Annotation of embedaddon/strongswan/src/libstrongswan/plugins/unbound/unbound_resolver.c, revision 1.1.1.1
1.1 misho 1: /*
2: * Copyright (C) 2011-2012 Reto Guadagnini
3: * HSR Hochschule fuer Technik Rapperswil
4: *
5: * This program is free software; you can redistribute it and/or modify it
6: * under the terms of the GNU General Public License as published by the
7: * Free Software Foundation; either version 2 of the License, or (at your
8: * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
9: *
10: * This program is distributed in the hope that it will be useful, but
11: * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
12: * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
13: * for more details.
14: */
15:
16: #include <unbound.h>
17: #include <errno.h>
18: #include <ldns/ldns.h>
19: #include <string.h>
20:
21: #include <library.h>
22: #include <utils/debug.h>
23:
24: #include "unbound_resolver.h"
25: #include "unbound_response.h"
26:
27: /* DNS resolver configuration and DNSSEC trust anchors */
28: #define RESOLV_CONF_FILE "/etc/resolv.conf"
29: #define TRUST_ANCHOR_FILE IPSEC_CONFDIR "/ipsec.d/dnssec.keys"
30:
31: typedef struct private_resolver_t private_resolver_t;
32:
33: /**
34: * private data of a unbound_resolver_t object.
35: */
36: struct private_resolver_t {
37:
38: /**
39: * Public data
40: */
41: resolver_t public;
42:
43: /**
44: * private unbound resolver handle (unbound context)
45: */
46: struct ub_ctx *ctx;
47: };
48:
49: /**
50: * query method implementation
51: */
52: METHOD(resolver_t, query, resolver_response_t*,
53: private_resolver_t *this, char *domain, rr_class_t rr_class,
54: rr_type_t rr_type)
55: {
56: unbound_response_t *response = NULL;
57: struct ub_result *result = NULL;
58: int ub_retval;
59:
60: ub_retval = ub_resolve(this->ctx, domain, rr_type, rr_class, &result);
61: if (ub_retval)
62: {
63: DBG1(DBG_LIB, "unbound resolver error: %s", ub_strerror(ub_retval));
64: ub_resolve_free(result);
65: return NULL;
66: }
67:
68: response = unbound_response_create_frm_libub_response(result);
69: if (!response)
70: {
71: DBG1(DBG_LIB, "unbound resolver failed to create response");
72: ub_resolve_free(result);
73: return NULL;
74: }
75: ub_resolve_free(result);
76:
77: return (resolver_response_t*)response;
78: }
79:
80: /**
81: * destroy method implementation
82: */
83: METHOD(resolver_t, destroy, void,
84: private_resolver_t *this)
85: {
86: ub_ctx_delete(this->ctx);
87: free(this);
88: }
89:
90: /*
91: * Described in header.
92: */
93: resolver_t *unbound_resolver_create(void)
94: {
95: private_resolver_t *this;
96: int ub_retval = 0;
97: char *resolv_conf, *trust_anchors, *dlv_anchors;
98:
99: resolv_conf = lib->settings->get_str(lib->settings,
100: "%s.plugins.unbound.resolv_conf",
101: RESOLV_CONF_FILE, lib->ns);
102: trust_anchors = lib->settings->get_str(lib->settings,
103: "%s.plugins.unbound.trust_anchors",
104: TRUST_ANCHOR_FILE, lib->ns);
105: dlv_anchors = lib->settings->get_str(lib->settings,
106: "%s.plugins.unbound.dlv_anchors",
107: NULL, lib->ns);
108:
109: INIT(this,
110: .public = {
111: .query = _query,
112: .destroy = _destroy,
113: },
114: );
115:
116: this->ctx = ub_ctx_create();
117: if (!this->ctx)
118: {
119: DBG1(DBG_LIB, "failed to create unbound resolver context");
120: destroy(this);
121: return NULL;
122: }
123:
124: DBG2(DBG_CFG, "loading unbound resolver config from '%s'", resolv_conf);
125: ub_retval = ub_ctx_resolvconf(this->ctx, resolv_conf);
126: if (ub_retval)
127: {
128: DBG1(DBG_CFG, "failed to read the resolver config: %s (%s)",
129: ub_strerror(ub_retval), strerror(errno));
130: destroy(this);
131: return NULL;
132: }
133:
134: DBG2(DBG_CFG, "loading unbound trust anchors from '%s'", trust_anchors);
135: ub_retval = ub_ctx_add_ta_file(this->ctx, trust_anchors);
136: if (ub_retval)
137: {
138: DBG1(DBG_CFG, "failed to load trust anchors: %s (%s)",
139: ub_strerror(ub_retval), strerror(errno));
140: }
141:
142: if (dlv_anchors)
143: {
144: DBG2(DBG_CFG, "loading trusted keys for DLV from '%s'", dlv_anchors);
145: ub_retval = ub_ctx_set_option(this->ctx, "dlv-anchor-file:",
146: dlv_anchors);
147: if (ub_retval)
148: {
149: DBG1(DBG_CFG, "failed to load trusted keys for DLV: %s (%s)",
150: ub_strerror(ub_retval), strerror(errno));
151: }
152: }
153: return &this->public;
154: }
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>