From f7c1cde7c7fe05eda68bfc24e7f0873c53d84315 Mon Sep 17 00:00:00 2001 From: Jon Siwek Date: Mon, 29 Apr 2019 18:09:29 -0700 Subject: [PATCH] Remove 'dns_resolver' option, replace w/ ZEEK_DNS_RESOLVER env. var. The later simply doesn't work well in conjunction with hostname literals. i.e. "google.com" (without quotes) needs to be resolved to a set of addresses at parse-time, so if a user wishes to use a custom resolver, we need that to be configured independently from the order in which scripts get parsed. Configuring 'dns_resolver' via scripting "redef" is clearly dependent on parse order. Note 'dns_resolver' hasn't been in any release version yet, so I'm removing it outright, no deprecation. The ZEEK_DNS_RESOLVER environment variable now serves the original purpose. --- doc | 2 +- scripts/base/init-bare.zeek | 6 ---- src/DNS_Mgr.cc | 55 ++++++++++++++++++------------------- src/DNS_Mgr.h | 1 + src/main.cc | 1 + 5 files changed, 29 insertions(+), 36 deletions(-) diff --git a/doc b/doc index 073bb08473..856db2bb40 160000 --- a/doc +++ b/doc @@ -1 +1 @@ -Subproject commit 073bb08473b8172b8bb175e0702204f15f522392 +Subproject commit 856db2bb4014d15a94cb336d7e5e8ca1d4627b1e diff --git a/scripts/base/init-bare.zeek b/scripts/base/init-bare.zeek index 86e3317931..7c4fe2e5b8 100644 --- a/scripts/base/init-bare.zeek +++ b/scripts/base/init-bare.zeek @@ -3743,12 +3743,6 @@ global dns_skip_all_addl = T &redef; ## traffic and do not process it. Set to 0 to turn off this functionality. global dns_max_queries = 25 &redef; -## The address of the DNS resolver to use. If not changed from the -## unspecified address, ``[::]``, the first nameserver from /etc/resolv.conf -## gets used (IPv6 is currently only supported if set via this option, not -## when parsed from the file). -const dns_resolver = [::] &redef; - ## HTTP session statistics. ## ## .. zeek:see:: http_stats diff --git a/src/DNS_Mgr.cc b/src/DNS_Mgr.cc index 2fff6903b0..aa5bbdc849 100644 --- a/src/DNS_Mgr.cc +++ b/src/DNS_Mgr.cc @@ -388,6 +388,7 @@ DNS_Mgr::DNS_Mgr(DNS_MgrMode arg_mode) num_requests = 0; successful = 0; failed = 0; + nb_dns = nullptr; } DNS_Mgr::~DNS_Mgr() @@ -399,16 +400,21 @@ DNS_Mgr::~DNS_Mgr() delete [] dir; } -void DNS_Mgr::InitPostScript() +void DNS_Mgr::Init() { if ( did_init ) return; - auto dns_resolver_id = global_scope()->Lookup("dns_resolver"); - auto dns_resolver_addr = dns_resolver_id->ID_Val()->AsAddr(); + // Note that Init() may be called by way of LookupHost() during the act of + // parsing a hostname literal (e.g. google.com), so we can't use a + // script-layer option to configure the DNS resolver as it may not be + // configured to the user's desired address at the time when we need to to + // the lookup. + auto dns_resolver = getenv("ZEEK_DNS_RESOLVER"); + auto dns_resolver_addr = dns_resolver ? IPAddr(dns_resolver) : IPAddr(); char err[NB_DNS_ERRSIZE]; - if ( dns_resolver_addr == IPAddr("::") ) + if ( dns_resolver_addr == IPAddr() ) nb_dns = nb_dns_init(err); else { @@ -433,19 +439,11 @@ void DNS_Mgr::InitPostScript() if ( ! nb_dns ) reporter->Warning("problem initializing NB-DNS: %s", err); - const char* cache_dir = dir ? dir : "."; - - if ( mode == DNS_PRIME && ! ensure_dir(cache_dir) ) - { - did_init = 0; - return; - } - - cache_name = new char[strlen(cache_dir) + 64]; - sprintf(cache_name, "%s/%s", cache_dir, ".bro-dns-cache"); - - LoadCache(fopen(cache_name, "r")); + did_init = true; + } +void DNS_Mgr::InitPostScript() + { dns_mapping_valid = internal_handler("dns_mapping_valid"); dns_mapping_unverified = internal_handler("dns_mapping_unverified"); dns_mapping_new_name = internal_handler("dns_mapping_new_name"); @@ -455,14 +453,18 @@ void DNS_Mgr::InitPostScript() dm_rec = internal_type("dns_mapping")->AsRecordType(); - did_init = 1; - + // Registering will call Init() iosource_mgr->Register(this, true); // We never set idle to false, having the main loop only calling us from // time to time. If we're issuing more DNS requests than we can handle // in this way, we are having problems anyway ... SetIdle(true); + + const char* cache_dir = dir ? dir : "."; + cache_name = new char[strlen(cache_dir) + 64]; + sprintf(cache_name, "%s/%s", cache_dir, ".bro-dns-cache"); + LoadCache(fopen(cache_name, "r")); } static TableVal* fake_name_lookup_result(const char* name) @@ -497,12 +499,11 @@ TableVal* DNS_Mgr::LookupHost(const char* name) if ( mode == DNS_FAKE ) return fake_name_lookup_result(name); + Init(); + if ( ! nb_dns ) return empty_addr_set(); - if ( ! did_init ) - Init(); - if ( mode != DNS_PRIME ) { HostMap::iterator it = host_mappings.find(name); @@ -553,8 +554,7 @@ TableVal* DNS_Mgr::LookupHost(const char* name) Val* DNS_Mgr::LookupAddr(const IPAddr& addr) { - if ( ! did_init ) - Init(); + Init(); if ( mode != DNS_PRIME ) { @@ -1072,8 +1072,7 @@ static void resolve_lookup_cb(DNS_Mgr::LookupCallback* callback, void DNS_Mgr::AsyncLookupAddr(const IPAddr& host, LookupCallback* callback) { - if ( ! did_init ) - Init(); + Init(); if ( mode == DNS_FAKE ) { @@ -1111,8 +1110,7 @@ void DNS_Mgr::AsyncLookupAddr(const IPAddr& host, LookupCallback* callback) void DNS_Mgr::AsyncLookupName(const string& name, LookupCallback* callback) { - if ( ! did_init ) - Init(); + Init(); if ( mode == DNS_FAKE ) { @@ -1150,8 +1148,7 @@ void DNS_Mgr::AsyncLookupName(const string& name, LookupCallback* callback) void DNS_Mgr::AsyncLookupNameText(const string& name, LookupCallback* callback) { - if ( ! did_init ) - Init(); + Init(); if ( mode == DNS_FAKE ) { diff --git a/src/DNS_Mgr.h b/src/DNS_Mgr.h index 0358ceba18..8da64097e4 100644 --- a/src/DNS_Mgr.h +++ b/src/DNS_Mgr.h @@ -136,6 +136,7 @@ protected: iosource::FD_Set* except) override; double NextTimestamp(double* network_time) override; void Process() override; + void Init() override; const char* Tag() override { return "DNS_Mgr"; } DNS_MgrMode mode; diff --git a/src/main.cc b/src/main.cc index af29b1e7d7..6a29756bc7 100644 --- a/src/main.cc +++ b/src/main.cc @@ -215,6 +215,7 @@ void usage(int code = 1) fprintf(stderr, " $BRO_LOG_SUFFIX | ASCII log file extension (.%s)\n", logging::writer::Ascii::LogExt().c_str()); fprintf(stderr, " $BRO_PROFILER_FILE | Output file for script execution statistics (not set)\n"); fprintf(stderr, " $BRO_DISABLE_BROXYGEN | Disable Zeexygen documentation support (%s)\n", getenv("BRO_DISABLE_BROXYGEN") ? "set" : "not set"); + fprintf(stderr, " $ZEEK_DNS_RESOLVER | IPv4/IPv6 address of DNS resolver to use (%s)\n", getenv("ZEEK_DNS_RESOLVER") ? getenv("ZEEK_DNS_RESOLVER") : "not set, will use first IPv4 address from /etc/resolv.conf"); fprintf(stderr, "\n");