1 /* 2 * testpkts. Data file parse for test packets, and query matching. 3 * 4 * Data storage for specially crafted replies for testing purposes. 5 * 6 * (c) NLnet Labs, 2005, 2006, 2007, 2008 7 * See the file LICENSE for the license 8 */ 9 10 /** 11 * \file 12 * This is a debugging aid. It is not efficient, especially 13 * with a long config file, but it can give any reply to any query. 14 * This can help the developer pre-script replies for queries. 15 * 16 * You can specify a packet RR by RR with header flags to return. 17 * 18 * Missing features: 19 * - matching content different from reply content. 20 * - find way to adjust mangled packets? 21 */ 22 23 #include "config.h" 24 struct sockaddr_storage; 25 #include <errno.h> 26 #include <stdarg.h> 27 #include <ctype.h> 28 #include "testcode/testpkts.h" 29 #include "util/net_help.h" 30 #include "sldns/sbuffer.h" 31 #include "sldns/rrdef.h" 32 #include "sldns/pkthdr.h" 33 #include "sldns/str2wire.h" 34 #include "sldns/wire2str.h" 35 36 /** max size of a packet */ 37 #define MAX_PACKETLEN 65536 38 /** max line length */ 39 #define MAX_LINE 10240 40 /** string to show in warnings and errors */ 41 static const char* prog_name = "testpkts"; 42 43 #ifndef UTIL_LOG_H 44 /** verbosity definition for compat */ 45 enum verbosity_value { NO_VERBOSE=0 }; 46 #endif 47 /** logging routine, provided by caller */ 48 void verbose(enum verbosity_value lvl, const char* msg, ...) ATTR_FORMAT(printf, 2, 3); 49 static void error(const char* msg, ...) ATTR_NORETURN; 50 51 /** print error and exit */ 52 static void error(const char* msg, ...) 53 { 54 va_list args; 55 va_start(args, msg); 56 fprintf(stderr, "%s error: ", prog_name); 57 vfprintf(stderr, msg, args); 58 fprintf(stderr, "\n"); 59 fflush(stderr); 60 va_end(args); 61 exit(EXIT_FAILURE); 62 } 63 64 /** return if string is empty or comment */ 65 static int isendline(char c) 66 { 67 if(c == ';' || c == '#' 68 || c == '\n' || c == 0) 69 return 1; 70 return 0; 71 } 72 73 /** true if the string starts with the keyword given. Moves the str ahead. 74 * @param str: before keyword, afterwards after keyword and spaces. 75 * @param keyword: the keyword to match 76 * @return: true if keyword present. False otherwise, and str unchanged. 77 */ 78 static int str_keyword(char** str, const char* keyword) 79 { 80 size_t len = strlen(keyword); 81 assert(str && keyword); 82 if(strncmp(*str, keyword, len) != 0) 83 return 0; 84 *str += len; 85 while(isspace((unsigned char)**str)) 86 (*str)++; 87 return 1; 88 } 89 90 /** Add reply packet to entry */ 91 static struct reply_packet* 92 entry_add_reply(struct entry* entry) 93 { 94 struct reply_packet* pkt = (struct reply_packet*)malloc( 95 sizeof(struct reply_packet)); 96 struct reply_packet ** p = &entry->reply_list; 97 if(!pkt) error("out of memory"); 98 pkt->next = NULL; 99 pkt->packet_sleep = 0; 100 pkt->reply_pkt = NULL; 101 pkt->reply_from_hex = NULL; 102 pkt->raw_ednsdata = NULL; 103 /* link at end */ 104 while(*p) 105 p = &((*p)->next); 106 *p = pkt; 107 return pkt; 108 } 109 110 /** parse MATCH line */ 111 static void matchline(char* line, struct entry* e) 112 { 113 char* parse = line; 114 while(*parse) { 115 if(isendline(*parse)) 116 return; 117 if(str_keyword(&parse, "opcode")) { 118 e->match_opcode = 1; 119 } else if(str_keyword(&parse, "qtype")) { 120 e->match_qtype = 1; 121 } else if(str_keyword(&parse, "qname")) { 122 e->match_qname = 1; 123 } else if(str_keyword(&parse, "rcode")) { 124 e->match_rcode = 1; 125 } else if(str_keyword(&parse, "question")) { 126 e->match_question = 1; 127 } else if(str_keyword(&parse, "answer")) { 128 e->match_answer = 1; 129 } else if(str_keyword(&parse, "subdomain")) { 130 e->match_subdomain = 1; 131 } else if(str_keyword(&parse, "all_noedns")) { 132 e->match_all_noedns = 1; 133 } else if(str_keyword(&parse, "all")) { 134 e->match_all = 1; 135 } else if(str_keyword(&parse, "ttl")) { 136 e->match_ttl = 1; 137 } else if(str_keyword(&parse, "DO")) { 138 e->match_do = 1; 139 } else if(str_keyword(&parse, "noedns")) { 140 e->match_noedns = 1; 141 } else if(str_keyword(&parse, "ednsdata")) { 142 e->match_ednsdata_raw = 1; 143 } else if(str_keyword(&parse, "UDP")) { 144 e->match_transport = transport_udp; 145 } else if(str_keyword(&parse, "TCP")) { 146 e->match_transport = transport_tcp; 147 } else if(str_keyword(&parse, "serial")) { 148 e->match_serial = 1; 149 if(*parse != '=' && *parse != ':') 150 error("expected = or : in MATCH: %s", line); 151 parse++; 152 e->ixfr_soa_serial = (uint32_t)strtol(parse, (char**)&parse, 10); 153 while(isspace((unsigned char)*parse)) 154 parse++; 155 } else if(str_keyword(&parse, "ede")) { 156 e->match_ede = 1; 157 if(*parse != '=' && *parse != ':') 158 error("expected = or : in MATCH: %s", line); 159 parse++; 160 while(isspace((unsigned char)*parse)) 161 parse++; 162 if(str_keyword(&parse, "any")) { 163 e->match_ede_any = 1; 164 } else { 165 e->ede_info_code = (uint16_t)strtol(parse, 166 (char**)&parse, 10); 167 } 168 while(isspace((unsigned char)*parse)) 169 parse++; 170 } else { 171 error("could not parse MATCH: '%s'", parse); 172 } 173 } 174 } 175 176 /** parse REPLY line */ 177 static void replyline(char* line, uint8_t* reply, size_t reply_len, 178 int* do_flag) 179 { 180 char* parse = line; 181 if(reply_len < LDNS_HEADER_SIZE) error("packet too short for header"); 182 while(*parse) { 183 if(isendline(*parse)) 184 return; 185 /* opcodes */ 186 if(str_keyword(&parse, "QUERY")) { 187 LDNS_OPCODE_SET(reply, LDNS_PACKET_QUERY); 188 } else if(str_keyword(&parse, "IQUERY")) { 189 LDNS_OPCODE_SET(reply, LDNS_PACKET_IQUERY); 190 } else if(str_keyword(&parse, "STATUS")) { 191 LDNS_OPCODE_SET(reply, LDNS_PACKET_STATUS); 192 } else if(str_keyword(&parse, "NOTIFY")) { 193 LDNS_OPCODE_SET(reply, LDNS_PACKET_NOTIFY); 194 } else if(str_keyword(&parse, "UPDATE")) { 195 LDNS_OPCODE_SET(reply, LDNS_PACKET_UPDATE); 196 /* rcodes */ 197 } else if(str_keyword(&parse, "NOERROR")) { 198 LDNS_RCODE_SET(reply, LDNS_RCODE_NOERROR); 199 } else if(str_keyword(&parse, "FORMERR")) { 200 LDNS_RCODE_SET(reply, LDNS_RCODE_FORMERR); 201 } else if(str_keyword(&parse, "SERVFAIL")) { 202 LDNS_RCODE_SET(reply, LDNS_RCODE_SERVFAIL); 203 } else if(str_keyword(&parse, "NXDOMAIN")) { 204 LDNS_RCODE_SET(reply, LDNS_RCODE_NXDOMAIN); 205 } else if(str_keyword(&parse, "NOTIMPL")) { 206 LDNS_RCODE_SET(reply, LDNS_RCODE_NOTIMPL); 207 } else if(str_keyword(&parse, "REFUSED")) { 208 LDNS_RCODE_SET(reply, LDNS_RCODE_REFUSED); 209 } else if(str_keyword(&parse, "YXDOMAIN")) { 210 LDNS_RCODE_SET(reply, LDNS_RCODE_YXDOMAIN); 211 } else if(str_keyword(&parse, "YXRRSET")) { 212 LDNS_RCODE_SET(reply, LDNS_RCODE_YXRRSET); 213 } else if(str_keyword(&parse, "NXRRSET")) { 214 LDNS_RCODE_SET(reply, LDNS_RCODE_NXRRSET); 215 } else if(str_keyword(&parse, "NOTAUTH")) { 216 LDNS_RCODE_SET(reply, LDNS_RCODE_NOTAUTH); 217 } else if(str_keyword(&parse, "NOTZONE")) { 218 LDNS_RCODE_SET(reply, LDNS_RCODE_NOTZONE); 219 /* flags */ 220 } else if(str_keyword(&parse, "QR")) { 221 LDNS_QR_SET(reply); 222 } else if(str_keyword(&parse, "AA")) { 223 LDNS_AA_SET(reply); 224 } else if(str_keyword(&parse, "TC")) { 225 LDNS_TC_SET(reply); 226 } else if(str_keyword(&parse, "RD")) { 227 LDNS_RD_SET(reply); 228 } else if(str_keyword(&parse, "CD")) { 229 LDNS_CD_SET(reply); 230 } else if(str_keyword(&parse, "RA")) { 231 LDNS_RA_SET(reply); 232 } else if(str_keyword(&parse, "AD")) { 233 LDNS_AD_SET(reply); 234 } else if(str_keyword(&parse, "DO")) { 235 *do_flag = 1; 236 } else { 237 error("could not parse REPLY: '%s'", parse); 238 } 239 } 240 } 241 242 /** parse ADJUST line */ 243 static void adjustline(char* line, struct entry* e, 244 struct reply_packet* pkt) 245 { 246 char* parse = line; 247 while(*parse) { 248 if(isendline(*parse)) 249 return; 250 if(str_keyword(&parse, "copy_id")) { 251 e->copy_id = 1; 252 } else if(str_keyword(&parse, "copy_query")) { 253 e->copy_query = 1; 254 } else if(str_keyword(&parse, "copy_ednsdata_assume_clientsubnet")) { 255 e->copy_ednsdata_assume_clientsubnet = 1; 256 } else if(str_keyword(&parse, "increment_ecs_scope")) { 257 e->increment_ecs_scope = 1; 258 } else if(str_keyword(&parse, "sleep=")) { 259 e->sleeptime = (unsigned int) strtol(parse, (char**)&parse, 10); 260 while(isspace((unsigned char)*parse)) 261 parse++; 262 } else if(str_keyword(&parse, "packet_sleep=")) { 263 pkt->packet_sleep = (unsigned int) strtol(parse, (char**)&parse, 10); 264 while(isspace((unsigned char)*parse)) 265 parse++; 266 } else { 267 error("could not parse ADJUST: '%s'", parse); 268 } 269 } 270 } 271 272 /** create new entry */ 273 static struct entry* new_entry(void) 274 { 275 struct entry* e = (struct entry*)malloc(sizeof(struct entry)); 276 if(!e) error("out of memory"); 277 memset(e, 0, sizeof(*e)); 278 e->match_opcode = 0; 279 e->match_qtype = 0; 280 e->match_qname = 0; 281 e->match_rcode = 0; 282 e->match_question = 0; 283 e->match_answer = 0; 284 e->match_subdomain = 0; 285 e->match_all = 0; 286 e->match_all_noedns = 0; 287 e->match_ttl = 0; 288 e->match_do = 0; 289 e->match_noedns = 0; 290 e->match_serial = 0; 291 e->ixfr_soa_serial = 0; 292 e->match_ede = 0; 293 e->match_ede_any = 0; 294 e->ede_info_code = -1; 295 e->match_transport = transport_any; 296 e->reply_list = NULL; 297 e->copy_id = 0; 298 e->copy_query = 0; 299 e->copy_ednsdata_assume_clientsubnet = 0; 300 e->increment_ecs_scope = 0; 301 e->sleeptime = 0; 302 e->next = NULL; 303 return e; 304 } 305 306 /** 307 * Converts a hex string to binary data 308 * @param hexstr: string of hex. 309 * @param len: is the length of the string 310 * @param buf: is the buffer to store the result in 311 * @param offset: is the starting position in the result buffer 312 * @param buf_len: is the length of buf. 313 * @return This function returns the length of the result 314 */ 315 static size_t 316 hexstr2bin(char *hexstr, int len, uint8_t *buf, size_t offset, size_t buf_len) 317 { 318 char c; 319 int i; 320 uint8_t int8 = 0; 321 int sec = 0; 322 size_t bufpos = 0; 323 324 if (len % 2 != 0) { 325 return 0; 326 } 327 328 for (i=0; i<len; i++) { 329 c = hexstr[i]; 330 331 /* case insensitive, skip spaces */ 332 if (c != ' ') { 333 if (c >= '0' && c <= '9') { 334 int8 += c & 0x0f; 335 } else if (c >= 'a' && c <= 'z') { 336 int8 += (c & 0x0f) + 9; 337 } else if (c >= 'A' && c <= 'Z') { 338 int8 += (c & 0x0f) + 9; 339 } else { 340 return 0; 341 } 342 343 if (sec == 0) { 344 int8 = int8 << 4; 345 sec = 1; 346 } else { 347 if (bufpos + offset + 1 <= buf_len) { 348 buf[bufpos+offset] = int8; 349 int8 = 0; 350 sec = 0; 351 bufpos++; 352 } else { 353 fprintf(stderr, "Buffer too small in hexstr2bin"); 354 } 355 } 356 } 357 } 358 return bufpos; 359 } 360 361 /** convert hex buffer to binary buffer */ 362 static sldns_buffer * 363 hex_buffer2wire(sldns_buffer *data_buffer) 364 { 365 sldns_buffer *wire_buffer = NULL; 366 int c; 367 368 /* stat hack 369 * 0 = normal 370 * 1 = comment (skip to end of line) 371 * 2 = unprintable character found, read binary data directly 372 */ 373 size_t data_buf_pos = 0; 374 int state = 0; 375 uint8_t *hexbuf; 376 int hexbufpos = 0; 377 size_t wirelen; 378 uint8_t *data_wire = (uint8_t *) sldns_buffer_begin(data_buffer); 379 uint8_t *wire = (uint8_t*)malloc(MAX_PACKETLEN); 380 if(!wire) error("out of memory"); 381 382 hexbuf = (uint8_t*)malloc(MAX_PACKETLEN); 383 if(!hexbuf) error("out of memory"); 384 for (data_buf_pos = 0; data_buf_pos < sldns_buffer_position(data_buffer); data_buf_pos++) { 385 c = (int) data_wire[data_buf_pos]; 386 387 if (state < 2 && !isascii((unsigned char)c)) { 388 /*verbose("non ascii character found in file: (%d) switching to raw mode\n", c);*/ 389 state = 2; 390 } 391 switch (state) { 392 case 0: 393 if ( (c >= '0' && c <= '9') || 394 (c >= 'a' && c <= 'f') || 395 (c >= 'A' && c <= 'F') ) 396 { 397 if (hexbufpos >= MAX_PACKETLEN) { 398 error("buffer overflow"); 399 free(hexbuf); 400 return 0; 401 402 } 403 hexbuf[hexbufpos] = (uint8_t) c; 404 hexbufpos++; 405 } else if (c == ';') { 406 state = 1; 407 } else if (c == ' ' || c == '\t' || c == '\n') { 408 /* skip whitespace */ 409 } 410 break; 411 case 1: 412 if (c == '\n' || c == EOF) { 413 state = 0; 414 } 415 break; 416 case 2: 417 if (hexbufpos >= MAX_PACKETLEN) { 418 error("buffer overflow"); 419 free(hexbuf); 420 return 0; 421 } 422 hexbuf[hexbufpos] = (uint8_t) c; 423 hexbufpos++; 424 break; 425 } 426 } 427 428 if (hexbufpos >= MAX_PACKETLEN) { 429 /*verbose("packet size reached\n");*/ 430 } 431 432 /* lenient mode: length must be multiple of 2 */ 433 if (hexbufpos % 2 != 0) { 434 if (hexbufpos >= MAX_PACKETLEN) { 435 error("buffer overflow"); 436 free(hexbuf); 437 return 0; 438 } 439 hexbuf[hexbufpos] = (uint8_t) '0'; 440 hexbufpos++; 441 } 442 443 if (state < 2) { 444 wirelen = hexstr2bin((char *) hexbuf, hexbufpos, wire, 0, MAX_PACKETLEN); 445 wire_buffer = sldns_buffer_new(wirelen); 446 sldns_buffer_new_frm_data(wire_buffer, wire, wirelen); 447 } else { 448 error("Incomplete hex data, not at byte boundary\n"); 449 } 450 free(wire); 451 free(hexbuf); 452 return wire_buffer; 453 } 454 455 /** parse ORIGIN */ 456 static void 457 get_origin(const char* name, struct sldns_file_parse_state* pstate, char* parse) 458 { 459 /* snip off rest of the text so as to make the parse work in ldns */ 460 char* end; 461 char store; 462 int status; 463 464 end=parse; 465 while(!isspace((unsigned char)*end) && !isendline(*end)) 466 end++; 467 store = *end; 468 *end = 0; 469 verbose(3, "parsing '%s'\n", parse); 470 status = sldns_str2wire_dname_buf(parse, pstate->origin, 471 &pstate->origin_len); 472 *end = store; 473 if(status != 0) 474 error("%s line %d:\n\t%s: %s", name, pstate->lineno, 475 sldns_get_errorstr_parse(status), parse); 476 } 477 478 /** add RR to packet */ 479 static void add_rr(char* rrstr, uint8_t* pktbuf, size_t pktsize, 480 size_t* pktlen, struct sldns_file_parse_state* pstate, 481 sldns_pkt_section add_section, const char* fname) 482 { 483 /* it must be a RR, parse and add to packet. */ 484 size_t rr_len = pktsize - *pktlen; 485 size_t dname_len = 0; 486 int status; 487 uint8_t* origin = pstate->origin_len?pstate->origin:0; 488 uint8_t* prev = pstate->prev_rr_len?pstate->prev_rr:0; 489 if(*pktlen > pktsize || *pktlen < LDNS_HEADER_SIZE) 490 error("packet overflow"); 491 492 /* parse RR */ 493 if(add_section == LDNS_SECTION_QUESTION) 494 status = sldns_str2wire_rr_question_buf(rrstr, pktbuf+*pktlen, 495 &rr_len, &dname_len, origin, pstate->origin_len, 496 prev, pstate->prev_rr_len); 497 else status = sldns_str2wire_rr_buf(rrstr, pktbuf+*pktlen, &rr_len, 498 &dname_len, pstate->default_ttl, origin, 499 pstate->origin_len, prev, pstate->prev_rr_len); 500 if(status != 0) 501 error("%s line %d:%d %s\n\t%s", fname, pstate->lineno, 502 LDNS_WIREPARSE_OFFSET(status), 503 sldns_get_errorstr_parse(status), rrstr); 504 *pktlen += rr_len; 505 506 /* increase RR count */ 507 if(add_section == LDNS_SECTION_QUESTION) 508 sldns_write_uint16(pktbuf+4, LDNS_QDCOUNT(pktbuf)+1); 509 else if(add_section == LDNS_SECTION_ANSWER) 510 sldns_write_uint16(pktbuf+6, LDNS_ANCOUNT(pktbuf)+1); 511 else if(add_section == LDNS_SECTION_AUTHORITY) 512 sldns_write_uint16(pktbuf+8, LDNS_NSCOUNT(pktbuf)+1); 513 else if(add_section == LDNS_SECTION_ADDITIONAL) 514 sldns_write_uint16(pktbuf+10, LDNS_ARCOUNT(pktbuf)+1); 515 else error("internal error bad section %d", (int)add_section); 516 } 517 518 /* add EDNS 4096 opt record */ 519 static void 520 add_edns(uint8_t* pktbuf, size_t pktsize, int do_flag, uint8_t *ednsdata, 521 uint16_t ednslen, size_t* pktlen) 522 { 523 uint8_t edns[] = {0x00, /* root label */ 524 0x00, LDNS_RR_TYPE_OPT, /* type */ 525 0x04, 0xD0, /* class is UDPSIZE 1232 */ 526 0x00, /* TTL[0] is ext rcode */ 527 0x00, /* TTL[1] is edns version */ 528 (uint8_t)(do_flag?0x80:0x00), 0x00, /* TTL[2-3] is edns flags, DO */ 529 (uint8_t)((ednslen >> 8) & 0xff), 530 (uint8_t)(ednslen & 0xff), /* rdatalength */ 531 }; 532 if(*pktlen < LDNS_HEADER_SIZE) 533 return; 534 if(*pktlen + sizeof(edns) + ednslen > pktsize) 535 error("not enough space for EDNS OPT record"); 536 memmove(pktbuf+*pktlen, edns, sizeof(edns)); 537 if(ednsdata && ednslen) 538 memmove(pktbuf+*pktlen+sizeof(edns), ednsdata, ednslen); 539 sldns_write_uint16(pktbuf+10, LDNS_ARCOUNT(pktbuf)+1); 540 *pktlen += (sizeof(edns) + ednslen); 541 } 542 543 /* Reads one entry from file. Returns entry or NULL on error. */ 544 struct entry* 545 read_entry(FILE* in, const char* name, struct sldns_file_parse_state* pstate, 546 int skip_whitespace) 547 { 548 struct entry* current = NULL; 549 char line[MAX_LINE]; 550 char* parse; 551 sldns_pkt_section add_section = LDNS_SECTION_QUESTION; 552 struct reply_packet *cur_reply = NULL; 553 int reading_hex = 0; 554 int reading_hex_ednsdata = 0; 555 sldns_buffer* hex_data_buffer = NULL; 556 sldns_buffer* hex_ednsdata_buffer = NULL; 557 uint8_t pktbuf[MAX_PACKETLEN]; 558 size_t pktlen = LDNS_HEADER_SIZE; 559 int do_flag = 0; /* DO flag in EDNS */ 560 memset(pktbuf, 0, pktlen); /* ID = 0, FLAGS="", and rr counts 0 */ 561 562 while(fgets(line, (int)sizeof(line), in) != NULL) { 563 line[MAX_LINE-1] = 0; 564 parse = line; 565 pstate->lineno++; 566 567 while(isspace((unsigned char)*parse)) 568 parse++; 569 /* test for keywords */ 570 if(isendline(*parse)) 571 continue; /* skip comment and empty lines */ 572 if(str_keyword(&parse, "ENTRY_BEGIN")) { 573 if(current) { 574 error("%s line %d: previous entry does not ENTRY_END", 575 name, pstate->lineno); 576 } 577 current = new_entry(); 578 current->lineno = pstate->lineno; 579 cur_reply = entry_add_reply(current); 580 continue; 581 } else if(str_keyword(&parse, "$ORIGIN")) { 582 get_origin(name, pstate, parse); 583 continue; 584 } else if(str_keyword(&parse, "$TTL")) { 585 pstate->default_ttl = (uint32_t)atoi(parse); 586 continue; 587 } 588 589 /* working inside an entry */ 590 if(!current) { 591 error("%s line %d: expected ENTRY_BEGIN but got %s", 592 name, pstate->lineno, line); 593 } 594 if(str_keyword(&parse, "MATCH")) { 595 matchline(parse, current); 596 } else if(str_keyword(&parse, "REPLY")) { 597 replyline(parse, pktbuf, pktlen, &do_flag); 598 } else if(str_keyword(&parse, "ADJUST")) { 599 adjustline(parse, current, cur_reply); 600 } else if(str_keyword(&parse, "EXTRA_PACKET")) { 601 /* copy current packet into buffer */ 602 cur_reply->reply_pkt = memdup(pktbuf, pktlen); 603 cur_reply->reply_len = pktlen; 604 if(!cur_reply->reply_pkt) 605 error("out of memory"); 606 cur_reply = entry_add_reply(current); 607 /* clear for next packet */ 608 pktlen = LDNS_HEADER_SIZE; 609 memset(pktbuf, 0, pktlen); /* ID = 0, FLAGS="", and rr counts 0 */ 610 } else if(str_keyword(&parse, "SECTION")) { 611 if(str_keyword(&parse, "QUESTION")) 612 add_section = LDNS_SECTION_QUESTION; 613 else if(str_keyword(&parse, "ANSWER")) 614 add_section = LDNS_SECTION_ANSWER; 615 else if(str_keyword(&parse, "AUTHORITY")) 616 add_section = LDNS_SECTION_AUTHORITY; 617 else if(str_keyword(&parse, "ADDITIONAL")) 618 add_section = LDNS_SECTION_ADDITIONAL; 619 else error("%s line %d: bad section %s", name, pstate->lineno, parse); 620 } else if(str_keyword(&parse, "HEX_ANSWER_BEGIN")) { 621 hex_data_buffer = sldns_buffer_new(MAX_PACKETLEN); 622 reading_hex = 1; 623 } else if(str_keyword(&parse, "HEX_ANSWER_END")) { 624 if(!reading_hex) { 625 error("%s line %d: HEX_ANSWER_END read but no HEX_ANSWER_BEGIN keyword seen", name, pstate->lineno); 626 } 627 reading_hex = 0; 628 cur_reply->reply_from_hex = hex_buffer2wire(hex_data_buffer); 629 sldns_buffer_free(hex_data_buffer); 630 hex_data_buffer = NULL; 631 } else if(reading_hex) { 632 sldns_buffer_printf(hex_data_buffer, "%s", line); 633 } else if(str_keyword(&parse, "HEX_EDNSDATA_BEGIN")) { 634 hex_ednsdata_buffer = sldns_buffer_new(MAX_PACKETLEN); 635 reading_hex_ednsdata = 1; 636 } else if(str_keyword(&parse, "HEX_EDNSDATA_END")) { 637 if (!reading_hex_ednsdata) { 638 error("%s line %d: HEX_EDNSDATA_END read but no" 639 "HEX_EDNSDATA_BEGIN keyword seen", name, pstate->lineno); 640 } 641 reading_hex_ednsdata = 0; 642 cur_reply->raw_ednsdata = hex_buffer2wire(hex_ednsdata_buffer); 643 sldns_buffer_free(hex_ednsdata_buffer); 644 hex_ednsdata_buffer = NULL; 645 } else if(reading_hex_ednsdata) { 646 sldns_buffer_printf(hex_ednsdata_buffer, "%s", line); 647 } else if(str_keyword(&parse, "ENTRY_END")) { 648 if(hex_data_buffer) 649 sldns_buffer_free(hex_data_buffer); 650 if(hex_ednsdata_buffer) 651 sldns_buffer_free(hex_ednsdata_buffer); 652 if(pktlen != 0) { 653 if(do_flag || cur_reply->raw_ednsdata) { 654 if(cur_reply->raw_ednsdata && 655 sldns_buffer_limit(cur_reply->raw_ednsdata)) 656 add_edns(pktbuf, sizeof(pktbuf), do_flag, 657 sldns_buffer_begin(cur_reply->raw_ednsdata), 658 (uint16_t)sldns_buffer_limit(cur_reply->raw_ednsdata), 659 &pktlen); 660 else 661 add_edns(pktbuf, sizeof(pktbuf), do_flag, 662 NULL, 0, &pktlen); 663 } 664 cur_reply->reply_pkt = memdup(pktbuf, pktlen); 665 cur_reply->reply_len = pktlen; 666 if(!cur_reply->reply_pkt) 667 error("out of memory"); 668 } 669 return current; 670 } else { 671 add_rr(skip_whitespace?parse:line, pktbuf, 672 sizeof(pktbuf), &pktlen, pstate, add_section, 673 name); 674 } 675 676 } 677 if(reading_hex) { 678 error("%s: End of file reached while still reading hex, " 679 "missing HEX_ANSWER_END\n", name); 680 } 681 if(reading_hex_ednsdata) { 682 error("%s: End of file reached while still reading edns data, " 683 "missing HEX_EDNSDATA_END\n", name); 684 } 685 if(current) { 686 error("%s: End of file reached while reading entry. " 687 "missing ENTRY_END\n", name); 688 } 689 return 0; 690 } 691 692 /* reads the canned reply file and returns a list of structs */ 693 struct entry* 694 read_datafile(const char* name, int skip_whitespace) 695 { 696 struct entry* list = NULL; 697 struct entry* last = NULL; 698 struct entry* current = NULL; 699 FILE *in; 700 struct sldns_file_parse_state pstate; 701 int entry_num = 0; 702 memset(&pstate, 0, sizeof(pstate)); 703 704 if((in=fopen(name, "r")) == NULL) { 705 error("could not open file %s: %s", name, strerror(errno)); 706 } 707 708 while((current = read_entry(in, name, &pstate, skip_whitespace))) 709 { 710 if(last) 711 last->next = current; 712 else list = current; 713 last = current; 714 entry_num ++; 715 } 716 verbose(1, "%s: Read %d entries\n", prog_name, entry_num); 717 718 fclose(in); 719 return list; 720 } 721 722 /** get qtype from packet */ 723 static sldns_rr_type get_qtype(uint8_t* pkt, size_t pktlen) 724 { 725 uint8_t* d; 726 size_t dl, sl=0; 727 char* snull = NULL; 728 int comprloop = 0; 729 if(pktlen < LDNS_HEADER_SIZE) 730 return 0; 731 if(LDNS_QDCOUNT(pkt) == 0) 732 return 0; 733 /* skip over dname with dname-scan routine */ 734 d = pkt+LDNS_HEADER_SIZE; 735 dl = pktlen-LDNS_HEADER_SIZE; 736 (void)sldns_wire2str_dname_scan(&d, &dl, &snull, &sl, pkt, pktlen, &comprloop); 737 if(dl < 2) 738 return 0; 739 return sldns_read_uint16(d); 740 } 741 742 /** get qtype from packet */ 743 static size_t get_qname_len(uint8_t* pkt, size_t pktlen) 744 { 745 uint8_t* d; 746 size_t dl, sl=0; 747 char* snull = NULL; 748 int comprloop = 0; 749 if(pktlen < LDNS_HEADER_SIZE) 750 return 0; 751 if(LDNS_QDCOUNT(pkt) == 0) 752 return 0; 753 /* skip over dname with dname-scan routine */ 754 d = pkt+LDNS_HEADER_SIZE; 755 dl = pktlen-LDNS_HEADER_SIZE; 756 (void)sldns_wire2str_dname_scan(&d, &dl, &snull, &sl, pkt, pktlen, &comprloop); 757 return pktlen-dl-LDNS_HEADER_SIZE; 758 } 759 760 /** returns owner from packet */ 761 static uint8_t* get_qname(uint8_t* pkt, size_t pktlen) 762 { 763 if(pktlen < LDNS_HEADER_SIZE) 764 return NULL; 765 if(LDNS_QDCOUNT(pkt) == 0) 766 return NULL; 767 return pkt+LDNS_HEADER_SIZE; 768 } 769 770 /** returns opcode from packet */ 771 static int get_opcode(uint8_t* pkt, size_t pktlen) 772 { 773 if(pktlen < LDNS_HEADER_SIZE) 774 return 0; 775 return (int)LDNS_OPCODE_WIRE(pkt); 776 } 777 778 /** returns rcode from packet */ 779 static int get_rcode(uint8_t* pkt, size_t pktlen) 780 { 781 if(pktlen < LDNS_HEADER_SIZE) 782 return 0; 783 return (int)LDNS_RCODE_WIRE(pkt); 784 } 785 786 /** get authority section SOA serial value */ 787 static uint32_t get_serial(uint8_t* p, size_t plen) 788 { 789 uint8_t* walk = p; 790 size_t walk_len = plen, sl=0; 791 char* snull = NULL; 792 uint16_t i; 793 int comprloop = 0; 794 795 if(walk_len < LDNS_HEADER_SIZE) 796 return 0; 797 walk += LDNS_HEADER_SIZE; 798 walk_len -= LDNS_HEADER_SIZE; 799 800 /* skip other records with wire2str_scan */ 801 for(i=0; i < LDNS_QDCOUNT(p); i++) 802 (void)sldns_wire2str_rrquestion_scan(&walk, &walk_len, 803 &snull, &sl, p, plen, &comprloop); 804 for(i=0; i < LDNS_ANCOUNT(p); i++) 805 (void)sldns_wire2str_rr_scan(&walk, &walk_len, &snull, &sl, 806 p, plen, &comprloop); 807 808 /* walk through authority section */ 809 for(i=0; i < LDNS_NSCOUNT(p); i++) { 810 /* if this is SOA then get serial, skip compressed dname */ 811 uint8_t* dstart = walk; 812 size_t dlen = walk_len; 813 (void)sldns_wire2str_dname_scan(&dstart, &dlen, &snull, &sl, 814 p, plen, &comprloop); 815 if(dlen >= 2 && sldns_read_uint16(dstart) == LDNS_RR_TYPE_SOA) { 816 /* skip type, class, TTL, rdatalen */ 817 if(dlen < 10) 818 return 0; 819 if(dlen < 10 + (size_t)sldns_read_uint16(dstart+8)) 820 return 0; 821 dstart += 10; 822 dlen -= 10; 823 /* check third rdf */ 824 (void)sldns_wire2str_dname_scan(&dstart, &dlen, &snull, 825 &sl, p, plen, &comprloop); 826 (void)sldns_wire2str_dname_scan(&dstart, &dlen, &snull, 827 &sl, p, plen, &comprloop); 828 if(dlen < 4) 829 return 0; 830 verbose(3, "found serial %u in msg. ", 831 (int)sldns_read_uint32(dstart)); 832 return sldns_read_uint32(dstart); 833 } 834 /* move to next RR */ 835 (void)sldns_wire2str_rr_scan(&walk, &walk_len, &snull, &sl, 836 p, plen, &comprloop); 837 } 838 return 0; 839 } 840 841 /** get ptr to EDNS OPT record (and remaining length); after the type u16 */ 842 static int 843 pkt_find_edns_opt(uint8_t** p, size_t* plen) 844 { 845 /* walk over the packet with scan routines */ 846 uint8_t* w = *p; 847 size_t wlen = *plen, sl=0; 848 char* snull = NULL; 849 uint16_t i; 850 int comprloop = 0; 851 852 if(wlen < LDNS_HEADER_SIZE) 853 return 0; 854 w += LDNS_HEADER_SIZE; 855 wlen -= LDNS_HEADER_SIZE; 856 857 /* skip other records with wire2str_scan */ 858 for(i=0; i < LDNS_QDCOUNT(*p); i++) 859 (void)sldns_wire2str_rrquestion_scan(&w, &wlen, &snull, &sl, 860 *p, *plen, &comprloop); 861 for(i=0; i < LDNS_ANCOUNT(*p); i++) 862 (void)sldns_wire2str_rr_scan(&w, &wlen, &snull, &sl, *p, *plen, &comprloop); 863 for(i=0; i < LDNS_NSCOUNT(*p); i++) 864 (void)sldns_wire2str_rr_scan(&w, &wlen, &snull, &sl, *p, *plen, &comprloop); 865 866 /* walk through additional section */ 867 for(i=0; i < LDNS_ARCOUNT(*p); i++) { 868 /* if this is OPT then done */ 869 uint8_t* dstart = w; 870 size_t dlen = wlen; 871 (void)sldns_wire2str_dname_scan(&dstart, &dlen, &snull, &sl, 872 *p, *plen, &comprloop); 873 if(dlen >= 2 && sldns_read_uint16(dstart) == LDNS_RR_TYPE_OPT) { 874 *p = dstart+2; 875 *plen = dlen-2; 876 return 1; 877 } 878 /* move to next RR */ 879 (void)sldns_wire2str_rr_scan(&w, &wlen, &snull, &sl, *p, *plen, &comprloop); 880 } 881 return 0; 882 } 883 884 /** return true if the packet has EDNS OPT record */ 885 static int 886 get_has_edns(uint8_t* pkt, size_t len) 887 { 888 /* use arguments as temporary variables */ 889 return pkt_find_edns_opt(&pkt, &len); 890 } 891 892 /** return true if the DO flag is set */ 893 static int 894 get_do_flag(uint8_t* pkt, size_t len) 895 { 896 uint16_t edns_bits; 897 uint8_t* walk = pkt; 898 size_t walk_len = len; 899 if(!pkt_find_edns_opt(&walk, &walk_len)) { 900 return 0; 901 } 902 if(walk_len < 6) 903 return 0; /* malformed */ 904 edns_bits = sldns_read_uint16(walk+4); 905 return (int)(edns_bits&LDNS_EDNS_MASK_DO_BIT); 906 } 907 908 /** Snips the EDE option out of the OPT record and returns the EDNS EDE 909 * INFO-CODE if found, else -1 */ 910 static int 911 extract_ede(uint8_t* pkt, size_t len) 912 { 913 uint8_t *rdata, *opt_position = pkt; 914 uint16_t rdlen, optlen; 915 size_t remaining = len; 916 int ede_code; 917 if(!pkt_find_edns_opt(&opt_position, &remaining)) return -1; 918 if(remaining < 8) return -1; /* malformed */ 919 rdlen = sldns_read_uint16(opt_position+6); 920 rdata = opt_position + 8; 921 while(rdlen > 0) { 922 if(rdlen < 4) return -1; /* malformed */ 923 optlen = sldns_read_uint16(rdata+2); 924 if(sldns_read_uint16(rdata) == LDNS_EDNS_EDE) { 925 if(rdlen < 6) return -1; /* malformed */ 926 ede_code = sldns_read_uint16(rdata+4); 927 /* snip option from packet; assumes len is correct */ 928 memmove(rdata, rdata+4+optlen, 929 (pkt+len)-(rdata+4+optlen)); 930 /* update OPT size */ 931 sldns_write_uint16(opt_position+6, 932 sldns_read_uint16(opt_position+6)-(4+optlen)); 933 return ede_code; 934 } 935 rdlen -= 4 + optlen; 936 rdata += 4 + optlen; 937 } 938 return -1; 939 } 940 941 /** zero TTLs in packet */ 942 static void 943 zerottls(uint8_t* pkt, size_t pktlen) 944 { 945 uint8_t* walk = pkt; 946 size_t walk_len = pktlen, sl=0; 947 char* snull = NULL; 948 uint16_t i; 949 uint16_t num = LDNS_ANCOUNT(pkt)+LDNS_NSCOUNT(pkt)+LDNS_ARCOUNT(pkt); 950 int comprloop = 0; 951 if(walk_len < LDNS_HEADER_SIZE) 952 return; 953 walk += LDNS_HEADER_SIZE; 954 walk_len -= LDNS_HEADER_SIZE; 955 for(i=0; i < LDNS_QDCOUNT(pkt); i++) 956 (void)sldns_wire2str_rrquestion_scan(&walk, &walk_len, 957 &snull, &sl, pkt, pktlen, &comprloop); 958 for(i=0; i < num; i++) { 959 /* wipe TTL */ 960 uint8_t* dstart = walk; 961 size_t dlen = walk_len; 962 (void)sldns_wire2str_dname_scan(&dstart, &dlen, &snull, &sl, 963 pkt, pktlen, &comprloop); 964 if(dlen < 8) 965 return; 966 sldns_write_uint32(dstart+4, 0); 967 /* go to next RR */ 968 (void)sldns_wire2str_rr_scan(&walk, &walk_len, &snull, &sl, 969 pkt, pktlen, &comprloop); 970 } 971 } 972 973 /** get one line (\n) from a string, move next to after the \n, zero \n */ 974 static int 975 get_line(char** s, char** n) 976 { 977 /* at end of string? end */ 978 if(*n == NULL || **n == 0) 979 return 0; 980 /* result starts at next string */ 981 *s = *n; 982 /* find \n after that */ 983 *n = strchr(*s, '\n'); 984 if(*n && **n != 0) { 985 /* terminate line */ 986 (*n)[0] = 0; 987 (*n)++; 988 } 989 return 1; 990 } 991 992 /** match two RR sections without ordering */ 993 static int 994 match_noloc_section(char** q, char** nq, char** p, char** np, uint16_t num) 995 { 996 /* for max number of RRs in packet */ 997 const uint16_t numarray = 3000; 998 char* qlines[numarray], *plines[numarray]; 999 uint16_t i, j, numq=0, nump=0; 1000 if(num > numarray) fatal_exit("too many RRs"); 1001 /* gather lines */ 1002 for(i=0; i<num; i++) { 1003 get_line(q, nq); 1004 get_line(p, np); 1005 qlines[numq++] = *q; 1006 plines[nump++] = *p; 1007 } 1008 /* see if they are all present in the other */ 1009 for(i=0; i<num; i++) { 1010 int found = 0; 1011 for(j=0; j<num; j++) { 1012 if(strcmp(qlines[i], plines[j]) == 0) { 1013 found = 1; 1014 break; 1015 } 1016 } 1017 if(!found) { 1018 verbose(3, "comparenoloc: failed for %s", qlines[i]); 1019 return 0; 1020 } 1021 } 1022 return 1; 1023 } 1024 1025 /** match two strings for unordered equality of RRs and everything else */ 1026 static int 1027 match_noloc(char* q, char* p, uint8_t* q_pkt, size_t q_pkt_len, 1028 uint8_t* p_pkt, size_t p_pkt_len) 1029 { 1030 char* nq = q, *np = p; 1031 /* if no header, compare bytes */ 1032 if(p_pkt_len < LDNS_HEADER_SIZE || q_pkt_len < LDNS_HEADER_SIZE) { 1033 if(p_pkt_len != q_pkt_len) return 0; 1034 return memcmp(p, q, p_pkt_len); 1035 } 1036 /* compare RR counts */ 1037 if(LDNS_QDCOUNT(p_pkt) != LDNS_QDCOUNT(q_pkt)) 1038 return 0; 1039 if(LDNS_ANCOUNT(p_pkt) != LDNS_ANCOUNT(q_pkt)) 1040 return 0; 1041 if(LDNS_NSCOUNT(p_pkt) != LDNS_NSCOUNT(q_pkt)) 1042 return 0; 1043 if(LDNS_ARCOUNT(p_pkt) != LDNS_ARCOUNT(q_pkt)) 1044 return 0; 1045 /* get a line from both; compare; at sections do section */ 1046 get_line(&q, &nq); 1047 get_line(&p, &np); 1048 if(strcmp(q, p) != 0) { 1049 /* header line opcode, rcode, id */ 1050 return 0; 1051 } 1052 get_line(&q, &nq); 1053 get_line(&p, &np); 1054 if(strcmp(q, p) != 0) { 1055 /* header flags, rr counts */ 1056 return 0; 1057 } 1058 /* ;; QUESTION SECTION */ 1059 get_line(&q, &nq); 1060 get_line(&p, &np); 1061 if(strcmp(q, p) != 0) return 0; 1062 if(!match_noloc_section(&q, &nq, &p, &np, LDNS_QDCOUNT(p_pkt))) 1063 return 0; 1064 1065 /* empty line and ;; ANSWER SECTION */ 1066 get_line(&q, &nq); 1067 get_line(&p, &np); 1068 if(strcmp(q, p) != 0) return 0; 1069 get_line(&q, &nq); 1070 get_line(&p, &np); 1071 if(strcmp(q, p) != 0) return 0; 1072 if(!match_noloc_section(&q, &nq, &p, &np, LDNS_ANCOUNT(p_pkt))) 1073 return 0; 1074 1075 /* empty line and ;; AUTHORITY SECTION */ 1076 get_line(&q, &nq); 1077 get_line(&p, &np); 1078 if(strcmp(q, p) != 0) return 0; 1079 get_line(&q, &nq); 1080 get_line(&p, &np); 1081 if(strcmp(q, p) != 0) return 0; 1082 if(!match_noloc_section(&q, &nq, &p, &np, LDNS_NSCOUNT(p_pkt))) 1083 return 0; 1084 1085 /* empty line and ;; ADDITIONAL SECTION */ 1086 get_line(&q, &nq); 1087 get_line(&p, &np); 1088 if(strcmp(q, p) != 0) return 0; 1089 get_line(&q, &nq); 1090 get_line(&p, &np); 1091 if(strcmp(q, p) != 0) return 0; 1092 if(!match_noloc_section(&q, &nq, &p, &np, LDNS_ARCOUNT(p_pkt))) 1093 return 0; 1094 1095 return 1; 1096 } 1097 1098 /** lowercase domain name - does not follow compression pointers */ 1099 static void lowercase_dname(uint8_t** p, size_t* remain) 1100 { 1101 unsigned i, llen; 1102 if(*remain == 0) return; 1103 while(**p != 0) { 1104 /* compressed? */ 1105 if((**p & 0xc0) == 0xc0) { 1106 *p += 2; 1107 *remain -= 2; 1108 return; 1109 } 1110 llen = (unsigned int)**p; 1111 *p += 1; 1112 *remain -= 1; 1113 if(*remain < llen) 1114 llen = (unsigned int)*remain; 1115 for(i=0; i<llen; i++) { 1116 (*p)[i] = (uint8_t)tolower((int)(*p)[i]); 1117 } 1118 *p += llen; 1119 *remain -= llen; 1120 if(*remain == 0) return; 1121 } 1122 /* skip root label */ 1123 *p += 1; 1124 *remain -= 1; 1125 } 1126 1127 /** lowercase rdata of type */ 1128 static void lowercase_rdata(uint8_t** p, size_t* remain, 1129 uint16_t rdatalen, uint16_t t) 1130 { 1131 const sldns_rr_descriptor *desc = sldns_rr_descript(t); 1132 uint8_t dname_count = 0; 1133 size_t i = 0; 1134 size_t rdataremain = rdatalen; 1135 if(!desc) { 1136 /* unknown type */ 1137 *p += rdatalen; 1138 *remain -= rdatalen; 1139 return; 1140 } 1141 while(dname_count < desc->_dname_count) { 1142 sldns_rdf_type f = sldns_rr_descriptor_field_type(desc, i++); 1143 if(f == LDNS_RDF_TYPE_DNAME) { 1144 lowercase_dname(p, &rdataremain); 1145 dname_count++; 1146 } else if(f == LDNS_RDF_TYPE_STR) { 1147 uint8_t len; 1148 if(rdataremain == 0) return; 1149 len = **p; 1150 *p += len+1; 1151 rdataremain -= len+1; 1152 } else { 1153 int len = 0; 1154 switch(f) { 1155 case LDNS_RDF_TYPE_CLASS: 1156 case LDNS_RDF_TYPE_ALG: 1157 case LDNS_RDF_TYPE_INT8: 1158 len = 1; 1159 break; 1160 case LDNS_RDF_TYPE_INT16: 1161 case LDNS_RDF_TYPE_TYPE: 1162 case LDNS_RDF_TYPE_CERT_ALG: 1163 len = 2; 1164 break; 1165 case LDNS_RDF_TYPE_INT32: 1166 case LDNS_RDF_TYPE_TIME: 1167 case LDNS_RDF_TYPE_A: 1168 case LDNS_RDF_TYPE_PERIOD: 1169 len = 4; 1170 break; 1171 case LDNS_RDF_TYPE_TSIGTIME: 1172 len = 6; 1173 break; 1174 case LDNS_RDF_TYPE_AAAA: 1175 len = 16; 1176 break; 1177 default: error("bad rdf type in lowercase %d", (int)f); 1178 } 1179 *p += len; 1180 rdataremain -= len; 1181 } 1182 } 1183 /* skip remainder of rdata */ 1184 *p += rdataremain; 1185 *remain -= rdatalen; 1186 } 1187 1188 /** lowercase all names in the message */ 1189 static void lowercase_pkt(uint8_t* pkt, size_t pktlen) 1190 { 1191 uint16_t i; 1192 uint8_t* p = pkt; 1193 size_t remain = pktlen; 1194 uint16_t t, rdatalen; 1195 if(pktlen < LDNS_HEADER_SIZE) 1196 return; 1197 p += LDNS_HEADER_SIZE; 1198 remain -= LDNS_HEADER_SIZE; 1199 for(i=0; i<LDNS_QDCOUNT(pkt); i++) { 1200 lowercase_dname(&p, &remain); 1201 if(remain < 4) return; 1202 p += 4; 1203 remain -= 4; 1204 } 1205 for(i=0; i<LDNS_ANCOUNT(pkt)+LDNS_NSCOUNT(pkt)+LDNS_ARCOUNT(pkt); i++) { 1206 lowercase_dname(&p, &remain); 1207 if(remain < 10) return; 1208 t = sldns_read_uint16(p); 1209 rdatalen = sldns_read_uint16(p+8); 1210 p += 10; 1211 remain -= 10; 1212 if(remain < rdatalen) return; 1213 lowercase_rdata(&p, &remain, rdatalen, t); 1214 } 1215 } 1216 1217 /** match question section of packet */ 1218 static int 1219 match_question(uint8_t* q, size_t qlen, uint8_t* p, size_t plen, int mttl) 1220 { 1221 char* qstr, *pstr, *s, *qcmpstr, *pcmpstr; 1222 uint8_t* qb = q, *pb = p; 1223 int r; 1224 /* zero TTLs */ 1225 qb = memdup(q, qlen); 1226 pb = memdup(p, plen); 1227 if(!qb || !pb) error("out of memory"); 1228 if(!mttl) { 1229 zerottls(qb, qlen); 1230 zerottls(pb, plen); 1231 } 1232 lowercase_pkt(qb, qlen); 1233 lowercase_pkt(pb, plen); 1234 qstr = sldns_wire2str_pkt(qb, qlen); 1235 pstr = sldns_wire2str_pkt(pb, plen); 1236 if(!qstr || !pstr) error("cannot pkt2string"); 1237 1238 /* remove before ;; QUESTION */ 1239 s = strstr(qstr, ";; QUESTION SECTION"); 1240 qcmpstr = s; 1241 s = strstr(pstr, ";; QUESTION SECTION"); 1242 pcmpstr = s; 1243 if(!qcmpstr && !pcmpstr) { 1244 free(qstr); 1245 free(pstr); 1246 free(qb); 1247 free(pb); 1248 return 1; 1249 } 1250 if(!qcmpstr || !pcmpstr) { 1251 free(qstr); 1252 free(pstr); 1253 free(qb); 1254 free(pb); 1255 return 0; 1256 } 1257 1258 /* remove after answer section, (;; ANS, ;; AUTH, ;; ADD ..) */ 1259 s = strstr(qcmpstr, ";; ANSWER SECTION"); 1260 if(!s) s = strstr(qcmpstr, ";; AUTHORITY SECTION"); 1261 if(!s) s = strstr(qcmpstr, ";; ADDITIONAL SECTION"); 1262 if(!s) s = strstr(qcmpstr, ";; MSG SIZE"); 1263 if(s) *s = 0; 1264 s = strstr(pcmpstr, ";; ANSWER SECTION"); 1265 if(!s) s = strstr(pcmpstr, ";; AUTHORITY SECTION"); 1266 if(!s) s = strstr(pcmpstr, ";; ADDITIONAL SECTION"); 1267 if(!s) s = strstr(pcmpstr, ";; MSG SIZE"); 1268 if(s) *s = 0; 1269 1270 r = (strcmp(qcmpstr, pcmpstr) == 0); 1271 1272 if(!r) { 1273 verbose(3, "mismatch question section '%s' and '%s'", 1274 qcmpstr, pcmpstr); 1275 } 1276 1277 free(qstr); 1278 free(pstr); 1279 free(qb); 1280 free(pb); 1281 return r; 1282 } 1283 1284 /** match answer section of packet */ 1285 static int 1286 match_answer(uint8_t* q, size_t qlen, uint8_t* p, size_t plen, int mttl) 1287 { 1288 char* qstr, *pstr, *s, *qcmpstr, *pcmpstr; 1289 uint8_t* qb = q, *pb = p; 1290 int r; 1291 /* zero TTLs */ 1292 qb = memdup(q, qlen); 1293 pb = memdup(p, plen); 1294 if(!qb || !pb) error("out of memory"); 1295 if(!mttl) { 1296 zerottls(qb, qlen); 1297 zerottls(pb, plen); 1298 } 1299 lowercase_pkt(qb, qlen); 1300 lowercase_pkt(pb, plen); 1301 qstr = sldns_wire2str_pkt(qb, qlen); 1302 pstr = sldns_wire2str_pkt(pb, plen); 1303 if(!qstr || !pstr) error("cannot pkt2string"); 1304 1305 /* remove before ;; ANSWER */ 1306 s = strstr(qstr, ";; ANSWER SECTION"); 1307 qcmpstr = s; 1308 s = strstr(pstr, ";; ANSWER SECTION"); 1309 pcmpstr = s; 1310 if(!qcmpstr && !pcmpstr) { 1311 free(qstr); 1312 free(pstr); 1313 free(qb); 1314 free(pb); 1315 return 1; 1316 } 1317 if(!qcmpstr || !pcmpstr) { 1318 free(qstr); 1319 free(pstr); 1320 free(qb); 1321 free(pb); 1322 return 0; 1323 } 1324 1325 /* remove after answer section, (;; AUTH, ;; ADD, ;; MSG size ..) */ 1326 s = strstr(qcmpstr, ";; AUTHORITY SECTION"); 1327 if(!s) s = strstr(qcmpstr, ";; ADDITIONAL SECTION"); 1328 if(!s) s = strstr(qcmpstr, ";; MSG SIZE"); 1329 if(s) *s = 0; 1330 s = strstr(pcmpstr, ";; AUTHORITY SECTION"); 1331 if(!s) s = strstr(pcmpstr, ";; ADDITIONAL SECTION"); 1332 if(!s) s = strstr(pcmpstr, ";; MSG SIZE"); 1333 if(s) *s = 0; 1334 1335 r = (strcmp(qcmpstr, pcmpstr) == 0); 1336 1337 if(!r) { 1338 verbose(3, "mismatch answer section '%s' and '%s'", 1339 qcmpstr, pcmpstr); 1340 } 1341 1342 free(qstr); 1343 free(pstr); 1344 free(qb); 1345 free(pb); 1346 return r; 1347 } 1348 1349 /** ignore EDNS lines in the string by overwriting them with what's left or 1350 * zero out if at end of the string */ 1351 static int 1352 ignore_edns_lines(char* str) { 1353 char* edns = str, *n; 1354 size_t str_len = strlen(str); 1355 while((edns = strstr(edns, "; EDNS"))) { 1356 n = strchr(edns, '\n'); 1357 if(!n) { 1358 /* EDNS at end of string; zero */ 1359 *edns = 0; 1360 break; 1361 } 1362 memmove(edns, n+1, str_len-(n-str)); 1363 } 1364 return 1; 1365 } 1366 1367 /** match all of the packet */ 1368 int 1369 match_all(uint8_t* q, size_t qlen, uint8_t* p, size_t plen, int mttl, 1370 int noloc, int noedns) 1371 { 1372 char* qstr, *pstr; 1373 uint8_t* qb = q, *pb = p; 1374 int r; 1375 qb = memdup(q, qlen); 1376 pb = memdup(p, plen); 1377 if(!qb || !pb) error("out of memory"); 1378 /* zero TTLs */ 1379 if(!mttl) { 1380 zerottls(qb, qlen); 1381 zerottls(pb, plen); 1382 } 1383 lowercase_pkt(qb, qlen); 1384 lowercase_pkt(pb, plen); 1385 qstr = sldns_wire2str_pkt(qb, qlen); 1386 pstr = sldns_wire2str_pkt(pb, plen); 1387 if(!qstr || !pstr) error("cannot pkt2string"); 1388 /* should we ignore EDNS lines? */ 1389 if(noedns) { 1390 ignore_edns_lines(qstr); 1391 ignore_edns_lines(pstr); 1392 } 1393 r = (strcmp(qstr, pstr) == 0); 1394 if(!r) { 1395 /* remove ;; MSG SIZE (at end of string) */ 1396 char* s = strstr(qstr, ";; MSG SIZE"); 1397 if(s) *s=0; 1398 s = strstr(pstr, ";; MSG SIZE"); 1399 if(s) *s=0; 1400 r = (strcmp(qstr, pstr) == 0); 1401 if(!r && !noloc && !noedns) { 1402 /* we are going to fail, see if the cause is EDNS */ 1403 char* a = strstr(qstr, "; EDNS"); 1404 char* b = strstr(pstr, "; EDNS"); 1405 if( (a&&!b) || (b&&!a) ) { 1406 verbose(3, "mismatch in EDNS\n"); 1407 } 1408 } 1409 } 1410 if(!r && noloc) { 1411 /* check for reordered sections */ 1412 r = match_noloc(qstr, pstr, q, qlen, p, plen); 1413 } 1414 if(!r) { 1415 verbose(3, "mismatch pkt '%s' and '%s'", qstr, pstr); 1416 } 1417 free(qstr); 1418 free(pstr); 1419 free(qb); 1420 free(pb); 1421 return r; 1422 } 1423 1424 /** see if domain names are equal */ 1425 static int equal_dname(uint8_t* q, size_t qlen, uint8_t* p, size_t plen) 1426 { 1427 uint8_t* qn = get_qname(q, qlen); 1428 uint8_t* pn = get_qname(p, plen); 1429 char qs[512], ps[512]; 1430 size_t qslen = sizeof(qs), pslen = sizeof(ps); 1431 char* qss = qs, *pss = ps; 1432 int comprloop = 0; 1433 if(!qn || !pn) 1434 return 0; 1435 (void)sldns_wire2str_dname_scan(&qn, &qlen, &qss, &qslen, q, qlen, &comprloop); 1436 (void)sldns_wire2str_dname_scan(&pn, &plen, &pss, &pslen, p, plen, &comprloop); 1437 return (strcmp(qs, ps) == 0); 1438 } 1439 1440 /** see if domain names are subdomain q of p */ 1441 static int subdomain_dname(uint8_t* q, size_t qlen, uint8_t* p, size_t plen) 1442 { 1443 /* we use the tostring routines so as to test unbound's routines 1444 * with something else */ 1445 uint8_t* qn = get_qname(q, qlen); 1446 uint8_t* pn = get_qname(p, plen); 1447 char qs[5120], ps[5120]; 1448 size_t qslen = sizeof(qs), pslen = sizeof(ps); 1449 char* qss = qs, *pss = ps; 1450 int comprloop = 0; 1451 if(!qn || !pn) 1452 return 0; 1453 /* decompresses domain names */ 1454 (void)sldns_wire2str_dname_scan(&qn, &qlen, &qss, &qslen, q, qlen, &comprloop); 1455 (void)sldns_wire2str_dname_scan(&pn, &plen, &pss, &pslen, p, plen, &comprloop); 1456 /* same: false, (strict subdomain check)??? */ 1457 if(strcmp(qs, ps) == 0) 1458 return 1; 1459 /* qs must end in ps, at a dot, without \ in front */ 1460 qslen = strlen(qs); 1461 pslen = strlen(ps); 1462 if(qslen > pslen && strcmp(qs + (qslen-pslen), ps) == 0 && 1463 qslen + 2 >= pslen && /* space for label and dot */ 1464 qs[qslen-pslen-1] == '.') { 1465 unsigned int slashcount = 0; 1466 size_t i = qslen-pslen-2; 1467 while(i>0 && qs[i]=='\\') { 1468 i++; 1469 slashcount++; 1470 } 1471 if(slashcount%1 == 1) return 0; /* . preceded by \ */ 1472 return 1; 1473 } 1474 return 0; 1475 } 1476 1477 /** Match OPT RDATA (not the EDNS payload size or flags) */ 1478 static int 1479 match_ednsdata(uint8_t* q, size_t qlen, uint8_t* p, size_t plen) 1480 { 1481 uint8_t* walk_q = q; 1482 size_t walk_qlen = qlen; 1483 uint8_t* walk_p = p; 1484 size_t walk_plen = plen; 1485 1486 if(!pkt_find_edns_opt(&walk_q, &walk_qlen)) 1487 walk_qlen = 0; 1488 if(!pkt_find_edns_opt(&walk_p, &walk_plen)) 1489 walk_plen = 0; 1490 1491 /* class + ttl + rdlen = 8 */ 1492 if(walk_qlen <= 8 && walk_plen <= 8) { 1493 verbose(3, "NO edns opt, move on"); 1494 return 1; 1495 } 1496 if(walk_qlen != walk_plen) 1497 return 0; 1498 1499 return (memcmp(walk_p+8, walk_q+8, walk_qlen-8) == 0); 1500 } 1501 1502 /* finds entry in list, or returns NULL */ 1503 struct entry* 1504 find_match(struct entry* entries, uint8_t* query_pkt, size_t len, 1505 enum transport_type transport) 1506 { 1507 struct entry* p = entries; 1508 uint8_t* reply, *query_pkt_orig; 1509 size_t rlen, query_pkt_orig_len; 1510 /* Keep the original packet; it may be modified */ 1511 query_pkt_orig = memdup(query_pkt, len); 1512 query_pkt_orig_len = len; 1513 for(p=entries; p; p=p->next) { 1514 verbose(3, "comparepkt: "); 1515 reply = p->reply_list->reply_pkt; 1516 rlen = p->reply_list->reply_len; 1517 /* Restore the original packet for each entry */ 1518 memcpy(query_pkt, query_pkt_orig, query_pkt_orig_len); 1519 /* EDE should be first since it may modify the query_pkt */ 1520 if(p->match_ede) { 1521 int info_code = extract_ede(query_pkt, len); 1522 if(info_code == -1) { 1523 verbose(3, "bad EDE. Expected but not found\n"); 1524 continue; 1525 } else if(!p->match_ede_any && 1526 (uint16_t)info_code != p->ede_info_code) { 1527 verbose(3, "bad EDE INFO-CODE. Expected: %d, " 1528 "and got: %d\n", (int)p->ede_info_code, 1529 info_code); 1530 continue; 1531 } 1532 } 1533 if(p->match_opcode && get_opcode(query_pkt, len) != 1534 get_opcode(reply, rlen)) { 1535 verbose(3, "bad opcode\n"); 1536 continue; 1537 } 1538 if(p->match_qtype && get_qtype(query_pkt, len) != 1539 get_qtype(reply, rlen)) { 1540 verbose(3, "bad qtype %d %d\n", get_qtype(query_pkt, len), get_qtype(reply, rlen)); 1541 continue; 1542 } 1543 if(p->match_qname) { 1544 if(!equal_dname(query_pkt, len, reply, rlen)) { 1545 verbose(3, "bad qname\n"); 1546 continue; 1547 } 1548 } 1549 if(p->match_rcode) { 1550 if(get_rcode(query_pkt, len) != get_rcode(reply, rlen)) { 1551 char *r1 = sldns_wire2str_rcode(get_rcode(query_pkt, len)); 1552 char *r2 = sldns_wire2str_rcode(get_rcode(reply, rlen)); 1553 verbose(3, "bad rcode %s instead of %s\n", 1554 r1, r2); 1555 free(r1); 1556 free(r2); 1557 continue; 1558 } 1559 } 1560 if(p->match_question) { 1561 if(!match_question(query_pkt, len, reply, rlen, 1562 (int)p->match_ttl)) { 1563 verbose(3, "bad question section\n"); 1564 continue; 1565 } 1566 } 1567 if(p->match_answer) { 1568 if(!match_answer(query_pkt, len, reply, rlen, 1569 (int)p->match_ttl)) { 1570 verbose(3, "bad answer section\n"); 1571 continue; 1572 } 1573 } 1574 if(p->match_subdomain) { 1575 if(!subdomain_dname(query_pkt, len, reply, rlen)) { 1576 verbose(3, "bad subdomain\n"); 1577 continue; 1578 } 1579 } 1580 if(p->match_serial && get_serial(query_pkt, len) != p->ixfr_soa_serial) { 1581 verbose(3, "bad serial\n"); 1582 continue; 1583 } 1584 if(p->match_do && !get_do_flag(query_pkt, len)) { 1585 verbose(3, "no DO bit set\n"); 1586 continue; 1587 } 1588 if(p->match_noedns && get_has_edns(query_pkt, len)) { 1589 verbose(3, "bad; EDNS OPT present\n"); 1590 continue; 1591 } 1592 if(p->match_ednsdata_raw && 1593 !match_ednsdata(query_pkt, len, reply, rlen)) { 1594 verbose(3, "bad EDNS data match.\n"); 1595 continue; 1596 } 1597 if(p->match_transport != transport_any && p->match_transport != transport) { 1598 verbose(3, "bad transport\n"); 1599 continue; 1600 } 1601 if(p->match_all_noedns && !match_all(query_pkt, len, reply, 1602 rlen, (int)p->match_ttl, 0, 1)) { 1603 verbose(3, "bad all_noedns match\n"); 1604 continue; 1605 } 1606 if(p->match_all && !match_all(query_pkt, len, reply, rlen, 1607 (int)p->match_ttl, 0, 0)) { 1608 verbose(3, "bad allmatch\n"); 1609 continue; 1610 } 1611 verbose(3, "match!\n"); 1612 /* Restore the original packet */ 1613 memcpy(query_pkt, query_pkt_orig, query_pkt_orig_len); 1614 free(query_pkt_orig); 1615 return p; 1616 } 1617 /* Restore the original packet */ 1618 memcpy(query_pkt, query_pkt_orig, query_pkt_orig_len); 1619 free(query_pkt_orig); 1620 return NULL; 1621 } 1622 1623 void 1624 adjust_packet(struct entry* match, uint8_t** answer_pkt, size_t *answer_len, 1625 uint8_t* query_pkt, size_t query_len) 1626 { 1627 uint8_t* orig = *answer_pkt; 1628 size_t origlen = *answer_len; 1629 uint8_t* res; 1630 size_t reslen; 1631 1632 /* perform the copy; if possible; must be uncompressed */ 1633 if(match->copy_query && origlen >= LDNS_HEADER_SIZE && 1634 query_len >= LDNS_HEADER_SIZE && LDNS_QDCOUNT(query_pkt)!=0 1635 && LDNS_QDCOUNT(orig)==0) { 1636 /* no qname in output packet, insert it */ 1637 size_t dlen = get_qname_len(query_pkt, query_len); 1638 reslen = origlen + dlen + 4; 1639 res = (uint8_t*)malloc(reslen); 1640 if(!res) { 1641 verbose(1, "out of memory; send without adjust\n"); 1642 return; 1643 } 1644 /* copy the header, query, remainder */ 1645 memcpy(res, orig, LDNS_HEADER_SIZE); 1646 memmove(res+LDNS_HEADER_SIZE, query_pkt+LDNS_HEADER_SIZE, 1647 dlen+4); 1648 memmove(res+LDNS_HEADER_SIZE+dlen+4, orig+LDNS_HEADER_SIZE, 1649 reslen-(LDNS_HEADER_SIZE+dlen+4)); 1650 /* set QDCOUNT */ 1651 sldns_write_uint16(res+4, 1); 1652 } else if(match->copy_query && origlen >= LDNS_HEADER_SIZE && 1653 query_len >= LDNS_HEADER_SIZE && LDNS_QDCOUNT(query_pkt)!=0 1654 && get_qname_len(orig, origlen) == 0) { 1655 /* QDCOUNT(orig)!=0 but qlen == 0, therefore, an error */ 1656 verbose(1, "error: malformed qname; send without adjust\n"); 1657 res = memdup(orig, origlen); 1658 reslen = origlen; 1659 } else if(match->copy_query && origlen >= LDNS_HEADER_SIZE && 1660 query_len >= LDNS_HEADER_SIZE && LDNS_QDCOUNT(query_pkt)!=0 1661 && LDNS_QDCOUNT(orig)!=0) { 1662 /* in this case olen != 0 and QDCOUNT(orig)!=0 */ 1663 /* copy query section */ 1664 size_t dlen = get_qname_len(query_pkt, query_len); 1665 size_t olen = get_qname_len(orig, origlen); 1666 reslen = origlen + dlen - olen; 1667 res = (uint8_t*)malloc(reslen); 1668 if(!res) { 1669 verbose(1, "out of memory; send without adjust\n"); 1670 return; 1671 } 1672 /* copy the header, query, remainder */ 1673 memcpy(res, orig, LDNS_HEADER_SIZE); 1674 memmove(res+LDNS_HEADER_SIZE, query_pkt+LDNS_HEADER_SIZE, 1675 dlen+4); 1676 memmove(res+LDNS_HEADER_SIZE+dlen+4, 1677 orig+LDNS_HEADER_SIZE+olen+4, 1678 reslen-(LDNS_HEADER_SIZE+dlen+4)); 1679 } else { 1680 res = memdup(orig, origlen); 1681 reslen = origlen; 1682 } 1683 if(!res) { 1684 verbose(1, "out of memory; send without adjust\n"); 1685 return; 1686 } 1687 /* copy the ID */ 1688 if(match->copy_id && reslen >= 2 && query_len >= 2) 1689 res[1] = query_pkt[1]; 1690 if(match->copy_id && reslen >= 1 && query_len >= 1) 1691 res[0] = query_pkt[0]; 1692 1693 if(match->copy_ednsdata_assume_clientsubnet) { 1694 /** Assume there is only one EDNS option, which is ECS. 1695 * Copy source mask from query to scope mask in reply. Assume 1696 * rest of ECS data in response (eg address) matches the query. 1697 */ 1698 uint8_t* walk_q = orig; 1699 size_t walk_qlen = origlen; 1700 uint8_t* walk_p = res; 1701 size_t walk_plen = reslen; 1702 1703 if(!pkt_find_edns_opt(&walk_q, &walk_qlen)) { 1704 walk_qlen = 0; 1705 } 1706 if(!pkt_find_edns_opt(&walk_p, &walk_plen)) { 1707 walk_plen = 0; 1708 } 1709 /* class + ttl + rdlen + optcode + optlen + ecs fam + ecs source 1710 * + ecs scope = index 15 */ 1711 if(walk_qlen >= 15 && walk_plen >= 15) { 1712 walk_p[15] = walk_q[14]; 1713 } 1714 if(match->increment_ecs_scope) { 1715 walk_p[15]++; 1716 } 1717 } 1718 1719 if(match->sleeptime > 0) { 1720 verbose(3, "sleeping for %d seconds\n", match->sleeptime); 1721 #ifdef HAVE_SLEEP 1722 sleep(match->sleeptime); 1723 #else 1724 Sleep(match->sleeptime * 1000); 1725 #endif 1726 } 1727 *answer_pkt = res; 1728 *answer_len = reslen; 1729 } 1730 1731 /* 1732 * Parses data buffer to a query, finds the correct answer 1733 * and calls the given function for every packet to send. 1734 */ 1735 void 1736 handle_query(uint8_t* inbuf, ssize_t inlen, struct entry* entries, int* count, 1737 enum transport_type transport, void (*sendfunc)(uint8_t*, size_t, void*), 1738 void* userdata, FILE* verbose_out) 1739 { 1740 struct reply_packet *p; 1741 uint8_t *outbuf = NULL; 1742 size_t outlen = 0; 1743 struct entry* entry = NULL; 1744 1745 verbose(1, "query %d: id %d: %s %d bytes: ", ++(*count), 1746 (int)(inlen>=2?LDNS_ID_WIRE(inbuf):0), 1747 (transport==transport_tcp)?"TCP":"UDP", (int)inlen); 1748 if(verbose_out) { 1749 char* out = sldns_wire2str_pkt(inbuf, (size_t)inlen); 1750 printf("%s\n", out); 1751 free(out); 1752 } 1753 1754 /* fill up answer packet */ 1755 entry = find_match(entries, inbuf, (size_t)inlen, transport); 1756 if(!entry || !entry->reply_list) { 1757 verbose(1, "no answer packet for this query, no reply.\n"); 1758 return; 1759 } 1760 for(p = entry->reply_list; p; p = p->next) 1761 { 1762 verbose(3, "Answer pkt:\n"); 1763 if (p->reply_from_hex) { 1764 /* try to adjust the hex packet, if it can be 1765 * parsed, we can use adjust rules. if not, 1766 * send packet literally */ 1767 /* still try to adjust ID if others fail */ 1768 outlen = sldns_buffer_limit(p->reply_from_hex); 1769 outbuf = sldns_buffer_begin(p->reply_from_hex); 1770 } else { 1771 outbuf = p->reply_pkt; 1772 outlen = p->reply_len; 1773 } 1774 if(!outbuf) { 1775 verbose(1, "out of memory\n"); 1776 return; 1777 } 1778 /* copies outbuf in memory allocation */ 1779 adjust_packet(entry, &outbuf, &outlen, inbuf, (size_t)inlen); 1780 verbose(1, "Answer packet size: %u bytes.\n", (unsigned int)outlen); 1781 if(verbose_out) { 1782 char* out = sldns_wire2str_pkt(outbuf, outlen); 1783 printf("%s\n", out); 1784 free(out); 1785 } 1786 if(p->packet_sleep) { 1787 verbose(3, "sleeping for next packet %d secs\n", 1788 p->packet_sleep); 1789 #ifdef HAVE_SLEEP 1790 sleep(p->packet_sleep); 1791 #else 1792 Sleep(p->packet_sleep * 1000); 1793 #endif 1794 verbose(3, "wakeup for next packet " 1795 "(slept %d secs)\n", p->packet_sleep); 1796 } 1797 sendfunc(outbuf, outlen, userdata); 1798 free(outbuf); 1799 outbuf = NULL; 1800 outlen = 0; 1801 } 1802 } 1803 1804 /** delete the list of reply packets */ 1805 void delete_replylist(struct reply_packet* replist) 1806 { 1807 struct reply_packet *p=replist, *np; 1808 while(p) { 1809 np = p->next; 1810 free(p->reply_pkt); 1811 sldns_buffer_free(p->reply_from_hex); 1812 sldns_buffer_free(p->raw_ednsdata); 1813 free(p); 1814 p=np; 1815 } 1816 } 1817 1818 void delete_entry(struct entry* list) 1819 { 1820 struct entry *p=list, *np; 1821 while(p) { 1822 np = p->next; 1823 delete_replylist(p->reply_list); 1824 free(p); 1825 p = np; 1826 } 1827 } 1828