MAX FR_RCODE_VALUE_BAD_COOKIE

Update this if new rcodes are added.

Definition at line 36 of file base.c.

◆ PROCESS_CODE_DO_NOT_RESPOND

#define PROCESS_CODE_DO_NOT_RESPOND FR_DNS_DO_NOT_RESPOND

Definition at line 121 of file base.c.

◆ PROCESS_CODE_MAX

#define PROCESS_CODE_MAX FR_DNS_CODE_MAX

Definition at line 120 of file base.c.

◆ PROCESS_INST

#define PROCESS_INST process_dns_t

Definition at line 123 of file base.c.

◆ PROCESS_PACKET_CODE_VALID

#define PROCESS_PACKET_CODE_VALID FR_DNS_PACKET_CODE_VALID

Definition at line 122 of file base.c.

◆ PROCESS_PACKET_TYPE

#define PROCESS_PACKET_TYPE fr_dns_packet_code_t

Definition at line 119 of file base.c.

◆ PROCESS_STATE_EXTRA_FIELDS

#define PROCESS_STATE_EXTRA_FIELDS fr_value_box_t const **dns_rcode[RLM_MODULE_NUMCODES];

Map an rlm_rcode_t to a header.rcode value.

Definition at line 127 of file base.c.

Function Documentation

◆ dns_fields_restore()

static int dns_fields_restore	(	request_t *	request,
		process_dns_fields_t *	rctx
	)

inlinestatic

Copy values from the request header back into the response.

If a value already exists in the response, don't overwrite it so the user has absolute control

Definition at line 287 of file base.c.

Here is the call graph for this function:

Here is the caller graph for this function:

◆ dns_fields_store()

static process_dns_fields_t* dns_fields_store ( request_t * request )

inlinestatic

Keep a copy of header fields to prevent them being tampered with.

Definition at line 246 of file base.c.

Here is the call graph for this function:

Here is the caller graph for this function:

◆ dns_packet_debug()

static void dns_packet_debug	(	request_t *	request,
		fr_packet_t const *	packet,
		fr_pair_list_t const *	list,
		bool	received
	)

static

Definition at line 224 of file base.c.

Here is the call graph for this function:

Here is the caller graph for this function:

◆ dns_rcode_add()

static void dns_rcode_add	(	fr_pair_t **	rcode,
		request_t *	request,
		fr_value_box_t const **	code
	)

inlinestatic

Add/update the rcode attribute based on the last rlm_rcode value.

Definition at line 337 of file base.c.

Here is the call graph for this function:

Here is the caller graph for this function:

◆ mod_process()

static unlang_action_t mod_process	(	rlm_rcode_t *	p_result,
		module_ctx_t const *	mctx,
		request_t *	request
	)

static

Entry point into the state machine.

Definition at line 472 of file base.c.

Here is the call graph for this function:

◆ RECV()

RECV ( request )

Store basic information from the request, and jump into the correct processing section.

Definition at line 360 of file base.c.

Here is the call graph for this function:

◆ RESUME() [1/2]

RESUME ( recv_request )

Sets the DNS rcode after we get a result from the recv section.

Calls error processing sections as appropriate

Definition at line 376 of file base.c.

Here is the call graph for this function:

◆ RESUME() [2/2]

RESUME ( send_response )

Set defaults in the response and values copied from the request like opcode and id.

Definition at line 433 of file base.c.

Here is the call graph for this function:

Variable Documentation

◆ attr_authoritative_bit

fr_dict_attr_t const* attr_authoritative_bit

static

Definition at line 52 of file base.c.

◆ attr_header

fr_dict_attr_t const* attr_header

static

Definition at line 47 of file base.c.

◆ attr_id

fr_dict_attr_t const* attr_id

static

Definition at line 48 of file base.c.

◆ attr_opcode

fr_dict_attr_t const* attr_opcode

static

Definition at line 50 of file base.c.

◆ attr_packet_type

fr_dict_attr_t const* attr_packet_type

static

Definition at line 46 of file base.c.

◆ attr_rcode

fr_dict_attr_t const* attr_rcode

static

Definition at line 51 of file base.c.

◆ attr_response_bit

fr_dict_attr_t const* attr_response_bit

static

Definition at line 49 of file base.c.

◆ compile_list

const virtual_server_compile_t compile_list[]

static

Definition at line 131 of file base.c.

◆ dict_dns

fr_dict_t const* dict_dns

static

Definition at line 38 of file base.c.

◆ enum_rcode_format_error

fr_value_box_t const* enum_rcode_format_error

static

Definition at line 67 of file base.c.

◆ enum_rcode_name_error

fr_value_box_t const* enum_rcode_name_error

static

Definition at line 69 of file base.c.

◆ enum_rcode_no_error

fr_value_box_t const* enum_rcode_no_error

static

Definition at line 66 of file base.c.

◆ enum_rcode_refused

fr_value_box_t const* enum_rcode_refused

static

Definition at line 70 of file base.c.

◆ enum_rcode_server_failure

fr_value_box_t const* enum_rcode_server_failure

static

Definition at line 68 of file base.c.

◆ process_dns

fr_process_module_t process_dns

Initial value:

= {
        .common = {
                .magic          = MODULE_MAGIC_INIT,
                .name           = "dns",
                .inst_size      = sizeof(process_dns_t)
        },
        .process        = mod_process,
        .compile_list   = compile_list,
        .dict           = &dict_dns,
}

Definition at line 611 of file base.c.

◆ process_dns_dict

fr_dict_autoload_t process_dns_dict

Initial value:

= {
        { .out = &dict_dns, .proto = "dns" },
        { NULL }
}

Definition at line 41 of file base.c.

◆ process_dns_dict_attr

fr_dict_attr_autoload_t process_dns_dict_attr

Initial value:

= {
        { .out = &attr_packet_type, .name = "Packet-Type", .type = FR_TYPE_UINT32, .dict = &dict_dns},
        { .out = &attr_header, .name = "Header", .type = FR_TYPE_STRUCT, .dict = &dict_dns},
        { .out = &attr_opcode, .name = "Header.Opcode", .type = FR_TYPE_UINT8, .dict = &dict_dns},
        { .out = &attr_id, .name = "Header.ID", .type = FR_TYPE_UINT16, .dict = &dict_dns},
        { .out = &attr_response_bit, .name = "Header.Query", .type = FR_TYPE_BOOL, .dict = &dict_dns},
        { .out = &attr_rcode, .name = "Header.Rcode", .type = FR_TYPE_UINT8, .dict = &dict_dns},
        { .out = &attr_authoritative_bit, .name = "Header.Authoritative", .type = FR_TYPE_BOOL, .dict = &dict_dns},
        { NULL }
}

Definition at line 55 of file base.c.

◆ process_dns_dict_enum

fr_dict_enum_autoload_t process_dns_dict_enum

Initial value:

= {
        { .out = &enum_rcode_no_error, .name = "No-Error", .attr = &attr_rcode },                       
        { .out = &enum_rcode_format_error, .name = "Format-Error", .attr = &attr_rcode },               
        { .out = &enum_rcode_server_failure, .name = "Server-Failure", .attr = &attr_rcode },           
        { .out = &enum_rcode_name_error, .name = "Name-Error", .attr = &attr_rcode },                   
        { .out = &enum_rcode_refused, .name = "Refused", .attr = &attr_rcode },                         
        { NULL }
}

Definition at line 73 of file base.c.

◆ process_state

fr_process_state_t const process_state[]

static

Definition at line 510 of file base.c.

Data Structures

Macros

Functions

Variables

Detailed Description

Data Structure Documentation

◆ process_dns_fields_t

◆ process_dns_sections_t

◆ process_dns_t

Macro Definition Documentation

◆ DNS_RCODE_COMMON

◆ ERROR_SECTION

◆ FR_DNS_RCODE_MAX

◆ PROCESS_CODE_DO_NOT_RESPOND

◆ PROCESS_CODE_MAX

◆ PROCESS_INST

◆ PROCESS_PACKET_CODE_VALID

◆ PROCESS_PACKET_TYPE

◆ PROCESS_STATE_EXTRA_FIELDS

Function Documentation

◆ dns_fields_restore()

◆ dns_fields_store()

◆ dns_packet_debug()

◆ dns_rcode_add()

◆ mod_process()

◆ RECV()

◆ RESUME() [1/2]

◆ RESUME() [2/2]

Variable Documentation

◆ attr_authoritative_bit

◆ attr_header

◆ attr_id

◆ attr_opcode

◆ attr_packet_type

◆ attr_rcode

◆ attr_response_bit

◆ compile_list

◆ dict_dns

◆ enum_rcode_format_error

◆ enum_rcode_name_error

◆ enum_rcode_no_error

◆ enum_rcode_refused

◆ enum_rcode_server_failure

◆ process_dns

◆ process_dns_dict

◆ process_dns_dict_attr

◆ process_dns_dict_enum

◆ process_state