From bdac6e2d6b95884c4b46330b574cac3cd9026ab9 Mon Sep 17 00:00:00 2001 From: florian Date: Sat, 30 Jan 2021 10:31:51 +0000 Subject: [PATCH] Re-try to open DNSSEC trust anchor file if /var is not mounted yet. This is a step towards starting unwind earlier, before the network is up and partitions are mounted. OK kn --- sbin/unwind/frontend.c | 21 ++++++++++++----- sbin/unwind/resolver.c | 4 +++- sbin/unwind/unwind.c | 53 +++++++++++++++++++++++++++++++++++------- 3 files changed, 62 insertions(+), 16 deletions(-) diff --git a/sbin/unwind/frontend.c b/sbin/unwind/frontend.c index 18d91dfbeb2..603acede2a7 100644 --- a/sbin/unwind/frontend.c +++ b/sbin/unwind/frontend.c @@ -1,4 +1,4 @@ -/* $OpenBSD: frontend.c,v 1.66 2021/01/27 08:30:50 florian Exp $ */ +/* $OpenBSD: frontend.c,v 1.67 2021/01/30 10:31:51 florian Exp $ */ /* * Copyright (c) 2018 Florian Obser @@ -258,8 +258,6 @@ frontend(int debug, int verbose) TAILQ_INIT(&trust_anchors); TAILQ_INIT(&new_trust_anchors); - add_new_ta(&trust_anchors, KSK2017); - event_dispatch(); frontend_shutdown(); @@ -448,10 +446,21 @@ frontend_dispatch_main(int fd, short event, void *bula) control_listen(fd); break; case IMSG_TAFD: - if ((ta_fd = imsg.fd) != -1) + if ((ta_fd = imsg.fd) == -1) + fatalx("%s: expected to receive imsg trust " + "anchor fd but didn't receive any", + __func__); + if (TAILQ_EMPTY(&trust_anchors)) { + /* + * We did not receive a trustanchor from DNS, + * maybe the built-in one is out of date, try + * with the one from disk. + */ parse_trust_anchor(&trust_anchors, ta_fd); - if (!TAILQ_EMPTY(&trust_anchors)) - send_trust_anchors(&trust_anchors); + if (!TAILQ_EMPTY(&trust_anchors)) + send_trust_anchors(&trust_anchors); + } else + write_trust_anchors(&trust_anchors, ta_fd); break; case IMSG_BLFD: if ((fd = imsg.fd) == -1) diff --git a/sbin/unwind/resolver.c b/sbin/unwind/resolver.c index a9c120e96e2..d93132177ab 100644 --- a/sbin/unwind/resolver.c +++ b/sbin/unwind/resolver.c @@ -1,4 +1,4 @@ -/* $OpenBSD: resolver.c,v 1.139 2021/01/29 17:48:58 florian Exp $ */ +/* $OpenBSD: resolver.c,v 1.140 2021/01/30 10:31:51 florian Exp $ */ /* * Copyright (c) 2018 Florian Obser @@ -423,6 +423,8 @@ resolver(int debug, int verbose) TAILQ_INIT(&new_trust_anchors); TAILQ_INIT(&running_queries); + add_new_ta(&trust_anchors, KSK2017); + event_dispatch(); resolver_shutdown(); diff --git a/sbin/unwind/unwind.c b/sbin/unwind/unwind.c index 178d2d8e605..93c5c039466 100644 --- a/sbin/unwind/unwind.c +++ b/sbin/unwind/unwind.c @@ -1,4 +1,4 @@ -/* $OpenBSD: unwind.c,v 1.58 2021/01/29 17:46:04 florian Exp $ */ +/* $OpenBSD: unwind.c,v 1.59 2021/01/30 10:31:52 florian Exp $ */ /* * Copyright (c) 2018 Florian Obser @@ -49,6 +49,8 @@ #include "control.h" #define TRUST_ANCHOR_FILE "/var/db/unwind.key" +#define WAIT_TA_FD_TIMEOUT 5 +#define WAIT_TA_FD_MAX_RETRY 3 enum uw_process { PROC_MAIN, @@ -74,6 +76,8 @@ int main_sendall(enum imsg_type, void *, uint16_t); void open_ports(void); void solicit_dns_proposals(void); void send_blocklist_fd(void); +void open_trustanchor(void); +void open_trustanchor_timeout(int, short, void *); struct uw_conf *main_conf; static struct imsgev *iev_frontend; @@ -83,6 +87,7 @@ pid_t frontend_pid; pid_t resolver_pid; uint32_t cmd_opts; int routesock; +struct event ta_timo_ev; void main_sig_handler(int sig, short event, void *arg) @@ -125,7 +130,7 @@ main(int argc, char *argv[]) int ch, debug = 0, resolver_flag = 0, frontend_flag = 0; int frontend_routesock, rtfilter; int pipe_main2frontend[2], pipe_main2resolver[2]; - int control_fd, ta_fd; + int control_fd; char *csock, *saved_argv0; csock = UNWIND_SOCKET; @@ -280,12 +285,6 @@ main(int argc, char *argv[]) fatal("route socket"); shutdown(SHUT_RD, routesock); - if ((ta_fd = open(TRUST_ANCHOR_FILE, O_RDWR | O_CREAT, 0644)) == -1) - log_warn("%s", TRUST_ANCHOR_FILE); - - /* receiver handles failed open correctly */ - main_imsg_compose_frontend_fd(IMSG_TAFD, 0, ta_fd); - main_imsg_compose_frontend_fd(IMSG_CONTROLFD, 0, control_fd); main_imsg_compose_frontend_fd(IMSG_ROUTESOCK, 0, frontend_routesock); main_imsg_send_config(main_conf); @@ -293,9 +292,17 @@ main(int argc, char *argv[]) if (main_conf->blocklist_file != NULL) send_blocklist_fd(); - if (pledge("stdio rpath sendfd", NULL) == -1) + /* this is the best we can do, when we startup /var is not mounted */ + if (unveil("/var", "rwc") == -1) + fatal("unveil"); + if (unveil("/", "r") == -1) + fatal("unveil"); + if (pledge("stdio rpath wpath cpath sendfd", NULL) == -1) fatal("pledge"); + evtimer_set(&ta_timo_ev, open_trustanchor_timeout, NULL); + open_trustanchor(); + main_imsg_compose_frontend(IMSG_STARTUP, 0, NULL, 0); main_imsg_compose_resolver(IMSG_STARTUP, 0, NULL, 0); @@ -959,3 +966,31 @@ imsg_receive_config(struct imsg *imsg, struct uw_conf **xconf) break; } } + +void +open_trustanchor(void) +{ + static int retry; + static const struct timeval timeout = { WAIT_TA_FD_TIMEOUT, 0}; + int fd; + + fd = open(TRUST_ANCHOR_FILE, O_RDWR | O_CREAT, 0644); + + if (fd != -1) + main_imsg_compose_frontend_fd(IMSG_TAFD, 0, fd); + else if (retry++ < WAIT_TA_FD_MAX_RETRY) { + /* /var is not mounted yet, try a bit later */ + evtimer_add(&ta_timo_ev, &timeout); + return; + } else + log_warn("giving up on %s", TRUST_ANCHOR_FILE); + + if (pledge("stdio rpath sendfd", NULL) == -1) + fatal("pledge"); +} + +void +open_trustanchor_timeout(int fd, short events, void *arg) +{ + open_trustanchor(); +} -- 2.20.1