1 /*
2 * testpkts. Data file parse for test packets, and query matching.
3 *
4 * Data storage for specially crafted replies for testing purposes.
5 *
6 * (c) NLnet Labs, 2005, 2006, 2007, 2008
7 * See the file LICENSE for the license
8 */
9
10 /**
11 * \file
12 * This is a debugging aid. It is not efficient, especially
13 * with a long config file, but it can give any reply to any query.
14 * This can help the developer pre-script replies for queries.
15 *
16 * You can specify a packet RR by RR with header flags to return.
17 *
18 * Missing features:
19 * - matching content different from reply content.
20 * - find way to adjust mangled packets?
21 */
22
23 #include "config.h"
24 struct sockaddr_storage;
25 #include <errno.h>
26 #include <stdarg.h>
27 #include <ctype.h>
28 #include "testcode/testpkts.h"
29 #include "util/net_help.h"
30 #include "sldns/sbuffer.h"
31 #include "sldns/rrdef.h"
32 #include "sldns/pkthdr.h"
33 #include "sldns/str2wire.h"
34 #include "sldns/wire2str.h"
35
36 /** max size of a packet */
37 #define MAX_PACKETLEN 65536
38 /** max line length */
39 #define MAX_LINE 10240
40 /** string to show in warnings and errors */
41 static const char* prog_name = "testpkts";
42
43 #ifndef UTIL_LOG_H
44 /** verbosity definition for compat */
45 enum verbosity_value { NO_VERBOSE=0 };
46 #endif
47 /** logging routine, provided by caller */
48 void verbose(enum verbosity_value lvl, const char* msg, ...) ATTR_FORMAT(printf, 2, 3);
49 static void error(const char* msg, ...) ATTR_NORETURN;
50
51 /** print error and exit */
error(const char * msg,...)52 static void error(const char* msg, ...)
53 {
54 va_list args;
55 va_start(args, msg);
56 fprintf(stderr, "%s error: ", prog_name);
57 vfprintf(stderr, msg, args);
58 fprintf(stderr, "\n");
59 fflush(stderr);
60 va_end(args);
61 exit(EXIT_FAILURE);
62 }
63
64 /** return if string is empty or comment */
isendline(char c)65 static int isendline(char c)
66 {
67 if(c == ';' || c == '#'
68 || c == '\n' || c == 0)
69 return 1;
70 return 0;
71 }
72
73 /** true if the string starts with the keyword given. Moves the str ahead.
74 * @param str: before keyword, afterwards after keyword and spaces.
75 * @param keyword: the keyword to match
76 * @return: true if keyword present. False otherwise, and str unchanged.
77 */
str_keyword(char ** str,const char * keyword)78 static int str_keyword(char** str, const char* keyword)
79 {
80 size_t len = strlen(keyword);
81 assert(str && keyword);
82 if(strncmp(*str, keyword, len) != 0)
83 return 0;
84 *str += len;
85 while(isspace((unsigned char)**str))
86 (*str)++;
87 return 1;
88 }
89
90 /** Add reply packet to entry */
91 static struct reply_packet*
entry_add_reply(struct entry * entry)92 entry_add_reply(struct entry* entry)
93 {
94 struct reply_packet* pkt = (struct reply_packet*)malloc(
95 sizeof(struct reply_packet));
96 struct reply_packet ** p = &entry->reply_list;
97 if(!pkt) error("out of memory");
98 pkt->next = NULL;
99 pkt->packet_sleep = 0;
100 pkt->reply_pkt = NULL;
101 pkt->reply_from_hex = NULL;
102 pkt->raw_ednsdata = NULL;
103 /* link at end */
104 while(*p)
105 p = &((*p)->next);
106 *p = pkt;
107 return pkt;
108 }
109
110 /** parse MATCH line */
matchline(char * line,struct entry * e)111 static void matchline(char* line, struct entry* e)
112 {
113 char* parse = line;
114 while(*parse) {
115 if(isendline(*parse))
116 return;
117 if(str_keyword(&parse, "opcode")) {
118 e->match_opcode = 1;
119 } else if(str_keyword(&parse, "qtype")) {
120 e->match_qtype = 1;
121 } else if(str_keyword(&parse, "qname")) {
122 e->match_qname = 1;
123 } else if(str_keyword(&parse, "rcode")) {
124 e->match_rcode = 1;
125 } else if(str_keyword(&parse, "question")) {
126 e->match_question = 1;
127 } else if(str_keyword(&parse, "answer")) {
128 e->match_answer = 1;
129 } else if(str_keyword(&parse, "subdomain")) {
130 e->match_subdomain = 1;
131 } else if(str_keyword(&parse, "all")) {
132 e->match_all = 1;
133 } else if(str_keyword(&parse, "ttl")) {
134 e->match_ttl = 1;
135 } else if(str_keyword(&parse, "DO")) {
136 e->match_do = 1;
137 } else if(str_keyword(&parse, "noedns")) {
138 e->match_noedns = 1;
139 } else if(str_keyword(&parse, "ednsdata")) {
140 e->match_ednsdata_raw = 1;
141 } else if(str_keyword(&parse, "UDP")) {
142 e->match_transport = transport_udp;
143 } else if(str_keyword(&parse, "TCP")) {
144 e->match_transport = transport_tcp;
145 } else if(str_keyword(&parse, "serial")) {
146 e->match_serial = 1;
147 if(*parse != '=' && *parse != ':')
148 error("expected = or : in MATCH: %s", line);
149 parse++;
150 e->ixfr_soa_serial = (uint32_t)strtol(parse, (char**)&parse, 10);
151 while(isspace((unsigned char)*parse))
152 parse++;
153 } else {
154 error("could not parse MATCH: '%s'", parse);
155 }
156 }
157 }
158
159 /** parse REPLY line */
replyline(char * line,uint8_t * reply,size_t reply_len,int * do_flag)160 static void replyline(char* line, uint8_t* reply, size_t reply_len,
161 int* do_flag)
162 {
163 char* parse = line;
164 if(reply_len < LDNS_HEADER_SIZE) error("packet too short for header");
165 while(*parse) {
166 if(isendline(*parse))
167 return;
168 /* opcodes */
169 if(str_keyword(&parse, "QUERY")) {
170 LDNS_OPCODE_SET(reply, LDNS_PACKET_QUERY);
171 } else if(str_keyword(&parse, "IQUERY")) {
172 LDNS_OPCODE_SET(reply, LDNS_PACKET_IQUERY);
173 } else if(str_keyword(&parse, "STATUS")) {
174 LDNS_OPCODE_SET(reply, LDNS_PACKET_STATUS);
175 } else if(str_keyword(&parse, "NOTIFY")) {
176 LDNS_OPCODE_SET(reply, LDNS_PACKET_NOTIFY);
177 } else if(str_keyword(&parse, "UPDATE")) {
178 LDNS_OPCODE_SET(reply, LDNS_PACKET_UPDATE);
179 /* rcodes */
180 } else if(str_keyword(&parse, "NOERROR")) {
181 LDNS_RCODE_SET(reply, LDNS_RCODE_NOERROR);
182 } else if(str_keyword(&parse, "FORMERR")) {
183 LDNS_RCODE_SET(reply, LDNS_RCODE_FORMERR);
184 } else if(str_keyword(&parse, "SERVFAIL")) {
185 LDNS_RCODE_SET(reply, LDNS_RCODE_SERVFAIL);
186 } else if(str_keyword(&parse, "NXDOMAIN")) {
187 LDNS_RCODE_SET(reply, LDNS_RCODE_NXDOMAIN);
188 } else if(str_keyword(&parse, "NOTIMPL")) {
189 LDNS_RCODE_SET(reply, LDNS_RCODE_NOTIMPL);
190 } else if(str_keyword(&parse, "REFUSED")) {
191 LDNS_RCODE_SET(reply, LDNS_RCODE_REFUSED);
192 } else if(str_keyword(&parse, "YXDOMAIN")) {
193 LDNS_RCODE_SET(reply, LDNS_RCODE_YXDOMAIN);
194 } else if(str_keyword(&parse, "YXRRSET")) {
195 LDNS_RCODE_SET(reply, LDNS_RCODE_YXRRSET);
196 } else if(str_keyword(&parse, "NXRRSET")) {
197 LDNS_RCODE_SET(reply, LDNS_RCODE_NXRRSET);
198 } else if(str_keyword(&parse, "NOTAUTH")) {
199 LDNS_RCODE_SET(reply, LDNS_RCODE_NOTAUTH);
200 } else if(str_keyword(&parse, "NOTZONE")) {
201 LDNS_RCODE_SET(reply, LDNS_RCODE_NOTZONE);
202 /* flags */
203 } else if(str_keyword(&parse, "QR")) {
204 LDNS_QR_SET(reply);
205 } else if(str_keyword(&parse, "AA")) {
206 LDNS_AA_SET(reply);
207 } else if(str_keyword(&parse, "TC")) {
208 LDNS_TC_SET(reply);
209 } else if(str_keyword(&parse, "RD")) {
210 LDNS_RD_SET(reply);
211 } else if(str_keyword(&parse, "CD")) {
212 LDNS_CD_SET(reply);
213 } else if(str_keyword(&parse, "RA")) {
214 LDNS_RA_SET(reply);
215 } else if(str_keyword(&parse, "AD")) {
216 LDNS_AD_SET(reply);
217 } else if(str_keyword(&parse, "DO")) {
218 *do_flag = 1;
219 } else {
220 error("could not parse REPLY: '%s'", parse);
221 }
222 }
223 }
224
225 /** parse ADJUST line */
adjustline(char * line,struct entry * e,struct reply_packet * pkt)226 static void adjustline(char* line, struct entry* e,
227 struct reply_packet* pkt)
228 {
229 char* parse = line;
230 while(*parse) {
231 if(isendline(*parse))
232 return;
233 if(str_keyword(&parse, "copy_id")) {
234 e->copy_id = 1;
235 } else if(str_keyword(&parse, "copy_query")) {
236 e->copy_query = 1;
237 } else if(str_keyword(&parse, "copy_ednsdata_assume_clientsubnet")) {
238 e->copy_ednsdata_assume_clientsubnet = 1;
239 } else if(str_keyword(&parse, "increment_ecs_scope")) {
240 e->increment_ecs_scope = 1;
241 } else if(str_keyword(&parse, "sleep=")) {
242 e->sleeptime = (unsigned int) strtol(parse, (char**)&parse, 10);
243 while(isspace((unsigned char)*parse))
244 parse++;
245 } else if(str_keyword(&parse, "packet_sleep=")) {
246 pkt->packet_sleep = (unsigned int) strtol(parse, (char**)&parse, 10);
247 while(isspace((unsigned char)*parse))
248 parse++;
249 } else {
250 error("could not parse ADJUST: '%s'", parse);
251 }
252 }
253 }
254
255 /** create new entry */
new_entry(void)256 static struct entry* new_entry(void)
257 {
258 struct entry* e = (struct entry*)malloc(sizeof(struct entry));
259 if(!e) error("out of memory");
260 memset(e, 0, sizeof(*e));
261 e->match_opcode = 0;
262 e->match_qtype = 0;
263 e->match_qname = 0;
264 e->match_rcode = 0;
265 e->match_question = 0;
266 e->match_answer = 0;
267 e->match_subdomain = 0;
268 e->match_all = 0;
269 e->match_ttl = 0;
270 e->match_do = 0;
271 e->match_noedns = 0;
272 e->match_serial = 0;
273 e->ixfr_soa_serial = 0;
274 e->match_transport = transport_any;
275 e->reply_list = NULL;
276 e->copy_id = 0;
277 e->copy_query = 0;
278 e->copy_ednsdata_assume_clientsubnet = 0;
279 e->increment_ecs_scope = 0;
280 e->sleeptime = 0;
281 e->next = NULL;
282 return e;
283 }
284
285 /**
286 * Converts a hex string to binary data
287 * @param hexstr: string of hex.
288 * @param len: is the length of the string
289 * @param buf: is the buffer to store the result in
290 * @param offset: is the starting position in the result buffer
291 * @param buf_len: is the length of buf.
292 * @return This function returns the length of the result
293 */
294 static size_t
hexstr2bin(char * hexstr,int len,uint8_t * buf,size_t offset,size_t buf_len)295 hexstr2bin(char *hexstr, int len, uint8_t *buf, size_t offset, size_t buf_len)
296 {
297 char c;
298 int i;
299 uint8_t int8 = 0;
300 int sec = 0;
301 size_t bufpos = 0;
302
303 if (len % 2 != 0) {
304 return 0;
305 }
306
307 for (i=0; i<len; i++) {
308 c = hexstr[i];
309
310 /* case insensitive, skip spaces */
311 if (c != ' ') {
312 if (c >= '0' && c <= '9') {
313 int8 += c & 0x0f;
314 } else if (c >= 'a' && c <= 'z') {
315 int8 += (c & 0x0f) + 9;
316 } else if (c >= 'A' && c <= 'Z') {
317 int8 += (c & 0x0f) + 9;
318 } else {
319 return 0;
320 }
321
322 if (sec == 0) {
323 int8 = int8 << 4;
324 sec = 1;
325 } else {
326 if (bufpos + offset + 1 <= buf_len) {
327 buf[bufpos+offset] = int8;
328 int8 = 0;
329 sec = 0;
330 bufpos++;
331 } else {
332 fprintf(stderr, "Buffer too small in hexstr2bin");
333 }
334 }
335 }
336 }
337 return bufpos;
338 }
339
340 /** convert hex buffer to binary buffer */
341 static sldns_buffer *
hex_buffer2wire(sldns_buffer * data_buffer)342 hex_buffer2wire(sldns_buffer *data_buffer)
343 {
344 sldns_buffer *wire_buffer = NULL;
345 int c;
346
347 /* stat hack
348 * 0 = normal
349 * 1 = comment (skip to end of line)
350 * 2 = unprintable character found, read binary data directly
351 */
352 size_t data_buf_pos = 0;
353 int state = 0;
354 uint8_t *hexbuf;
355 int hexbufpos = 0;
356 size_t wirelen;
357 uint8_t *data_wire = (uint8_t *) sldns_buffer_begin(data_buffer);
358 uint8_t *wire = (uint8_t*)malloc(MAX_PACKETLEN);
359 if(!wire) error("out of memory");
360
361 hexbuf = (uint8_t*)malloc(MAX_PACKETLEN);
362 if(!hexbuf) error("out of memory");
363 for (data_buf_pos = 0; data_buf_pos < sldns_buffer_position(data_buffer); data_buf_pos++) {
364 c = (int) data_wire[data_buf_pos];
365
366 if (state < 2 && !isascii((unsigned char)c)) {
367 /*verbose("non ascii character found in file: (%d) switching to raw mode\n", c);*/
368 state = 2;
369 }
370 switch (state) {
371 case 0:
372 if ( (c >= '0' && c <= '9') ||
373 (c >= 'a' && c <= 'f') ||
374 (c >= 'A' && c <= 'F') )
375 {
376 if (hexbufpos >= MAX_PACKETLEN) {
377 error("buffer overflow");
378 free(hexbuf);
379 return 0;
380
381 }
382 hexbuf[hexbufpos] = (uint8_t) c;
383 hexbufpos++;
384 } else if (c == ';') {
385 state = 1;
386 } else if (c == ' ' || c == '\t' || c == '\n') {
387 /* skip whitespace */
388 }
389 break;
390 case 1:
391 if (c == '\n' || c == EOF) {
392 state = 0;
393 }
394 break;
395 case 2:
396 if (hexbufpos >= MAX_PACKETLEN) {
397 error("buffer overflow");
398 free(hexbuf);
399 return 0;
400 }
401 hexbuf[hexbufpos] = (uint8_t) c;
402 hexbufpos++;
403 break;
404 }
405 }
406
407 if (hexbufpos >= MAX_PACKETLEN) {
408 /*verbose("packet size reached\n");*/
409 }
410
411 /* lenient mode: length must be multiple of 2 */
412 if (hexbufpos % 2 != 0) {
413 if (hexbufpos >= MAX_PACKETLEN) {
414 error("buffer overflow");
415 free(hexbuf);
416 return 0;
417 }
418 hexbuf[hexbufpos] = (uint8_t) '0';
419 hexbufpos++;
420 }
421
422 if (state < 2) {
423 wirelen = hexstr2bin((char *) hexbuf, hexbufpos, wire, 0, MAX_PACKETLEN);
424 wire_buffer = sldns_buffer_new(wirelen);
425 sldns_buffer_new_frm_data(wire_buffer, wire, wirelen);
426 } else {
427 error("Incomplete hex data, not at byte boundary\n");
428 }
429 free(wire);
430 free(hexbuf);
431 return wire_buffer;
432 }
433
434 /** parse ORIGIN */
435 static void
get_origin(const char * name,struct sldns_file_parse_state * pstate,char * parse)436 get_origin(const char* name, struct sldns_file_parse_state* pstate, char* parse)
437 {
438 /* snip off rest of the text so as to make the parse work in ldns */
439 char* end;
440 char store;
441 int status;
442
443 end=parse;
444 while(!isspace((unsigned char)*end) && !isendline(*end))
445 end++;
446 store = *end;
447 *end = 0;
448 verbose(3, "parsing '%s'\n", parse);
449 status = sldns_str2wire_dname_buf(parse, pstate->origin,
450 &pstate->origin_len);
451 *end = store;
452 if(status != 0)
453 error("%s line %d:\n\t%s: %s", name, pstate->lineno,
454 sldns_get_errorstr_parse(status), parse);
455 }
456
457 /** add RR to packet */
add_rr(char * rrstr,uint8_t * pktbuf,size_t pktsize,size_t * pktlen,struct sldns_file_parse_state * pstate,sldns_pkt_section add_section,const char * fname)458 static void add_rr(char* rrstr, uint8_t* pktbuf, size_t pktsize,
459 size_t* pktlen, struct sldns_file_parse_state* pstate,
460 sldns_pkt_section add_section, const char* fname)
461 {
462 /* it must be a RR, parse and add to packet. */
463 size_t rr_len = pktsize - *pktlen;
464 size_t dname_len = 0;
465 int status;
466 uint8_t* origin = pstate->origin_len?pstate->origin:0;
467 uint8_t* prev = pstate->prev_rr_len?pstate->prev_rr:0;
468 if(*pktlen > pktsize || *pktlen < LDNS_HEADER_SIZE)
469 error("packet overflow");
470
471 /* parse RR */
472 if(add_section == LDNS_SECTION_QUESTION)
473 status = sldns_str2wire_rr_question_buf(rrstr, pktbuf+*pktlen,
474 &rr_len, &dname_len, origin, pstate->origin_len,
475 prev, pstate->prev_rr_len);
476 else status = sldns_str2wire_rr_buf(rrstr, pktbuf+*pktlen, &rr_len,
477 &dname_len, pstate->default_ttl, origin,
478 pstate->origin_len, prev, pstate->prev_rr_len);
479 if(status != 0)
480 error("%s line %d:%d %s\n\t%s", fname, pstate->lineno,
481 LDNS_WIREPARSE_OFFSET(status),
482 sldns_get_errorstr_parse(status), rrstr);
483 *pktlen += rr_len;
484
485 /* increase RR count */
486 if(add_section == LDNS_SECTION_QUESTION)
487 sldns_write_uint16(pktbuf+4, LDNS_QDCOUNT(pktbuf)+1);
488 else if(add_section == LDNS_SECTION_ANSWER)
489 sldns_write_uint16(pktbuf+6, LDNS_ANCOUNT(pktbuf)+1);
490 else if(add_section == LDNS_SECTION_AUTHORITY)
491 sldns_write_uint16(pktbuf+8, LDNS_NSCOUNT(pktbuf)+1);
492 else if(add_section == LDNS_SECTION_ADDITIONAL)
493 sldns_write_uint16(pktbuf+10, LDNS_ARCOUNT(pktbuf)+1);
494 else error("internal error bad section %d", (int)add_section);
495 }
496
497 /* add EDNS 4096 opt record */
498 static void
add_edns(uint8_t * pktbuf,size_t pktsize,int do_flag,uint8_t * ednsdata,uint16_t ednslen,size_t * pktlen)499 add_edns(uint8_t* pktbuf, size_t pktsize, int do_flag, uint8_t *ednsdata,
500 uint16_t ednslen, size_t* pktlen)
501 {
502 uint8_t edns[] = {0x00, /* root label */
503 0x00, LDNS_RR_TYPE_OPT, /* type */
504 0x04, 0xD0, /* class is UDPSIZE 1232 */
505 0x00, /* TTL[0] is ext rcode */
506 0x00, /* TTL[1] is edns version */
507 (uint8_t)(do_flag?0x80:0x00), 0x00, /* TTL[2-3] is edns flags, DO */
508 (uint8_t)((ednslen >> 8) & 0xff),
509 (uint8_t)(ednslen & 0xff), /* rdatalength */
510 };
511 if(*pktlen < LDNS_HEADER_SIZE)
512 return;
513 if(*pktlen + sizeof(edns) + ednslen > pktsize)
514 error("not enough space for EDNS OPT record");
515 memmove(pktbuf+*pktlen, edns, sizeof(edns));
516 if(ednsdata && ednslen)
517 memmove(pktbuf+*pktlen+sizeof(edns), ednsdata, ednslen);
518 sldns_write_uint16(pktbuf+10, LDNS_ARCOUNT(pktbuf)+1);
519 *pktlen += (sizeof(edns) + ednslen);
520 }
521
522 /* Reads one entry from file. Returns entry or NULL on error. */
523 struct entry*
read_entry(FILE * in,const char * name,struct sldns_file_parse_state * pstate,int skip_whitespace)524 read_entry(FILE* in, const char* name, struct sldns_file_parse_state* pstate,
525 int skip_whitespace)
526 {
527 struct entry* current = NULL;
528 char line[MAX_LINE];
529 char* parse;
530 sldns_pkt_section add_section = LDNS_SECTION_QUESTION;
531 struct reply_packet *cur_reply = NULL;
532 int reading_hex = 0;
533 int reading_hex_ednsdata = 0;
534 sldns_buffer* hex_data_buffer = NULL;
535 sldns_buffer* hex_ednsdata_buffer = NULL;
536 uint8_t pktbuf[MAX_PACKETLEN];
537 size_t pktlen = LDNS_HEADER_SIZE;
538 int do_flag = 0; /* DO flag in EDNS */
539 memset(pktbuf, 0, pktlen); /* ID = 0, FLAGS="", and rr counts 0 */
540
541 while(fgets(line, (int)sizeof(line), in) != NULL) {
542 line[MAX_LINE-1] = 0;
543 parse = line;
544 pstate->lineno++;
545
546 while(isspace((unsigned char)*parse))
547 parse++;
548 /* test for keywords */
549 if(isendline(*parse))
550 continue; /* skip comment and empty lines */
551 if(str_keyword(&parse, "ENTRY_BEGIN")) {
552 if(current) {
553 error("%s line %d: previous entry does not ENTRY_END",
554 name, pstate->lineno);
555 }
556 current = new_entry();
557 current->lineno = pstate->lineno;
558 cur_reply = entry_add_reply(current);
559 continue;
560 } else if(str_keyword(&parse, "$ORIGIN")) {
561 get_origin(name, pstate, parse);
562 continue;
563 } else if(str_keyword(&parse, "$TTL")) {
564 pstate->default_ttl = (uint32_t)atoi(parse);
565 continue;
566 }
567
568 /* working inside an entry */
569 if(!current) {
570 error("%s line %d: expected ENTRY_BEGIN but got %s",
571 name, pstate->lineno, line);
572 }
573 if(str_keyword(&parse, "MATCH")) {
574 matchline(parse, current);
575 } else if(str_keyword(&parse, "REPLY")) {
576 replyline(parse, pktbuf, pktlen, &do_flag);
577 } else if(str_keyword(&parse, "ADJUST")) {
578 adjustline(parse, current, cur_reply);
579 } else if(str_keyword(&parse, "EXTRA_PACKET")) {
580 /* copy current packet into buffer */
581 cur_reply->reply_pkt = memdup(pktbuf, pktlen);
582 cur_reply->reply_len = pktlen;
583 if(!cur_reply->reply_pkt)
584 error("out of memory");
585 cur_reply = entry_add_reply(current);
586 /* clear for next packet */
587 pktlen = LDNS_HEADER_SIZE;
588 memset(pktbuf, 0, pktlen); /* ID = 0, FLAGS="", and rr counts 0 */
589 } else if(str_keyword(&parse, "SECTION")) {
590 if(str_keyword(&parse, "QUESTION"))
591 add_section = LDNS_SECTION_QUESTION;
592 else if(str_keyword(&parse, "ANSWER"))
593 add_section = LDNS_SECTION_ANSWER;
594 else if(str_keyword(&parse, "AUTHORITY"))
595 add_section = LDNS_SECTION_AUTHORITY;
596 else if(str_keyword(&parse, "ADDITIONAL"))
597 add_section = LDNS_SECTION_ADDITIONAL;
598 else error("%s line %d: bad section %s", name, pstate->lineno, parse);
599 } else if(str_keyword(&parse, "HEX_ANSWER_BEGIN")) {
600 hex_data_buffer = sldns_buffer_new(MAX_PACKETLEN);
601 reading_hex = 1;
602 } else if(str_keyword(&parse, "HEX_ANSWER_END")) {
603 if(!reading_hex) {
604 error("%s line %d: HEX_ANSWER_END read but no HEX_ANSWER_BEGIN keyword seen", name, pstate->lineno);
605 }
606 reading_hex = 0;
607 cur_reply->reply_from_hex = hex_buffer2wire(hex_data_buffer);
608 sldns_buffer_free(hex_data_buffer);
609 hex_data_buffer = NULL;
610 } else if(reading_hex) {
611 sldns_buffer_printf(hex_data_buffer, "%s", line);
612 } else if(str_keyword(&parse, "HEX_EDNSDATA_BEGIN")) {
613 hex_ednsdata_buffer = sldns_buffer_new(MAX_PACKETLEN);
614 reading_hex_ednsdata = 1;
615 } else if(str_keyword(&parse, "HEX_EDNSDATA_END")) {
616 if (!reading_hex_ednsdata) {
617 error("%s line %d: HEX_EDNSDATA_END read but no"
618 "HEX_EDNSDATA_BEGIN keyword seen", name, pstate->lineno);
619 }
620 reading_hex_ednsdata = 0;
621 cur_reply->raw_ednsdata = hex_buffer2wire(hex_ednsdata_buffer);
622 sldns_buffer_free(hex_ednsdata_buffer);
623 hex_ednsdata_buffer = NULL;
624 } else if(reading_hex_ednsdata) {
625 sldns_buffer_printf(hex_ednsdata_buffer, "%s", line);
626 } else if(str_keyword(&parse, "ENTRY_END")) {
627 if(hex_data_buffer)
628 sldns_buffer_free(hex_data_buffer);
629 if(hex_ednsdata_buffer)
630 sldns_buffer_free(hex_ednsdata_buffer);
631 if(pktlen != 0) {
632 if(do_flag || cur_reply->raw_ednsdata) {
633 if(cur_reply->raw_ednsdata &&
634 sldns_buffer_limit(cur_reply->raw_ednsdata))
635 add_edns(pktbuf, sizeof(pktbuf), do_flag,
636 sldns_buffer_begin(cur_reply->raw_ednsdata),
637 (uint16_t)sldns_buffer_limit(cur_reply->raw_ednsdata),
638 &pktlen);
639 else
640 add_edns(pktbuf, sizeof(pktbuf), do_flag,
641 NULL, 0, &pktlen);
642 }
643 cur_reply->reply_pkt = memdup(pktbuf, pktlen);
644 cur_reply->reply_len = pktlen;
645 if(!cur_reply->reply_pkt)
646 error("out of memory");
647 }
648 return current;
649 } else {
650 add_rr(skip_whitespace?parse:line, pktbuf,
651 sizeof(pktbuf), &pktlen, pstate, add_section,
652 name);
653 }
654
655 }
656 if(reading_hex) {
657 error("%s: End of file reached while still reading hex, "
658 "missing HEX_ANSWER_END\n", name);
659 }
660 if(reading_hex_ednsdata) {
661 error("%s: End of file reached while still reading edns data, "
662 "missing HEX_EDNSDATA_END\n", name);
663 }
664 if(current) {
665 error("%s: End of file reached while reading entry. "
666 "missing ENTRY_END\n", name);
667 }
668 return 0;
669 }
670
671 /* reads the canned reply file and returns a list of structs */
672 struct entry*
read_datafile(const char * name,int skip_whitespace)673 read_datafile(const char* name, int skip_whitespace)
674 {
675 struct entry* list = NULL;
676 struct entry* last = NULL;
677 struct entry* current = NULL;
678 FILE *in;
679 struct sldns_file_parse_state pstate;
680 int entry_num = 0;
681 memset(&pstate, 0, sizeof(pstate));
682
683 if((in=fopen(name, "r")) == NULL) {
684 error("could not open file %s: %s", name, strerror(errno));
685 }
686
687 while((current = read_entry(in, name, &pstate, skip_whitespace)))
688 {
689 if(last)
690 last->next = current;
691 else list = current;
692 last = current;
693 entry_num ++;
694 }
695 verbose(1, "%s: Read %d entries\n", prog_name, entry_num);
696
697 fclose(in);
698 return list;
699 }
700
701 /** get qtype from packet */
get_qtype(uint8_t * pkt,size_t pktlen)702 static sldns_rr_type get_qtype(uint8_t* pkt, size_t pktlen)
703 {
704 uint8_t* d;
705 size_t dl, sl=0;
706 char* snull = NULL;
707 int comprloop = 0;
708 if(pktlen < LDNS_HEADER_SIZE)
709 return 0;
710 if(LDNS_QDCOUNT(pkt) == 0)
711 return 0;
712 /* skip over dname with dname-scan routine */
713 d = pkt+LDNS_HEADER_SIZE;
714 dl = pktlen-LDNS_HEADER_SIZE;
715 (void)sldns_wire2str_dname_scan(&d, &dl, &snull, &sl, pkt, pktlen, &comprloop);
716 if(dl < 2)
717 return 0;
718 return sldns_read_uint16(d);
719 }
720
721 /** get qtype from packet */
get_qname_len(uint8_t * pkt,size_t pktlen)722 static size_t get_qname_len(uint8_t* pkt, size_t pktlen)
723 {
724 uint8_t* d;
725 size_t dl, sl=0;
726 char* snull = NULL;
727 int comprloop = 0;
728 if(pktlen < LDNS_HEADER_SIZE)
729 return 0;
730 if(LDNS_QDCOUNT(pkt) == 0)
731 return 0;
732 /* skip over dname with dname-scan routine */
733 d = pkt+LDNS_HEADER_SIZE;
734 dl = pktlen-LDNS_HEADER_SIZE;
735 (void)sldns_wire2str_dname_scan(&d, &dl, &snull, &sl, pkt, pktlen, &comprloop);
736 return pktlen-dl-LDNS_HEADER_SIZE;
737 }
738
739 /** returns owner from packet */
get_qname(uint8_t * pkt,size_t pktlen)740 static uint8_t* get_qname(uint8_t* pkt, size_t pktlen)
741 {
742 if(pktlen < LDNS_HEADER_SIZE)
743 return NULL;
744 if(LDNS_QDCOUNT(pkt) == 0)
745 return NULL;
746 return pkt+LDNS_HEADER_SIZE;
747 }
748
749 /** returns opcode from packet */
get_opcode(uint8_t * pkt,size_t pktlen)750 static int get_opcode(uint8_t* pkt, size_t pktlen)
751 {
752 if(pktlen < LDNS_HEADER_SIZE)
753 return 0;
754 return (int)LDNS_OPCODE_WIRE(pkt);
755 }
756
757 /** returns rcode from packet */
get_rcode(uint8_t * pkt,size_t pktlen)758 static int get_rcode(uint8_t* pkt, size_t pktlen)
759 {
760 if(pktlen < LDNS_HEADER_SIZE)
761 return 0;
762 return (int)LDNS_RCODE_WIRE(pkt);
763 }
764
765 /** get authority section SOA serial value */
get_serial(uint8_t * p,size_t plen)766 static uint32_t get_serial(uint8_t* p, size_t plen)
767 {
768 uint8_t* walk = p;
769 size_t walk_len = plen, sl=0;
770 char* snull = NULL;
771 uint16_t i;
772 int comprloop = 0;
773
774 if(walk_len < LDNS_HEADER_SIZE)
775 return 0;
776 walk += LDNS_HEADER_SIZE;
777 walk_len -= LDNS_HEADER_SIZE;
778
779 /* skip other records with wire2str_scan */
780 for(i=0; i < LDNS_QDCOUNT(p); i++)
781 (void)sldns_wire2str_rrquestion_scan(&walk, &walk_len,
782 &snull, &sl, p, plen, &comprloop);
783 for(i=0; i < LDNS_ANCOUNT(p); i++)
784 (void)sldns_wire2str_rr_scan(&walk, &walk_len, &snull, &sl,
785 p, plen, &comprloop);
786
787 /* walk through authority section */
788 for(i=0; i < LDNS_NSCOUNT(p); i++) {
789 /* if this is SOA then get serial, skip compressed dname */
790 uint8_t* dstart = walk;
791 size_t dlen = walk_len;
792 (void)sldns_wire2str_dname_scan(&dstart, &dlen, &snull, &sl,
793 p, plen, &comprloop);
794 if(dlen >= 2 && sldns_read_uint16(dstart) == LDNS_RR_TYPE_SOA) {
795 /* skip type, class, TTL, rdatalen */
796 if(dlen < 10)
797 return 0;
798 if(dlen < 10 + (size_t)sldns_read_uint16(dstart+8))
799 return 0;
800 dstart += 10;
801 dlen -= 10;
802 /* check third rdf */
803 (void)sldns_wire2str_dname_scan(&dstart, &dlen, &snull,
804 &sl, p, plen, &comprloop);
805 (void)sldns_wire2str_dname_scan(&dstart, &dlen, &snull,
806 &sl, p, plen, &comprloop);
807 if(dlen < 4)
808 return 0;
809 verbose(3, "found serial %u in msg. ",
810 (int)sldns_read_uint32(dstart));
811 return sldns_read_uint32(dstart);
812 }
813 /* move to next RR */
814 (void)sldns_wire2str_rr_scan(&walk, &walk_len, &snull, &sl,
815 p, plen, &comprloop);
816 }
817 return 0;
818 }
819
820 /** get ptr to EDNS OPT record (and remaining length); behind the type u16 */
821 static int
pkt_find_edns_opt(uint8_t ** p,size_t * plen)822 pkt_find_edns_opt(uint8_t** p, size_t* plen)
823 {
824 /* walk over the packet with scan routines */
825 uint8_t* w = *p;
826 size_t wlen = *plen, sl=0;
827 char* snull = NULL;
828 uint16_t i;
829 int comprloop = 0;
830
831 if(wlen < LDNS_HEADER_SIZE)
832 return 0;
833 w += LDNS_HEADER_SIZE;
834 wlen -= LDNS_HEADER_SIZE;
835
836 /* skip other records with wire2str_scan */
837 for(i=0; i < LDNS_QDCOUNT(*p); i++)
838 (void)sldns_wire2str_rrquestion_scan(&w, &wlen, &snull, &sl,
839 *p, *plen, &comprloop);
840 for(i=0; i < LDNS_ANCOUNT(*p); i++)
841 (void)sldns_wire2str_rr_scan(&w, &wlen, &snull, &sl, *p, *plen, &comprloop);
842 for(i=0; i < LDNS_NSCOUNT(*p); i++)
843 (void)sldns_wire2str_rr_scan(&w, &wlen, &snull, &sl, *p, *plen, &comprloop);
844
845 /* walk through additional section */
846 for(i=0; i < LDNS_ARCOUNT(*p); i++) {
847 /* if this is OPT then done */
848 uint8_t* dstart = w;
849 size_t dlen = wlen;
850 (void)sldns_wire2str_dname_scan(&dstart, &dlen, &snull, &sl,
851 *p, *plen, &comprloop);
852 if(dlen >= 2 && sldns_read_uint16(dstart) == LDNS_RR_TYPE_OPT) {
853 *p = dstart+2;
854 *plen = dlen-2;
855 return 1;
856 }
857 /* move to next RR */
858 (void)sldns_wire2str_rr_scan(&w, &wlen, &snull, &sl, *p, *plen, &comprloop);
859 }
860 return 0;
861 }
862
863 /** return true if the packet has EDNS OPT record */
864 static int
get_has_edns(uint8_t * pkt,size_t len)865 get_has_edns(uint8_t* pkt, size_t len)
866 {
867 /* use arguments as temporary variables */
868 return pkt_find_edns_opt(&pkt, &len);
869 }
870
871 /** return true if the DO flag is set */
872 static int
get_do_flag(uint8_t * pkt,size_t len)873 get_do_flag(uint8_t* pkt, size_t len)
874 {
875 uint16_t edns_bits;
876 uint8_t* walk = pkt;
877 size_t walk_len = len;
878 if(!pkt_find_edns_opt(&walk, &walk_len)) {
879 return 0;
880 }
881 if(walk_len < 6)
882 return 0; /* malformed */
883 edns_bits = sldns_read_uint16(walk+4);
884 return (int)(edns_bits&LDNS_EDNS_MASK_DO_BIT);
885 }
886
887 /** zero TTLs in packet */
888 static void
zerottls(uint8_t * pkt,size_t pktlen)889 zerottls(uint8_t* pkt, size_t pktlen)
890 {
891 uint8_t* walk = pkt;
892 size_t walk_len = pktlen, sl=0;
893 char* snull = NULL;
894 uint16_t i;
895 uint16_t num = LDNS_ANCOUNT(pkt)+LDNS_NSCOUNT(pkt)+LDNS_ARCOUNT(pkt);
896 int comprloop = 0;
897 if(walk_len < LDNS_HEADER_SIZE)
898 return;
899 walk += LDNS_HEADER_SIZE;
900 walk_len -= LDNS_HEADER_SIZE;
901 for(i=0; i < LDNS_QDCOUNT(pkt); i++)
902 (void)sldns_wire2str_rrquestion_scan(&walk, &walk_len,
903 &snull, &sl, pkt, pktlen, &comprloop);
904 for(i=0; i < num; i++) {
905 /* wipe TTL */
906 uint8_t* dstart = walk;
907 size_t dlen = walk_len;
908 (void)sldns_wire2str_dname_scan(&dstart, &dlen, &snull, &sl,
909 pkt, pktlen, &comprloop);
910 if(dlen < 8)
911 return;
912 sldns_write_uint32(dstart+4, 0);
913 /* go to next RR */
914 (void)sldns_wire2str_rr_scan(&walk, &walk_len, &snull, &sl,
915 pkt, pktlen, &comprloop);
916 }
917 }
918
919 /** get one line (\n) from a string, move next to after the \n, zero \n */
920 static int
get_line(char ** s,char ** n)921 get_line(char** s, char** n)
922 {
923 /* at end of string? end */
924 if(*n == NULL || **n == 0)
925 return 0;
926 /* result starts at next string */
927 *s = *n;
928 /* find \n after that */
929 *n = strchr(*s, '\n');
930 if(*n && **n != 0) {
931 /* terminate line */
932 (*n)[0] = 0;
933 (*n)++;
934 }
935 return 1;
936 }
937
938 /** match two RR sections without ordering */
939 static int
match_noloc_section(char ** q,char ** nq,char ** p,char ** np,uint16_t num)940 match_noloc_section(char** q, char** nq, char** p, char** np, uint16_t num)
941 {
942 /* for max number of RRs in packet */
943 const uint16_t numarray = 3000;
944 char* qlines[numarray], *plines[numarray];
945 uint16_t i, j, numq=0, nump=0;
946 if(num > numarray) fatal_exit("too many RRs");
947 /* gather lines */
948 for(i=0; i<num; i++) {
949 get_line(q, nq);
950 get_line(p, np);
951 qlines[numq++] = *q;
952 plines[nump++] = *p;
953 }
954 /* see if they are all present in the other */
955 for(i=0; i<num; i++) {
956 int found = 0;
957 for(j=0; j<num; j++) {
958 if(strcmp(qlines[i], plines[j]) == 0) {
959 found = 1;
960 break;
961 }
962 }
963 if(!found) {
964 verbose(3, "comparenoloc: failed for %s", qlines[i]);
965 return 0;
966 }
967 }
968 return 1;
969 }
970
971 /** match two strings for unordered equality of RRs and everything else */
972 static int
match_noloc(char * q,char * p,uint8_t * q_pkt,size_t q_pkt_len,uint8_t * p_pkt,size_t p_pkt_len)973 match_noloc(char* q, char* p, uint8_t* q_pkt, size_t q_pkt_len,
974 uint8_t* p_pkt, size_t p_pkt_len)
975 {
976 char* nq = q, *np = p;
977 /* if no header, compare bytes */
978 if(p_pkt_len < LDNS_HEADER_SIZE || q_pkt_len < LDNS_HEADER_SIZE) {
979 if(p_pkt_len != q_pkt_len) return 0;
980 return memcmp(p, q, p_pkt_len);
981 }
982 /* compare RR counts */
983 if(LDNS_QDCOUNT(p_pkt) != LDNS_QDCOUNT(q_pkt))
984 return 0;
985 if(LDNS_ANCOUNT(p_pkt) != LDNS_ANCOUNT(q_pkt))
986 return 0;
987 if(LDNS_NSCOUNT(p_pkt) != LDNS_NSCOUNT(q_pkt))
988 return 0;
989 if(LDNS_ARCOUNT(p_pkt) != LDNS_ARCOUNT(q_pkt))
990 return 0;
991 /* get a line from both; compare; at sections do section */
992 get_line(&q, &nq);
993 get_line(&p, &np);
994 if(strcmp(q, p) != 0) {
995 /* header line opcode, rcode, id */
996 return 0;
997 }
998 get_line(&q, &nq);
999 get_line(&p, &np);
1000 if(strcmp(q, p) != 0) {
1001 /* header flags, rr counts */
1002 return 0;
1003 }
1004 /* ;; QUESTION SECTION */
1005 get_line(&q, &nq);
1006 get_line(&p, &np);
1007 if(strcmp(q, p) != 0) return 0;
1008 if(!match_noloc_section(&q, &nq, &p, &np, LDNS_QDCOUNT(p_pkt)))
1009 return 0;
1010
1011 /* empty line and ;; ANSWER SECTION */
1012 get_line(&q, &nq);
1013 get_line(&p, &np);
1014 if(strcmp(q, p) != 0) return 0;
1015 get_line(&q, &nq);
1016 get_line(&p, &np);
1017 if(strcmp(q, p) != 0) return 0;
1018 if(!match_noloc_section(&q, &nq, &p, &np, LDNS_ANCOUNT(p_pkt)))
1019 return 0;
1020
1021 /* empty line and ;; AUTHORITY SECTION */
1022 get_line(&q, &nq);
1023 get_line(&p, &np);
1024 if(strcmp(q, p) != 0) return 0;
1025 get_line(&q, &nq);
1026 get_line(&p, &np);
1027 if(strcmp(q, p) != 0) return 0;
1028 if(!match_noloc_section(&q, &nq, &p, &np, LDNS_NSCOUNT(p_pkt)))
1029 return 0;
1030
1031 /* empty line and ;; ADDITIONAL SECTION */
1032 get_line(&q, &nq);
1033 get_line(&p, &np);
1034 if(strcmp(q, p) != 0) return 0;
1035 get_line(&q, &nq);
1036 get_line(&p, &np);
1037 if(strcmp(q, p) != 0) return 0;
1038 if(!match_noloc_section(&q, &nq, &p, &np, LDNS_ARCOUNT(p_pkt)))
1039 return 0;
1040
1041 return 1;
1042 }
1043
1044 /** lowercase domain name - does not follow compression pointers */
lowercase_dname(uint8_t ** p,size_t * remain)1045 static void lowercase_dname(uint8_t** p, size_t* remain)
1046 {
1047 unsigned i, llen;
1048 if(*remain == 0) return;
1049 while(**p != 0) {
1050 /* compressed? */
1051 if((**p & 0xc0) == 0xc0) {
1052 *p += 2;
1053 *remain -= 2;
1054 return;
1055 }
1056 llen = (unsigned int)**p;
1057 *p += 1;
1058 *remain -= 1;
1059 if(*remain < llen)
1060 llen = (unsigned int)*remain;
1061 for(i=0; i<llen; i++) {
1062 (*p)[i] = (uint8_t)tolower((int)(*p)[i]);
1063 }
1064 *p += llen;
1065 *remain -= llen;
1066 if(*remain == 0) return;
1067 }
1068 /* skip root label */
1069 *p += 1;
1070 *remain -= 1;
1071 }
1072
1073 /** lowercase rdata of type */
lowercase_rdata(uint8_t ** p,size_t * remain,uint16_t rdatalen,uint16_t t)1074 static void lowercase_rdata(uint8_t** p, size_t* remain,
1075 uint16_t rdatalen, uint16_t t)
1076 {
1077 const sldns_rr_descriptor *desc = sldns_rr_descript(t);
1078 uint8_t dname_count = 0;
1079 size_t i = 0;
1080 size_t rdataremain = rdatalen;
1081 if(!desc) {
1082 /* unknown type */
1083 *p += rdatalen;
1084 *remain -= rdatalen;
1085 return;
1086 }
1087 while(dname_count < desc->_dname_count) {
1088 sldns_rdf_type f = sldns_rr_descriptor_field_type(desc, i++);
1089 if(f == LDNS_RDF_TYPE_DNAME) {
1090 lowercase_dname(p, &rdataremain);
1091 dname_count++;
1092 } else if(f == LDNS_RDF_TYPE_STR) {
1093 uint8_t len;
1094 if(rdataremain == 0) return;
1095 len = **p;
1096 *p += len+1;
1097 rdataremain -= len+1;
1098 } else {
1099 int len = 0;
1100 switch(f) {
1101 case LDNS_RDF_TYPE_CLASS:
1102 case LDNS_RDF_TYPE_ALG:
1103 case LDNS_RDF_TYPE_INT8:
1104 len = 1;
1105 break;
1106 case LDNS_RDF_TYPE_INT16:
1107 case LDNS_RDF_TYPE_TYPE:
1108 case LDNS_RDF_TYPE_CERT_ALG:
1109 len = 2;
1110 break;
1111 case LDNS_RDF_TYPE_INT32:
1112 case LDNS_RDF_TYPE_TIME:
1113 case LDNS_RDF_TYPE_A:
1114 case LDNS_RDF_TYPE_PERIOD:
1115 len = 4;
1116 break;
1117 case LDNS_RDF_TYPE_TSIGTIME:
1118 len = 6;
1119 break;
1120 case LDNS_RDF_TYPE_AAAA:
1121 len = 16;
1122 break;
1123 default: error("bad rdf type in lowercase %d", (int)f);
1124 }
1125 *p += len;
1126 rdataremain -= len;
1127 }
1128 }
1129 /* skip remainder of rdata */
1130 *p += rdataremain;
1131 *remain -= rdatalen;
1132 }
1133
1134 /** lowercase all names in the message */
lowercase_pkt(uint8_t * pkt,size_t pktlen)1135 static void lowercase_pkt(uint8_t* pkt, size_t pktlen)
1136 {
1137 uint16_t i;
1138 uint8_t* p = pkt;
1139 size_t remain = pktlen;
1140 uint16_t t, rdatalen;
1141 if(pktlen < LDNS_HEADER_SIZE)
1142 return;
1143 p += LDNS_HEADER_SIZE;
1144 remain -= LDNS_HEADER_SIZE;
1145 for(i=0; i<LDNS_QDCOUNT(pkt); i++) {
1146 lowercase_dname(&p, &remain);
1147 if(remain < 4) return;
1148 p += 4;
1149 remain -= 4;
1150 }
1151 for(i=0; i<LDNS_ANCOUNT(pkt)+LDNS_NSCOUNT(pkt)+LDNS_ARCOUNT(pkt); i++) {
1152 lowercase_dname(&p, &remain);
1153 if(remain < 10) return;
1154 t = sldns_read_uint16(p);
1155 rdatalen = sldns_read_uint16(p+8);
1156 p += 10;
1157 remain -= 10;
1158 if(remain < rdatalen) return;
1159 lowercase_rdata(&p, &remain, rdatalen, t);
1160 }
1161 }
1162
1163 /** match question section of packet */
1164 static int
match_question(uint8_t * q,size_t qlen,uint8_t * p,size_t plen,int mttl)1165 match_question(uint8_t* q, size_t qlen, uint8_t* p, size_t plen, int mttl)
1166 {
1167 char* qstr, *pstr, *s, *qcmpstr, *pcmpstr;
1168 uint8_t* qb = q, *pb = p;
1169 int r;
1170 /* zero TTLs */
1171 qb = memdup(q, qlen);
1172 pb = memdup(p, plen);
1173 if(!qb || !pb) error("out of memory");
1174 if(!mttl) {
1175 zerottls(qb, qlen);
1176 zerottls(pb, plen);
1177 }
1178 lowercase_pkt(qb, qlen);
1179 lowercase_pkt(pb, plen);
1180 qstr = sldns_wire2str_pkt(qb, qlen);
1181 pstr = sldns_wire2str_pkt(pb, plen);
1182 if(!qstr || !pstr) error("cannot pkt2string");
1183
1184 /* remove before ;; QUESTION */
1185 s = strstr(qstr, ";; QUESTION SECTION");
1186 qcmpstr = s;
1187 s = strstr(pstr, ";; QUESTION SECTION");
1188 pcmpstr = s;
1189 if(!qcmpstr && !pcmpstr) {
1190 free(qstr);
1191 free(pstr);
1192 free(qb);
1193 free(pb);
1194 return 1;
1195 }
1196 if(!qcmpstr || !pcmpstr) {
1197 free(qstr);
1198 free(pstr);
1199 free(qb);
1200 free(pb);
1201 return 0;
1202 }
1203
1204 /* remove after answer section, (;; AUTH, ;; ADD, ;; MSG size ..) */
1205 s = strstr(qcmpstr, ";; ANSWER SECTION");
1206 if(!s) s = strstr(qcmpstr, ";; AUTHORITY SECTION");
1207 if(!s) s = strstr(qcmpstr, ";; ADDITIONAL SECTION");
1208 if(!s) s = strstr(qcmpstr, ";; MSG SIZE");
1209 if(s) *s = 0;
1210 s = strstr(pcmpstr, ";; ANSWER SECTION");
1211 if(!s) s = strstr(pcmpstr, ";; AUTHORITY SECTION");
1212 if(!s) s = strstr(pcmpstr, ";; ADDITIONAL SECTION");
1213 if(!s) s = strstr(pcmpstr, ";; MSG SIZE");
1214 if(s) *s = 0;
1215
1216 r = (strcmp(qcmpstr, pcmpstr) == 0);
1217
1218 if(!r) {
1219 verbose(3, "mismatch question section '%s' and '%s'",
1220 qcmpstr, pcmpstr);
1221 }
1222
1223 free(qstr);
1224 free(pstr);
1225 free(qb);
1226 free(pb);
1227 return r;
1228 }
1229
1230 /** match answer section of packet */
1231 static int
match_answer(uint8_t * q,size_t qlen,uint8_t * p,size_t plen,int mttl)1232 match_answer(uint8_t* q, size_t qlen, uint8_t* p, size_t plen, int mttl)
1233 {
1234 char* qstr, *pstr, *s, *qcmpstr, *pcmpstr;
1235 uint8_t* qb = q, *pb = p;
1236 int r;
1237 /* zero TTLs */
1238 qb = memdup(q, qlen);
1239 pb = memdup(p, plen);
1240 if(!qb || !pb) error("out of memory");
1241 if(!mttl) {
1242 zerottls(qb, qlen);
1243 zerottls(pb, plen);
1244 }
1245 lowercase_pkt(qb, qlen);
1246 lowercase_pkt(pb, plen);
1247 qstr = sldns_wire2str_pkt(qb, qlen);
1248 pstr = sldns_wire2str_pkt(pb, plen);
1249 if(!qstr || !pstr) error("cannot pkt2string");
1250
1251 /* remove before ;; ANSWER */
1252 s = strstr(qstr, ";; ANSWER SECTION");
1253 qcmpstr = s;
1254 s = strstr(pstr, ";; ANSWER SECTION");
1255 pcmpstr = s;
1256 if(!qcmpstr && !pcmpstr) {
1257 free(qstr);
1258 free(pstr);
1259 free(qb);
1260 free(pb);
1261 return 1;
1262 }
1263 if(!qcmpstr || !pcmpstr) {
1264 free(qstr);
1265 free(pstr);
1266 free(qb);
1267 free(pb);
1268 return 0;
1269 }
1270
1271 /* remove after answer section, (;; AUTH, ;; ADD, ;; MSG size ..) */
1272 s = strstr(qcmpstr, ";; AUTHORITY SECTION");
1273 if(!s) s = strstr(qcmpstr, ";; ADDITIONAL SECTION");
1274 if(!s) s = strstr(qcmpstr, ";; MSG SIZE");
1275 if(s) *s = 0;
1276 s = strstr(pcmpstr, ";; AUTHORITY SECTION");
1277 if(!s) s = strstr(pcmpstr, ";; ADDITIONAL SECTION");
1278 if(!s) s = strstr(pcmpstr, ";; MSG SIZE");
1279 if(s) *s = 0;
1280
1281 r = (strcmp(qcmpstr, pcmpstr) == 0);
1282
1283 if(!r) {
1284 verbose(3, "mismatch answer section '%s' and '%s'",
1285 qcmpstr, pcmpstr);
1286 }
1287
1288 free(qstr);
1289 free(pstr);
1290 free(qb);
1291 free(pb);
1292 return r;
1293 }
1294
1295 /** match all of the packet */
1296 int
match_all(uint8_t * q,size_t qlen,uint8_t * p,size_t plen,int mttl,int noloc)1297 match_all(uint8_t* q, size_t qlen, uint8_t* p, size_t plen, int mttl,
1298 int noloc)
1299 {
1300 char* qstr, *pstr;
1301 uint8_t* qb = q, *pb = p;
1302 int r;
1303 /* zero TTLs */
1304 qb = memdup(q, qlen);
1305 pb = memdup(p, plen);
1306 if(!qb || !pb) error("out of memory");
1307 if(!mttl) {
1308 zerottls(qb, qlen);
1309 zerottls(pb, plen);
1310 }
1311 lowercase_pkt(qb, qlen);
1312 lowercase_pkt(pb, plen);
1313 qstr = sldns_wire2str_pkt(qb, qlen);
1314 pstr = sldns_wire2str_pkt(pb, plen);
1315 if(!qstr || !pstr) error("cannot pkt2string");
1316 r = (strcmp(qstr, pstr) == 0);
1317 if(!r) {
1318 /* remove ;; MSG SIZE (at end of string) */
1319 char* s = strstr(qstr, ";; MSG SIZE");
1320 if(s) *s=0;
1321 s = strstr(pstr, ";; MSG SIZE");
1322 if(s) *s=0;
1323 r = (strcmp(qstr, pstr) == 0);
1324 if(!r && !noloc) {
1325 /* we are going to fail see if it is because of EDNS */
1326 char* a = strstr(qstr, "; EDNS");
1327 char* b = strstr(pstr, "; EDNS");
1328 if( (a&&!b) || (b&&!a) ) {
1329 verbose(3, "mismatch in EDNS\n");
1330 }
1331 }
1332 }
1333 if(!r && noloc) {
1334 /* check for reordered sections */
1335 r = match_noloc(qstr, pstr, q, qlen, p, plen);
1336 }
1337 if(!r) {
1338 verbose(3, "mismatch pkt '%s' and '%s'", qstr, pstr);
1339 }
1340 free(qstr);
1341 free(pstr);
1342 free(qb);
1343 free(pb);
1344 return r;
1345 }
1346
1347 /** see if domain names are equal */
equal_dname(uint8_t * q,size_t qlen,uint8_t * p,size_t plen)1348 static int equal_dname(uint8_t* q, size_t qlen, uint8_t* p, size_t plen)
1349 {
1350 uint8_t* qn = get_qname(q, qlen);
1351 uint8_t* pn = get_qname(p, plen);
1352 char qs[512], ps[512];
1353 size_t qslen = sizeof(qs), pslen = sizeof(ps);
1354 char* qss = qs, *pss = ps;
1355 int comprloop = 0;
1356 if(!qn || !pn)
1357 return 0;
1358 (void)sldns_wire2str_dname_scan(&qn, &qlen, &qss, &qslen, q, qlen, &comprloop);
1359 (void)sldns_wire2str_dname_scan(&pn, &plen, &pss, &pslen, p, plen, &comprloop);
1360 return (strcmp(qs, ps) == 0);
1361 }
1362
1363 /** see if domain names are subdomain q of p */
subdomain_dname(uint8_t * q,size_t qlen,uint8_t * p,size_t plen)1364 static int subdomain_dname(uint8_t* q, size_t qlen, uint8_t* p, size_t plen)
1365 {
1366 /* we use the tostring routines so as to test unbound's routines
1367 * with something else */
1368 uint8_t* qn = get_qname(q, qlen);
1369 uint8_t* pn = get_qname(p, plen);
1370 char qs[5120], ps[5120];
1371 size_t qslen = sizeof(qs), pslen = sizeof(ps);
1372 char* qss = qs, *pss = ps;
1373 int comprloop = 0;
1374 if(!qn || !pn)
1375 return 0;
1376 /* decompresses domain names */
1377 (void)sldns_wire2str_dname_scan(&qn, &qlen, &qss, &qslen, q, qlen, &comprloop);
1378 (void)sldns_wire2str_dname_scan(&pn, &plen, &pss, &pslen, p, plen, &comprloop);
1379 /* same: false, (strict subdomain check)??? */
1380 if(strcmp(qs, ps) == 0)
1381 return 1;
1382 /* qs must end in ps, at a dot, without \ in front */
1383 qslen = strlen(qs);
1384 pslen = strlen(ps);
1385 if(qslen > pslen && strcmp(qs + (qslen-pslen), ps) == 0 &&
1386 qslen + 2 >= pslen && /* space for label and dot */
1387 qs[qslen-pslen-1] == '.') {
1388 unsigned int slashcount = 0;
1389 size_t i = qslen-pslen-2;
1390 while(i>0 && qs[i]=='\\') {
1391 i++;
1392 slashcount++;
1393 }
1394 if(slashcount%1 == 1) return 0; /* . preceded by \ */
1395 return 1;
1396 }
1397 return 0;
1398 }
1399
1400 /** Match OPT RDATA (not the EDNS payload size or flags) */
1401 static int
match_ednsdata(uint8_t * q,size_t qlen,uint8_t * p,size_t plen)1402 match_ednsdata(uint8_t* q, size_t qlen, uint8_t* p, size_t plen)
1403 {
1404 uint8_t* walk_q = q;
1405 size_t walk_qlen = qlen;
1406 uint8_t* walk_p = p;
1407 size_t walk_plen = plen;
1408
1409 if(!pkt_find_edns_opt(&walk_q, &walk_qlen))
1410 walk_qlen = 0;
1411 if(!pkt_find_edns_opt(&walk_p, &walk_plen))
1412 walk_plen = 0;
1413
1414 /* class + ttl + rdlen = 8 */
1415 if(walk_qlen <= 8 && walk_plen <= 8) {
1416 verbose(3, "NO edns opt, move on");
1417 return 1;
1418 }
1419 if(walk_qlen != walk_plen)
1420 return 0;
1421
1422 return (memcmp(walk_p+8, walk_q+8, walk_qlen-8) == 0);
1423 }
1424
1425 /* finds entry in list, or returns NULL */
1426 struct entry*
find_match(struct entry * entries,uint8_t * query_pkt,size_t len,enum transport_type transport)1427 find_match(struct entry* entries, uint8_t* query_pkt, size_t len,
1428 enum transport_type transport)
1429 {
1430 struct entry* p = entries;
1431 uint8_t* reply;
1432 size_t rlen;
1433 for(p=entries; p; p=p->next) {
1434 verbose(3, "comparepkt: ");
1435 reply = p->reply_list->reply_pkt;
1436 rlen = p->reply_list->reply_len;
1437 if(p->match_opcode && get_opcode(query_pkt, len) !=
1438 get_opcode(reply, rlen)) {
1439 verbose(3, "bad opcode\n");
1440 continue;
1441 }
1442 if(p->match_qtype && get_qtype(query_pkt, len) !=
1443 get_qtype(reply, rlen)) {
1444 verbose(3, "bad qtype %d %d\n", get_qtype(query_pkt, len), get_qtype(reply, rlen));
1445 continue;
1446 }
1447 if(p->match_qname) {
1448 if(!equal_dname(query_pkt, len, reply, rlen)) {
1449 verbose(3, "bad qname\n");
1450 continue;
1451 }
1452 }
1453 if(p->match_rcode) {
1454 if(get_rcode(query_pkt, len) != get_rcode(reply, rlen)) {
1455 char *r1 = sldns_wire2str_rcode(get_rcode(query_pkt, len));
1456 char *r2 = sldns_wire2str_rcode(get_rcode(reply, rlen));
1457 verbose(3, "bad rcode %s instead of %s\n",
1458 r1, r2);
1459 free(r1);
1460 free(r2);
1461 continue;
1462 }
1463 }
1464 if(p->match_question) {
1465 if(!match_question(query_pkt, len, reply, rlen,
1466 (int)p->match_ttl)) {
1467 verbose(3, "bad question section\n");
1468 continue;
1469 }
1470 }
1471 if(p->match_answer) {
1472 if(!match_answer(query_pkt, len, reply, rlen,
1473 (int)p->match_ttl)) {
1474 verbose(3, "bad answer section\n");
1475 continue;
1476 }
1477 }
1478 if(p->match_subdomain) {
1479 if(!subdomain_dname(query_pkt, len, reply, rlen)) {
1480 verbose(3, "bad subdomain\n");
1481 continue;
1482 }
1483 }
1484 if(p->match_serial && get_serial(query_pkt, len) != p->ixfr_soa_serial) {
1485 verbose(3, "bad serial\n");
1486 continue;
1487 }
1488 if(p->match_do && !get_do_flag(query_pkt, len)) {
1489 verbose(3, "no DO bit set\n");
1490 continue;
1491 }
1492 if(p->match_noedns && get_has_edns(query_pkt, len)) {
1493 verbose(3, "bad; EDNS OPT present\n");
1494 continue;
1495 }
1496 if(p->match_ednsdata_raw &&
1497 !match_ednsdata(query_pkt, len, reply, rlen)) {
1498 verbose(3, "bad EDNS data match.\n");
1499 continue;
1500 }
1501 if(p->match_transport != transport_any && p->match_transport != transport) {
1502 verbose(3, "bad transport\n");
1503 continue;
1504 }
1505 if(p->match_all && !match_all(query_pkt, len, reply, rlen,
1506 (int)p->match_ttl, 0)) {
1507 verbose(3, "bad allmatch\n");
1508 continue;
1509 }
1510 verbose(3, "match!\n");
1511 return p;
1512 }
1513 return NULL;
1514 }
1515
1516 void
adjust_packet(struct entry * match,uint8_t ** answer_pkt,size_t * answer_len,uint8_t * query_pkt,size_t query_len)1517 adjust_packet(struct entry* match, uint8_t** answer_pkt, size_t *answer_len,
1518 uint8_t* query_pkt, size_t query_len)
1519 {
1520 uint8_t* orig = *answer_pkt;
1521 size_t origlen = *answer_len;
1522 uint8_t* res;
1523 size_t reslen;
1524
1525 /* perform the copy; if possible; must be uncompressed */
1526 if(match->copy_query && origlen >= LDNS_HEADER_SIZE &&
1527 query_len >= LDNS_HEADER_SIZE && LDNS_QDCOUNT(query_pkt)!=0
1528 && LDNS_QDCOUNT(orig)==0) {
1529 /* no qname in output packet, insert it */
1530 size_t dlen = get_qname_len(query_pkt, query_len);
1531 reslen = origlen + dlen + 4;
1532 res = (uint8_t*)malloc(reslen);
1533 if(!res) {
1534 verbose(1, "out of memory; send without adjust\n");
1535 return;
1536 }
1537 /* copy the header, query, remainder */
1538 memcpy(res, orig, LDNS_HEADER_SIZE);
1539 memmove(res+LDNS_HEADER_SIZE, query_pkt+LDNS_HEADER_SIZE,
1540 dlen+4);
1541 memmove(res+LDNS_HEADER_SIZE+dlen+4, orig+LDNS_HEADER_SIZE,
1542 reslen-(LDNS_HEADER_SIZE+dlen+4));
1543 /* set QDCOUNT */
1544 sldns_write_uint16(res+4, 1);
1545 } else if(match->copy_query && origlen >= LDNS_HEADER_SIZE &&
1546 query_len >= LDNS_HEADER_SIZE && LDNS_QDCOUNT(query_pkt)!=0
1547 && get_qname_len(orig, origlen) == 0) {
1548 /* QDCOUNT(orig)!=0 but qlen == 0, therefore, an error */
1549 verbose(1, "error: malformed qname; send without adjust\n");
1550 res = memdup(orig, origlen);
1551 reslen = origlen;
1552 } else if(match->copy_query && origlen >= LDNS_HEADER_SIZE &&
1553 query_len >= LDNS_HEADER_SIZE && LDNS_QDCOUNT(query_pkt)!=0
1554 && LDNS_QDCOUNT(orig)!=0) {
1555 /* in this case olen != 0 and QDCOUNT(orig)!=0 */
1556 /* copy query section */
1557 size_t dlen = get_qname_len(query_pkt, query_len);
1558 size_t olen = get_qname_len(orig, origlen);
1559 reslen = origlen + dlen - olen;
1560 res = (uint8_t*)malloc(reslen);
1561 if(!res) {
1562 verbose(1, "out of memory; send without adjust\n");
1563 return;
1564 }
1565 /* copy the header, query, remainder */
1566 memcpy(res, orig, LDNS_HEADER_SIZE);
1567 memmove(res+LDNS_HEADER_SIZE, query_pkt+LDNS_HEADER_SIZE,
1568 dlen+4);
1569 memmove(res+LDNS_HEADER_SIZE+dlen+4,
1570 orig+LDNS_HEADER_SIZE+olen+4,
1571 reslen-(LDNS_HEADER_SIZE+dlen+4));
1572 } else {
1573 res = memdup(orig, origlen);
1574 reslen = origlen;
1575 }
1576 if(!res) {
1577 verbose(1, "out of memory; send without adjust\n");
1578 return;
1579 }
1580 /* copy the ID */
1581 if(match->copy_id && reslen >= 2 && query_len >= 2)
1582 res[1] = query_pkt[1];
1583 if(match->copy_id && reslen >= 1 && query_len >= 1)
1584 res[0] = query_pkt[0];
1585
1586 if(match->copy_ednsdata_assume_clientsubnet) {
1587 /** Assume there is only one EDNS option, which is ECS.
1588 * Copy source mask from query to scope mask in reply. Assume
1589 * rest of ECS data in response (eg address) matches the query.
1590 */
1591 uint8_t* walk_q = orig;
1592 size_t walk_qlen = origlen;
1593 uint8_t* walk_p = res;
1594 size_t walk_plen = reslen;
1595
1596 if(!pkt_find_edns_opt(&walk_q, &walk_qlen)) {
1597 walk_qlen = 0;
1598 }
1599 if(!pkt_find_edns_opt(&walk_p, &walk_plen)) {
1600 walk_plen = 0;
1601 }
1602 /* class + ttl + rdlen + optcode + optlen + ecs fam + ecs source
1603 * + ecs scope = index 15 */
1604 if(walk_qlen >= 15 && walk_plen >= 15) {
1605 walk_p[15] = walk_q[14];
1606 }
1607 if(match->increment_ecs_scope) {
1608 walk_p[15]++;
1609 }
1610 }
1611
1612 if(match->sleeptime > 0) {
1613 verbose(3, "sleeping for %d seconds\n", match->sleeptime);
1614 #ifdef HAVE_SLEEP
1615 sleep(match->sleeptime);
1616 #else
1617 Sleep(match->sleeptime * 1000);
1618 #endif
1619 }
1620 *answer_pkt = res;
1621 *answer_len = reslen;
1622 }
1623
1624 /*
1625 * Parses data buffer to a query, finds the correct answer
1626 * and calls the given function for every packet to send.
1627 */
1628 void
handle_query(uint8_t * inbuf,ssize_t inlen,struct entry * entries,int * count,enum transport_type transport,void (* sendfunc)(uint8_t *,size_t,void *),void * userdata,FILE * verbose_out)1629 handle_query(uint8_t* inbuf, ssize_t inlen, struct entry* entries, int* count,
1630 enum transport_type transport, void (*sendfunc)(uint8_t*, size_t, void*),
1631 void* userdata, FILE* verbose_out)
1632 {
1633 struct reply_packet *p;
1634 uint8_t *outbuf = NULL;
1635 size_t outlen = 0;
1636 struct entry* entry = NULL;
1637
1638 verbose(1, "query %d: id %d: %s %d bytes: ", ++(*count),
1639 (int)(inlen>=2?LDNS_ID_WIRE(inbuf):0),
1640 (transport==transport_tcp)?"TCP":"UDP", (int)inlen);
1641 if(verbose_out) {
1642 char* out = sldns_wire2str_pkt(inbuf, (size_t)inlen);
1643 printf("%s\n", out);
1644 free(out);
1645 }
1646
1647 /* fill up answer packet */
1648 entry = find_match(entries, inbuf, (size_t)inlen, transport);
1649 if(!entry || !entry->reply_list) {
1650 verbose(1, "no answer packet for this query, no reply.\n");
1651 return;
1652 }
1653 for(p = entry->reply_list; p; p = p->next)
1654 {
1655 verbose(3, "Answer pkt:\n");
1656 if (p->reply_from_hex) {
1657 /* try to adjust the hex packet, if it can be
1658 * parsed, we can use adjust rules. if not,
1659 * send packet literally */
1660 /* still try to adjust ID if others fail */
1661 outlen = sldns_buffer_limit(p->reply_from_hex);
1662 outbuf = sldns_buffer_begin(p->reply_from_hex);
1663 } else {
1664 outbuf = p->reply_pkt;
1665 outlen = p->reply_len;
1666 }
1667 if(!outbuf) {
1668 verbose(1, "out of memory\n");
1669 return;
1670 }
1671 /* copies outbuf in memory allocation */
1672 adjust_packet(entry, &outbuf, &outlen, inbuf, (size_t)inlen);
1673 verbose(1, "Answer packet size: %u bytes.\n", (unsigned int)outlen);
1674 if(verbose_out) {
1675 char* out = sldns_wire2str_pkt(outbuf, outlen);
1676 printf("%s\n", out);
1677 free(out);
1678 }
1679 if(p->packet_sleep) {
1680 verbose(3, "sleeping for next packet %d secs\n",
1681 p->packet_sleep);
1682 #ifdef HAVE_SLEEP
1683 sleep(p->packet_sleep);
1684 #else
1685 Sleep(p->packet_sleep * 1000);
1686 #endif
1687 verbose(3, "wakeup for next packet "
1688 "(slept %d secs)\n", p->packet_sleep);
1689 }
1690 sendfunc(outbuf, outlen, userdata);
1691 free(outbuf);
1692 outbuf = NULL;
1693 outlen = 0;
1694 }
1695 }
1696
1697 /** delete the list of reply packets */
delete_replylist(struct reply_packet * replist)1698 void delete_replylist(struct reply_packet* replist)
1699 {
1700 struct reply_packet *p=replist, *np;
1701 while(p) {
1702 np = p->next;
1703 free(p->reply_pkt);
1704 sldns_buffer_free(p->reply_from_hex);
1705 sldns_buffer_free(p->raw_ednsdata);
1706 free(p);
1707 p=np;
1708 }
1709 }
1710
delete_entry(struct entry * list)1711 void delete_entry(struct entry* list)
1712 {
1713 struct entry *p=list, *np;
1714 while(p) {
1715 np = p->next;
1716 delete_replylist(p->reply_list);
1717 free(p);
1718 p = np;
1719 }
1720 }
1721