1 /* 2 * testpkts. Data file parse for test packets, and query matching. 3 * 4 * Data storage for specially crafted replies for testing purposes. 5 * 6 * (c) NLnet Labs, 2005, 2006, 2007, 2008 7 * See the file LICENSE for the license 8 */ 9 10 /** 11 * \file 12 * This is a debugging aid. It is not efficient, especially 13 * with a long config file, but it can give any reply to any query. 14 * This can help the developer pre-script replies for queries. 15 * 16 * You can specify a packet RR by RR with header flags to return. 17 * 18 * Missing features: 19 * - matching content different from reply content. 20 * - find way to adjust mangled packets? 21 */ 22 23 #include "config.h" 24 struct sockaddr_storage; 25 #include <errno.h> 26 #include <stdarg.h> 27 #include <ctype.h> 28 #include "testcode/testpkts.h" 29 #include "util/net_help.h" 30 #include "sldns/sbuffer.h" 31 #include "sldns/rrdef.h" 32 #include "sldns/pkthdr.h" 33 #include "sldns/str2wire.h" 34 #include "sldns/wire2str.h" 35 36 /** max size of a packet */ 37 #define MAX_PACKETLEN 65536 38 /** max line length */ 39 #define MAX_LINE 10240 40 /** string to show in warnings and errors */ 41 static const char* prog_name = "testpkts"; 42 43 #ifndef UTIL_LOG_H 44 /** verbosity definition for compat */ 45 enum verbosity_value { NO_VERBOSE=0 }; 46 #endif 47 /** logging routine, provided by caller */ 48 void verbose(enum verbosity_value lvl, const char* msg, ...) ATTR_FORMAT(printf, 2, 3); 49 static void error(const char* msg, ...) ATTR_NORETURN; 50 51 /** print error and exit */ 52 static void error(const char* msg, ...) 53 { 54 va_list args; 55 va_start(args, msg); 56 fprintf(stderr, "%s error: ", prog_name); 57 vfprintf(stderr, msg, args); 58 fprintf(stderr, "\n"); 59 fflush(stderr); 60 va_end(args); 61 exit(EXIT_FAILURE); 62 } 63 64 /** return if string is empty or comment */ 65 static int isendline(char c) 66 { 67 if(c == ';' || c == '#' 68 || c == '\n' || c == 0) 69 return 1; 70 return 0; 71 } 72 73 /** true if the string starts with the keyword given. Moves the str ahead. 74 * @param str: before keyword, afterwards after keyword and spaces. 75 * @param keyword: the keyword to match 76 * @return: true if keyword present. False otherwise, and str unchanged. 77 */ 78 static int str_keyword(char** str, const char* keyword) 79 { 80 size_t len = strlen(keyword); 81 assert(str && keyword); 82 if(strncmp(*str, keyword, len) != 0) 83 return 0; 84 *str += len; 85 while(isspace((unsigned char)**str)) 86 (*str)++; 87 return 1; 88 } 89 90 /** Add reply packet to entry */ 91 static struct reply_packet* 92 entry_add_reply(struct entry* entry) 93 { 94 struct reply_packet* pkt = (struct reply_packet*)malloc( 95 sizeof(struct reply_packet)); 96 struct reply_packet ** p = &entry->reply_list; 97 if(!pkt) error("out of memory"); 98 pkt->next = NULL; 99 pkt->packet_sleep = 0; 100 pkt->reply_pkt = NULL; 101 pkt->reply_from_hex = NULL; 102 pkt->raw_ednsdata = NULL; 103 /* link at end */ 104 while(*p) 105 p = &((*p)->next); 106 *p = pkt; 107 return pkt; 108 } 109 110 /** parse MATCH line */ 111 static void matchline(char* line, struct entry* e) 112 { 113 char* parse = line; 114 while(*parse) { 115 if(isendline(*parse)) 116 return; 117 if(str_keyword(&parse, "opcode")) { 118 e->match_opcode = 1; 119 } else if(str_keyword(&parse, "qtype")) { 120 e->match_qtype = 1; 121 } else if(str_keyword(&parse, "qname")) { 122 e->match_qname = 1; 123 } else if(str_keyword(&parse, "rcode")) { 124 e->match_rcode = 1; 125 } else if(str_keyword(&parse, "question")) { 126 e->match_question = 1; 127 } else if(str_keyword(&parse, "answer")) { 128 e->match_answer = 1; 129 } else if(str_keyword(&parse, "subdomain")) { 130 e->match_subdomain = 1; 131 } else if(str_keyword(&parse, "all")) { 132 e->match_all = 1; 133 } else if(str_keyword(&parse, "ttl")) { 134 e->match_ttl = 1; 135 } else if(str_keyword(&parse, "DO")) { 136 e->match_do = 1; 137 } else if(str_keyword(&parse, "noedns")) { 138 e->match_noedns = 1; 139 } else if(str_keyword(&parse, "ednsdata")) { 140 e->match_ednsdata_raw = 1; 141 } else if(str_keyword(&parse, "UDP")) { 142 e->match_transport = transport_udp; 143 } else if(str_keyword(&parse, "TCP")) { 144 e->match_transport = transport_tcp; 145 } else if(str_keyword(&parse, "serial")) { 146 e->match_serial = 1; 147 if(*parse != '=' && *parse != ':') 148 error("expected = or : in MATCH: %s", line); 149 parse++; 150 e->ixfr_soa_serial = (uint32_t)strtol(parse, (char**)&parse, 10); 151 while(isspace((unsigned char)*parse)) 152 parse++; 153 } else { 154 error("could not parse MATCH: '%s'", parse); 155 } 156 } 157 } 158 159 /** parse REPLY line */ 160 static void replyline(char* line, uint8_t* reply, size_t reply_len, 161 int* do_flag) 162 { 163 char* parse = line; 164 if(reply_len < LDNS_HEADER_SIZE) error("packet too short for header"); 165 while(*parse) { 166 if(isendline(*parse)) 167 return; 168 /* opcodes */ 169 if(str_keyword(&parse, "QUERY")) { 170 LDNS_OPCODE_SET(reply, LDNS_PACKET_QUERY); 171 } else if(str_keyword(&parse, "IQUERY")) { 172 LDNS_OPCODE_SET(reply, LDNS_PACKET_IQUERY); 173 } else if(str_keyword(&parse, "STATUS")) { 174 LDNS_OPCODE_SET(reply, LDNS_PACKET_STATUS); 175 } else if(str_keyword(&parse, "NOTIFY")) { 176 LDNS_OPCODE_SET(reply, LDNS_PACKET_NOTIFY); 177 } else if(str_keyword(&parse, "UPDATE")) { 178 LDNS_OPCODE_SET(reply, LDNS_PACKET_UPDATE); 179 /* rcodes */ 180 } else if(str_keyword(&parse, "NOERROR")) { 181 LDNS_RCODE_SET(reply, LDNS_RCODE_NOERROR); 182 } else if(str_keyword(&parse, "FORMERR")) { 183 LDNS_RCODE_SET(reply, LDNS_RCODE_FORMERR); 184 } else if(str_keyword(&parse, "SERVFAIL")) { 185 LDNS_RCODE_SET(reply, LDNS_RCODE_SERVFAIL); 186 } else if(str_keyword(&parse, "NXDOMAIN")) { 187 LDNS_RCODE_SET(reply, LDNS_RCODE_NXDOMAIN); 188 } else if(str_keyword(&parse, "NOTIMPL")) { 189 LDNS_RCODE_SET(reply, LDNS_RCODE_NOTIMPL); 190 } else if(str_keyword(&parse, "REFUSED")) { 191 LDNS_RCODE_SET(reply, LDNS_RCODE_REFUSED); 192 } else if(str_keyword(&parse, "YXDOMAIN")) { 193 LDNS_RCODE_SET(reply, LDNS_RCODE_YXDOMAIN); 194 } else if(str_keyword(&parse, "YXRRSET")) { 195 LDNS_RCODE_SET(reply, LDNS_RCODE_YXRRSET); 196 } else if(str_keyword(&parse, "NXRRSET")) { 197 LDNS_RCODE_SET(reply, LDNS_RCODE_NXRRSET); 198 } else if(str_keyword(&parse, "NOTAUTH")) { 199 LDNS_RCODE_SET(reply, LDNS_RCODE_NOTAUTH); 200 } else if(str_keyword(&parse, "NOTZONE")) { 201 LDNS_RCODE_SET(reply, LDNS_RCODE_NOTZONE); 202 /* flags */ 203 } else if(str_keyword(&parse, "QR")) { 204 LDNS_QR_SET(reply); 205 } else if(str_keyword(&parse, "AA")) { 206 LDNS_AA_SET(reply); 207 } else if(str_keyword(&parse, "TC")) { 208 LDNS_TC_SET(reply); 209 } else if(str_keyword(&parse, "RD")) { 210 LDNS_RD_SET(reply); 211 } else if(str_keyword(&parse, "CD")) { 212 LDNS_CD_SET(reply); 213 } else if(str_keyword(&parse, "RA")) { 214 LDNS_RA_SET(reply); 215 } else if(str_keyword(&parse, "AD")) { 216 LDNS_AD_SET(reply); 217 } else if(str_keyword(&parse, "DO")) { 218 *do_flag = 1; 219 } else { 220 error("could not parse REPLY: '%s'", parse); 221 } 222 } 223 } 224 225 /** parse ADJUST line */ 226 static void adjustline(char* line, struct entry* e, 227 struct reply_packet* pkt) 228 { 229 char* parse = line; 230 while(*parse) { 231 if(isendline(*parse)) 232 return; 233 if(str_keyword(&parse, "copy_id")) { 234 e->copy_id = 1; 235 } else if(str_keyword(&parse, "copy_query")) { 236 e->copy_query = 1; 237 } else if(str_keyword(&parse, "copy_ednsdata_assume_clientsubnet")) { 238 e->copy_ednsdata_assume_clientsubnet = 1; 239 } else if(str_keyword(&parse, "increment_ecs_scope")) { 240 e->increment_ecs_scope = 1; 241 } else if(str_keyword(&parse, "sleep=")) { 242 e->sleeptime = (unsigned int) strtol(parse, (char**)&parse, 10); 243 while(isspace((unsigned char)*parse)) 244 parse++; 245 } else if(str_keyword(&parse, "packet_sleep=")) { 246 pkt->packet_sleep = (unsigned int) strtol(parse, (char**)&parse, 10); 247 while(isspace((unsigned char)*parse)) 248 parse++; 249 } else { 250 error("could not parse ADJUST: '%s'", parse); 251 } 252 } 253 } 254 255 /** create new entry */ 256 static struct entry* new_entry(void) 257 { 258 struct entry* e = (struct entry*)malloc(sizeof(struct entry)); 259 if(!e) error("out of memory"); 260 memset(e, 0, sizeof(*e)); 261 e->match_opcode = 0; 262 e->match_qtype = 0; 263 e->match_qname = 0; 264 e->match_rcode = 0; 265 e->match_question = 0; 266 e->match_answer = 0; 267 e->match_subdomain = 0; 268 e->match_all = 0; 269 e->match_ttl = 0; 270 e->match_do = 0; 271 e->match_noedns = 0; 272 e->match_serial = 0; 273 e->ixfr_soa_serial = 0; 274 e->match_transport = transport_any; 275 e->reply_list = NULL; 276 e->copy_id = 0; 277 e->copy_query = 0; 278 e->copy_ednsdata_assume_clientsubnet = 0; 279 e->increment_ecs_scope = 0; 280 e->sleeptime = 0; 281 e->next = NULL; 282 return e; 283 } 284 285 /** 286 * Converts a hex string to binary data 287 * @param hexstr: string of hex. 288 * @param len: is the length of the string 289 * @param buf: is the buffer to store the result in 290 * @param offset: is the starting position in the result buffer 291 * @param buf_len: is the length of buf. 292 * @return This function returns the length of the result 293 */ 294 static size_t 295 hexstr2bin(char *hexstr, int len, uint8_t *buf, size_t offset, size_t buf_len) 296 { 297 char c; 298 int i; 299 uint8_t int8 = 0; 300 int sec = 0; 301 size_t bufpos = 0; 302 303 if (len % 2 != 0) { 304 return 0; 305 } 306 307 for (i=0; i<len; i++) { 308 c = hexstr[i]; 309 310 /* case insensitive, skip spaces */ 311 if (c != ' ') { 312 if (c >= '0' && c <= '9') { 313 int8 += c & 0x0f; 314 } else if (c >= 'a' && c <= 'z') { 315 int8 += (c & 0x0f) + 9; 316 } else if (c >= 'A' && c <= 'Z') { 317 int8 += (c & 0x0f) + 9; 318 } else { 319 return 0; 320 } 321 322 if (sec == 0) { 323 int8 = int8 << 4; 324 sec = 1; 325 } else { 326 if (bufpos + offset + 1 <= buf_len) { 327 buf[bufpos+offset] = int8; 328 int8 = 0; 329 sec = 0; 330 bufpos++; 331 } else { 332 fprintf(stderr, "Buffer too small in hexstr2bin"); 333 } 334 } 335 } 336 } 337 return bufpos; 338 } 339 340 /** convert hex buffer to binary buffer */ 341 static sldns_buffer * 342 hex_buffer2wire(sldns_buffer *data_buffer) 343 { 344 sldns_buffer *wire_buffer = NULL; 345 int c; 346 347 /* stat hack 348 * 0 = normal 349 * 1 = comment (skip to end of line) 350 * 2 = unprintable character found, read binary data directly 351 */ 352 size_t data_buf_pos = 0; 353 int state = 0; 354 uint8_t *hexbuf; 355 int hexbufpos = 0; 356 size_t wirelen; 357 uint8_t *data_wire = (uint8_t *) sldns_buffer_begin(data_buffer); 358 uint8_t *wire = (uint8_t*)malloc(MAX_PACKETLEN); 359 if(!wire) error("out of memory"); 360 361 hexbuf = (uint8_t*)malloc(MAX_PACKETLEN); 362 if(!hexbuf) error("out of memory"); 363 for (data_buf_pos = 0; data_buf_pos < sldns_buffer_position(data_buffer); data_buf_pos++) { 364 c = (int) data_wire[data_buf_pos]; 365 366 if (state < 2 && !isascii((unsigned char)c)) { 367 /*verbose("non ascii character found in file: (%d) switching to raw mode\n", c);*/ 368 state = 2; 369 } 370 switch (state) { 371 case 0: 372 if ( (c >= '0' && c <= '9') || 373 (c >= 'a' && c <= 'f') || 374 (c >= 'A' && c <= 'F') ) 375 { 376 if (hexbufpos >= MAX_PACKETLEN) { 377 error("buffer overflow"); 378 free(hexbuf); 379 return 0; 380 381 } 382 hexbuf[hexbufpos] = (uint8_t) c; 383 hexbufpos++; 384 } else if (c == ';') { 385 state = 1; 386 } else if (c == ' ' || c == '\t' || c == '\n') { 387 /* skip whitespace */ 388 } 389 break; 390 case 1: 391 if (c == '\n' || c == EOF) { 392 state = 0; 393 } 394 break; 395 case 2: 396 if (hexbufpos >= MAX_PACKETLEN) { 397 error("buffer overflow"); 398 free(hexbuf); 399 return 0; 400 } 401 hexbuf[hexbufpos] = (uint8_t) c; 402 hexbufpos++; 403 break; 404 } 405 } 406 407 if (hexbufpos >= MAX_PACKETLEN) { 408 /*verbose("packet size reached\n");*/ 409 } 410 411 /* lenient mode: length must be multiple of 2 */ 412 if (hexbufpos % 2 != 0) { 413 if (hexbufpos >= MAX_PACKETLEN) { 414 error("buffer overflow"); 415 free(hexbuf); 416 return 0; 417 } 418 hexbuf[hexbufpos] = (uint8_t) '0'; 419 hexbufpos++; 420 } 421 422 if (state < 2) { 423 wirelen = hexstr2bin((char *) hexbuf, hexbufpos, wire, 0, MAX_PACKETLEN); 424 wire_buffer = sldns_buffer_new(wirelen); 425 sldns_buffer_new_frm_data(wire_buffer, wire, wirelen); 426 } else { 427 error("Incomplete hex data, not at byte boundary\n"); 428 } 429 free(wire); 430 free(hexbuf); 431 return wire_buffer; 432 } 433 434 /** parse ORIGIN */ 435 static void 436 get_origin(const char* name, struct sldns_file_parse_state* pstate, char* parse) 437 { 438 /* snip off rest of the text so as to make the parse work in ldns */ 439 char* end; 440 char store; 441 int status; 442 443 end=parse; 444 while(!isspace((unsigned char)*end) && !isendline(*end)) 445 end++; 446 store = *end; 447 *end = 0; 448 verbose(3, "parsing '%s'\n", parse); 449 status = sldns_str2wire_dname_buf(parse, pstate->origin, 450 &pstate->origin_len); 451 *end = store; 452 if(status != 0) 453 error("%s line %d:\n\t%s: %s", name, pstate->lineno, 454 sldns_get_errorstr_parse(status), parse); 455 } 456 457 /** add RR to packet */ 458 static void add_rr(char* rrstr, uint8_t* pktbuf, size_t pktsize, 459 size_t* pktlen, struct sldns_file_parse_state* pstate, 460 sldns_pkt_section add_section, const char* fname) 461 { 462 /* it must be a RR, parse and add to packet. */ 463 size_t rr_len = pktsize - *pktlen; 464 size_t dname_len = 0; 465 int status; 466 uint8_t* origin = pstate->origin_len?pstate->origin:0; 467 uint8_t* prev = pstate->prev_rr_len?pstate->prev_rr:0; 468 if(*pktlen > pktsize || *pktlen < LDNS_HEADER_SIZE) 469 error("packet overflow"); 470 471 /* parse RR */ 472 if(add_section == LDNS_SECTION_QUESTION) 473 status = sldns_str2wire_rr_question_buf(rrstr, pktbuf+*pktlen, 474 &rr_len, &dname_len, origin, pstate->origin_len, 475 prev, pstate->prev_rr_len); 476 else status = sldns_str2wire_rr_buf(rrstr, pktbuf+*pktlen, &rr_len, 477 &dname_len, pstate->default_ttl, origin, 478 pstate->origin_len, prev, pstate->prev_rr_len); 479 if(status != 0) 480 error("%s line %d:%d %s\n\t%s", fname, pstate->lineno, 481 LDNS_WIREPARSE_OFFSET(status), 482 sldns_get_errorstr_parse(status), rrstr); 483 *pktlen += rr_len; 484 485 /* increase RR count */ 486 if(add_section == LDNS_SECTION_QUESTION) 487 sldns_write_uint16(pktbuf+4, LDNS_QDCOUNT(pktbuf)+1); 488 else if(add_section == LDNS_SECTION_ANSWER) 489 sldns_write_uint16(pktbuf+6, LDNS_ANCOUNT(pktbuf)+1); 490 else if(add_section == LDNS_SECTION_AUTHORITY) 491 sldns_write_uint16(pktbuf+8, LDNS_NSCOUNT(pktbuf)+1); 492 else if(add_section == LDNS_SECTION_ADDITIONAL) 493 sldns_write_uint16(pktbuf+10, LDNS_ARCOUNT(pktbuf)+1); 494 else error("internal error bad section %d", (int)add_section); 495 } 496 497 /* add EDNS 4096 opt record */ 498 static void 499 add_edns(uint8_t* pktbuf, size_t pktsize, int do_flag, uint8_t *ednsdata, 500 uint16_t ednslen, size_t* pktlen) 501 { 502 uint8_t edns[] = {0x00, /* root label */ 503 0x00, LDNS_RR_TYPE_OPT, /* type */ 504 0x04, 0xD0, /* class is UDPSIZE 1232 */ 505 0x00, /* TTL[0] is ext rcode */ 506 0x00, /* TTL[1] is edns version */ 507 (uint8_t)(do_flag?0x80:0x00), 0x00, /* TTL[2-3] is edns flags, DO */ 508 (uint8_t)((ednslen >> 8) & 0xff), 509 (uint8_t)(ednslen & 0xff), /* rdatalength */ 510 }; 511 if(*pktlen < LDNS_HEADER_SIZE) 512 return; 513 if(*pktlen + sizeof(edns) + ednslen > pktsize) 514 error("not enough space for EDNS OPT record"); 515 memmove(pktbuf+*pktlen, edns, sizeof(edns)); 516 if(ednsdata && ednslen) 517 memmove(pktbuf+*pktlen+sizeof(edns), ednsdata, ednslen); 518 sldns_write_uint16(pktbuf+10, LDNS_ARCOUNT(pktbuf)+1); 519 *pktlen += (sizeof(edns) + ednslen); 520 } 521 522 /* Reads one entry from file. Returns entry or NULL on error. */ 523 struct entry* 524 read_entry(FILE* in, const char* name, struct sldns_file_parse_state* pstate, 525 int skip_whitespace) 526 { 527 struct entry* current = NULL; 528 char line[MAX_LINE]; 529 char* parse; 530 sldns_pkt_section add_section = LDNS_SECTION_QUESTION; 531 struct reply_packet *cur_reply = NULL; 532 int reading_hex = 0; 533 int reading_hex_ednsdata = 0; 534 sldns_buffer* hex_data_buffer = NULL; 535 sldns_buffer* hex_ednsdata_buffer = NULL; 536 uint8_t pktbuf[MAX_PACKETLEN]; 537 size_t pktlen = LDNS_HEADER_SIZE; 538 int do_flag = 0; /* DO flag in EDNS */ 539 memset(pktbuf, 0, pktlen); /* ID = 0, FLAGS="", and rr counts 0 */ 540 541 while(fgets(line, (int)sizeof(line), in) != NULL) { 542 line[MAX_LINE-1] = 0; 543 parse = line; 544 pstate->lineno++; 545 546 while(isspace((unsigned char)*parse)) 547 parse++; 548 /* test for keywords */ 549 if(isendline(*parse)) 550 continue; /* skip comment and empty lines */ 551 if(str_keyword(&parse, "ENTRY_BEGIN")) { 552 if(current) { 553 error("%s line %d: previous entry does not ENTRY_END", 554 name, pstate->lineno); 555 } 556 current = new_entry(); 557 current->lineno = pstate->lineno; 558 cur_reply = entry_add_reply(current); 559 continue; 560 } else if(str_keyword(&parse, "$ORIGIN")) { 561 get_origin(name, pstate, parse); 562 continue; 563 } else if(str_keyword(&parse, "$TTL")) { 564 pstate->default_ttl = (uint32_t)atoi(parse); 565 continue; 566 } 567 568 /* working inside an entry */ 569 if(!current) { 570 error("%s line %d: expected ENTRY_BEGIN but got %s", 571 name, pstate->lineno, line); 572 } 573 if(str_keyword(&parse, "MATCH")) { 574 matchline(parse, current); 575 } else if(str_keyword(&parse, "REPLY")) { 576 replyline(parse, pktbuf, pktlen, &do_flag); 577 } else if(str_keyword(&parse, "ADJUST")) { 578 adjustline(parse, current, cur_reply); 579 } else if(str_keyword(&parse, "EXTRA_PACKET")) { 580 /* copy current packet into buffer */ 581 cur_reply->reply_pkt = memdup(pktbuf, pktlen); 582 cur_reply->reply_len = pktlen; 583 if(!cur_reply->reply_pkt) 584 error("out of memory"); 585 cur_reply = entry_add_reply(current); 586 /* clear for next packet */ 587 pktlen = LDNS_HEADER_SIZE; 588 memset(pktbuf, 0, pktlen); /* ID = 0, FLAGS="", and rr counts 0 */ 589 } else if(str_keyword(&parse, "SECTION")) { 590 if(str_keyword(&parse, "QUESTION")) 591 add_section = LDNS_SECTION_QUESTION; 592 else if(str_keyword(&parse, "ANSWER")) 593 add_section = LDNS_SECTION_ANSWER; 594 else if(str_keyword(&parse, "AUTHORITY")) 595 add_section = LDNS_SECTION_AUTHORITY; 596 else if(str_keyword(&parse, "ADDITIONAL")) 597 add_section = LDNS_SECTION_ADDITIONAL; 598 else error("%s line %d: bad section %s", name, pstate->lineno, parse); 599 } else if(str_keyword(&parse, "HEX_ANSWER_BEGIN")) { 600 hex_data_buffer = sldns_buffer_new(MAX_PACKETLEN); 601 reading_hex = 1; 602 } else if(str_keyword(&parse, "HEX_ANSWER_END")) { 603 if(!reading_hex) { 604 error("%s line %d: HEX_ANSWER_END read but no HEX_ANSWER_BEGIN keyword seen", name, pstate->lineno); 605 } 606 reading_hex = 0; 607 cur_reply->reply_from_hex = hex_buffer2wire(hex_data_buffer); 608 sldns_buffer_free(hex_data_buffer); 609 hex_data_buffer = NULL; 610 } else if(reading_hex) { 611 sldns_buffer_printf(hex_data_buffer, "%s", line); 612 } else if(str_keyword(&parse, "HEX_EDNSDATA_BEGIN")) { 613 hex_ednsdata_buffer = sldns_buffer_new(MAX_PACKETLEN); 614 reading_hex_ednsdata = 1; 615 } else if(str_keyword(&parse, "HEX_EDNSDATA_END")) { 616 if (!reading_hex_ednsdata) { 617 error("%s line %d: HEX_EDNSDATA_END read but no" 618 "HEX_EDNSDATA_BEGIN keyword seen", name, pstate->lineno); 619 } 620 reading_hex_ednsdata = 0; 621 cur_reply->raw_ednsdata = hex_buffer2wire(hex_ednsdata_buffer); 622 sldns_buffer_free(hex_ednsdata_buffer); 623 hex_ednsdata_buffer = NULL; 624 } else if(reading_hex_ednsdata) { 625 sldns_buffer_printf(hex_ednsdata_buffer, "%s", line); 626 } else if(str_keyword(&parse, "ENTRY_END")) { 627 if(hex_data_buffer) 628 sldns_buffer_free(hex_data_buffer); 629 if(hex_ednsdata_buffer) 630 sldns_buffer_free(hex_ednsdata_buffer); 631 if(pktlen != 0) { 632 if(do_flag || cur_reply->raw_ednsdata) { 633 if(cur_reply->raw_ednsdata && 634 sldns_buffer_limit(cur_reply->raw_ednsdata)) 635 add_edns(pktbuf, sizeof(pktbuf), do_flag, 636 sldns_buffer_begin(cur_reply->raw_ednsdata), 637 (uint16_t)sldns_buffer_limit(cur_reply->raw_ednsdata), 638 &pktlen); 639 else 640 add_edns(pktbuf, sizeof(pktbuf), do_flag, 641 NULL, 0, &pktlen); 642 } 643 cur_reply->reply_pkt = memdup(pktbuf, pktlen); 644 cur_reply->reply_len = pktlen; 645 if(!cur_reply->reply_pkt) 646 error("out of memory"); 647 } 648 return current; 649 } else { 650 add_rr(skip_whitespace?parse:line, pktbuf, 651 sizeof(pktbuf), &pktlen, pstate, add_section, 652 name); 653 } 654 655 } 656 if(reading_hex) { 657 error("%s: End of file reached while still reading hex, " 658 "missing HEX_ANSWER_END\n", name); 659 } 660 if(reading_hex_ednsdata) { 661 error("%s: End of file reached while still reading edns data, " 662 "missing HEX_EDNSDATA_END\n", name); 663 } 664 if(current) { 665 error("%s: End of file reached while reading entry. " 666 "missing ENTRY_END\n", name); 667 } 668 return 0; 669 } 670 671 /* reads the canned reply file and returns a list of structs */ 672 struct entry* 673 read_datafile(const char* name, int skip_whitespace) 674 { 675 struct entry* list = NULL; 676 struct entry* last = NULL; 677 struct entry* current = NULL; 678 FILE *in; 679 struct sldns_file_parse_state pstate; 680 int entry_num = 0; 681 memset(&pstate, 0, sizeof(pstate)); 682 683 if((in=fopen(name, "r")) == NULL) { 684 error("could not open file %s: %s", name, strerror(errno)); 685 } 686 687 while((current = read_entry(in, name, &pstate, skip_whitespace))) 688 { 689 if(last) 690 last->next = current; 691 else list = current; 692 last = current; 693 entry_num ++; 694 } 695 verbose(1, "%s: Read %d entries\n", prog_name, entry_num); 696 697 fclose(in); 698 return list; 699 } 700 701 /** get qtype from packet */ 702 static sldns_rr_type get_qtype(uint8_t* pkt, size_t pktlen) 703 { 704 uint8_t* d; 705 size_t dl, sl=0; 706 char* snull = NULL; 707 int comprloop = 0; 708 if(pktlen < LDNS_HEADER_SIZE) 709 return 0; 710 if(LDNS_QDCOUNT(pkt) == 0) 711 return 0; 712 /* skip over dname with dname-scan routine */ 713 d = pkt+LDNS_HEADER_SIZE; 714 dl = pktlen-LDNS_HEADER_SIZE; 715 (void)sldns_wire2str_dname_scan(&d, &dl, &snull, &sl, pkt, pktlen, &comprloop); 716 if(dl < 2) 717 return 0; 718 return sldns_read_uint16(d); 719 } 720 721 /** get qtype from packet */ 722 static size_t get_qname_len(uint8_t* pkt, size_t pktlen) 723 { 724 uint8_t* d; 725 size_t dl, sl=0; 726 char* snull = NULL; 727 int comprloop = 0; 728 if(pktlen < LDNS_HEADER_SIZE) 729 return 0; 730 if(LDNS_QDCOUNT(pkt) == 0) 731 return 0; 732 /* skip over dname with dname-scan routine */ 733 d = pkt+LDNS_HEADER_SIZE; 734 dl = pktlen-LDNS_HEADER_SIZE; 735 (void)sldns_wire2str_dname_scan(&d, &dl, &snull, &sl, pkt, pktlen, &comprloop); 736 return pktlen-dl-LDNS_HEADER_SIZE; 737 } 738 739 /** returns owner from packet */ 740 static uint8_t* get_qname(uint8_t* pkt, size_t pktlen) 741 { 742 if(pktlen < LDNS_HEADER_SIZE) 743 return NULL; 744 if(LDNS_QDCOUNT(pkt) == 0) 745 return NULL; 746 return pkt+LDNS_HEADER_SIZE; 747 } 748 749 /** returns opcode from packet */ 750 static int get_opcode(uint8_t* pkt, size_t pktlen) 751 { 752 if(pktlen < LDNS_HEADER_SIZE) 753 return 0; 754 return (int)LDNS_OPCODE_WIRE(pkt); 755 } 756 757 /** returns rcode from packet */ 758 static int get_rcode(uint8_t* pkt, size_t pktlen) 759 { 760 if(pktlen < LDNS_HEADER_SIZE) 761 return 0; 762 return (int)LDNS_RCODE_WIRE(pkt); 763 } 764 765 /** get authority section SOA serial value */ 766 static uint32_t get_serial(uint8_t* p, size_t plen) 767 { 768 uint8_t* walk = p; 769 size_t walk_len = plen, sl=0; 770 char* snull = NULL; 771 uint16_t i; 772 int comprloop = 0; 773 774 if(walk_len < LDNS_HEADER_SIZE) 775 return 0; 776 walk += LDNS_HEADER_SIZE; 777 walk_len -= LDNS_HEADER_SIZE; 778 779 /* skip other records with wire2str_scan */ 780 for(i=0; i < LDNS_QDCOUNT(p); i++) 781 (void)sldns_wire2str_rrquestion_scan(&walk, &walk_len, 782 &snull, &sl, p, plen, &comprloop); 783 for(i=0; i < LDNS_ANCOUNT(p); i++) 784 (void)sldns_wire2str_rr_scan(&walk, &walk_len, &snull, &sl, 785 p, plen, &comprloop); 786 787 /* walk through authority section */ 788 for(i=0; i < LDNS_NSCOUNT(p); i++) { 789 /* if this is SOA then get serial, skip compressed dname */ 790 uint8_t* dstart = walk; 791 size_t dlen = walk_len; 792 (void)sldns_wire2str_dname_scan(&dstart, &dlen, &snull, &sl, 793 p, plen, &comprloop); 794 if(dlen >= 2 && sldns_read_uint16(dstart) == LDNS_RR_TYPE_SOA) { 795 /* skip type, class, TTL, rdatalen */ 796 if(dlen < 10) 797 return 0; 798 if(dlen < 10 + (size_t)sldns_read_uint16(dstart+8)) 799 return 0; 800 dstart += 10; 801 dlen -= 10; 802 /* check third rdf */ 803 (void)sldns_wire2str_dname_scan(&dstart, &dlen, &snull, 804 &sl, p, plen, &comprloop); 805 (void)sldns_wire2str_dname_scan(&dstart, &dlen, &snull, 806 &sl, p, plen, &comprloop); 807 if(dlen < 4) 808 return 0; 809 verbose(3, "found serial %u in msg. ", 810 (int)sldns_read_uint32(dstart)); 811 return sldns_read_uint32(dstart); 812 } 813 /* move to next RR */ 814 (void)sldns_wire2str_rr_scan(&walk, &walk_len, &snull, &sl, 815 p, plen, &comprloop); 816 } 817 return 0; 818 } 819 820 /** get ptr to EDNS OPT record (and remaining length); behind the type u16 */ 821 static int 822 pkt_find_edns_opt(uint8_t** p, size_t* plen) 823 { 824 /* walk over the packet with scan routines */ 825 uint8_t* w = *p; 826 size_t wlen = *plen, sl=0; 827 char* snull = NULL; 828 uint16_t i; 829 int comprloop = 0; 830 831 if(wlen < LDNS_HEADER_SIZE) 832 return 0; 833 w += LDNS_HEADER_SIZE; 834 wlen -= LDNS_HEADER_SIZE; 835 836 /* skip other records with wire2str_scan */ 837 for(i=0; i < LDNS_QDCOUNT(*p); i++) 838 (void)sldns_wire2str_rrquestion_scan(&w, &wlen, &snull, &sl, 839 *p, *plen, &comprloop); 840 for(i=0; i < LDNS_ANCOUNT(*p); i++) 841 (void)sldns_wire2str_rr_scan(&w, &wlen, &snull, &sl, *p, *plen, &comprloop); 842 for(i=0; i < LDNS_NSCOUNT(*p); i++) 843 (void)sldns_wire2str_rr_scan(&w, &wlen, &snull, &sl, *p, *plen, &comprloop); 844 845 /* walk through additional section */ 846 for(i=0; i < LDNS_ARCOUNT(*p); i++) { 847 /* if this is OPT then done */ 848 uint8_t* dstart = w; 849 size_t dlen = wlen; 850 (void)sldns_wire2str_dname_scan(&dstart, &dlen, &snull, &sl, 851 *p, *plen, &comprloop); 852 if(dlen >= 2 && sldns_read_uint16(dstart) == LDNS_RR_TYPE_OPT) { 853 *p = dstart+2; 854 *plen = dlen-2; 855 return 1; 856 } 857 /* move to next RR */ 858 (void)sldns_wire2str_rr_scan(&w, &wlen, &snull, &sl, *p, *plen, &comprloop); 859 } 860 return 0; 861 } 862 863 /** return true if the packet has EDNS OPT record */ 864 static int 865 get_has_edns(uint8_t* pkt, size_t len) 866 { 867 /* use arguments as temporary variables */ 868 return pkt_find_edns_opt(&pkt, &len); 869 } 870 871 /** return true if the DO flag is set */ 872 static int 873 get_do_flag(uint8_t* pkt, size_t len) 874 { 875 uint16_t edns_bits; 876 uint8_t* walk = pkt; 877 size_t walk_len = len; 878 if(!pkt_find_edns_opt(&walk, &walk_len)) { 879 return 0; 880 } 881 if(walk_len < 6) 882 return 0; /* malformed */ 883 edns_bits = sldns_read_uint16(walk+4); 884 return (int)(edns_bits&LDNS_EDNS_MASK_DO_BIT); 885 } 886 887 /** zero TTLs in packet */ 888 static void 889 zerottls(uint8_t* pkt, size_t pktlen) 890 { 891 uint8_t* walk = pkt; 892 size_t walk_len = pktlen, sl=0; 893 char* snull = NULL; 894 uint16_t i; 895 uint16_t num = LDNS_ANCOUNT(pkt)+LDNS_NSCOUNT(pkt)+LDNS_ARCOUNT(pkt); 896 int comprloop = 0; 897 if(walk_len < LDNS_HEADER_SIZE) 898 return; 899 walk += LDNS_HEADER_SIZE; 900 walk_len -= LDNS_HEADER_SIZE; 901 for(i=0; i < LDNS_QDCOUNT(pkt); i++) 902 (void)sldns_wire2str_rrquestion_scan(&walk, &walk_len, 903 &snull, &sl, pkt, pktlen, &comprloop); 904 for(i=0; i < num; i++) { 905 /* wipe TTL */ 906 uint8_t* dstart = walk; 907 size_t dlen = walk_len; 908 (void)sldns_wire2str_dname_scan(&dstart, &dlen, &snull, &sl, 909 pkt, pktlen, &comprloop); 910 if(dlen < 8) 911 return; 912 sldns_write_uint32(dstart+4, 0); 913 /* go to next RR */ 914 (void)sldns_wire2str_rr_scan(&walk, &walk_len, &snull, &sl, 915 pkt, pktlen, &comprloop); 916 } 917 } 918 919 /** get one line (\n) from a string, move next to after the \n, zero \n */ 920 static int 921 get_line(char** s, char** n) 922 { 923 /* at end of string? end */ 924 if(*n == NULL || **n == 0) 925 return 0; 926 /* result starts at next string */ 927 *s = *n; 928 /* find \n after that */ 929 *n = strchr(*s, '\n'); 930 if(*n && **n != 0) { 931 /* terminate line */ 932 (*n)[0] = 0; 933 (*n)++; 934 } 935 return 1; 936 } 937 938 /** match two RR sections without ordering */ 939 static int 940 match_noloc_section(char** q, char** nq, char** p, char** np, uint16_t num) 941 { 942 /* for max number of RRs in packet */ 943 const uint16_t numarray = 3000; 944 char* qlines[numarray], *plines[numarray]; 945 uint16_t i, j, numq=0, nump=0; 946 if(num > numarray) fatal_exit("too many RRs"); 947 /* gather lines */ 948 for(i=0; i<num; i++) { 949 get_line(q, nq); 950 get_line(p, np); 951 qlines[numq++] = *q; 952 plines[nump++] = *p; 953 } 954 /* see if they are all present in the other */ 955 for(i=0; i<num; i++) { 956 int found = 0; 957 for(j=0; j<num; j++) { 958 if(strcmp(qlines[i], plines[j]) == 0) { 959 found = 1; 960 break; 961 } 962 } 963 if(!found) { 964 verbose(3, "comparenoloc: failed for %s", qlines[i]); 965 return 0; 966 } 967 } 968 return 1; 969 } 970 971 /** match two strings for unordered equality of RRs and everything else */ 972 static int 973 match_noloc(char* q, char* p, uint8_t* q_pkt, size_t q_pkt_len, 974 uint8_t* p_pkt, size_t p_pkt_len) 975 { 976 char* nq = q, *np = p; 977 /* if no header, compare bytes */ 978 if(p_pkt_len < LDNS_HEADER_SIZE || q_pkt_len < LDNS_HEADER_SIZE) { 979 if(p_pkt_len != q_pkt_len) return 0; 980 return memcmp(p, q, p_pkt_len); 981 } 982 /* compare RR counts */ 983 if(LDNS_QDCOUNT(p_pkt) != LDNS_QDCOUNT(q_pkt)) 984 return 0; 985 if(LDNS_ANCOUNT(p_pkt) != LDNS_ANCOUNT(q_pkt)) 986 return 0; 987 if(LDNS_NSCOUNT(p_pkt) != LDNS_NSCOUNT(q_pkt)) 988 return 0; 989 if(LDNS_ARCOUNT(p_pkt) != LDNS_ARCOUNT(q_pkt)) 990 return 0; 991 /* get a line from both; compare; at sections do section */ 992 get_line(&q, &nq); 993 get_line(&p, &np); 994 if(strcmp(q, p) != 0) { 995 /* header line opcode, rcode, id */ 996 return 0; 997 } 998 get_line(&q, &nq); 999 get_line(&p, &np); 1000 if(strcmp(q, p) != 0) { 1001 /* header flags, rr counts */ 1002 return 0; 1003 } 1004 /* ;; QUESTION SECTION */ 1005 get_line(&q, &nq); 1006 get_line(&p, &np); 1007 if(strcmp(q, p) != 0) return 0; 1008 if(!match_noloc_section(&q, &nq, &p, &np, LDNS_QDCOUNT(p_pkt))) 1009 return 0; 1010 1011 /* empty line and ;; ANSWER SECTION */ 1012 get_line(&q, &nq); 1013 get_line(&p, &np); 1014 if(strcmp(q, p) != 0) return 0; 1015 get_line(&q, &nq); 1016 get_line(&p, &np); 1017 if(strcmp(q, p) != 0) return 0; 1018 if(!match_noloc_section(&q, &nq, &p, &np, LDNS_ANCOUNT(p_pkt))) 1019 return 0; 1020 1021 /* empty line and ;; AUTHORITY SECTION */ 1022 get_line(&q, &nq); 1023 get_line(&p, &np); 1024 if(strcmp(q, p) != 0) return 0; 1025 get_line(&q, &nq); 1026 get_line(&p, &np); 1027 if(strcmp(q, p) != 0) return 0; 1028 if(!match_noloc_section(&q, &nq, &p, &np, LDNS_NSCOUNT(p_pkt))) 1029 return 0; 1030 1031 /* empty line and ;; ADDITIONAL SECTION */ 1032 get_line(&q, &nq); 1033 get_line(&p, &np); 1034 if(strcmp(q, p) != 0) return 0; 1035 get_line(&q, &nq); 1036 get_line(&p, &np); 1037 if(strcmp(q, p) != 0) return 0; 1038 if(!match_noloc_section(&q, &nq, &p, &np, LDNS_ARCOUNT(p_pkt))) 1039 return 0; 1040 1041 return 1; 1042 } 1043 1044 /** lowercase domain name - does not follow compression pointers */ 1045 static void lowercase_dname(uint8_t** p, size_t* remain) 1046 { 1047 unsigned i, llen; 1048 if(*remain == 0) return; 1049 while(**p != 0) { 1050 /* compressed? */ 1051 if((**p & 0xc0) == 0xc0) { 1052 *p += 2; 1053 *remain -= 2; 1054 return; 1055 } 1056 llen = (unsigned int)**p; 1057 *p += 1; 1058 *remain -= 1; 1059 if(*remain < llen) 1060 llen = (unsigned int)*remain; 1061 for(i=0; i<llen; i++) { 1062 (*p)[i] = (uint8_t)tolower((int)(*p)[i]); 1063 } 1064 *p += llen; 1065 *remain -= llen; 1066 if(*remain == 0) return; 1067 } 1068 /* skip root label */ 1069 *p += 1; 1070 *remain -= 1; 1071 } 1072 1073 /** lowercase rdata of type */ 1074 static void lowercase_rdata(uint8_t** p, size_t* remain, 1075 uint16_t rdatalen, uint16_t t) 1076 { 1077 const sldns_rr_descriptor *desc = sldns_rr_descript(t); 1078 uint8_t dname_count = 0; 1079 size_t i = 0; 1080 size_t rdataremain = rdatalen; 1081 if(!desc) { 1082 /* unknown type */ 1083 *p += rdatalen; 1084 *remain -= rdatalen; 1085 return; 1086 } 1087 while(dname_count < desc->_dname_count) { 1088 sldns_rdf_type f = sldns_rr_descriptor_field_type(desc, i++); 1089 if(f == LDNS_RDF_TYPE_DNAME) { 1090 lowercase_dname(p, &rdataremain); 1091 dname_count++; 1092 } else if(f == LDNS_RDF_TYPE_STR) { 1093 uint8_t len; 1094 if(rdataremain == 0) return; 1095 len = **p; 1096 *p += len+1; 1097 rdataremain -= len+1; 1098 } else { 1099 int len = 0; 1100 switch(f) { 1101 case LDNS_RDF_TYPE_CLASS: 1102 case LDNS_RDF_TYPE_ALG: 1103 case LDNS_RDF_TYPE_INT8: 1104 len = 1; 1105 break; 1106 case LDNS_RDF_TYPE_INT16: 1107 case LDNS_RDF_TYPE_TYPE: 1108 case LDNS_RDF_TYPE_CERT_ALG: 1109 len = 2; 1110 break; 1111 case LDNS_RDF_TYPE_INT32: 1112 case LDNS_RDF_TYPE_TIME: 1113 case LDNS_RDF_TYPE_A: 1114 case LDNS_RDF_TYPE_PERIOD: 1115 len = 4; 1116 break; 1117 case LDNS_RDF_TYPE_TSIGTIME: 1118 len = 6; 1119 break; 1120 case LDNS_RDF_TYPE_AAAA: 1121 len = 16; 1122 break; 1123 default: error("bad rdf type in lowercase %d", (int)f); 1124 } 1125 *p += len; 1126 rdataremain -= len; 1127 } 1128 } 1129 /* skip remainder of rdata */ 1130 *p += rdataremain; 1131 *remain -= rdatalen; 1132 } 1133 1134 /** lowercase all names in the message */ 1135 static void lowercase_pkt(uint8_t* pkt, size_t pktlen) 1136 { 1137 uint16_t i; 1138 uint8_t* p = pkt; 1139 size_t remain = pktlen; 1140 uint16_t t, rdatalen; 1141 if(pktlen < LDNS_HEADER_SIZE) 1142 return; 1143 p += LDNS_HEADER_SIZE; 1144 remain -= LDNS_HEADER_SIZE; 1145 for(i=0; i<LDNS_QDCOUNT(pkt); i++) { 1146 lowercase_dname(&p, &remain); 1147 if(remain < 4) return; 1148 p += 4; 1149 remain -= 4; 1150 } 1151 for(i=0; i<LDNS_ANCOUNT(pkt)+LDNS_NSCOUNT(pkt)+LDNS_ARCOUNT(pkt); i++) { 1152 lowercase_dname(&p, &remain); 1153 if(remain < 10) return; 1154 t = sldns_read_uint16(p); 1155 rdatalen = sldns_read_uint16(p+8); 1156 p += 10; 1157 remain -= 10; 1158 if(remain < rdatalen) return; 1159 lowercase_rdata(&p, &remain, rdatalen, t); 1160 } 1161 } 1162 1163 /** match question section of packet */ 1164 static int 1165 match_question(uint8_t* q, size_t qlen, uint8_t* p, size_t plen, int mttl) 1166 { 1167 char* qstr, *pstr, *s, *qcmpstr, *pcmpstr; 1168 uint8_t* qb = q, *pb = p; 1169 int r; 1170 /* zero TTLs */ 1171 qb = memdup(q, qlen); 1172 pb = memdup(p, plen); 1173 if(!qb || !pb) error("out of memory"); 1174 if(!mttl) { 1175 zerottls(qb, qlen); 1176 zerottls(pb, plen); 1177 } 1178 lowercase_pkt(qb, qlen); 1179 lowercase_pkt(pb, plen); 1180 qstr = sldns_wire2str_pkt(qb, qlen); 1181 pstr = sldns_wire2str_pkt(pb, plen); 1182 if(!qstr || !pstr) error("cannot pkt2string"); 1183 1184 /* remove before ;; QUESTION */ 1185 s = strstr(qstr, ";; QUESTION SECTION"); 1186 qcmpstr = s; 1187 s = strstr(pstr, ";; QUESTION SECTION"); 1188 pcmpstr = s; 1189 if(!qcmpstr && !pcmpstr) { 1190 free(qstr); 1191 free(pstr); 1192 free(qb); 1193 free(pb); 1194 return 1; 1195 } 1196 if(!qcmpstr || !pcmpstr) { 1197 free(qstr); 1198 free(pstr); 1199 free(qb); 1200 free(pb); 1201 return 0; 1202 } 1203 1204 /* remove after answer section, (;; AUTH, ;; ADD, ;; MSG size ..) */ 1205 s = strstr(qcmpstr, ";; ANSWER SECTION"); 1206 if(!s) s = strstr(qcmpstr, ";; AUTHORITY SECTION"); 1207 if(!s) s = strstr(qcmpstr, ";; ADDITIONAL SECTION"); 1208 if(!s) s = strstr(qcmpstr, ";; MSG SIZE"); 1209 if(s) *s = 0; 1210 s = strstr(pcmpstr, ";; ANSWER SECTION"); 1211 if(!s) s = strstr(pcmpstr, ";; AUTHORITY SECTION"); 1212 if(!s) s = strstr(pcmpstr, ";; ADDITIONAL SECTION"); 1213 if(!s) s = strstr(pcmpstr, ";; MSG SIZE"); 1214 if(s) *s = 0; 1215 1216 r = (strcmp(qcmpstr, pcmpstr) == 0); 1217 1218 if(!r) { 1219 verbose(3, "mismatch question section '%s' and '%s'", 1220 qcmpstr, pcmpstr); 1221 } 1222 1223 free(qstr); 1224 free(pstr); 1225 free(qb); 1226 free(pb); 1227 return r; 1228 } 1229 1230 /** match answer section of packet */ 1231 static int 1232 match_answer(uint8_t* q, size_t qlen, uint8_t* p, size_t plen, int mttl) 1233 { 1234 char* qstr, *pstr, *s, *qcmpstr, *pcmpstr; 1235 uint8_t* qb = q, *pb = p; 1236 int r; 1237 /* zero TTLs */ 1238 qb = memdup(q, qlen); 1239 pb = memdup(p, plen); 1240 if(!qb || !pb) error("out of memory"); 1241 if(!mttl) { 1242 zerottls(qb, qlen); 1243 zerottls(pb, plen); 1244 } 1245 lowercase_pkt(qb, qlen); 1246 lowercase_pkt(pb, plen); 1247 qstr = sldns_wire2str_pkt(qb, qlen); 1248 pstr = sldns_wire2str_pkt(pb, plen); 1249 if(!qstr || !pstr) error("cannot pkt2string"); 1250 1251 /* remove before ;; ANSWER */ 1252 s = strstr(qstr, ";; ANSWER SECTION"); 1253 qcmpstr = s; 1254 s = strstr(pstr, ";; ANSWER SECTION"); 1255 pcmpstr = s; 1256 if(!qcmpstr && !pcmpstr) { 1257 free(qstr); 1258 free(pstr); 1259 free(qb); 1260 free(pb); 1261 return 1; 1262 } 1263 if(!qcmpstr || !pcmpstr) { 1264 free(qstr); 1265 free(pstr); 1266 free(qb); 1267 free(pb); 1268 return 0; 1269 } 1270 1271 /* remove after answer section, (;; AUTH, ;; ADD, ;; MSG size ..) */ 1272 s = strstr(qcmpstr, ";; AUTHORITY SECTION"); 1273 if(!s) s = strstr(qcmpstr, ";; ADDITIONAL SECTION"); 1274 if(!s) s = strstr(qcmpstr, ";; MSG SIZE"); 1275 if(s) *s = 0; 1276 s = strstr(pcmpstr, ";; AUTHORITY SECTION"); 1277 if(!s) s = strstr(pcmpstr, ";; ADDITIONAL SECTION"); 1278 if(!s) s = strstr(pcmpstr, ";; MSG SIZE"); 1279 if(s) *s = 0; 1280 1281 r = (strcmp(qcmpstr, pcmpstr) == 0); 1282 1283 if(!r) { 1284 verbose(3, "mismatch answer section '%s' and '%s'", 1285 qcmpstr, pcmpstr); 1286 } 1287 1288 free(qstr); 1289 free(pstr); 1290 free(qb); 1291 free(pb); 1292 return r; 1293 } 1294 1295 /** match all of the packet */ 1296 int 1297 match_all(uint8_t* q, size_t qlen, uint8_t* p, size_t plen, int mttl, 1298 int noloc) 1299 { 1300 char* qstr, *pstr; 1301 uint8_t* qb = q, *pb = p; 1302 int r; 1303 /* zero TTLs */ 1304 qb = memdup(q, qlen); 1305 pb = memdup(p, plen); 1306 if(!qb || !pb) error("out of memory"); 1307 if(!mttl) { 1308 zerottls(qb, qlen); 1309 zerottls(pb, plen); 1310 } 1311 lowercase_pkt(qb, qlen); 1312 lowercase_pkt(pb, plen); 1313 qstr = sldns_wire2str_pkt(qb, qlen); 1314 pstr = sldns_wire2str_pkt(pb, plen); 1315 if(!qstr || !pstr) error("cannot pkt2string"); 1316 r = (strcmp(qstr, pstr) == 0); 1317 if(!r) { 1318 /* remove ;; MSG SIZE (at end of string) */ 1319 char* s = strstr(qstr, ";; MSG SIZE"); 1320 if(s) *s=0; 1321 s = strstr(pstr, ";; MSG SIZE"); 1322 if(s) *s=0; 1323 r = (strcmp(qstr, pstr) == 0); 1324 if(!r && !noloc) { 1325 /* we are going to fail see if it is because of EDNS */ 1326 char* a = strstr(qstr, "; EDNS"); 1327 char* b = strstr(pstr, "; EDNS"); 1328 if( (a&&!b) || (b&&!a) ) { 1329 verbose(3, "mismatch in EDNS\n"); 1330 } 1331 } 1332 } 1333 if(!r && noloc) { 1334 /* check for reordered sections */ 1335 r = match_noloc(qstr, pstr, q, qlen, p, plen); 1336 } 1337 if(!r) { 1338 verbose(3, "mismatch pkt '%s' and '%s'", qstr, pstr); 1339 } 1340 free(qstr); 1341 free(pstr); 1342 free(qb); 1343 free(pb); 1344 return r; 1345 } 1346 1347 /** see if domain names are equal */ 1348 static int equal_dname(uint8_t* q, size_t qlen, uint8_t* p, size_t plen) 1349 { 1350 uint8_t* qn = get_qname(q, qlen); 1351 uint8_t* pn = get_qname(p, plen); 1352 char qs[512], ps[512]; 1353 size_t qslen = sizeof(qs), pslen = sizeof(ps); 1354 char* qss = qs, *pss = ps; 1355 int comprloop = 0; 1356 if(!qn || !pn) 1357 return 0; 1358 (void)sldns_wire2str_dname_scan(&qn, &qlen, &qss, &qslen, q, qlen, &comprloop); 1359 (void)sldns_wire2str_dname_scan(&pn, &plen, &pss, &pslen, p, plen, &comprloop); 1360 return (strcmp(qs, ps) == 0); 1361 } 1362 1363 /** see if domain names are subdomain q of p */ 1364 static int subdomain_dname(uint8_t* q, size_t qlen, uint8_t* p, size_t plen) 1365 { 1366 /* we use the tostring routines so as to test unbound's routines 1367 * with something else */ 1368 uint8_t* qn = get_qname(q, qlen); 1369 uint8_t* pn = get_qname(p, plen); 1370 char qs[5120], ps[5120]; 1371 size_t qslen = sizeof(qs), pslen = sizeof(ps); 1372 char* qss = qs, *pss = ps; 1373 int comprloop = 0; 1374 if(!qn || !pn) 1375 return 0; 1376 /* decompresses domain names */ 1377 (void)sldns_wire2str_dname_scan(&qn, &qlen, &qss, &qslen, q, qlen, &comprloop); 1378 (void)sldns_wire2str_dname_scan(&pn, &plen, &pss, &pslen, p, plen, &comprloop); 1379 /* same: false, (strict subdomain check)??? */ 1380 if(strcmp(qs, ps) == 0) 1381 return 1; 1382 /* qs must end in ps, at a dot, without \ in front */ 1383 qslen = strlen(qs); 1384 pslen = strlen(ps); 1385 if(qslen > pslen && strcmp(qs + (qslen-pslen), ps) == 0 && 1386 qslen + 2 >= pslen && /* space for label and dot */ 1387 qs[qslen-pslen-1] == '.') { 1388 unsigned int slashcount = 0; 1389 size_t i = qslen-pslen-2; 1390 while(i>0 && qs[i]=='\\') { 1391 i++; 1392 slashcount++; 1393 } 1394 if(slashcount%1 == 1) return 0; /* . preceded by \ */ 1395 return 1; 1396 } 1397 return 0; 1398 } 1399 1400 /** Match OPT RDATA (not the EDNS payload size or flags) */ 1401 static int 1402 match_ednsdata(uint8_t* q, size_t qlen, uint8_t* p, size_t plen) 1403 { 1404 uint8_t* walk_q = q; 1405 size_t walk_qlen = qlen; 1406 uint8_t* walk_p = p; 1407 size_t walk_plen = plen; 1408 1409 if(!pkt_find_edns_opt(&walk_q, &walk_qlen)) 1410 walk_qlen = 0; 1411 if(!pkt_find_edns_opt(&walk_p, &walk_plen)) 1412 walk_plen = 0; 1413 1414 /* class + ttl + rdlen = 8 */ 1415 if(walk_qlen <= 8 && walk_plen <= 8) { 1416 verbose(3, "NO edns opt, move on"); 1417 return 1; 1418 } 1419 if(walk_qlen != walk_plen) 1420 return 0; 1421 1422 return (memcmp(walk_p+8, walk_q+8, walk_qlen-8) == 0); 1423 } 1424 1425 /* finds entry in list, or returns NULL */ 1426 struct entry* 1427 find_match(struct entry* entries, uint8_t* query_pkt, size_t len, 1428 enum transport_type transport) 1429 { 1430 struct entry* p = entries; 1431 uint8_t* reply; 1432 size_t rlen; 1433 for(p=entries; p; p=p->next) { 1434 verbose(3, "comparepkt: "); 1435 reply = p->reply_list->reply_pkt; 1436 rlen = p->reply_list->reply_len; 1437 if(p->match_opcode && get_opcode(query_pkt, len) != 1438 get_opcode(reply, rlen)) { 1439 verbose(3, "bad opcode\n"); 1440 continue; 1441 } 1442 if(p->match_qtype && get_qtype(query_pkt, len) != 1443 get_qtype(reply, rlen)) { 1444 verbose(3, "bad qtype %d %d\n", get_qtype(query_pkt, len), get_qtype(reply, rlen)); 1445 continue; 1446 } 1447 if(p->match_qname) { 1448 if(!equal_dname(query_pkt, len, reply, rlen)) { 1449 verbose(3, "bad qname\n"); 1450 continue; 1451 } 1452 } 1453 if(p->match_rcode) { 1454 if(get_rcode(query_pkt, len) != get_rcode(reply, rlen)) { 1455 char *r1 = sldns_wire2str_rcode(get_rcode(query_pkt, len)); 1456 char *r2 = sldns_wire2str_rcode(get_rcode(reply, rlen)); 1457 verbose(3, "bad rcode %s instead of %s\n", 1458 r1, r2); 1459 free(r1); 1460 free(r2); 1461 continue; 1462 } 1463 } 1464 if(p->match_question) { 1465 if(!match_question(query_pkt, len, reply, rlen, 1466 (int)p->match_ttl)) { 1467 verbose(3, "bad question section\n"); 1468 continue; 1469 } 1470 } 1471 if(p->match_answer) { 1472 if(!match_answer(query_pkt, len, reply, rlen, 1473 (int)p->match_ttl)) { 1474 verbose(3, "bad answer section\n"); 1475 continue; 1476 } 1477 } 1478 if(p->match_subdomain) { 1479 if(!subdomain_dname(query_pkt, len, reply, rlen)) { 1480 verbose(3, "bad subdomain\n"); 1481 continue; 1482 } 1483 } 1484 if(p->match_serial && get_serial(query_pkt, len) != p->ixfr_soa_serial) { 1485 verbose(3, "bad serial\n"); 1486 continue; 1487 } 1488 if(p->match_do && !get_do_flag(query_pkt, len)) { 1489 verbose(3, "no DO bit set\n"); 1490 continue; 1491 } 1492 if(p->match_noedns && get_has_edns(query_pkt, len)) { 1493 verbose(3, "bad; EDNS OPT present\n"); 1494 continue; 1495 } 1496 if(p->match_ednsdata_raw && 1497 !match_ednsdata(query_pkt, len, reply, rlen)) { 1498 verbose(3, "bad EDNS data match.\n"); 1499 continue; 1500 } 1501 if(p->match_transport != transport_any && p->match_transport != transport) { 1502 verbose(3, "bad transport\n"); 1503 continue; 1504 } 1505 if(p->match_all && !match_all(query_pkt, len, reply, rlen, 1506 (int)p->match_ttl, 0)) { 1507 verbose(3, "bad allmatch\n"); 1508 continue; 1509 } 1510 verbose(3, "match!\n"); 1511 return p; 1512 } 1513 return NULL; 1514 } 1515 1516 void 1517 adjust_packet(struct entry* match, uint8_t** answer_pkt, size_t *answer_len, 1518 uint8_t* query_pkt, size_t query_len) 1519 { 1520 uint8_t* orig = *answer_pkt; 1521 size_t origlen = *answer_len; 1522 uint8_t* res; 1523 size_t reslen; 1524 1525 /* perform the copy; if possible; must be uncompressed */ 1526 if(match->copy_query && origlen >= LDNS_HEADER_SIZE && 1527 query_len >= LDNS_HEADER_SIZE && LDNS_QDCOUNT(query_pkt)!=0 1528 && LDNS_QDCOUNT(orig)==0) { 1529 /* no qname in output packet, insert it */ 1530 size_t dlen = get_qname_len(query_pkt, query_len); 1531 reslen = origlen + dlen + 4; 1532 res = (uint8_t*)malloc(reslen); 1533 if(!res) { 1534 verbose(1, "out of memory; send without adjust\n"); 1535 return; 1536 } 1537 /* copy the header, query, remainder */ 1538 memcpy(res, orig, LDNS_HEADER_SIZE); 1539 memmove(res+LDNS_HEADER_SIZE, query_pkt+LDNS_HEADER_SIZE, 1540 dlen+4); 1541 memmove(res+LDNS_HEADER_SIZE+dlen+4, orig+LDNS_HEADER_SIZE, 1542 reslen-(LDNS_HEADER_SIZE+dlen+4)); 1543 /* set QDCOUNT */ 1544 sldns_write_uint16(res+4, 1); 1545 } else if(match->copy_query && origlen >= LDNS_HEADER_SIZE && 1546 query_len >= LDNS_HEADER_SIZE && LDNS_QDCOUNT(query_pkt)!=0 1547 && get_qname_len(orig, origlen) == 0) { 1548 /* QDCOUNT(orig)!=0 but qlen == 0, therefore, an error */ 1549 verbose(1, "error: malformed qname; send without adjust\n"); 1550 res = memdup(orig, origlen); 1551 reslen = origlen; 1552 } else if(match->copy_query && origlen >= LDNS_HEADER_SIZE && 1553 query_len >= LDNS_HEADER_SIZE && LDNS_QDCOUNT(query_pkt)!=0 1554 && LDNS_QDCOUNT(orig)!=0) { 1555 /* in this case olen != 0 and QDCOUNT(orig)!=0 */ 1556 /* copy query section */ 1557 size_t dlen = get_qname_len(query_pkt, query_len); 1558 size_t olen = get_qname_len(orig, origlen); 1559 reslen = origlen + dlen - olen; 1560 res = (uint8_t*)malloc(reslen); 1561 if(!res) { 1562 verbose(1, "out of memory; send without adjust\n"); 1563 return; 1564 } 1565 /* copy the header, query, remainder */ 1566 memcpy(res, orig, LDNS_HEADER_SIZE); 1567 memmove(res+LDNS_HEADER_SIZE, query_pkt+LDNS_HEADER_SIZE, 1568 dlen+4); 1569 memmove(res+LDNS_HEADER_SIZE+dlen+4, 1570 orig+LDNS_HEADER_SIZE+olen+4, 1571 reslen-(LDNS_HEADER_SIZE+dlen+4)); 1572 } else { 1573 res = memdup(orig, origlen); 1574 reslen = origlen; 1575 } 1576 if(!res) { 1577 verbose(1, "out of memory; send without adjust\n"); 1578 return; 1579 } 1580 /* copy the ID */ 1581 if(match->copy_id && reslen >= 2 && query_len >= 2) 1582 res[1] = query_pkt[1]; 1583 if(match->copy_id && reslen >= 1 && query_len >= 1) 1584 res[0] = query_pkt[0]; 1585 1586 if(match->copy_ednsdata_assume_clientsubnet) { 1587 /** Assume there is only one EDNS option, which is ECS. 1588 * Copy source mask from query to scope mask in reply. Assume 1589 * rest of ECS data in response (eg address) matches the query. 1590 */ 1591 uint8_t* walk_q = orig; 1592 size_t walk_qlen = origlen; 1593 uint8_t* walk_p = res; 1594 size_t walk_plen = reslen; 1595 1596 if(!pkt_find_edns_opt(&walk_q, &walk_qlen)) { 1597 walk_qlen = 0; 1598 } 1599 if(!pkt_find_edns_opt(&walk_p, &walk_plen)) { 1600 walk_plen = 0; 1601 } 1602 /* class + ttl + rdlen + optcode + optlen + ecs fam + ecs source 1603 * + ecs scope = index 15 */ 1604 if(walk_qlen >= 15 && walk_plen >= 15) { 1605 walk_p[15] = walk_q[14]; 1606 } 1607 if(match->increment_ecs_scope) { 1608 walk_p[15]++; 1609 } 1610 } 1611 1612 if(match->sleeptime > 0) { 1613 verbose(3, "sleeping for %d seconds\n", match->sleeptime); 1614 #ifdef HAVE_SLEEP 1615 sleep(match->sleeptime); 1616 #else 1617 Sleep(match->sleeptime * 1000); 1618 #endif 1619 } 1620 *answer_pkt = res; 1621 *answer_len = reslen; 1622 } 1623 1624 /* 1625 * Parses data buffer to a query, finds the correct answer 1626 * and calls the given function for every packet to send. 1627 */ 1628 void 1629 handle_query(uint8_t* inbuf, ssize_t inlen, struct entry* entries, int* count, 1630 enum transport_type transport, void (*sendfunc)(uint8_t*, size_t, void*), 1631 void* userdata, FILE* verbose_out) 1632 { 1633 struct reply_packet *p; 1634 uint8_t *outbuf = NULL; 1635 size_t outlen = 0; 1636 struct entry* entry = NULL; 1637 1638 verbose(1, "query %d: id %d: %s %d bytes: ", ++(*count), 1639 (int)(inlen>=2?LDNS_ID_WIRE(inbuf):0), 1640 (transport==transport_tcp)?"TCP":"UDP", (int)inlen); 1641 if(verbose_out) { 1642 char* out = sldns_wire2str_pkt(inbuf, (size_t)inlen); 1643 printf("%s\n", out); 1644 free(out); 1645 } 1646 1647 /* fill up answer packet */ 1648 entry = find_match(entries, inbuf, (size_t)inlen, transport); 1649 if(!entry || !entry->reply_list) { 1650 verbose(1, "no answer packet for this query, no reply.\n"); 1651 return; 1652 } 1653 for(p = entry->reply_list; p; p = p->next) 1654 { 1655 verbose(3, "Answer pkt:\n"); 1656 if (p->reply_from_hex) { 1657 /* try to adjust the hex packet, if it can be 1658 * parsed, we can use adjust rules. if not, 1659 * send packet literally */ 1660 /* still try to adjust ID if others fail */ 1661 outlen = sldns_buffer_limit(p->reply_from_hex); 1662 outbuf = sldns_buffer_begin(p->reply_from_hex); 1663 } else { 1664 outbuf = p->reply_pkt; 1665 outlen = p->reply_len; 1666 } 1667 if(!outbuf) { 1668 verbose(1, "out of memory\n"); 1669 return; 1670 } 1671 /* copies outbuf in memory allocation */ 1672 adjust_packet(entry, &outbuf, &outlen, inbuf, (size_t)inlen); 1673 verbose(1, "Answer packet size: %u bytes.\n", (unsigned int)outlen); 1674 if(verbose_out) { 1675 char* out = sldns_wire2str_pkt(outbuf, outlen); 1676 printf("%s\n", out); 1677 free(out); 1678 } 1679 if(p->packet_sleep) { 1680 verbose(3, "sleeping for next packet %d secs\n", 1681 p->packet_sleep); 1682 #ifdef HAVE_SLEEP 1683 sleep(p->packet_sleep); 1684 #else 1685 Sleep(p->packet_sleep * 1000); 1686 #endif 1687 verbose(3, "wakeup for next packet " 1688 "(slept %d secs)\n", p->packet_sleep); 1689 } 1690 sendfunc(outbuf, outlen, userdata); 1691 free(outbuf); 1692 outbuf = NULL; 1693 outlen = 0; 1694 } 1695 } 1696 1697 /** delete the list of reply packets */ 1698 void delete_replylist(struct reply_packet* replist) 1699 { 1700 struct reply_packet *p=replist, *np; 1701 while(p) { 1702 np = p->next; 1703 free(p->reply_pkt); 1704 sldns_buffer_free(p->reply_from_hex); 1705 sldns_buffer_free(p->raw_ednsdata); 1706 free(p); 1707 p=np; 1708 } 1709 } 1710 1711 void delete_entry(struct entry* list) 1712 { 1713 struct entry *p=list, *np; 1714 while(p) { 1715 np = p->next; 1716 delete_replylist(p->reply_list); 1717 free(p); 1718 p = np; 1719 } 1720 } 1721