/** verify and test an entry - every rr in the message */
static void
verifytest_entry(struct entry* e, struct alloc_cache* alloc,
struct regional* region, sldns_buffer* pkt,
struct ub_packed_rrset_key* dnskey, struct module_env* env,
struct val_env* ve)
{
struct query_info qinfo;
struct reply_info* rep = NULL;
size_t i;
regional_free_all(region);
if(vsig) {
char* s = sldns_wire2str_pkt(e->reply_list->reply_pkt,
e->reply_list->reply_len);
printf("verifying pkt:\n%s\n", s?s:"outofmemory");
free(s);
}
entry_to_repinfo(e, alloc, region, pkt, &qinfo, &rep);
for(i=0; i<rep->rrset_count; i++) {
verifytest_rrset(env, ve, rep->rrsets[i], dnskey, &qinfo);
}
reply_info_parsedelete(rep, alloc);
query_info_clear(&qinfo);
}
/** helper function that logs a sldns_pkt packet to logfile */
static void
log_pkt(const char* desc, uint8_t* pkt, size_t len)
{
char* str = sldns_wire2str_pkt(pkt, len);
if(!str)
fatal_exit("%s: (failed out of memory wire2str_pkt)", desc);
else {
log_info("%s%s", desc, str);
free(str);
}
}
/** check if unbound formerr equals ldns formerr */
static void
checkformerr(sldns_buffer* pkt)
{
int status = 0;
char* s = sldns_wire2str_pkt(sldns_buffer_begin(pkt),
sldns_buffer_limit(pkt));
if(!s) fatal_exit("out of memory");
if(strstr(s, "Error")) status = 1;
if(strstr(s, "error")) status = 1;
if(status == 0) {
printf("Formerr, but ldns gives packet:\n");
printf("%s\n", s);
free(s);
exit(1);
}
free(s);
unit_assert(status != 0);
}
/** Test hash algo - NSEC3 hash it and compare result */
static void
nsec3_hash_test_entry(struct entry* e, rbtree_type* ct,
struct alloc_cache* alloc, struct regional* region,
sldns_buffer* buf)
{
struct query_info qinfo;
struct reply_info* rep = NULL;
struct ub_packed_rrset_key* answer, *nsec3;
struct nsec3_cached_hash* hash = NULL;
int ret;
uint8_t* qname;
if(vsig) {
char* s = sldns_wire2str_pkt(e->reply_list->reply_pkt,
e->reply_list->reply_len);
printf("verifying NSEC3 hash:\n%s\n", s?s:"outofmemory");
free(s);
}
entry_to_repinfo(e, alloc, region, buf, &qinfo, &rep);
nsec3 = find_rrset_type(rep, LDNS_RR_TYPE_NSEC3);
answer = find_rrset_type(rep, LDNS_RR_TYPE_AAAA);
qname = regional_alloc_init(region, qinfo.qname, qinfo.qname_len);
/* check test is OK */
unit_assert(nsec3 && answer && qname);
ret = nsec3_hash_name(ct, region, buf, nsec3, 0, qname,
qinfo.qname_len, &hash);
if(ret != 1) {
printf("Bad nsec3_hash_name retcode %d\n", ret);
unit_assert(ret == 1);
}
unit_assert(hash->dname && hash->hash && hash->hash_len &&
hash->b32 && hash->b32_len);
unit_assert(hash->b32_len == (size_t)answer->rk.dname[0]);
/* does not do lowercasing. */
unit_assert(memcmp(hash->b32, answer->rk.dname+1, hash->b32_len)
== 0);
reply_info_parsedelete(rep, alloc);
query_info_clear(&qinfo);
}
/** DS sig test an entry - get DNSKEY and DS in entry and verify */
static void
dstest_entry(struct entry* e, struct alloc_cache* alloc,
struct regional* region, sldns_buffer* pkt, struct module_env* env)
{
struct query_info qinfo;
struct reply_info* rep = NULL;
struct ub_packed_rrset_key* ds, *dnskey;
int ret;
regional_free_all(region);
if(vsig) {
char* s = sldns_wire2str_pkt(e->reply_list->reply_pkt,
e->reply_list->reply_len);
printf("verifying DS-DNSKEY match:\n%s\n", s?s:"outofmemory");
free(s);
}
entry_to_repinfo(e, alloc, region, pkt, &qinfo, &rep);
ds = find_rrset_type(rep, LDNS_RR_TYPE_DS);
dnskey = find_rrset_type(rep, LDNS_RR_TYPE_DNSKEY);
/* check test is OK */
unit_assert(ds && dnskey);
ret = ds_digest_match_dnskey(env, dnskey, 0, ds, 0);
if(strncmp((char*)qinfo.qname, "\003yes", 4) == 0) {
if(vsig) {
printf("result(yes)= %s\n", ret?"yes":"no");
}
unit_assert(ret);
} else if (strncmp((char*)qinfo.qname, "\002no", 3) == 0) {
if(vsig) {
printf("result(no)= %s\n", ret?"yes":"no");
}
unit_assert(!ret);
verbose(VERB_QUERY, "DS fail: OK; matched unit test");
} else {
fatal_exit("Bad qname in DS unit test, yes or no");
}
reply_info_parsedelete(rep, alloc);
query_info_clear(&qinfo);
}
void
log_dns_msg(const char* str, struct query_info* qinfo, struct reply_info* rep)
{
/* not particularly fast but flexible, make wireformat and print */
sldns_buffer* buf = sldns_buffer_new(65535);
struct regional* region = regional_create();
if(!reply_info_encode(qinfo, rep, 0, rep->flags, buf, 0,
region, 65535, 1)) {
log_info("%s: log_dns_msg: out of memory", str);
} else {
char* s = sldns_wire2str_pkt(sldns_buffer_begin(buf),
sldns_buffer_limit(buf));
if(!s) {
log_info("%s: log_dns_msg: ldns tostr failed", str);
} else {
log_info("%s %s", str, s);
}
free(s);
}
sldns_buffer_free(buf);
regional_destroy(region);
}
/** see if buffers contain the same packet */
static int
test_buffers(sldns_buffer* pkt, sldns_buffer* out)
{
/* check binary same */
if(sldns_buffer_limit(pkt) == sldns_buffer_limit(out) &&
memcmp(sldns_buffer_begin(pkt), sldns_buffer_begin(out),
sldns_buffer_limit(pkt)) == 0) {
if(vbmp) printf("binary the same (length=%u)\n",
(unsigned)sldns_buffer_limit(pkt));
return 1;
}
if(vbmp) {
size_t sz = 16;
size_t count;
size_t lim = sldns_buffer_limit(out);
if(sldns_buffer_limit(pkt) < lim)
lim = sldns_buffer_limit(pkt);
for(count=0; count<lim; count+=sz) {
size_t rem = sz;
if(lim-count < sz) rem = lim-count;
if(memcmp(sldns_buffer_at(pkt, count),
sldns_buffer_at(out, count), rem) == 0) {
log_info("same %d %d", (int)count, (int)rem);
log_hex("same: ", sldns_buffer_at(pkt, count),
rem);
} else {
log_info("diff %d %d", (int)count, (int)rem);
log_hex("difp: ", sldns_buffer_at(pkt, count),
rem);
log_hex("difo: ", sldns_buffer_at(out, count),
rem);
}
}
}
/* check if it 'means the same' */
if(vbmp) {
char* s1, *s2;
log_buf(0, "orig in hex", pkt);
log_buf(0, "unbound out in hex", out);
printf("\npacket from unbound (%d):\n",
(int)sldns_buffer_limit(out));
s1 = sldns_wire2str_pkt(sldns_buffer_begin(out),
sldns_buffer_limit(out));
printf("%s\n", s1?s1:"null");
free(s1);
printf("\npacket original (%d):\n",
(int)sldns_buffer_limit(pkt));
s2 = sldns_wire2str_pkt(sldns_buffer_begin(pkt),
sldns_buffer_limit(pkt));
printf("%s\n", s2?s2:"null");
free(s2);
printf("\n");
}
/* if it had two EDNS sections, skip comparison */
if(1) {
char* s = sldns_wire2str_pkt(sldns_buffer_begin(pkt),
sldns_buffer_limit(pkt));
char* e1 = strstr(s, "; EDNS:");
if(e1 && strstr(e1+4, "; EDNS:")) {
free(s);
return 0;
}
free(s);
}
/* compare packets */
unit_assert(match_all(sldns_buffer_begin(pkt), sldns_buffer_limit(pkt),
sldns_buffer_begin(out), sldns_buffer_limit(out), 1,
matches_nolocation));
return 0;
}
/** pretty line of output for results */
static void
pretty_output(char* q, int t, int c, struct ub_result* result, int docname)
{
int i;
const char *secstatus = secure_str(result);
char tstr[16];
char cstr[16];
char rcodestr[16];
pretty_type(tstr, 16, t);
pretty_class(cstr, 16, c);
pretty_rcode(rcodestr, 16, result->rcode);
if(!result->havedata && result->rcode) {
printf("Host %s not found: %d(%s).",
q, result->rcode, rcodestr);
if(verb > 0)
printf(" %s", secstatus);
printf("\n");
if(result->bogus && result->why_bogus)
printf("%s\n", result->why_bogus);
return;
}
if(docname && result->canonname &&
result->canonname != result->qname) {
printf("%s is an alias for %s", result->qname,
result->canonname);
if(verb > 0)
printf(" %s", secstatus);
printf("\n");
}
/* remove trailing . from long canonnames for nicer output */
if(result->canonname && strlen(result->canonname) > 1 &&
result->canonname[strlen(result->canonname)-1] == '.')
result->canonname[strlen(result->canonname)-1] = 0;
if(!result->havedata) {
if(verb > 0) {
printf("%s", result->canonname?result->canonname:q);
if(strcmp(cstr, "IN") != 0)
printf(" in class %s", cstr);
if(t == LDNS_RR_TYPE_A)
printf(" has no address");
else if(t == LDNS_RR_TYPE_AAAA)
printf(" has no IPv6 address");
else if(t == LDNS_RR_TYPE_PTR)
printf(" has no domain name ptr");
else if(t == LDNS_RR_TYPE_MX)
printf(" has no mail handler record");
else if(t == LDNS_RR_TYPE_ANY) {
char* s = sldns_wire2str_pkt(
result->answer_packet,
(size_t)result->answer_len);
if(!s) {
fprintf(stderr, "alloc failure\n");
exit(1);
}
printf("%s\n", s);
} else printf(" has no %s record", tstr);
printf(" %s\n", secstatus);
}
/* else: emptiness to indicate no data */
if(result->bogus && result->why_bogus)
printf("%s\n", result->why_bogus);
return;
}
i=0;
while(result->data[i])
{
pretty_rdata(
result->canonname?result->canonname:q,
cstr, tstr, t, secstatus, result->data[i],
(size_t)result->len[i]);
i++;
}
if(result->bogus && result->why_bogus)
printf("%s\n", result->why_bogus);
}
/** receive DNS datagram over TCP and print it */
static void
recv_one(int fd, int udp, SSL* ssl, sldns_buffer* buf)
{
char* pktstr;
uint16_t len;
if(!udp) {
if(ssl) {
if(SSL_read(ssl, (void*)&len, (int)sizeof(len)) <= 0) {
log_crypto_err("could not SSL_read");
exit(1);
}
} else {
if(recv(fd, (void*)&len, sizeof(len), 0) <
(ssize_t)sizeof(len)) {
#ifndef USE_WINSOCK
perror("read() len failed");
#else
printf("read len: %s\n",
wsa_strerror(WSAGetLastError()));
#endif
exit(1);
}
}
len = ntohs(len);
sldns_buffer_clear(buf);
sldns_buffer_set_limit(buf, len);
if(ssl) {
int r = SSL_read(ssl, (void*)sldns_buffer_begin(buf),
(int)len);
if(r <= 0) {
log_crypto_err("could not SSL_read");
exit(1);
}
if(r != (int)len)
fatal_exit("ssl_read %d of %d", r, len);
} else {
if(recv(fd, (void*)sldns_buffer_begin(buf), len, 0) <
(ssize_t)len) {
#ifndef USE_WINSOCK
perror("read() data failed");
#else
printf("read data: %s\n",
wsa_strerror(WSAGetLastError()));
#endif
exit(1);
}
}
} else {
ssize_t l;
sldns_buffer_clear(buf);
if((l=recv(fd, (void*)sldns_buffer_begin(buf),
sldns_buffer_capacity(buf), 0)) < 0) {
#ifndef USE_WINSOCK
perror("read() data failed");
#else
printf("read data: %s\n",
wsa_strerror(WSAGetLastError()));
#endif
exit(1);
}
sldns_buffer_set_limit(buf, (size_t)l);
len = (size_t)l;
}
printf("\nnext received packet\n");
log_buf(0, "data", buf);
pktstr = sldns_wire2str_pkt(sldns_buffer_begin(buf), len);
printf("%s", pktstr);
free(pktstr);
}
