2021-06-09 20:36:36 +02:00
|
|
|
use std::sync::{Arc, Mutex};
|
|
|
|
|
|
2021-02-21 21:56:56 +01:00
|
|
|
#[allow(unused_imports)]
|
2021-06-09 20:36:36 +02:00
|
|
|
use log::{debug, error, info, trace, warn};
|
|
|
|
|
|
2021-03-17 14:55:05 +01:00
|
|
|
use crate::blockchain::transaction::DomainData;
|
2021-06-09 20:36:36 +02:00
|
|
|
use crate::dns::filter::DnsFilter;
|
|
|
|
|
use crate::dns::protocol::{DnsPacket, DnsQuestion, DnsRecord, QueryType, ResultCode, TransientTtl};
|
|
|
|
|
use crate::Context;
|
2021-02-19 16:41:43 +01:00
|
|
|
|
|
|
|
|
pub struct BlockchainFilter {
|
|
|
|
|
context: Arc<Mutex<Context>>
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
impl BlockchainFilter {
|
|
|
|
|
pub fn new(context: Arc<Mutex<Context>>) -> Self {
|
|
|
|
|
BlockchainFilter { context }
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2021-06-09 20:36:36 +02:00
|
|
|
const NAME_SERVER: &str = "ns.alfis.name";
|
|
|
|
|
const SERVER_ADMIN: &str = "admin.alfis.name";
|
2021-03-30 19:10:26 +02:00
|
|
|
|
2021-02-19 16:41:43 +01:00
|
|
|
impl DnsFilter for BlockchainFilter {
|
|
|
|
|
fn lookup(&self, qname: &str, qtype: QueryType) -> Option<DnsPacket> {
|
2021-02-21 21:56:56 +01:00
|
|
|
let search;
|
|
|
|
|
let subdomain;
|
2021-12-25 18:40:36 +01:00
|
|
|
let parts: Vec<&str> = qname.rsplitn(3, '.').collect();
|
2021-02-21 12:29:09 +01:00
|
|
|
match parts.len() {
|
2021-04-15 12:33:47 +02:00
|
|
|
1 => {
|
|
|
|
|
let mut packet = DnsPacket::new();
|
2021-04-28 20:12:06 +02:00
|
|
|
let serial = self.context.lock().unwrap().chain.get_soa_serial();
|
|
|
|
|
if self.get_zone_response(parts[0], serial, &mut packet) {
|
2021-04-15 12:33:47 +02:00
|
|
|
return Some(packet);
|
|
|
|
|
}
|
|
|
|
|
return None;
|
|
|
|
|
}
|
2021-02-21 12:29:09 +01:00
|
|
|
2 => {
|
|
|
|
|
search = format!("{}.{}", parts[1], parts[0]);
|
|
|
|
|
subdomain = String::new();
|
|
|
|
|
}
|
|
|
|
|
_ => {
|
|
|
|
|
search = format!("{}.{}", parts[1], parts[0]);
|
|
|
|
|
subdomain = String::from(parts[2]);
|
|
|
|
|
}
|
|
|
|
|
}
|
2021-09-05 19:05:30 +02:00
|
|
|
//trace!("Searching record type '{:?}', name '{}' for domain '{}'", &qtype, &subdomain, &search);
|
2021-02-21 12:29:09 +01:00
|
|
|
|
2021-03-10 22:21:50 +01:00
|
|
|
let data = self.context.lock().unwrap().chain.get_domain_info(&search);
|
2021-03-30 19:10:26 +02:00
|
|
|
let zone = parts[0].to_owned();
|
2021-02-19 16:41:43 +01:00
|
|
|
match data {
|
2021-02-26 21:00:08 +01:00
|
|
|
None => {
|
2021-05-02 12:55:51 +02:00
|
|
|
if self.context.lock().unwrap().chain.is_available_zone(&zone) {
|
2021-04-13 23:19:47 +02:00
|
|
|
trace!("Not found data for domain {}", &search);
|
2021-02-26 21:00:08 +01:00
|
|
|
// Create DnsPacket
|
|
|
|
|
let mut packet = DnsPacket::new();
|
|
|
|
|
packet.questions.push(DnsQuestion::new(String::from(qname), qtype));
|
2021-03-30 19:10:26 +02:00
|
|
|
packet.header.rescode = ResultCode::NXDOMAIN;
|
|
|
|
|
packet.header.authoritative_answer = true;
|
2021-04-28 20:12:06 +02:00
|
|
|
let serial = self.context.lock().unwrap().chain.get_soa_serial();
|
|
|
|
|
BlockchainFilter::add_soa_record(zone, serial, &mut packet);
|
2021-03-21 00:19:09 +01:00
|
|
|
//trace!("Returning packet: {:?}", &packet);
|
2021-02-26 21:00:08 +01:00
|
|
|
return Some(packet);
|
|
|
|
|
}
|
|
|
|
|
}
|
2021-02-19 16:41:43 +01:00
|
|
|
Some(data) => {
|
2021-04-13 23:19:47 +02:00
|
|
|
trace!("Found data for domain {}", &search);
|
2021-03-17 14:55:05 +01:00
|
|
|
let mut data: DomainData = match serde_json::from_str(&data) {
|
2021-06-09 20:36:36 +02:00
|
|
|
Err(_) => {
|
|
|
|
|
return None;
|
|
|
|
|
}
|
|
|
|
|
Ok(data) => data
|
2021-02-19 16:41:43 +01:00
|
|
|
};
|
|
|
|
|
let mut answers: Vec<DnsRecord> = Vec::new();
|
2021-04-02 03:24:53 +02:00
|
|
|
let a_record = qtype == QueryType::A || qtype == QueryType::AAAA;
|
2021-03-17 14:55:05 +01:00
|
|
|
for mut record in data.records.iter_mut() {
|
2021-04-02 03:24:53 +02:00
|
|
|
if record.get_querytype() == qtype || (a_record && record.get_querytype() == QueryType::CNAME) {
|
2021-02-19 16:41:43 +01:00
|
|
|
match &mut record {
|
2021-02-21 12:29:09 +01:00
|
|
|
DnsRecord::A { domain, .. }
|
|
|
|
|
| DnsRecord::AAAA { domain, .. }
|
|
|
|
|
| DnsRecord::NS { domain, .. }
|
|
|
|
|
| DnsRecord::CNAME { domain, .. }
|
|
|
|
|
| DnsRecord::SRV { domain, .. }
|
|
|
|
|
| DnsRecord::MX { domain, .. }
|
|
|
|
|
| DnsRecord::UNKNOWN { domain, .. }
|
|
|
|
|
| DnsRecord::SOA { domain, .. }
|
|
|
|
|
| DnsRecord::TXT { domain, .. } if domain == "@" => {
|
2021-02-19 16:41:43 +01:00
|
|
|
*domain = String::from(qname);
|
|
|
|
|
}
|
|
|
|
|
_ => ()
|
|
|
|
|
}
|
|
|
|
|
|
2021-02-21 12:29:09 +01:00
|
|
|
match record.get_domain() {
|
|
|
|
|
None => {}
|
|
|
|
|
Some(domain) => {
|
|
|
|
|
if domain == search {
|
|
|
|
|
answers.push(record.clone());
|
|
|
|
|
} else if domain == subdomain {
|
|
|
|
|
match &mut record {
|
|
|
|
|
DnsRecord::A { domain, .. }
|
|
|
|
|
| DnsRecord::AAAA { domain, .. }
|
|
|
|
|
| DnsRecord::NS { domain, .. }
|
|
|
|
|
| DnsRecord::CNAME { domain, .. }
|
|
|
|
|
| DnsRecord::SRV { domain, .. }
|
|
|
|
|
| DnsRecord::MX { domain, .. }
|
|
|
|
|
| DnsRecord::UNKNOWN { domain, .. }
|
|
|
|
|
| DnsRecord::SOA { domain, .. }
|
|
|
|
|
| DnsRecord::TXT { domain, .. } => {
|
|
|
|
|
*domain = String::from(qname);
|
|
|
|
|
}
|
|
|
|
|
_ => ()
|
|
|
|
|
}
|
|
|
|
|
answers.push(record.clone());
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
2021-02-19 16:41:43 +01:00
|
|
|
}
|
|
|
|
|
}
|
2021-02-21 12:29:09 +01:00
|
|
|
if answers.is_empty() {
|
|
|
|
|
// If there are no records found we search for *.domain.ltd record
|
2021-03-17 14:55:05 +01:00
|
|
|
for mut record in data.records {
|
2021-02-21 12:29:09 +01:00
|
|
|
if record.get_querytype() == qtype {
|
|
|
|
|
match record.get_domain() {
|
|
|
|
|
None => {}
|
|
|
|
|
Some(domain) => {
|
|
|
|
|
if domain == search {
|
|
|
|
|
answers.push(record.clone());
|
|
|
|
|
} else if domain == "*" {
|
|
|
|
|
match &mut record {
|
|
|
|
|
DnsRecord::A { domain, .. }
|
|
|
|
|
| DnsRecord::AAAA { domain, .. }
|
|
|
|
|
| DnsRecord::NS { domain, .. }
|
|
|
|
|
| DnsRecord::CNAME { domain, .. }
|
|
|
|
|
| DnsRecord::SRV { domain, .. }
|
|
|
|
|
| DnsRecord::MX { domain, .. }
|
|
|
|
|
| DnsRecord::UNKNOWN { domain, .. }
|
|
|
|
|
| DnsRecord::SOA { domain, .. }
|
|
|
|
|
| DnsRecord::TXT { domain, .. } => {
|
|
|
|
|
*domain = String::from(qname);
|
|
|
|
|
}
|
|
|
|
|
_ => ()
|
|
|
|
|
}
|
|
|
|
|
answers.push(record.clone());
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2021-03-29 11:10:48 +02:00
|
|
|
//debug!("Answers: {:?}", &answers);
|
2021-02-26 21:00:08 +01:00
|
|
|
return if !answers.is_empty() {
|
2021-02-19 16:41:43 +01:00
|
|
|
// Create DnsPacket
|
|
|
|
|
let mut packet = DnsPacket::new();
|
2021-03-30 19:10:26 +02:00
|
|
|
packet.header.authoritative_answer = true;
|
2021-02-19 16:41:43 +01:00
|
|
|
packet.questions.push(DnsQuestion::new(String::from(qname), qtype));
|
|
|
|
|
for answer in answers {
|
|
|
|
|
packet.answers.push(answer);
|
|
|
|
|
}
|
2021-06-09 20:36:36 +02:00
|
|
|
packet.authorities.push(DnsRecord::NS { domain: zone, host: String::from(NAME_SERVER), ttl: TransientTtl(600) });
|
2021-03-21 00:19:09 +01:00
|
|
|
//trace!("Returning packet: {:?}", &packet);
|
2021-02-26 21:00:08 +01:00
|
|
|
Some(packet)
|
|
|
|
|
} else {
|
|
|
|
|
// Create DnsPacket
|
|
|
|
|
let mut packet = DnsPacket::new();
|
2021-03-30 19:10:26 +02:00
|
|
|
packet.header.authoritative_answer = true;
|
2021-03-30 20:50:20 +02:00
|
|
|
packet.header.rescode = ResultCode::NOERROR;
|
2021-02-26 21:00:08 +01:00
|
|
|
packet.questions.push(DnsQuestion::new(String::from(qname), qtype));
|
2021-04-28 20:12:06 +02:00
|
|
|
let serial = self.context.lock().unwrap().chain.get_soa_serial();
|
|
|
|
|
BlockchainFilter::add_soa_record(zone, serial, &mut packet);
|
2021-03-21 00:19:09 +01:00
|
|
|
//trace!("Returning packet: {:?}", &packet);
|
2021-02-26 21:00:08 +01:00
|
|
|
Some(packet)
|
2021-06-09 20:36:36 +02:00
|
|
|
};
|
2021-02-19 16:41:43 +01:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
None
|
|
|
|
|
}
|
2021-04-13 18:46:48 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
impl BlockchainFilter {
|
2021-04-28 20:12:06 +02:00
|
|
|
fn add_soa_record(zone: String, serial: u32, packet: &mut DnsPacket) {
|
2021-04-13 18:46:48 +02:00
|
|
|
packet.authorities.push(DnsRecord::SOA {
|
|
|
|
|
domain: zone,
|
|
|
|
|
m_name: String::from(NAME_SERVER),
|
|
|
|
|
r_name: String::from(SERVER_ADMIN),
|
2021-04-28 20:12:06 +02:00
|
|
|
serial,
|
2021-04-13 18:46:48 +02:00
|
|
|
refresh: 3600,
|
|
|
|
|
retry: 300,
|
|
|
|
|
expire: 604800,
|
|
|
|
|
minimum: 60,
|
2021-06-09 20:36:36 +02:00
|
|
|
ttl: TransientTtl(60)
|
2021-04-13 18:46:48 +02:00
|
|
|
});
|
|
|
|
|
}
|
2021-04-15 12:33:47 +02:00
|
|
|
|
2021-12-25 18:40:36 +01:00
|
|
|
fn get_zone_response(&self, zone: &str, serial: u32, packet: &mut DnsPacket) -> bool {
|
2021-05-02 12:55:51 +02:00
|
|
|
let have_zone = self.context.lock().unwrap().chain.is_available_zone(zone);
|
2021-04-15 12:33:47 +02:00
|
|
|
if have_zone {
|
2021-12-25 18:40:36 +01:00
|
|
|
BlockchainFilter::add_soa_record(zone.to_owned(), serial, packet);
|
2021-04-15 12:33:47 +02:00
|
|
|
}
|
|
|
|
|
have_zone
|
|
|
|
|
}
|
2021-04-13 18:46:48 +02:00
|
|
|
}
|
2021-04-28 20:12:06 +02:00
|
|
|
|
|
|
|
|
#[cfg(test)]
|
|
|
|
|
mod tests {
|
|
|
|
|
// TODO write tests for this filter
|
|
|
|
|
}
|
