xref: /openbsd-src/sbin/unwind/frontend.c (revision a95f0396caacddadc7bfeaf9106dda335057dcd3)

/*	$OpenBSD: frontend.c,v 1.90 2024/11/24 11:33:34 kirill Exp $	*/

/*
 * Copyright (c) 2018 Florian Obser <florian@openbsd.org>
 * Copyright (c) 2005 Claudio Jeker <claudio@openbsd.org>
 * Copyright (c) 2004 Esben Norby <norby@openbsd.org>
 * Copyright (c) 2003, 2004 Henning Brauer <henning@openbsd.org>
 *
 * Permission to use, copy, modify, and distribute this software for any
 * purpose with or without fee is hereby granted, provided that the above
 * copyright notice and this permission notice appear in all copies.
 *
 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 */

#include <sys/types.h>
#include <sys/queue.h>
#include <sys/socket.h>
#include <sys/syslog.h>
#include <sys/tree.h>
#include <sys/uio.h>

#include <netinet/in.h>
#include <net/if.h>
#include <net/route.h>

#include <errno.h>
#include <event.h>
#include <ifaddrs.h>
#include <imsg.h>
#include <netdb.h>
#include <pwd.h>
#include <signal.h>
#include <stdint.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <time.h>
#include <unistd.h>

#include "libunbound/config.h"
#include "libunbound/sldns/pkthdr.h"
#include "libunbound/sldns/sbuffer.h"
#include "libunbound/sldns/str2wire.h"
#include "libunbound/sldns/wire2str.h"
#include "libunbound/util/alloc.h"
#include "libunbound/util/net_help.h"
#include "libunbound/util/regional.h"
#include "libunbound/util/data/dname.h"
#include "libunbound/util/data/msgencode.h"
#include "libunbound/util/data/msgparse.h"
#include "libunbound/util/data/msgreply.h"

#include "log.h"
#include "unwind.h"
#include "frontend.h"
#include "control.h"
#include "dns64_synth.h"

#define	MINIMUM(a, b)		(((a) < (b)) ? (a) : (b))
#define	ROUTE_SOCKET_BUF_SIZE   16384

/*
 * size of a resource record with name a two octed pointer to qname
 * 2 octets pointer to qname
 * 2 octets TYPE
 * 2 octets CLASS
 * 4 octets TTL
 * 2 octets RDLENGTH
 */
#define COMPRESSED_RR_SIZE	12
#define MINIMIZE_ANSWER		1

#define FD_RESERVE		5
#define TCP_TIMEOUT		15
#define DEFAULT_TCP_SIZE	512

struct udp_ev {
	struct event		 ev;
	uint8_t			 query[65536];
	struct msghdr		 rcvmhdr;
	struct iovec		 rcviov[1];
	struct sockaddr_storage	 from;
} udp4ev, udp6ev;

struct tcp_accept_ev {
	struct event		 ev;
	struct event		 pause;
} tcp4ev, tcp6ev;

struct pending_query {
	TAILQ_ENTRY(pending_query)	 entry;
	struct sockaddr_storage		 from;
	struct sldns_buffer		*qbuf;
	struct sldns_buffer		*abuf;
	struct regional			*region;
	struct query_info		 qinfo;
	struct edns_data		 edns;
	struct event			 ev;		/* for tcp */
	struct event			 resp_ev;	/* for tcp */
	struct event			 tmo_ev;	/* for tcp */
	uint64_t			 imsg_id;
	uint16_t			 id;
	uint16_t			 flags;
	int				 fd;
	int				 tcp;
	int				 dns64_synthesize;
};

TAILQ_HEAD(, pending_query)	 pending_queries;

struct bl_node {
	RB_ENTRY(bl_node)	 entry;
	char			*domain;
	int			 len;
	int			 wildcard;
};

__dead void		 frontend_shutdown(void);
void			 frontend_sig_handler(int, short, void *);
void			 frontend_startup(void);
void			 udp_receive(int, short, void *);
void			 handle_query(struct pending_query *);
void			 free_pending_query(struct pending_query *);
void			 tcp_accept(int, short, void *);
int			 accept_reserve(int, struct sockaddr *, socklen_t *);
void			 accept_paused(int, short, void *);
void			 tcp_request(int, short, void *);
void			 tcp_response(int, short, void *);
void			 tcp_timeout(int, short, void *);
int			 check_query(sldns_buffer*);
void			 noerror_answer(struct pending_query *);
void			 synthesize_dns64_answer(struct pending_query *);
void			 resend_dns64_query(struct pending_query *);
void			 chaos_answer(struct pending_query *);
void			 error_answer(struct pending_query *, int rcode);
void			 send_answer(struct pending_query *);
void			 route_receive(int, short, void *);
void			 handle_route_message(struct rt_msghdr *,
			     struct sockaddr **);
void			 get_rtaddrs(int, struct sockaddr *,
			     struct sockaddr **);
struct pending_query	*find_pending_query(uint64_t);
void			 parse_trust_anchor(struct trust_anchor_head *, int);
void			 send_trust_anchors(struct trust_anchor_head *);
void			 write_trust_anchors(struct trust_anchor_head *, int);
void			 parse_blocklist(int);
int			 bl_cmp(struct bl_node *, struct bl_node *);
void			 free_bl(void);
int			 pending_query_cnt(void);
void			 check_available_af(void);
void			 reverse(char *, char *);

struct uw_conf		*frontend_conf;
static struct imsgev	*iev_main;
static struct imsgev	*iev_resolver;
struct event		 ev_route;
int			 udp4sock = -1, udp6sock = -1;
int			 tcp4sock = -1, tcp6sock = -1;
int			 ta_fd = -1;

static struct trust_anchor_head	 trust_anchors, new_trust_anchors;

RB_HEAD(bl_tree, bl_node)	 bl_head = RB_INITIALIZER(&bl_head);
RB_PROTOTYPE(bl_tree, bl_node, entry, bl_cmp)
RB_GENERATE(bl_tree, bl_node, entry, bl_cmp)

struct dns64_prefix	*dns64_prefixes;
int			 dns64_prefix_count;

void
frontend_sig_handler(int sig, short event, void *bula)
{
	/*
	 * Normal signal handler rules don't apply because libevent
	 * decouples for us.
	 */

	switch (sig) {
	case SIGINT:
	case SIGTERM:
		frontend_shutdown();
	default:
		fatalx("unexpected signal");
	}
}

void
frontend(int debug, int verbose)
{
	struct event	 ev_sigint, ev_sigterm;
	struct passwd	*pw;

	frontend_conf = config_new_empty();

	log_init(debug, LOG_DAEMON);
	log_setverbose(verbose);

	if ((pw = getpwnam(UNWIND_USER)) == NULL)
		fatal("getpwnam");

	if (chroot(pw->pw_dir) == -1)
		fatal("chroot");
	if (chdir("/") == -1)
		fatal("chdir(\"/\")");

	setproctitle("%s", "frontend");
	log_procinit("frontend");

	if (setgroups(1, &pw->pw_gid) ||
	    setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid) ||
	    setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid))
		fatal("can't drop privileges");

	if (pledge("stdio dns unix recvfd", NULL) == -1)
		fatal("pledge");

	event_init();

	/* Setup signal handler. */
	signal_set(&ev_sigint, SIGINT, frontend_sig_handler, NULL);
	signal_set(&ev_sigterm, SIGTERM, frontend_sig_handler, NULL);
	signal_add(&ev_sigint, NULL);
	signal_add(&ev_sigterm, NULL);
	signal(SIGPIPE, SIG_IGN);
	signal(SIGHUP, SIG_IGN);

	/* Setup pipe and event handler to the parent process. */
	if (iev_main != NULL)
		fatal("iev_main");
	if ((iev_main = malloc(sizeof(struct imsgev))) == NULL)
		fatal(NULL);
	if (imsgbuf_init(&iev_main->ibuf, 3) == -1)
		fatal(NULL);
	imsgbuf_allow_fdpass(&iev_main->ibuf);
	iev_main->handler = frontend_dispatch_main;
	iev_main->events = EV_READ;
	event_set(&iev_main->ev, iev_main->ibuf.fd, iev_main->events,
	    iev_main->handler, iev_main);
	event_add(&iev_main->ev, NULL);

	udp4ev.rcviov[0].iov_base = (caddr_t)udp4ev.query;
	udp4ev.rcviov[0].iov_len = sizeof(udp4ev.query);
	udp4ev.rcvmhdr.msg_name = (caddr_t)&udp4ev.from;
	udp4ev.rcvmhdr.msg_namelen = sizeof(udp4ev.from);
	udp4ev.rcvmhdr.msg_iov = udp4ev.rcviov;
	udp4ev.rcvmhdr.msg_iovlen = 1;

	udp6ev.rcviov[0].iov_base = (caddr_t)udp6ev.query;
	udp6ev.rcviov[0].iov_len = sizeof(udp6ev.query);
	udp6ev.rcvmhdr.msg_name = (caddr_t)&udp6ev.from;
	udp6ev.rcvmhdr.msg_namelen = sizeof(udp6ev.from);
	udp6ev.rcvmhdr.msg_iov = udp6ev.rcviov;
	udp6ev.rcvmhdr.msg_iovlen = 1;

	TAILQ_INIT(&pending_queries);

	TAILQ_INIT(&trust_anchors);
	TAILQ_INIT(&new_trust_anchors);

	add_new_ta(&trust_anchors, KSK2017);
	add_new_ta(&trust_anchors, KSK2024);

	event_dispatch();

	frontend_shutdown();
}

__dead void
frontend_shutdown(void)
{
	/* Close pipes. */
	imsgbuf_write(&iev_resolver->ibuf);
	imsgbuf_clear(&iev_resolver->ibuf);
	close(iev_resolver->ibuf.fd);
	imsgbuf_write(&iev_main->ibuf);
	imsgbuf_clear(&iev_main->ibuf);
	close(iev_main->ibuf.fd);

	config_clear(frontend_conf);

	free(iev_resolver);
	free(iev_main);

	log_info("frontend exiting");
	exit(0);
}

int
frontend_imsg_compose_main(int type, pid_t pid, void *data, uint16_t datalen)
{
	return (imsg_compose_event(iev_main, type, 0, pid, -1, data, datalen));
}

int
frontend_imsg_compose_resolver(int type, pid_t pid, void *data,
    uint16_t datalen)
{
	return (imsg_compose_event(iev_resolver, type, 0, pid, -1, data,
	    datalen));
}

void
frontend_dispatch_main(int fd, short event, void *bula)
{
	static struct uw_conf	*nconf;
	struct imsg		 imsg;
	struct imsgev		*iev = bula;
	struct imsgbuf		*ibuf = &iev->ibuf;
	int			 n, shut = 0;

	if (event & EV_READ) {
		if ((n = imsgbuf_read(ibuf)) == -1)
			fatal("imsgbuf_read error");
		if (n == 0)	/* Connection closed. */
			shut = 1;
	}
	if (event & EV_WRITE) {
		if (imsgbuf_write(ibuf) == -1) {
			if (errno == EPIPE)	/* Connection closed. */
				shut = 1;
			else
				fatal("imsgbuf_write");
		}
	}

	for (;;) {
		if ((n = imsg_get(ibuf, &imsg)) == -1)
			fatal("%s: imsg_get error", __func__);
		if (n == 0)	/* No more messages. */
			break;

		switch (imsg.hdr.type) {
		case IMSG_SOCKET_IPC_RESOLVER:
			/*
			 * Setup pipe and event handler to the resolver
			 * process.
			 */
			if (iev_resolver) {
				fatalx("%s: received unexpected imsg fd "
				    "to frontend", __func__);
				break;
			}
			if ((fd = imsg_get_fd(&imsg)) == -1) {
				fatalx("%s: expected to receive imsg fd to "
				   "frontend but didn't receive any",
				   __func__);
				break;
			}

			if (iev_resolver != NULL)
				fatal("iev_resolver");
			iev_resolver = malloc(sizeof(struct imsgev));
			if (iev_resolver == NULL)
				fatal(NULL);

			if (imsgbuf_init(&iev_resolver->ibuf, fd) == -1)
				fatal(NULL);
			iev_resolver->handler = frontend_dispatch_resolver;
			iev_resolver->events = EV_READ;

			event_set(&iev_resolver->ev, iev_resolver->ibuf.fd,
			    iev_resolver->events, iev_resolver->handler,
			    iev_resolver);
			event_add(&iev_resolver->ev, NULL);
			break;
		case IMSG_RECONF_CONF:
		case IMSG_RECONF_BLOCKLIST_FILE:
		case IMSG_RECONF_FORWARDER:
		case IMSG_RECONF_DOT_FORWARDER:
		case IMSG_RECONF_FORCE:
			imsg_receive_config(&imsg, &nconf);
			break;
		case IMSG_RECONF_END:
			if (nconf == NULL)
				fatalx("%s: IMSG_RECONF_END without "
				    "IMSG_RECONF_CONF", __func__);
			merge_config(frontend_conf, nconf);
			if (frontend_conf->blocklist_file == NULL)
				free_bl();
			nconf = NULL;
			break;
		case IMSG_UDP6SOCK:
			if (udp6sock != -1)
				fatalx("%s: received unexpected udp6sock",
				    __func__);
			if ((udp6sock = imsg_get_fd(&imsg)) == -1)
				fatalx("%s: expected to receive imsg "
				    "UDP6 fd but didn't receive any", __func__);
			event_set(&udp6ev.ev, udp6sock, EV_READ | EV_PERSIST,
			    udp_receive, &udp6ev);
			event_add(&udp6ev.ev, NULL);
			break;
		case IMSG_UDP4SOCK:
			if (udp4sock != -1)
				fatalx("%s: received unexpected udp4sock",
				    __func__);
			if ((udp4sock = imsg_get_fd(&imsg)) == -1)
				fatalx("%s: expected to receive imsg "
				    "UDP4 fd but didn't receive any", __func__);
			event_set(&udp4ev.ev, udp4sock, EV_READ | EV_PERSIST,
			    udp_receive, &udp4ev);
			event_add(&udp4ev.ev, NULL);
			break;
		case IMSG_TCP4SOCK:
			if (tcp4sock != -1)
				fatalx("%s: received unexpected tcp4sock",
				    __func__);
			if ((tcp4sock = imsg_get_fd(&imsg)) == -1)
				fatalx("%s: expected to receive imsg "
				    "TCP4 fd but didn't receive any", __func__);
			event_set(&tcp4ev.ev, tcp4sock, EV_READ | EV_PERSIST,
			    tcp_accept, &tcp4ev);
			event_add(&tcp4ev.ev, NULL);
			evtimer_set(&tcp4ev.pause, accept_paused, &tcp4ev);
			break;
		case IMSG_TCP6SOCK:
			if (tcp6sock != -1)
				fatalx("%s: received unexpected tcp6sock",
				    __func__);
			if ((tcp6sock = imsg_get_fd(&imsg)) == -1)
				fatalx("%s: expected to receive imsg "
				    "TCP6 fd but didn't receive any", __func__);
			event_set(&tcp6ev.ev, tcp6sock, EV_READ | EV_PERSIST,
			    tcp_accept, &tcp6ev);
			event_add(&tcp6ev.ev, NULL);
			evtimer_set(&tcp6ev.pause, accept_paused, &tcp6ev);
			break;
		case IMSG_ROUTESOCK: {
			static int	 routesock = -1;

			if (routesock != -1)
				fatalx("%s: received unexpected routesock",
				    __func__);
			if ((fd = imsg_get_fd(&imsg)) == -1)
				fatalx("%s: expected to receive imsg "
				    "routesocket fd but didn't receive any",
				    __func__);
			routesock = fd;
			event_set(&ev_route, fd, EV_READ | EV_PERSIST,
			    route_receive, NULL);
			break;
		}
		case IMSG_STARTUP:
			frontend_startup();
			break;
		case IMSG_CONTROLFD:
			if ((fd = imsg_get_fd(&imsg)) == -1)
				fatalx("%s: expected to receive imsg control "
				    "fd but didn't receive any", __func__);
			/* Listen on control socket. */
			control_listen(fd);
			break;
		case IMSG_TAFD:
			if ((ta_fd = imsg_get_fd(&imsg)) != -1)
				parse_trust_anchor(&trust_anchors, ta_fd);
			if (!TAILQ_EMPTY(&trust_anchors))
				send_trust_anchors(&trust_anchors);
			break;
		case IMSG_BLFD:
			if ((fd = imsg_get_fd(&imsg)) == -1)
				fatalx("%s: expected to receive imsg block "
				   "list fd but didn't receive any", __func__);
			parse_blocklist(fd);
			break;
		default:
			log_debug("%s: error handling imsg %d", __func__,
			    imsg.hdr.type);
			break;
		}
		imsg_free(&imsg);
	}
	if (!shut)
		imsg_event_add(iev);
	else {
		/* This pipe is dead. Remove its event handler. */
		event_del(&iev->ev);
		event_loopexit(NULL);
	}
}

void
frontend_dispatch_resolver(int fd, short event, void *bula)
{
	static struct dns64_prefix	*new_dns64_prefixes = NULL;
	static int			 new_dns64_prefix_count = 0;
	static int			 new_dns64_prefix_pos = 0;
	struct pending_query		*pq;
	struct imsgev			*iev = bula;
	struct imsgbuf			*ibuf = &iev->ibuf;
	struct imsg			 imsg;
	int				 n, shut = 0, chg;

	if (event & EV_READ) {
		if ((n = imsgbuf_read(ibuf)) == -1)
			fatal("imsgbuf_read error");
		if (n == 0)	/* Connection closed. */
			shut = 1;
	}
	if (event & EV_WRITE) {
		if (imsgbuf_write(ibuf) == -1) {
			if (errno == EPIPE)	/* Connection closed. */
				shut = 1;
			else
				fatal("imsgbuf_write");
		}
	}

	for (;;) {
		if ((n = imsg_get(ibuf, &imsg)) == -1)
			fatal("%s: imsg_get error", __func__);
		if (n == 0)	/* No more messages. */
			break;

		switch (imsg.hdr.type) {
		case IMSG_ANSWER: {
			struct answer_header	*answer_header;
			int			 data_len;
			uint8_t			*data;

			if (IMSG_DATA_SIZE(imsg) < sizeof(*answer_header))
				fatalx("%s: IMSG_ANSWER wrong length: "
				    "%lu", __func__, IMSG_DATA_SIZE(imsg));
			answer_header = (struct answer_header *)imsg.data;
			data = (uint8_t *)imsg.data + sizeof(*answer_header);
			if (answer_header->answer_len > UINT16_MAX)
				fatalx("%s: IMSG_ANSWER answer too big: %d",
				    __func__, answer_header->answer_len);
			data_len = IMSG_DATA_SIZE(imsg) -
			    sizeof(*answer_header);

			if ((pq = find_pending_query(answer_header->id)) ==
			    NULL) {
				log_warnx("%s: cannot find pending query %llu",
				    __func__, answer_header->id);
				break;
			}

			if (answer_header->srvfail) {
				error_answer(pq, LDNS_RCODE_SERVFAIL);
				send_answer(pq);
				break;
			}

			if (answer_header->bogus && !(pq->flags & BIT_CD)) {
				error_answer(pq, LDNS_RCODE_SERVFAIL);
				send_answer(pq);
				break;
			}

			if (sldns_buffer_position(pq->abuf) == 0 &&
			    !sldns_buffer_set_capacity(pq->abuf,
			    answer_header->answer_len)) {
				error_answer(pq, LDNS_RCODE_SERVFAIL);
				send_answer(pq);
				break;
			}

			if (sldns_buffer_position(pq->abuf) + data_len >
			    sldns_buffer_capacity(pq->abuf))
				fatalx("%s: IMSG_ANSWER answer too big: %d",
				    __func__, data_len);
			sldns_buffer_write(pq->abuf, data, data_len);

			if (sldns_buffer_position(pq->abuf) ==
			    sldns_buffer_capacity(pq->abuf)) {
				sldns_buffer_flip(pq->abuf);
				if (pq->dns64_synthesize) {
					synthesize_dns64_answer(pq);
					send_answer(pq);
				} else {
					noerror_answer(pq);
					if (pq->dns64_synthesize)
						/* we did not find a answer */
						resend_dns64_query(pq);
					else
						send_answer(pq);
				}
			}
			break;
		}
		case IMSG_CTL_RESOLVER_INFO:
		case IMSG_CTL_AUTOCONF_RESOLVER_INFO:
		case IMSG_CTL_MEM_INFO:
		case IMSG_CTL_END:
			control_imsg_relay(&imsg);
			break;
		case IMSG_NEW_TA:
			/* make sure this is a string */
			((char *)imsg.data)[IMSG_DATA_SIZE(imsg) - 1] = '\0';
			add_new_ta(&new_trust_anchors, imsg.data);
			break;
		case IMSG_NEW_TAS_ABORT:
			free_tas(&new_trust_anchors);
			break;
		case IMSG_NEW_TAS_DONE:
			chg = merge_tas(&new_trust_anchors, &trust_anchors);
			if (chg)
				send_trust_anchors(&trust_anchors);

			/*
			 * always write trust anchors, the modify date on
			 * the file is an indication when we made progress
			 */
			if (ta_fd != -1)
				write_trust_anchors(&trust_anchors, ta_fd);
			break;
		case IMSG_NEW_DNS64_PREFIXES_START:
			if (IMSG_DATA_SIZE(imsg) !=
			    sizeof(new_dns64_prefix_count))
				fatalx("%s: IMSG_NEW_DNS64_PREFIXES_START "
				    "wrong length: %lu", __func__,
				    IMSG_DATA_SIZE(imsg));
			memcpy(&new_dns64_prefix_count, imsg.data,
			    sizeof(new_dns64_prefix_count));
			free(new_dns64_prefixes);
			new_dns64_prefixes = NULL;
			if (new_dns64_prefix_count > 0)
				new_dns64_prefixes =
				    calloc(new_dns64_prefix_count,
				    sizeof(struct dns64_prefix));
			new_dns64_prefix_pos = 0;
			break;
		case IMSG_NEW_DNS64_PREFIX: {
			if (IMSG_DATA_SIZE(imsg) != sizeof(struct dns64_prefix))
				fatalx("%s: IMSG_NEW_DNS64_PREFIX wrong "
				    "length: %lu", __func__,
				    IMSG_DATA_SIZE(imsg));
			if (new_dns64_prefixes == NULL)
				break;
			if (new_dns64_prefix_pos >= new_dns64_prefix_count)
				fatalx("%s: IMSG_NEW_DNS64_PREFIX: too many "
				    "prefixes", __func__);
			memcpy(&new_dns64_prefixes[new_dns64_prefix_pos++],
			    imsg.data, sizeof(struct dns64_prefix));
			break;
		}
		case IMSG_NEW_DNS64_PREFIXES_DONE:
			free(dns64_prefixes);
			dns64_prefixes = new_dns64_prefixes;
			dns64_prefix_count = new_dns64_prefix_count;
			new_dns64_prefixes = NULL;
			break;
		default:
			log_debug("%s: error handling imsg %d", __func__,
			    imsg.hdr.type);
			break;
		}
		imsg_free(&imsg);
	}
	if (!shut)
		imsg_event_add(iev);
	else {
		/* This pipe is dead. Remove its event handler. */
		event_del(&iev->ev);
		event_loopexit(NULL);
	}
}

void
frontend_startup(void)
{
	if (!event_initialized(&ev_route))
		fatalx("%s: did not receive a route socket from the main "
		    "process", __func__);

	event_add(&ev_route, NULL);

	frontend_imsg_compose_main(IMSG_STARTUP_DONE, 0, NULL, 0);
	check_available_af();
}

void
free_pending_query(struct pending_query *pq)
{
	if (!pq)
		return;

	TAILQ_REMOVE(&pending_queries, pq, entry);
	regional_destroy(pq->region);
	sldns_buffer_free(pq->qbuf);
	sldns_buffer_free(pq->abuf);
	if (pq->tcp) {
		if (event_initialized(&pq->ev))
			event_del(&pq->ev);
		if (event_initialized(&pq->resp_ev))
			event_del(&pq->resp_ev);
		if (event_initialized(&pq->tmo_ev))
			event_del(&pq->tmo_ev);
		if (pq->fd != -1)
			close(pq->fd);
	}
	free(pq);
}

void
udp_receive(int fd, short events, void *arg)
{
	struct udp_ev		*udpev = (struct udp_ev *)arg;
	struct pending_query	*pq = NULL;
	ssize_t			 len;

	if ((len = recvmsg(fd, &udpev->rcvmhdr, 0)) == -1) {
		log_warn("recvmsg");
		return;
	}

	if ((pq = calloc(1, sizeof(*pq))) == NULL) {
		log_warn(NULL);
		return;
	}

	do {
		arc4random_buf(&pq->imsg_id, sizeof(pq->imsg_id));
	} while(find_pending_query(pq->imsg_id) != NULL);

	TAILQ_INSERT_TAIL(&pending_queries, pq, entry);

	pq->from = udpev->from;
	pq->fd = fd;
	pq->qbuf = sldns_buffer_new(len);
	pq->abuf = sldns_buffer_new(len); /* make sure we can send errors */
	pq->region = regional_create();

	if (!pq->qbuf || !pq->abuf || !pq->region) {
		log_warnx("out of memory");
		free_pending_query(pq);
		return;
	}

	sldns_buffer_write(pq->qbuf, udpev->query, len);
	sldns_buffer_flip(pq->qbuf);
	handle_query(pq);
}

void
handle_query(struct pending_query *pq)
{
	struct query_imsg	 query_imsg;
	struct bl_node		 find;
	int			 rcode, matched;
	char			*str;
	char			 dname[LDNS_MAX_DOMAINLEN + 1];
	char			 qclass_buf[16];
	char			 qtype_buf[16];

	if (log_getverbose() & OPT_VERBOSE2 && (str =
	    sldns_wire2str_pkt(sldns_buffer_begin(pq->qbuf),
	    sldns_buffer_limit(pq->qbuf))) != NULL) {
		log_debug("from: %s\n%s", ip_port((struct sockaddr *)
		    &pq->from), str);
		free(str);
	}

	if (sldns_buffer_remaining(pq->qbuf) < LDNS_HEADER_SIZE) {
		log_warnx("bad query: too short, dropped");
		goto drop;
	}

	pq->id = sldns_buffer_read_u16_at(pq->qbuf, 0);
	pq->flags = sldns_buffer_read_u16_at(pq->qbuf, 2);

	if (!query_info_parse(&pq->qinfo, pq->qbuf)) {
		log_warnx("query_info_parse failed");
		goto drop;
	}

	rcode = check_query(pq->qbuf);
	switch (rcode) {
	case LDNS_RCODE_NOERROR:
		break;
	case -1:
		goto drop;
	default:
		error_answer(pq, rcode);
		goto send_answer;
	}

	rcode = parse_edns_from_query_pkt(pq->qbuf, &pq->edns, NULL, NULL,
	    NULL, 0, pq->region, NULL);
	if (rcode != LDNS_RCODE_NOERROR) {
		error_answer(pq, rcode);
		goto send_answer;
	}

	if (!dname_valid(pq->qinfo.qname, pq->qinfo.qname_len)) {
		error_answer(pq, LDNS_RCODE_FORMERR);
		goto send_answer;
	}
	dname_str(pq->qinfo.qname, dname);

	sldns_wire2str_class_buf(pq->qinfo.qclass, qclass_buf,
	    sizeof(qclass_buf));
	sldns_wire2str_type_buf(pq->qinfo.qtype, qtype_buf, sizeof(qtype_buf));
	log_debug("%s: %s %s %s ?", ip_port((struct sockaddr *)&pq->from),
	    dname, qclass_buf, qtype_buf);

	if (!RB_EMPTY(&bl_head)) {
		find.len = strlen(dname);
		find.wildcard = 0;
		reverse(dname, dname + find.len);
		find.domain = dname;
		matched = (RB_FIND(bl_tree, &bl_head, &find) != NULL);
		reverse(dname, dname + find.len);
		if (matched) {
			if (frontend_conf->blocklist_log)
				log_info("blocking %s", dname);
			error_answer(pq, LDNS_RCODE_REFUSED);
			goto send_answer;
		}
	}

	if (pq->qinfo.qtype == LDNS_RR_TYPE_AXFR || pq->qinfo.qtype ==
	    LDNS_RR_TYPE_IXFR) {
		error_answer(pq, LDNS_RCODE_REFUSED);
		goto send_answer;
	}

	if(pq->qinfo.qtype == LDNS_RR_TYPE_OPT ||
	    pq->qinfo.qtype == LDNS_RR_TYPE_TSIG ||
	    pq->qinfo.qtype == LDNS_RR_TYPE_TKEY ||
	    pq->qinfo.qtype == LDNS_RR_TYPE_MAILA ||
	    pq->qinfo.qtype == LDNS_RR_TYPE_MAILB ||
	    (pq->qinfo.qtype >= 128 && pq->qinfo.qtype <= 248)) {
		error_answer(pq, LDNS_RCODE_FORMERR);
		goto send_answer;
	}

	if (pq->qinfo.qclass == LDNS_RR_CLASS_CH) {
		if (strcasecmp(dname, "version.server.") == 0 ||
		    strcasecmp(dname, "version.bind.") == 0) {
			chaos_answer(pq);
		} else
			error_answer(pq, LDNS_RCODE_REFUSED);
		goto send_answer;
	}

	if (strlcpy(query_imsg.qname, dname, sizeof(query_imsg.qname)) >=
	    sizeof(query_imsg.qname)) {
		log_warnx("qname too long");
		error_answer(pq, LDNS_RCODE_FORMERR);
		goto send_answer;
	}
	query_imsg.id = pq->imsg_id;
	query_imsg.t = pq->qinfo.qtype;
	query_imsg.c = pq->qinfo.qclass;

	if (frontend_imsg_compose_resolver(IMSG_QUERY, 0, &query_imsg,
	    sizeof(query_imsg)) == -1) {
		error_answer(pq, LDNS_RCODE_SERVFAIL);
		goto send_answer;
	}
	return;

 send_answer:
	send_answer(pq);
	return;

 drop:
	free_pending_query(pq);
}

void
noerror_answer(struct pending_query *pq)
{
	struct query_info		 skip, qinfo;
	struct reply_info		*rinfo = NULL;
	struct alloc_cache		 alloc;
	struct edns_data		 edns;
	struct ub_packed_rrset_key	*an_rrset = NULL;
	struct packed_rrset_data	*an_rrset_data = NULL;

	alloc_init(&alloc, NULL, 0);
	memset(&qinfo, 0, sizeof(qinfo));
	/* read past query section, no memory is allocated */
	if (!query_info_parse(&skip, pq->abuf))
		goto srvfail;

	if (reply_info_parse(pq->abuf, &alloc, &qinfo, &rinfo, pq->region,
	    &edns) != 0)
		goto srvfail;

	if ((an_rrset = reply_find_answer_rrset(&qinfo, rinfo)) != NULL)
		an_rrset_data = (struct packed_rrset_data*)an_rrset->entry.data;

	/* reply_info_parse() allocates memory */
	query_info_clear(&qinfo);

	/* XXX check that there a no AAAA records in answer section? */
	if ((an_rrset_data == NULL || an_rrset_data->count == 0) &&
	    !pq->dns64_synthesize && pq->qinfo.qtype == LDNS_RR_TYPE_AAAA &&
	    pq->qinfo.qclass == LDNS_RR_CLASS_IN && dns64_prefix_count > 0) {
		pq->dns64_synthesize = 1;
		return;
	}

	sldns_buffer_clear(pq->abuf);
	if (reply_info_encode(&pq->qinfo, rinfo, htons(pq->id), rinfo->flags,
	    pq->abuf, 0, pq->region, pq->tcp ? UINT16_MAX : pq->edns.udp_size,
	    pq->edns.bits & EDNS_DO, MINIMIZE_ANSWER) == 0)
		goto srvfail;

	reply_info_parsedelete(rinfo, &alloc);
	alloc_clear(&alloc);
	return;

 srvfail:
	reply_info_parsedelete(rinfo, &alloc);
	alloc_clear(&alloc);
	error_answer(pq, LDNS_RCODE_SERVFAIL);
}

void
synthesize_dns64_answer(struct pending_query *pq)
{
	struct query_info		 skip, qinfo;
	struct reply_info		*rinfo = NULL, *synth_rinfo = NULL;
	struct alloc_cache		 alloc;
	struct edns_data		 edns;
	size_t				 i;

	pq->dns64_synthesize = 0;

	alloc_init(&alloc, NULL, 0);
	memset(&qinfo, 0, sizeof(qinfo));
	/* read past query section, no memory is allocated */
	if (!query_info_parse(&skip, pq->abuf))
		goto srvfail;

	if (reply_info_parse(pq->abuf, &alloc, &qinfo, &rinfo, pq->region,
	    &edns) != 0)
		goto srvfail;

	/* reply_info_parse() allocates memory */
	query_info_clear(&qinfo);

	synth_rinfo = construct_reply_info_base(pq->region, rinfo->flags,
	    rinfo->qdcount, rinfo->ttl, rinfo->prefetch_ttl,
	    rinfo->serve_expired_ttl, rinfo->an_numrrsets,
	    rinfo->ns_numrrsets, rinfo->ar_numrrsets, rinfo->rrset_count,
	    rinfo->security, rinfo->reason_bogus);

	if (!synth_rinfo)
		goto srvfail;

	if(!reply_info_alloc_rrset_keys(synth_rinfo, NULL, pq->region))
		goto srvfail;

	for (i = 0; i < synth_rinfo->rrset_count; i++) {
		struct ub_packed_rrset_key	*src_rrset_key, *dst_rrset_key;
		struct packed_rrset_data	*src_rrset_data;
		struct packed_rrset_data	*dst_rrset_data;

		src_rrset_key = rinfo->rrsets[i];
		src_rrset_data =
		    (struct packed_rrset_data *)src_rrset_key->entry.data;
		dst_rrset_key = synth_rinfo->rrsets[i];

		dst_rrset_key->id = src_rrset_key->id;
		dst_rrset_key->rk = src_rrset_key->rk;

		if (i < rinfo->an_numrrsets && src_rrset_key->rk.type ==
		    htons(LDNS_RR_TYPE_A)) {
			dns64_synth_aaaa_data(src_rrset_key, src_rrset_data,
			    dst_rrset_key, &dst_rrset_data, pq->region);
			if (dst_rrset_data == NULL)
				goto srvfail;
		} else {
			dst_rrset_key->entry.hash = src_rrset_key->entry.hash;
			dst_rrset_key->rk.dname = regional_alloc_init(
			    pq->region, src_rrset_key->rk.dname,
			    src_rrset_key->rk.dname_len);
			if (dst_rrset_key->rk.dname == NULL)
				goto srvfail;

			dst_rrset_data = regional_alloc_init(pq->region,
			    src_rrset_data,
			    packed_rrset_sizeof(src_rrset_data));
			if (dst_rrset_data == NULL)
				goto srvfail;
		}

		packed_rrset_ptr_fixup(dst_rrset_data);
		dst_rrset_key->entry.data = dst_rrset_data;
	}

	if (!sldns_buffer_set_capacity(pq->abuf, pq->tcp ? UINT16_MAX :
	    pq->edns.udp_size))
		goto srvfail;

	sldns_buffer_clear(pq->abuf);

	if (reply_info_encode(&pq->qinfo, synth_rinfo, htons(pq->id),
	    synth_rinfo->flags, pq->abuf, 0, pq->region,
	    pq->tcp ? UINT16_MAX : pq->edns.udp_size,
	    pq->edns.bits & EDNS_DO, MINIMIZE_ANSWER) == 0)
		goto srvfail;

	reply_info_parsedelete(rinfo, &alloc);
	alloc_clear(&alloc);
	return;

 srvfail:
	reply_info_parsedelete(rinfo, &alloc);
	alloc_clear(&alloc);
	error_answer(pq, LDNS_RCODE_SERVFAIL);
}

void
resend_dns64_query(struct pending_query *opq)
{
	struct pending_query	*pq;
	struct query_imsg	 query_imsg;
	int			 rcode;
	char			 dname[LDNS_MAX_DOMAINLEN + 1];

	if ((pq = calloc(1, sizeof(*pq))) == NULL) {
		log_warn(NULL);
		return;
	}

	do {
		arc4random_buf(&pq->imsg_id, sizeof(pq->imsg_id));
	} while(find_pending_query(pq->imsg_id) != NULL);

	TAILQ_INSERT_TAIL(&pending_queries, pq, entry);

	pq->from = opq->from;
	pq->fd = opq->fd;
	opq->fd = -1;
	pq->tcp = opq->tcp;
	pq->qbuf = sldns_buffer_new(sldns_buffer_capacity(opq->qbuf));
	pq->abuf = sldns_buffer_new(sldns_buffer_capacity(opq->abuf));
	pq->region = regional_create();

	if (!pq->qbuf || !pq->abuf || !pq->region) {
		log_warnx("out of memory");
		free_pending_query(pq);
		free_pending_query(opq);
		return;
	}

	sldns_buffer_rewind(opq->qbuf);
	sldns_buffer_write(pq->qbuf, sldns_buffer_current(opq->qbuf),
	    sldns_buffer_remaining(opq->qbuf));
	sldns_buffer_flip(pq->qbuf);

	if (pq->tcp) {
		struct timeval	 timeout = {TCP_TIMEOUT, 0};

		event_set(&pq->ev, pq->fd, EV_READ | EV_PERSIST, tcp_request,
		    pq);
		event_set(&pq->resp_ev, pq->fd, EV_WRITE | EV_PERSIST,
		    tcp_response, pq);
		evtimer_set(&pq->tmo_ev, tcp_timeout, pq);
		evtimer_add(&pq->tmo_ev, &timeout);
	}

	if (sldns_buffer_remaining(pq->qbuf) < LDNS_HEADER_SIZE) {
		log_warnx("bad query: too short, dropped");
		goto drop;
	}

	pq->id = sldns_buffer_read_u16_at(pq->qbuf, 0);
	pq->flags = sldns_buffer_read_u16_at(pq->qbuf, 2);

	if (!query_info_parse(&pq->qinfo, pq->qbuf)) {
		log_warnx("query_info_parse failed");
		goto drop;
	}

	rcode = parse_edns_from_query_pkt(pq->qbuf, &pq->edns, NULL, NULL,
	    NULL, 0, pq->region, NULL);
	if (rcode != LDNS_RCODE_NOERROR) {
		error_answer(pq, rcode);
		goto send_answer;
	}

	dname_str(pq->qinfo.qname, dname);
	strlcpy(query_imsg.qname, dname, sizeof(query_imsg.qname));
	query_imsg.id = pq->imsg_id;
	query_imsg.t = LDNS_RR_TYPE_A;
	query_imsg.c = pq->qinfo.qclass;

	pq->dns64_synthesize = 1;

	if (frontend_imsg_compose_resolver(IMSG_QUERY, 0, &query_imsg,
	    sizeof(query_imsg)) == -1) {
		error_answer(pq, LDNS_RCODE_SERVFAIL);
		goto send_answer;
	}

	free_pending_query(opq);
	return;

 send_answer:
	free_pending_query(opq);
	send_answer(pq);
	return;

 drop:
	free_pending_query(opq);
	free_pending_query(pq);
}

void
chaos_answer(struct pending_query *pq)
{
	size_t		 len;
	const char	*name = "unwind";

	len = strlen(name);
	if (!sldns_buffer_set_capacity(pq->abuf,
	    sldns_buffer_capacity(pq->qbuf) + COMPRESSED_RR_SIZE + 1 + len)) {
		error_answer(pq, LDNS_RCODE_SERVFAIL);
		return;
	}

	sldns_buffer_copy(pq->abuf, pq->qbuf);

	sldns_buffer_clear(pq->abuf);

	sldns_buffer_skip(pq->abuf, sizeof(uint16_t));	/* skip id */
	sldns_buffer_write_u16(pq->abuf, 0);		/* clear flags */
	LDNS_QR_SET(sldns_buffer_begin(pq->abuf));
	LDNS_RA_SET(sldns_buffer_begin(pq->abuf));
	if (LDNS_RD_WIRE(sldns_buffer_begin(pq->qbuf)))
		LDNS_RD_SET(sldns_buffer_begin(pq->abuf));
	if (LDNS_CD_WIRE(sldns_buffer_begin(pq->qbuf)))
		LDNS_CD_SET(sldns_buffer_begin(pq->abuf));
	LDNS_RCODE_SET(sldns_buffer_begin(pq->abuf), LDNS_RCODE_NOERROR);
	sldns_buffer_write_u16(pq->abuf, 1);		/* qdcount */
	sldns_buffer_write_u16(pq->abuf, 1);		/* ancount */
	sldns_buffer_write_u16(pq->abuf, 0);		/* nscount */
	sldns_buffer_write_u16(pq->abuf, 0);		/* arcount */
	(void)query_dname_len(pq->abuf);		/* skip qname */
	sldns_buffer_skip(pq->abuf, sizeof(uint16_t));	/* skip qtype */
	sldns_buffer_skip(pq->abuf, sizeof(uint16_t));	/* skip qclass */

	sldns_buffer_write_u16(pq->abuf, 0xc00c);	/* ptr to query */
	sldns_buffer_write_u16(pq->abuf, LDNS_RR_TYPE_TXT);
	sldns_buffer_write_u16(pq->abuf, LDNS_RR_CLASS_CH);
	sldns_buffer_write_u32(pq->abuf, 0);		/* TTL */
	sldns_buffer_write_u16(pq->abuf, 1 + len);	/* RDLENGTH */
	sldns_buffer_write_u8(pq->abuf, len);		/* length octed */
	sldns_buffer_write(pq->abuf, name, len);
	sldns_buffer_flip(pq->abuf);
}

void
error_answer(struct pending_query *pq, int rcode)
{
	sldns_buffer_clear(pq->abuf);
	error_encode(pq->abuf, rcode, &pq->qinfo, htons(pq->id), pq->flags,
	    pq->edns.edns_present ? &pq->edns : NULL);
}

int
check_query(sldns_buffer* pkt)
{
	if(sldns_buffer_limit(pkt) < LDNS_HEADER_SIZE) {
		log_warnx("bad query: too short, dropped");
		return -1;
	}
	if(LDNS_QR_WIRE(sldns_buffer_begin(pkt))) {
		log_warnx("bad query: QR set, dropped");
		return -1;
	}
	if(LDNS_TC_WIRE(sldns_buffer_begin(pkt))) {
		LDNS_TC_CLR(sldns_buffer_begin(pkt));
		log_warnx("bad query: TC set");
		return (LDNS_RCODE_FORMERR);
	}
	if(!(LDNS_RD_WIRE(sldns_buffer_begin(pkt)))) {
		log_warnx("bad query: RD not set");
		return (LDNS_RCODE_REFUSED);
	}
	if(LDNS_OPCODE_WIRE(sldns_buffer_begin(pkt)) != LDNS_PACKET_QUERY) {
		log_warnx("bad query: unknown opcode %d",
		    LDNS_OPCODE_WIRE(sldns_buffer_begin(pkt)));
		return (LDNS_RCODE_NOTIMPL);
	}

	if (LDNS_QDCOUNT(sldns_buffer_begin(pkt)) != 1 &&
	    LDNS_ANCOUNT(sldns_buffer_begin(pkt))!= 0 &&
	    LDNS_NSCOUNT(sldns_buffer_begin(pkt))!= 0 &&
	    LDNS_ARCOUNT(sldns_buffer_begin(pkt)) > 1) {
		log_warnx("bad query: qdcount: %d, ancount: %d "
		    "nscount: %d, arcount: %d",
		    LDNS_QDCOUNT(sldns_buffer_begin(pkt)),
		    LDNS_ANCOUNT(sldns_buffer_begin(pkt)),
		    LDNS_NSCOUNT(sldns_buffer_begin(pkt)),
		    LDNS_ARCOUNT(sldns_buffer_begin(pkt)));
		return (LDNS_RCODE_FORMERR);
	}
	return (LDNS_RCODE_NOERROR);
}

void
send_answer(struct pending_query *pq)
{
	char	*str;

	if (log_getverbose() & OPT_VERBOSE2 && (str =
	    sldns_wire2str_pkt(sldns_buffer_begin(pq->abuf),
	    sldns_buffer_limit(pq->abuf))) != NULL) {
		log_debug("from: %s\n%s", ip_port((struct sockaddr *)
		    &pq->from), str);
		free(str);
	}

	if (!pq->tcp) {
		if(sendto(pq->fd, sldns_buffer_current(pq->abuf),
		    sldns_buffer_remaining(pq->abuf), 0,
		    (struct sockaddr *)&pq->from, pq->from.ss_len) == -1)
			log_warn("sendto");
		free_pending_query(pq);
	} else {
		struct sldns_buffer	*tmp;

		tmp = sldns_buffer_new(sldns_buffer_limit(pq->abuf) + 2);

		if (!tmp) {
			free_pending_query(pq);
			return;
		}

		sldns_buffer_write_u16(tmp, sldns_buffer_limit(pq->abuf));
		sldns_buffer_write(tmp, sldns_buffer_current(pq->abuf),
		    sldns_buffer_remaining(pq->abuf));
		sldns_buffer_flip(tmp);
		sldns_buffer_free(pq->abuf);
		pq->abuf = tmp;
		event_add(&pq->resp_ev, NULL);
	}
}

char*
ip_port(struct sockaddr *sa)
{
	static char	 hbuf[NI_MAXHOST], buf[NI_MAXHOST];

	if (getnameinfo(sa, sa->sa_len, hbuf, sizeof(hbuf), NULL, 0,
	    NI_NUMERICHOST) != 0) {
		snprintf(buf, sizeof(buf), "%s", "(unknown)");
		return buf;
	}

	if (sa->sa_family == AF_INET6)
		snprintf(buf, sizeof(buf), "[%s]:%d", hbuf, ntohs(
		    ((struct sockaddr_in6 *)sa)->sin6_port));
	if (sa->sa_family == AF_INET)
		snprintf(buf, sizeof(buf), "[%s]:%d", hbuf, ntohs(
		    ((struct sockaddr_in *)sa)->sin_port));

	return buf;
}

struct pending_query*
find_pending_query(uint64_t id)
{
	struct pending_query	*pq;

	TAILQ_FOREACH(pq, &pending_queries, entry)
		if (pq->imsg_id == id)
			return pq;
	return NULL;
}

void
route_receive(int fd, short events, void *arg)
{
	static uint8_t		*buf;

	struct rt_msghdr	*rtm;
	struct sockaddr		*sa, *rti_info[RTAX_MAX];
	ssize_t			 n;

	if (buf == NULL) {
		buf = malloc(ROUTE_SOCKET_BUF_SIZE);
		if (buf == NULL)
			fatal("malloc");
	}
	rtm = (struct rt_msghdr *)buf;
	if ((n = read(fd, buf, ROUTE_SOCKET_BUF_SIZE)) == -1) {
		if (errno == EAGAIN || errno == EINTR)
			return;
		log_warn("dispatch_rtmsg: read error");
		return;
	}

	if (n == 0)
		fatal("routing socket closed");

	if (n < (ssize_t)sizeof(rtm->rtm_msglen) || n < rtm->rtm_msglen) {
		log_warnx("partial rtm of %zd in buffer", n);
		return;
	}

	if (rtm->rtm_version != RTM_VERSION)
		return;

	sa = (struct sockaddr *)(buf + rtm->rtm_hdrlen);
	get_rtaddrs(rtm->rtm_addrs, sa, rti_info);

	handle_route_message(rtm, rti_info);
}

#define ROUNDUP(a) \
	((a) > 0 ? (1 + (((a) - 1) | (sizeof(long) - 1))) : sizeof(long))

void
get_rtaddrs(int addrs, struct sockaddr *sa, struct sockaddr **rti_info)
{
	int	i;

	for (i = 0; i < RTAX_MAX; i++) {
		if (addrs & (1 << i)) {
			rti_info[i] = sa;
			sa = (struct sockaddr *)((char *)(sa) +
			    ROUNDUP(sa->sa_len));
		} else
			rti_info[i] = NULL;
	}
}

void
handle_route_message(struct rt_msghdr *rtm, struct sockaddr **rti_info)
{
	struct imsg_rdns_proposal	 rdns_proposal;
	struct sockaddr_rtdns		*rtdns;
	struct if_announcemsghdr	*ifan;

	switch (rtm->rtm_type) {
	case RTM_IFANNOUNCE:
		ifan = (struct if_announcemsghdr *)rtm;
		if (ifan->ifan_what == IFAN_ARRIVAL)
			break;
		rdns_proposal.if_index = ifan->ifan_index;
		rdns_proposal.src = 0;
		rdns_proposal.rtdns.sr_family = AF_INET;
		rdns_proposal.rtdns.sr_len = offsetof(struct sockaddr_rtdns,
		    sr_dns);
		frontend_imsg_compose_resolver(IMSG_REPLACE_DNS, 0,
		    &rdns_proposal, sizeof(rdns_proposal));
		break;
	case RTM_IFINFO:
		frontend_imsg_compose_resolver(IMSG_NETWORK_CHANGED, 0, NULL,
		    0);
		break;
	case RTM_PROPOSAL:
		if (!(rtm->rtm_addrs & RTA_DNS))
			break;

		rtdns = (struct sockaddr_rtdns*)rti_info[RTAX_DNS];
		rdns_proposal.if_index = rtm->rtm_index;
		rdns_proposal.src = rtm->rtm_priority;
		memcpy(&rdns_proposal.rtdns, rtdns, sizeof(rdns_proposal.rtdns));
		frontend_imsg_compose_resolver(IMSG_REPLACE_DNS, 0,
		    &rdns_proposal, sizeof(rdns_proposal));
		break;
	case RTM_NEWADDR:
	case RTM_DELADDR:
	case RTM_DESYNC:
		check_available_af();
		break;
	default:
		break;
	}
}

void
add_new_ta(struct trust_anchor_head *tah, char *val)
{
	struct trust_anchor	*ta, *i;
	int			 cmp;

	if ((ta = malloc(sizeof(*ta))) == NULL)
		fatal("%s", __func__);
	if ((ta->ta = strdup(val)) == NULL)
		fatal("%s", __func__);

	/* keep the list sorted to prevent churn if the order changes in DNS */
	TAILQ_FOREACH(i, tah, entry) {
		cmp = strcmp(i->ta, ta->ta);
		if ( cmp == 0) {
			/* duplicate */
			free(ta->ta);
			free(ta);
			return;
		} else if (cmp > 0) {
			TAILQ_INSERT_BEFORE(i, ta, entry);
			return;
		}
	}
	TAILQ_INSERT_TAIL(tah, ta, entry);
}

void
free_tas(struct trust_anchor_head *tah)
{
	struct trust_anchor	*ta;

	while ((ta = TAILQ_FIRST(tah))) {
		TAILQ_REMOVE(tah, ta, entry);
		free(ta->ta);
		free(ta);
	}
}

int
merge_tas(struct trust_anchor_head *newh, struct trust_anchor_head *oldh)
{
	struct trust_anchor	*i, *j;
	int			 chg = 0;

	j = TAILQ_FIRST(oldh);

	TAILQ_FOREACH(i, newh, entry) {
		if (j == NULL || strcmp(i->ta, j->ta) != 0) {
			chg = 1;
			break;
		}
		j = TAILQ_NEXT(j, entry);
	}
	if (j != NULL)
		chg = 1;

	if (chg) {
		free_tas(oldh);
		TAILQ_CONCAT(oldh, newh, entry);
	} else {
		free_tas(newh);
	}
	return (chg);
}

void
parse_trust_anchor(struct trust_anchor_head *tah, int fd)
{
	size_t	 len, dname_len;
	ssize_t	 n, sz;
	uint8_t	 rr[LDNS_RR_BUF_SIZE];
	char	*str, *p, buf[512], *line;

	sz = 0;
	str = NULL;

	while ((n = read(fd, buf, sizeof(buf))) > 0) {
		p = recallocarray(str, sz, sz + n, 1);
		if (p == NULL) {
			log_warn("%s", __func__);
			goto out;
		}
		str = p;
		memcpy(str + sz, buf, n);
		sz += n;
	}

	if (n == -1) {
		log_warn("%s", __func__);
		goto out;
	}

	/* make it a string */
	p = recallocarray(str, sz, sz + 1, 1);
	if (p == NULL) {
		log_warn("%s", __func__);
		goto out;
	}
	str = p;
	sz++;

	len = sizeof(rr);

	while ((line = strsep(&p, "\n")) != NULL) {
		if (sldns_str2wire_rr_buf(line, rr, &len, &dname_len,
		    ROOT_DNSKEY_TTL, NULL, 0, NULL, 0) != 0)
			continue;
		if (sldns_wirerr_get_type(rr, len, dname_len) ==
		    LDNS_RR_TYPE_DNSKEY)
			add_new_ta(tah, line);
	}

out:
	free(str);
	return;
}

void
send_trust_anchors(struct trust_anchor_head *tah)
{
	struct trust_anchor	*ta;

	TAILQ_FOREACH(ta, tah, entry)
		frontend_imsg_compose_resolver(IMSG_NEW_TA, 0, ta->ta,
		    strlen(ta->ta) + 1);
	frontend_imsg_compose_resolver(IMSG_NEW_TAS_DONE, 0, NULL, 0);
}

void
write_trust_anchors(struct trust_anchor_head *tah, int fd)
{
	struct trust_anchor	*ta;
	size_t			 len = 0;
	ssize_t			 n;
	char			*str;

	if (lseek(fd, 0, SEEK_SET) == -1) {
		log_warn("%s", __func__);
		goto out;
	}

	TAILQ_FOREACH(ta, tah, entry) {
		if ((n = asprintf(&str, "%s\n", ta->ta)) == -1) {
			log_warn("%s", __func__);
			len = 0;
			goto out;
		}
		len += n;
		if (write(fd, str, n) != n) {
			log_warn("%s", __func__);
			free(str);
			len = 0;
			goto out;
		}
		free(str);
	}
out:
	ftruncate(fd, len);
	fsync(fd);
}

void
parse_blocklist(int fd)
{
	FILE		 *f;
	struct bl_node	*bl_node;
	char		 *line = NULL;
	size_t		  linesize = 0;
	ssize_t		  linelen;

	if((f = fdopen(fd, "r")) == NULL) {
		log_warn("cannot read block list");
		close(fd);
		return;
	}

	free_bl();

	while ((linelen = getline(&line, &linesize, f)) != -1) {
		if (line[linelen - 1] == '\n') {
			if (linelen >= 2 && line[linelen - 2] != '.')
				line[linelen - 1] = '.';
			else
				line[linelen-- - 1] = '\0';
		}

		if (line[0] == '#')
		    continue;

		bl_node = malloc(sizeof *bl_node);
		if (bl_node == NULL)
			fatal("%s: malloc", __func__);
		if ((bl_node->domain = strdup(line)) == NULL)
			fatal("%s: strdup", __func__);
		reverse(bl_node->domain, bl_node->domain + linelen);
		bl_node->len = linelen;
		bl_node->wildcard = line[0] == '.';
		if (RB_INSERT(bl_tree, &bl_head, bl_node) != NULL) {
			log_warnx("duplicate blocked domain \"%s\"", line);
			free(bl_node->domain);
			free(bl_node);
		}
	}
	free(line);
	if (ferror(f))
		log_warn("getline");
	fclose(f);
}

int
bl_cmp(struct bl_node *e1, struct bl_node *e2) {
	if (e1->wildcard == e2->wildcard)
		return (strcasecmp(e1->domain, e2->domain));
	else if (e1->wildcard)
		return (strncasecmp(e1->domain, e2->domain, e1->len));
	else /* e2->wildcard */
		return (strncasecmp(e1->domain, e2->domain, e2->len));
}

void
free_bl(void)
{
	struct bl_node	*n, *nxt;

	RB_FOREACH_SAFE(n, bl_tree, &bl_head, nxt) {
		RB_REMOVE(bl_tree, &bl_head, n);
		free(n->domain);
		free(n);
	}
}

int
pending_query_cnt(void)
{
	struct pending_query	*e;
	int			 cnt = 0;

	TAILQ_FOREACH(e, &pending_queries, entry)
		cnt++;
	return cnt;
}

void
accept_paused(int fd, short events, void *arg)
{
	struct tcp_accept_ev	*tcpev = arg;
	event_add(&tcpev->ev, NULL);
}

int
accept_reserve(int sockfd, struct sockaddr *addr, socklen_t *addrlen)
{
	if (getdtablecount() + FD_RESERVE >= getdtablesize()) {
		log_debug("%s: inflight fds exceeded", __func__);
		errno = EMFILE;
		return -1;
	}
	return accept4(sockfd, addr, addrlen, SOCK_NONBLOCK | SOCK_CLOEXEC);
}

void
tcp_accept(int fd, short events, void *arg)
{
	static struct timeval	 timeout = {TCP_TIMEOUT, 0};
	static struct timeval	 backoff = {1, 0};
	struct pending_query	*pq;
	struct tcp_accept_ev	*tcpev;
	struct sockaddr_storage	 ss;
	socklen_t		 len;
	int			 s;

	tcpev = arg;
	len = sizeof(ss);

	if ((s = accept_reserve(fd, (struct sockaddr *)&ss, &len)) == -1) {
		switch (errno) {
		case EINTR:
		case EWOULDBLOCK:
		case ECONNABORTED:
			return;
		case EMFILE:
		case ENFILE:
			event_del(&tcpev->ev);
			evtimer_add(&tcpev->pause, &backoff);
			return;
		default:
			fatal("accept");
		}
	}

	if ((pq = calloc(1, sizeof(*pq))) == NULL) {
		log_warn(NULL);
		close(s);
		return;
	}

	do {
		arc4random_buf(&pq->imsg_id, sizeof(pq->imsg_id));
	} while(find_pending_query(pq->imsg_id) != NULL);

	TAILQ_INSERT_TAIL(&pending_queries, pq, entry);

	pq->from = ss;
	pq->fd = s;
	pq->tcp = 1;
	pq->qbuf = sldns_buffer_new(DEFAULT_TCP_SIZE);
	pq->region = regional_create();

	if (!pq->qbuf || !pq->region) {
		free_pending_query(pq);
		return;
	}

	event_set(&pq->ev, s, EV_READ | EV_PERSIST, tcp_request, pq);
	event_add(&pq->ev, NULL);
	event_set(&pq->resp_ev, s, EV_WRITE | EV_PERSIST, tcp_response, pq);

	evtimer_set(&pq->tmo_ev, tcp_timeout, pq);
	evtimer_add(&pq->tmo_ev, &timeout);
}

void
tcp_request(int fd, short events, void *arg)
{
	struct pending_query	*pq;
	ssize_t			 n;

	pq = arg;

	n = read(fd, sldns_buffer_current(pq->qbuf),
	    sldns_buffer_remaining(pq->qbuf));

	switch (n) {
	case -1:
		switch (errno) {
		case EINTR:
		case EAGAIN:
			return;
		default:
			goto fail;
		}
		break;
	case 0:
		log_debug("closed connection");
		goto fail;
	default:
		break;
	}

	sldns_buffer_skip(pq->qbuf, n);

	if (sldns_buffer_position(pq->qbuf) >= 2 && !pq->abuf) {
		struct sldns_buffer	*tmp;
		size_t			 rem;
		uint16_t		 len;

		sldns_buffer_flip(pq->qbuf);
		len = sldns_buffer_read_u16(pq->qbuf);
		tmp = sldns_buffer_new(len);
		if (tmp == NULL)
			goto fail;
		pq->abuf = sldns_buffer_new(len);
		if (pq->abuf == NULL) {
			sldns_buffer_free(tmp);
			goto fail;
		}

		rem = sldns_buffer_remaining(pq->qbuf);
		sldns_buffer_write(tmp, sldns_buffer_current(pq->qbuf),
		    MINIMUM(len, rem));
		sldns_buffer_free(pq->qbuf);
		pq->qbuf = tmp;
	}
	if (sldns_buffer_remaining(pq->qbuf) == 0) {
		sldns_buffer_flip(pq->qbuf);
		shutdown(fd, SHUT_RD);
		event_del(&pq->ev);
		handle_query(pq);
	}
	return;
fail:
	free_pending_query(pq);
}

void
tcp_response(int fd, short events, void *arg)
{
	struct pending_query	*pq;
	ssize_t			 n;

	pq = arg;

	n = write(fd, sldns_buffer_current(pq->abuf),
	    sldns_buffer_remaining(pq->abuf));

	if (n == -1) {
		if (errno == EAGAIN || errno == EINTR)
			return;
		free_pending_query(pq);
		return;
	}
	sldns_buffer_skip(pq->abuf, n);
	if (sldns_buffer_remaining(pq->abuf) == 0)
		free_pending_query(pq);
}

void
tcp_timeout(int fd, short events, void *arg)
{
	free_pending_query(arg);
}

void
check_available_af(void)
{
	static int		 available_af = HAVE_IPV4 | HAVE_IPV6;
	static int		 rtable = -1;
	struct ifaddrs		*ifap, *ifa;
	struct if_data		*ifa_data;
	struct sockaddr_in	*sin4;
	struct sockaddr_in6	*sin6;
	int			 new_available_af = 0, ifa_rtable = -1;

	if (rtable == -1)
		rtable = getrtable();

	if (getifaddrs(&ifap) != 0) {
		log_warn("getifaddrs");
		return;
	}

	for (ifa = ifap; ifa != NULL; ifa = ifa->ifa_next) {
		if (ifa->ifa_addr == NULL)
			continue;
		switch(ifa->ifa_addr->sa_family) {
		case AF_LINK:
			/* AF_LINK comes before inet / inet6 on an interface */
			ifa_data = (struct if_data *)ifa->ifa_data;
			ifa_rtable = ifa_data->ifi_rdomain;
			break;
		case AF_INET:
			if (ifa_rtable != rtable)
				continue;

			sin4 = (struct sockaddr_in *)ifa->ifa_addr;
			if ((ntohl(sin4->sin_addr.s_addr) >> 24) ==
			    IN_LOOPBACKNET)
				continue;
			new_available_af |= HAVE_IPV4;
			break;
		case AF_INET6:
			if (ifa_rtable != rtable)
				continue;

			sin6 = (struct sockaddr_in6 *)ifa->ifa_addr;
			if (IN6_IS_ADDR_LOOPBACK(&sin6->sin6_addr) ||
			    IN6_IS_ADDR_LINKLOCAL(&sin6->sin6_addr) ||
			    IN6_IS_ADDR_MC_LINKLOCAL(&sin6->sin6_addr) ||
			    IN6_IS_ADDR_MC_INTFACELOCAL(&sin6->sin6_addr))
				continue;
			new_available_af |= HAVE_IPV6;
			break;
		default:
			break;
		}
		if (new_available_af == (HAVE_IPV4 | HAVE_IPV6))
			break;
	}
	freeifaddrs(ifap);
	if (new_available_af != available_af) {
		available_af = new_available_af;
		frontend_imsg_compose_resolver(IMSG_CHANGE_AFS, 0,
		    &available_af, sizeof(available_af));
	}
}

void
reverse(char *begin, char *end)
{
	char	t;

	while (begin < --end) {
		t = *begin;
		*begin = *end;
		*end = t;
		++begin;
	}
}