Annotation of embedaddon/strongswan/src/libstrongswan/plugins/unbound/unbound_resolver.c, revision 1.1
1.1 ! misho 1: /*
! 2: * Copyright (C) 2011-2012 Reto Guadagnini
! 3: * HSR Hochschule fuer Technik Rapperswil
! 4: *
! 5: * This program is free software; you can redistribute it and/or modify it
! 6: * under the terms of the GNU General Public License as published by the
! 7: * Free Software Foundation; either version 2 of the License, or (at your
! 8: * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
! 9: *
! 10: * This program is distributed in the hope that it will be useful, but
! 11: * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
! 12: * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
! 13: * for more details.
! 14: */
! 15:
! 16: #include <unbound.h>
! 17: #include <errno.h>
! 18: #include <ldns/ldns.h>
! 19: #include <string.h>
! 20:
! 21: #include <library.h>
! 22: #include <utils/debug.h>
! 23:
! 24: #include "unbound_resolver.h"
! 25: #include "unbound_response.h"
! 26:
! 27: /* DNS resolver configuration and DNSSEC trust anchors */
! 28: #define RESOLV_CONF_FILE "/etc/resolv.conf"
! 29: #define TRUST_ANCHOR_FILE IPSEC_CONFDIR "/ipsec.d/dnssec.keys"
! 30:
! 31: typedef struct private_resolver_t private_resolver_t;
! 32:
! 33: /**
! 34: * private data of a unbound_resolver_t object.
! 35: */
! 36: struct private_resolver_t {
! 37:
! 38: /**
! 39: * Public data
! 40: */
! 41: resolver_t public;
! 42:
! 43: /**
! 44: * private unbound resolver handle (unbound context)
! 45: */
! 46: struct ub_ctx *ctx;
! 47: };
! 48:
! 49: /**
! 50: * query method implementation
! 51: */
! 52: METHOD(resolver_t, query, resolver_response_t*,
! 53: private_resolver_t *this, char *domain, rr_class_t rr_class,
! 54: rr_type_t rr_type)
! 55: {
! 56: unbound_response_t *response = NULL;
! 57: struct ub_result *result = NULL;
! 58: int ub_retval;
! 59:
! 60: ub_retval = ub_resolve(this->ctx, domain, rr_type, rr_class, &result);
! 61: if (ub_retval)
! 62: {
! 63: DBG1(DBG_LIB, "unbound resolver error: %s", ub_strerror(ub_retval));
! 64: ub_resolve_free(result);
! 65: return NULL;
! 66: }
! 67:
! 68: response = unbound_response_create_frm_libub_response(result);
! 69: if (!response)
! 70: {
! 71: DBG1(DBG_LIB, "unbound resolver failed to create response");
! 72: ub_resolve_free(result);
! 73: return NULL;
! 74: }
! 75: ub_resolve_free(result);
! 76:
! 77: return (resolver_response_t*)response;
! 78: }
! 79:
! 80: /**
! 81: * destroy method implementation
! 82: */
! 83: METHOD(resolver_t, destroy, void,
! 84: private_resolver_t *this)
! 85: {
! 86: ub_ctx_delete(this->ctx);
! 87: free(this);
! 88: }
! 89:
! 90: /*
! 91: * Described in header.
! 92: */
! 93: resolver_t *unbound_resolver_create(void)
! 94: {
! 95: private_resolver_t *this;
! 96: int ub_retval = 0;
! 97: char *resolv_conf, *trust_anchors, *dlv_anchors;
! 98:
! 99: resolv_conf = lib->settings->get_str(lib->settings,
! 100: "%s.plugins.unbound.resolv_conf",
! 101: RESOLV_CONF_FILE, lib->ns);
! 102: trust_anchors = lib->settings->get_str(lib->settings,
! 103: "%s.plugins.unbound.trust_anchors",
! 104: TRUST_ANCHOR_FILE, lib->ns);
! 105: dlv_anchors = lib->settings->get_str(lib->settings,
! 106: "%s.plugins.unbound.dlv_anchors",
! 107: NULL, lib->ns);
! 108:
! 109: INIT(this,
! 110: .public = {
! 111: .query = _query,
! 112: .destroy = _destroy,
! 113: },
! 114: );
! 115:
! 116: this->ctx = ub_ctx_create();
! 117: if (!this->ctx)
! 118: {
! 119: DBG1(DBG_LIB, "failed to create unbound resolver context");
! 120: destroy(this);
! 121: return NULL;
! 122: }
! 123:
! 124: DBG2(DBG_CFG, "loading unbound resolver config from '%s'", resolv_conf);
! 125: ub_retval = ub_ctx_resolvconf(this->ctx, resolv_conf);
! 126: if (ub_retval)
! 127: {
! 128: DBG1(DBG_CFG, "failed to read the resolver config: %s (%s)",
! 129: ub_strerror(ub_retval), strerror(errno));
! 130: destroy(this);
! 131: return NULL;
! 132: }
! 133:
! 134: DBG2(DBG_CFG, "loading unbound trust anchors from '%s'", trust_anchors);
! 135: ub_retval = ub_ctx_add_ta_file(this->ctx, trust_anchors);
! 136: if (ub_retval)
! 137: {
! 138: DBG1(DBG_CFG, "failed to load trust anchors: %s (%s)",
! 139: ub_strerror(ub_retval), strerror(errno));
! 140: }
! 141:
! 142: if (dlv_anchors)
! 143: {
! 144: DBG2(DBG_CFG, "loading trusted keys for DLV from '%s'", dlv_anchors);
! 145: ub_retval = ub_ctx_set_option(this->ctx, "dlv-anchor-file:",
! 146: dlv_anchors);
! 147: if (ub_retval)
! 148: {
! 149: DBG1(DBG_CFG, "failed to load trusted keys for DLV: %s (%s)",
! 150: ub_strerror(ub_retval), strerror(errno));
! 151: }
! 152: }
! 153: return &this->public;
! 154: }
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>