Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

UDP: no destination port in the type callback #497

Open
hannesm opened this issue Oct 21, 2022 · 0 comments
Open

UDP: no destination port in the type callback #497

hannesm opened this issue Oct 21, 2022 · 0 comments

Comments

@hannesm
Copy link
Member

hannesm commented Oct 21, 2022

when implementing a DNS client, I would like to register the same callback on several ports. I can do so, but inside of the callback I cannot distinguish which port was written to (thus I cannot verify that the remote IP, remote port, local IP, local port are a good combination of datagrams to accept).

for now, only the source IP address is checked against an expected one, is this sufficient?

there's some asymmetry in the type callback, including a src and src_port, and a dst, but no dst_port.
hannesm added a commit to hannesm/ocaml-dns that referenced this issue Oct 21, 2022
@hannesm
dns-client-mirage: fix code for read_udp
87a174a 
previously, the source port of the remote (usually 53) was checked against our
source port (some random ephemeral), leading to no accepted reply. the mirage
udp interface does not provide the destination port in the callback (report as
mirage/mirage-tcpip#497).
hannesm added a commit to mirage/ocaml-dns that referenced this issue Oct 24, 2022
@hannesm @reynir
dns-client-mirage support udp (#322)
224fd4c 
* dns_client: connect provides the protocol and context

* dns_client: connect provides the protocol

* dns-client-mirage: allow UDP resolvers

This adds support for either all udp or all tcp|tls resolvers. At a later stage,
we can of course support mixed sets of resolvers (especially with the previous
commit paving this path).

* dns-stub / dns-client-mirage: add ?size and ?edns in Dns_client_mirage.connect

This avoids the need to unmarshal the arguments for a Dns_stub.t instantiation,
and makes the surface more uniform.

* dns_mirage_client: randomize udp port

similar to qubes-mirage-firewall (thanks @palainp), at initialization time a
single udp_port is reserved as last resort.

In general, the UDP source port is randomized, and UDP.listen/unlisten are
executed on that port (which is as well registered / unregistered). If the port
allocation fails, the last_udp_port is used, which is always listened to.

* dns-client-mirage: in nameserver_of_string, describe the desired format.

* Update mirage/client/dns_client_mirage.ml

Co-authored-by: Reynir Björnsson <reynir@reynir.dk>

* Update mirage/client/dns_client_mirage.ml

Co-authored-by: Reynir Björnsson <reynir@reynir.dk>

* dns-client: size is now cache_size (suggested by @reynir)

* dns-client-mirage: unlisten in all cases (as suggested by @reynir)

* dns-client-mirage: read_udp: only do something if the minimum DNS length was received (as reviewed by @reynir)

* dns-client-mirage: simplify Set.Make by using OCaml 4.08 introduced Int module

* dns-client-mirage: fix code for read_udp

previously, the source port of the remote (usually 53) was checked against our
source port (some random ephemeral), leading to no accepted reply. the mirage
udp interface does not provide the destination port in the callback (report as
mirage/mirage-tcpip#497).

* dns-client-mirage: remove "last_udp_port" complexity, instead fail on no free port

* Check dst in read_udp

Co-authored-by: Reynir Björnsson <reynir@reynir.dk>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@hannesm