4353a5c4 |
1 | /**/ |
2 | |
3 | #include "internal.h" |
4 | |
ec477b9e |
5 | typedef enum { |
6 | rcode_noerror, |
7 | rcode_formaterror, |
b9de380c |
8 | rcode_servfail, |
ec477b9e |
9 | rcode_nxdomain, |
10 | rcode_notimp, |
11 | rcode_refused |
12 | } dns_rcode; |
13 | |
b9de380c |
14 | #define GETIL_B(cb) (dgram[*(cb)++]) |
15 | #define GET_B(cb,tv) ((tv)= GETIL_B((cb))) |
16 | #define GET_W(cb,tv) ((tv)=0, (tv)|=(GETIL_B((cb))<<8), (tv)|=GETIL_B(cb), (tv)) |
17 | |
18 | static void vbuf__append_quoted1035(vbuf *vb, const byte *buf, int len) { |
19 | char qbuf[10]; |
20 | int i; |
21 | |
22 | while (len) { |
23 | qbuf[0]= 0; |
24 | for (i=0; i<len; i++) { |
25 | ch= buf[i]; |
26 | if (ch == '.' || ch == '"' || ch == '(' || ch == ')' || |
27 | ch == '@' || ch == ';' || ch == '$') { |
28 | sprintf(qbuf,"\\%c",ch); |
29 | break; |
30 | } else if (ch <= ' ' || ch >= 127) { |
31 | sprintf(qbuf,"\\%03o",ch); |
32 | break; |
33 | } |
34 | } |
35 | if (!adns__vbuf_append(vb,buf,i) || !adns__vbuf_append(vb,qbuf,strlen(qbuf))) |
36 | return adns_s_nolocalmem; |
37 | buf+= i; len-= i; |
38 | } |
39 | } |
40 | |
0ba0614a |
41 | static adns_status get_label(const byte *dgram, int dglen, int *max_io, |
42 | int *cbyte_io, int *lablen_r, int *labstart_r, |
43 | int *namelen_io) { |
44 | /* If succeeds, *lablen_r may be set to -1 to indicate truncation/overrun */ |
45 | int max, cbyte, lablen, namelen; |
46 | |
47 | max= *max_io; |
48 | cbyte= *cbyte_io; |
49 | |
50 | for (;;) { |
51 | if (cbyte+2 > max) goto x_truncated; |
52 | GET_W(cbyte,lablen); |
53 | if (!(lablen & 0x0c000)) break; |
54 | if ((lablen & 0x0c000) != 0x0c000) return adns_s_unknownreply; |
55 | if (cbyte_io) { *cbyte_io= cbyte; cbyte_io= 0; } |
56 | cbyte= dgram+DNS_HDR_SIZE+(lablen&0x3fff); |
57 | *max_io= max= dglen; |
58 | } |
59 | if (labstart_r) *labstart_r= cbyte; |
60 | if (lablen) { |
61 | namelen= *namelen_io; |
62 | if (namelen) namelen++; |
63 | namelen+= lablen; |
64 | if (namelen > DNS_MAXDOMAIN) return adns_s_domaintoolong; |
65 | *namelen_io= namelen; |
66 | cbyte+= lablen; |
67 | if (cbyte > max) goto x_truncated; |
68 | } |
69 | if (cbyte_io) *cbyte_io= cbyte; |
70 | *lablen_r= lablen; |
71 | return adns_s_ok; |
72 | |
73 | x_truncated: |
74 | *lablen_r= -1; |
75 | return adns_s_ok; |
76 | } |
77 | |
b9de380c |
78 | static adns_status get_domain_perm(adns_state ads, adns_query qu, int serv, |
79 | const byte *dgram, int dglen, |
80 | int *cbyte_io, int max, char **domain_r) { |
81 | /* Returns 0 for OK (*domain_r set) or truncated (*domain_r null) |
82 | * or any other adns_s_* value. |
83 | */ |
0ba0614a |
84 | int cbyte, sused, lablen, namelen; |
b9de380c |
85 | |
86 | /* If we follow a pointer we set cbyte_io to 0 to indicate that |
87 | * we've lost our original starting and ending points; we don't |
88 | * put the end of the pointed-to thing into the original *cbyte_io. |
89 | */ |
90 | cbyte= *cbyte_io; |
91 | sused= qu->ans.used; |
92 | *domain_r= 0; |
0ba0614a |
93 | namelen= 0; |
b9de380c |
94 | for (;;) { |
0ba0614a |
95 | st= get_label(dgram,dglen,&max, &cbyte,&lablen,&labstart,&namelen); |
96 | if (st) return st; |
97 | if (lablen<0) goto x_truncated; |
b9de380c |
98 | if (!lablen) break; |
b9de380c |
99 | if (qu->ans.used != sused) |
100 | if (!adns__vbuf_append(&qu->ans,".",1)) return adns_s_nolocalmem; |
101 | if (qu->flags & adns_qf_anyquote) { |
0ba0614a |
102 | if (!vbuf__append_quoted1035(&qu->ans,dgram+labstart,lablen)) |
b9de380c |
103 | return adns_s_nolocalmem; |
104 | } else { |
0ba0614a |
105 | if (!ctype_isalpha(dgram[labstart])) return adns_s_invaliddomain; |
b9de380c |
106 | for (i= cbyte+1; i<cbyte+lablen; i++) { |
107 | ch= dgram[cbyte]; |
108 | if (ch != '-' && !ctype_isalpha(ch) && !ctype_isdigit(ch)) |
109 | return adns_s_invaliddomain; |
110 | } |
0ba0614a |
111 | if (!adns__vbuf_append(&qu->ans,dgram+labstart,lablen)) |
b9de380c |
112 | return adns_s_nolocalmem; |
113 | } |
114 | } |
115 | if (cbyte_io) *cbyte_io= cbyte; |
116 | if (!adns__vbuf_append(&qu->ans,"",1)) return adns_s_nolocalmem; |
117 | *domain_r= qu->ans.buf+sused; |
118 | return adns_s_ok; |
119 | |
120 | x_truncated: |
121 | return cbyte_io ? -1 : adns_s_serverfaulty; |
122 | } |
123 | |
124 | static adns_status get_domain_temp(adns_state ads, adns_query qu, int serv, |
125 | const byte *dgram, int dglen, |
126 | int *cbyte_io, int max, char **domain_r) { |
127 | int sused; |
128 | adns_status st; |
129 | |
130 | sused= qu->ans.used; |
131 | st= get_domain_perm(ads,qu,serv,dgram,dglen,cbyte_io,max,domain_r); |
132 | qu->ans.used= sused; |
133 | return st; |
134 | } |
135 | |
b9de380c |
136 | static adns_status get_rr_temp(adns_state ads, adns_query qu, int serv, |
0ba0614a |
137 | const byte *dgram, int dglen, int *cbyte_io, |
b9de380c |
138 | int *type_r, int *class_r, int *rdlen_r, int *rdstart_r, |
0ba0614a |
139 | const byte *eo_dgram, int eo_dglen, int eo_cbyte, |
140 | int *eo_matched_r) { |
141 | /* _s_ok can have *type_r == -1 and other output invalid, for truncation |
142 | * type_r and class_r must be !0, other _r may be 0. |
143 | * eo_dgram==0 for no comparison, otherwise all eo_ must be valid. |
144 | */ |
145 | int cbyte, tmp, rdlen, mismatch; |
146 | int max, lablen, labstart, namelen; |
147 | int eo_max, eo_lablen, eo_labstart, eo_namelen; |
b9de380c |
148 | |
149 | cbyte= *cbyte_io; |
0ba0614a |
150 | mismatch= eo_dgram ? 1 : 0; |
151 | |
152 | namelen= 0; eo_namelen= 0; |
153 | max= dglen; eo_max= eo_dglen; |
154 | for (;;) { |
155 | st= get_label(dgram,dglen,&max, |
156 | &cbyte,&lablen,&labstart,&namelen); |
157 | if (st) return st; |
158 | if (lablen<0) goto x_truncated; |
159 | |
160 | if (!mismatch) { |
161 | st= get_label(eo_dgram,eo_dglen,&eo_max, |
162 | &eo_cbyte,&eo_lablen,&eo_labstart,&eo_namelen); |
163 | if (st) return st; |
164 | assert(eo_lablen>=0); |
165 | if (lablen != eo_lablen) mismatch= 1; |
166 | while (!mismatch && lablen-- > 0) { |
167 | ch= dgram[labstart++]; if (ctype_isalpha(ch)) ch &= ~32; |
168 | eo_ch= eo_dgram[eo_labstart++]; if (ctype_isalpha(eo_ch)) eo_ch &= ~32; |
169 | if (ch != eo_ch) mismatch= 1 |
170 | } |
171 | } |
172 | } |
173 | if (eo_matched_r) *eo_matched_r= !mismatch; |
b9de380c |
174 | |
175 | if (cbyte+10>len) goto x_truncated; |
0ba0614a |
176 | GET_W(cbyte,tmp); *type_r= tmp; |
177 | GET_W(cbyte,tmp); *class_r= tmp; |
b9de380c |
178 | cbyte+= 4; /* we skip the TTL */ |
179 | GET_W(cbyte,rdlen); if (rdlen_r) *rdlen_r= tmp; |
180 | if (rdstart_r) *rdstart_r= cbyte; |
181 | cbyte+= rdlen; |
182 | if (cbyte>dglen) goto x_truncated; |
183 | *cbyte_io= cbyte; |
184 | return adns_s_ok; |
185 | |
186 | x_truncated: |
0ba0614a |
187 | *type_r= -1; |
188 | return 0;; |
b9de380c |
189 | } |
190 | |
191 | void adns__procdgram(adns_state ads, const byte *dgram, int dglen, int serv) { |
0ba0614a |
192 | int cbyte, anstart, rrstart, lablen, wantedrrs, get_t, cnamestart; |
b9de380c |
193 | |
194 | cbyte= 0; |
ec477b9e |
195 | |
b9de380c |
196 | if (dglen<DNS_HDR_SIZE) { |
ec477b9e |
197 | adns__diag(ads,serv,"received datagram too short for message header (%d)",len); |
198 | return; |
199 | } |
b9de380c |
200 | GET_W(cbyte,id); |
201 | GET_B(cbyte,f1); |
202 | GET_B(cbyte,f2); |
203 | GET_W(cbyte,qdcount); |
204 | GET_W(cbyte,ancount); |
205 | GET_W(cbyte,nscount); |
206 | GET_W(cbyte,arcount); |
207 | assert(cbyte == DNS_HDR_SIZE); |
ec477b9e |
208 | |
0ba0614a |
209 | flg_ra= f2&0x80; |
210 | |
ec477b9e |
211 | if (f1&0x80) { |
212 | adns__diag(ads,serv,"server sent us a query, not a response"); |
213 | return; |
214 | } |
215 | if (f1&0x70) { |
216 | adns__diag(ads,serv,"server sent us unknown opcode %d (wanted 0=QUERY)", |
217 | (f1>>4)&0x70); |
218 | return; |
219 | } |
220 | if (!qdcount) { |
221 | adns__diag(ads,serv,"server sent reply without quoting our question"); |
222 | return; |
223 | } else if (qdcount>1) { |
224 | adns__diag(ads,serv,"server claimed to answer %d questions with one message", |
225 | qdcount); |
226 | return; |
227 | } |
228 | for (qu= ads->timew; qu= nqu; qu++) { |
229 | nqu= qu->next; |
230 | if (qu->id != id) continue; |
231 | if (len < qu->querylen) continue; |
b9de380c |
232 | if (memcmp(qu->querymsg+DNSHDRSIZE,dgram+DNSHDRSIZE,qu->querylen-DNSHDRSIZE)) |
233 | continue; |
ec477b9e |
234 | break; |
235 | } |
b9de380c |
236 | anstart= qu->querylen; |
ec477b9e |
237 | if (!qu) { |
238 | adns__debug(ads,serv,"reply not found (id=%02x)",id); |
239 | return; |
240 | } |
ec477b9e |
241 | if (!(f1&0x01)) { |
242 | adns__diag(ads,serv,"server thinks we didn't ask for recursive lookup"); |
243 | adns__query_fail(ads,qu,adns_s_serverfaulty); |
244 | return; |
245 | } |
b9de380c |
246 | |
247 | rcode= (f1&0x0f); |
248 | switch (rcode) { |
249 | case rcode_noerror: |
250 | case rcode_nxdomain: |
ec477b9e |
251 | break; |
b9de380c |
252 | case rcode_formaterror: |
253 | adns__warn(ads,serv,"server cannot understand our query (Format Error)"); |
ec477b9e |
254 | adns__query_fail(ads,qu,adns_s_serverfaulty); |
255 | return; |
b9de380c |
256 | case rcode_servfail; |
ec477b9e |
257 | adns__query_fail(ads,qu,adns_s_serverfailure); |
258 | return; |
b9de380c |
259 | case rcode_notimp: |
260 | adns__warn(ads,serv,"server claims not to implement our query"); |
261 | adns__query_fail(ads,qu,adns_s_notimplemented); |
262 | return; |
263 | case rcode_refused: |
264 | adns__warn(ads,serv,"server refused our query"); |
265 | adns__query_fail(ads,qu,adns_s_refused); |
266 | return; |
267 | default: |
268 | adns__warn(ads,serv,"server gave unknown response code %d",rcode); |
269 | adns__query_fail(ads,qu,adns_s_reasonunknown); |
270 | return; |
271 | } |
272 | |
273 | /* Now, take a look at the answer section, and see if it is complete. |
274 | * If it has any CNAMEs we stuff them in the answer. |
275 | */ |
276 | wantedrrs= 0; |
277 | for (rri= 0; rri<ancount; rri++) { |
278 | rrstart= cbyte; |
0ba0614a |
279 | if (qu->cname) { |
280 | st= get_rr_temp(ads,qu,serv, dgram,dglen,&cbyte, |
281 | &rrtype,&rrclass,&rdlength,&rdstart, |
282 | dgram,dglen,cnamestart, &ownermatched); |
283 | } else { |
284 | st= get_rr_temp(ads,qu,serv, dgram,dglen,&cbyte, |
285 | &rrtype,&rrclass,&rdlength,&rdstart, |
286 | qu->querymsg,qu->querylen,DNS_HDR_SIZE, &ownermatched); |
287 | } |
b9de380c |
288 | if (st) adns__query_fail(ads,qu,st); |
0ba0614a |
289 | if (rrtype == -1) goto x_truncated; |
290 | |
b9de380c |
291 | if (rrclass != DNS_CLASS_IN) { |
0ba0614a |
292 | adns__diag(ads,serv,"ignoring answer RR with wrong class %d (expected IN=%d)", |
b9de380c |
293 | rrclass,DNS_CLASS_IN); |
294 | continue; |
295 | } |
0ba0614a |
296 | if (!ownermatched) { |
297 | if (ads->iflag & adns_if_debug) { |
298 | st= get_domain_temp(ads,qu,serv, dgram,dglen,&rrstart,dglen, &cowner); |
299 | if (st) adns__debug(ads,serv,"ignoring RR with an irrelevant owner, code %d",st); |
300 | else adns__debug(ads,serv,"ignoring RR with an irrelevant owner \"%s\"",cowner); |
301 | } |
b9de380c |
302 | continue; |
303 | } |
304 | if (!qu->cname && |
305 | (qu->type & adns__rrt_typemask) != adns_cname && |
306 | rrtype == adns_cname) { /* Ignore second and subsequent CNAMEs */ |
0ba0614a |
307 | st= get_domain_perm(ads,qu,serv, dgram,dglen, |
308 | &rdstart,rdstart+rdlength,&qu->cname); |
309 | if (st) return st; |
310 | if (!qu->cname) goto x_truncated; |
311 | /* If we find the answer section truncated after this point we restart |
312 | * the query at the CNAME; if beforehand then we obviously have to use |
313 | * TCP. If there is no truncation we can use the whole answer if |
314 | * it contains the relevant info. |
315 | */ |
b9de380c |
316 | } else if (rrtype == (qu->type & adns__rrt_typemask)) { |
317 | wantedrrs++; |
318 | } else { |
319 | adns__debug(ads,serv,"ignoring answer RR with irrelevant type %d",rrtype); |
320 | } |
321 | } |
322 | |
323 | /* If we got here then the answer section is intact. */ |
324 | nsstart= cbyte; |
325 | |
326 | if (!wantedrrs) { |
327 | /* Oops, NODATA or NXDOMAIN or perhaps a referral (which would be a problem) */ |
328 | |
329 | if (rcode == rcode_nxdomain) { |
0ba0614a |
330 | adns__query_finish(ads,qu,adns_s_nxdomain); |
b9de380c |
331 | return; |
332 | } |
333 | |
334 | /* RFC2308: NODATA has _either_ a SOA _or_ _no_ NS records in authority section */ |
0ba0614a |
335 | foundsoa= 0; foundns= 0; |
b9de380c |
336 | for (rri= 0; rri<nscount; rri++) { |
0ba0614a |
337 | rrstart= cbyte; |
338 | st= get_rr_temp(ads,qu,serv, dgram,dglen,&cbyte, |
339 | &rrtype,&rrclass, &rdlength,&rdstart, 0,0,0,0); |
340 | if (st) return st; |
341 | if (rrtype==-1) goto x_truncated; |
342 | if (rrclass != DNS_CLASS_IN) { |
343 | adns__diag(ads,serv,"ignoring authority RR with wrong class %d (expected IN=%d)", |
344 | rrclass,DNS_CLASS_IN); |
345 | continue; |
346 | } |
347 | if (rrtype == adns_r_soa_raw) { foundsoa= 1; break; } |
348 | else if (rrtype == adns_r_ns_raw) { foundns= 1; } |
b9de380c |
349 | } |
0ba0614a |
350 | |
351 | if (foundsoa || !foundns) { |
352 | /* Aha ! A NODATA response, good. */ |
353 | adns__query_finish(ads,qu,adns_s_nodata); |
354 | return; |
355 | } |
356 | |
357 | /* Now what ? No relevant answers, no SOA, and at least some NS's. |
358 | * Looks like a referral. Just one last chance ... if we came across |
359 | * a CNAME then perhaps we should do our own CNAME lookup. |
360 | */ |
361 | if (qu->cname) { |
362 | cname_recurse(ads,qu); |
363 | return; |
364 | } |
365 | |
366 | /* Bloody hell, I thought we asked for recursion ? */ |
367 | if (!flg_ra) { |
368 | adns__diag(ads,serv,"server is not willing to do recursive lookups for us"); |
369 | adns__query_fail(ads,qu,adns_s_norecurse); |
370 | return; |
371 | } |
372 | adns__diag(ads,serv,"server claims to do recursion, but gave us a referral"); |
373 | adns__query_fail(ads,qu,adns_s_serverfault); |
b9de380c |
374 | return; |
375 | } |
376 | |
0ba0614a |
377 | /* Now, we have some RRs which we wanted. */ |
378 | rrs= |
379 | |
380 | } |
381 | } else { |
382 | |
383 | { truncated(ads,qu,flg_ra); return; } |
b9de380c |
384 | |
385 | ) { |
386 | if (type |
387 | if (cbyte+lab |
388 | if (anstart > dgend) { truncated(ads,qu,f1); return; } |
389 | } |
390 | for |
391 | |
392 | /* Look for CNAMEs in the answer section */ |
393 | |
394 | } |
395 | |
396 | |
397 | adns__diag(ads,serv,"server refused our query"); |
398 | |
399 | case rcode_ |
400 | |
401 | case 0: /* NOERROR |
402 | break; |
403 | case 1: /* Format error */ |
ec477b9e |
404 | case 3: /* Name Error */ |
405 | |
406 | qr= f1&0x80; |
407 | |
408 | |
4353a5c4 |
409 | adns__diag(ads,serv,"received datagram size %d",len); |
ec477b9e |
410 | |
4353a5c4 |
411 | } |
0ba0614a |
412 | |
413 | while ( |
414 | switch (type) { |
415 | case adns_r_a: |
416 | adns_r_a_mf= adns_r_a|adns__qtf_masterfmt, |
417 | |
418 | adns_r_ns_raw= 2, |
419 | adns_r_ns= adns_r_ns_raw|adns__qtf_deref, |
420 | adns_r_ns_mf= adns_r_ns_raw|adns__qtf_masterfmt, |
421 | |
422 | adns_r_cname= 5, |
423 | adns_r_cname_mf= adns_r_cname|adns__qtf_masterfmt, |
424 | |
425 | adns_r_soa_raw= 6, |
426 | adns_r_soa= adns_r_soa_raw|adns__qtf_mail822, |
427 | adns_r_soa_mf= adns_r_soa_raw|adns__qtf_masterfmt, |
428 | |
429 | adns_r_null= 10, |
430 | adns_r_null_mf= adns_r_null|adns__qtf_masterfmt, |
431 | |
432 | adns_r_ptr_raw= 12, |
433 | adns_r_ptr= adns_r_ptr_raw|adns__qtf_deref, |
434 | adns_r_ptr_mf= adns_r_ptr_raw|adns__qtf_masterfmt, |
435 | |
436 | adns_r_hinfo= 13, |
437 | adns_r_hinfo_mf= adns_r_hinfo|adns__qtf_masterfmt, |
438 | |
439 | adns_r_mx_raw= 15, |
440 | adns_r_mx= adns_r_mx_raw|adns__qtf_deref, |
441 | adns_r_mx_mf= adns_r_mx_raw|adns__qtf_masterfmt, |
442 | |
443 | adns_r_txt= 16, |
444 | adns_r_txt_mf= adns_r_txt|adns__qtf_masterfmt, |
445 | |
446 | adns_r_rp_raw= 17, |
447 | adns_r_rp= adns_r_rp_raw|adns__qtf_mail822, |
448 | adns_r_rp_mf= adns_r_rp_raw|adns__qtf_masterfmt |
449 | |
450 | |