void
attach_edns_record(sldns_buffer* pkt, struct edns_data* edns)
{
size_t len;
size_t rdatapos;
struct edns_option* opt;
if(!edns || !edns->edns_present)
return;
/* inc additional count */
sldns_buffer_write_u16_at(pkt, 10,
sldns_buffer_read_u16_at(pkt, 10) + 1);
len = sldns_buffer_limit(pkt);
sldns_buffer_clear(pkt);
sldns_buffer_set_position(pkt, len);
/* write EDNS record */
sldns_buffer_write_u8(pkt, 0); /* '.' label */
sldns_buffer_write_u16(pkt, LDNS_RR_TYPE_OPT); /* type */
sldns_buffer_write_u16(pkt, edns->udp_size); /* class */
sldns_buffer_write_u8(pkt, edns->ext_rcode); /* ttl */
sldns_buffer_write_u8(pkt, edns->edns_version);
sldns_buffer_write_u16(pkt, edns->bits);
rdatapos = sldns_buffer_position(pkt);
sldns_buffer_write_u16(pkt, 0); /* rdatalen */
/* write rdata */
for(opt=edns->opt_list; opt; opt=opt->next) {
sldns_buffer_write_u16(pkt, opt->opt_code);
sldns_buffer_write_u16(pkt, opt->opt_len);
if(opt->opt_len != 0)
sldns_buffer_write(pkt, opt->opt_data, opt->opt_len);
}
if(edns->opt_list)
sldns_buffer_write_u16_at(pkt, rdatapos,
sldns_buffer_position(pkt)-rdatapos-2);
sldns_buffer_flip(pkt);
}
/** compress a domain name */
static int
write_compressed_dname(sldns_buffer* pkt, uint8_t* dname, int labs,
struct compress_tree_node* p)
{
/* compress it */
int labcopy = labs - p->labs;
uint8_t lablen;
uint16_t ptr;
if(labs == 1) {
/* write root label */
if(sldns_buffer_remaining(pkt) < 1)
return 0;
sldns_buffer_write_u8(pkt, 0);
return 1;
}
/* copy the first couple of labels */
while(labcopy--) {
lablen = *dname++;
if(sldns_buffer_remaining(pkt) < (size_t)lablen+1)
return 0;
sldns_buffer_write_u8(pkt, lablen);
sldns_buffer_write(pkt, dname, lablen);
dname += lablen;
}
/* insert compression ptr */
if(sldns_buffer_remaining(pkt) < 2)
return 0;
ptr = PTR_CREATE(p->offset);
sldns_buffer_write_u16(pkt, ptr);
return 1;
}
/**
* Fill CH class answer into buffer. Keeps query.
* @param pkt: buffer
* @param str: string to put into text record (<255).
* @param edns: edns reply information.
* @param worker: worker with scratch region.
*/
static void
chaos_replystr(sldns_buffer* pkt, const char* str, struct edns_data* edns,
struct worker* worker)
{
size_t len = strlen(str);
unsigned int rd = LDNS_RD_WIRE(sldns_buffer_begin(pkt));
unsigned int cd = LDNS_CD_WIRE(sldns_buffer_begin(pkt));
if(len>255) len=255; /* cap size of TXT record */
sldns_buffer_clear(pkt);
sldns_buffer_skip(pkt, (ssize_t)sizeof(uint16_t)); /* skip id */
sldns_buffer_write_u16(pkt, (uint16_t)(BIT_QR|BIT_RA));
if(rd) LDNS_RD_SET(sldns_buffer_begin(pkt));
if(cd) LDNS_CD_SET(sldns_buffer_begin(pkt));
sldns_buffer_write_u16(pkt, 1); /* qdcount */
sldns_buffer_write_u16(pkt, 1); /* ancount */
sldns_buffer_write_u16(pkt, 0); /* nscount */
sldns_buffer_write_u16(pkt, 0); /* arcount */
(void)query_dname_len(pkt); /* skip qname */
sldns_buffer_skip(pkt, (ssize_t)sizeof(uint16_t)); /* skip qtype */
sldns_buffer_skip(pkt, (ssize_t)sizeof(uint16_t)); /* skip qclass */
sldns_buffer_write_u16(pkt, 0xc00c); /* compr ptr to query */
sldns_buffer_write_u16(pkt, LDNS_RR_TYPE_TXT);
sldns_buffer_write_u16(pkt, LDNS_RR_CLASS_CH);
sldns_buffer_write_u32(pkt, 0); /* TTL */
sldns_buffer_write_u16(pkt, sizeof(uint8_t) + len);
sldns_buffer_write_u8(pkt, len);
sldns_buffer_write(pkt, str, len);
sldns_buffer_flip(pkt);
edns->edns_version = EDNS_ADVERTISED_VERSION;
edns->udp_size = EDNS_ADVERTISED_SIZE;
edns->bits &= EDNS_DO;
if(!edns_opt_inplace_reply(edns, worker->scratchpad))
edns->opt_list = NULL;
attach_edns_record(pkt, edns);
}
int
dname_buffer_write(sldns_buffer* pkt, uint8_t* dname)
{
uint8_t lablen;
if(sldns_buffer_remaining(pkt) < 1)
return 0;
lablen = *dname++;
sldns_buffer_write_u8(pkt, lablen);
while(lablen) {
if(sldns_buffer_remaining(pkt) < (size_t)lablen+1)
return 0;
sldns_buffer_write(pkt, dname, lablen);
dname += lablen;
lablen = *dname++;
sldns_buffer_write_u8(pkt, lablen);
}
return 1;
}
/** setup looped dname and out-of-bounds dname ptr */
static void
dname_setup_bufs(sldns_buffer* loopbuf, sldns_buffer* boundbuf)
{
sldns_buffer_write_u16(loopbuf, 0xd54d); /* id */
sldns_buffer_write_u16(loopbuf, 0x12); /* flags */
sldns_buffer_write_u16(loopbuf, 1); /* qdcount */
sldns_buffer_write_u16(loopbuf, 0); /* ancount */
sldns_buffer_write_u16(loopbuf, 0); /* nscount */
sldns_buffer_write_u16(loopbuf, 0); /* arcount */
sldns_buffer_write_u8(loopbuf, 0xc0); /* PTR back at itself */
sldns_buffer_write_u8(loopbuf, 0x0c);
sldns_buffer_flip(loopbuf);
sldns_buffer_write_u16(boundbuf, 0xd54d); /* id */
sldns_buffer_write_u16(boundbuf, 0x12); /* flags */
sldns_buffer_write_u16(boundbuf, 1); /* qdcount */
sldns_buffer_write_u16(boundbuf, 0); /* ancount */
sldns_buffer_write_u16(boundbuf, 0); /* nscount */
sldns_buffer_write_u16(boundbuf, 0); /* arcount */
sldns_buffer_write_u8(boundbuf, 0x01); /* len=1 */
sldns_buffer_write_u8(boundbuf, (uint8_t)'A'); /* A. label */
sldns_buffer_write_u8(boundbuf, 0xc0); /* PTR out of bounds */
sldns_buffer_write_u8(boundbuf, 0xcc);
sldns_buffer_flip(boundbuf);
}
void
attach_edns_record(sldns_buffer* pkt, struct edns_data* edns)
{
size_t len;
if(!edns || !edns->edns_present)
return;
/* inc additional count */
sldns_buffer_write_u16_at(pkt, 10,
sldns_buffer_read_u16_at(pkt, 10) + 1);
len = sldns_buffer_limit(pkt);
sldns_buffer_clear(pkt);
sldns_buffer_set_position(pkt, len);
/* write EDNS record */
sldns_buffer_write_u8(pkt, 0); /* '.' label */
sldns_buffer_write_u16(pkt, LDNS_RR_TYPE_OPT); /* type */
sldns_buffer_write_u16(pkt, edns->udp_size); /* class */
sldns_buffer_write_u8(pkt, edns->ext_rcode); /* ttl */
sldns_buffer_write_u8(pkt, edns->edns_version);
sldns_buffer_write_u16(pkt, edns->bits);
sldns_buffer_write_u16(pkt, 0); /* rdatalen */
sldns_buffer_flip(pkt);
}
/** compress owner name of RR, return RETVAL_OUTMEM RETVAL_TRUNC */
static int
compress_owner(struct ub_packed_rrset_key* key, sldns_buffer* pkt,
struct regional* region, struct compress_tree_node** tree,
size_t owner_pos, uint16_t* owner_ptr, int owner_labs)
{
struct compress_tree_node* p;
struct compress_tree_node** insertpt = NULL;
if(!*owner_ptr) {
/* compress first time dname */
if((p = compress_tree_lookup(tree, key->rk.dname,
owner_labs, &insertpt))) {
if(p->labs == owner_labs)
/* avoid ptr chains, since some software is
* not capable of decoding ptr after a ptr. */
*owner_ptr = htons(PTR_CREATE(p->offset));
if(!write_compressed_dname(pkt, key->rk.dname,
owner_labs, p))
return RETVAL_TRUNC;
/* check if typeclass+4 ttl + rdatalen is available */
if(sldns_buffer_remaining(pkt) < 4+4+2)
return RETVAL_TRUNC;
} else {
/* no compress */
if(sldns_buffer_remaining(pkt) < key->rk.dname_len+4+4+2)
return RETVAL_TRUNC;
sldns_buffer_write(pkt, key->rk.dname,
key->rk.dname_len);
if(owner_pos <= PTR_MAX_OFFSET)
*owner_ptr = htons(PTR_CREATE(owner_pos));
}
if(!compress_tree_store(key->rk.dname, owner_labs,
owner_pos, region, p, insertpt))
return RETVAL_OUTMEM;
} else {
/* always compress 2nd-further RRs in RRset */
if(owner_labs == 1) {
if(sldns_buffer_remaining(pkt) < 1+4+4+2)
return RETVAL_TRUNC;
sldns_buffer_write_u8(pkt, 0);
} else {
if(sldns_buffer_remaining(pkt) < 2+4+4+2)
return RETVAL_TRUNC;
sldns_buffer_write(pkt, owner_ptr, 2);
}
}
return RETVAL_OK;
}
/* takes a hex string and puts into buffer */
void hex_to_buf(sldns_buffer* pkt, const char* hex)
{
const char* p = hex;
int val;
sldns_buffer_clear(pkt);
while(*p) {
skip_whites(&p);
if(sldns_buffer_position(pkt) == sldns_buffer_limit(pkt))
fatal_exit("hex_to_buf: buffer too small");
if(!isalnum((unsigned char)*p))
break;
val = sldns_hexdigit_to_int(*p++) << 4;
skip_whites(&p);
log_assert(*p && isalnum((unsigned char)*p));
val |= sldns_hexdigit_to_int(*p++);
sldns_buffer_write_u8(pkt, (uint8_t)val);
skip_whites(&p);
}
sldns_buffer_flip(pkt);
}
/** skip through file to { or ; */
static int
skip_to_special(FILE* in, sldns_buffer* buf, int* line, int spec)
{
int rdlen;
sldns_buffer_clear(buf);
while((rdlen=readkeyword_bindfile(in, buf, line, 1))) {
if(rdlen == 1 && isspace((unsigned char)*sldns_buffer_begin(buf))) {
sldns_buffer_clear(buf);
continue;
}
if(rdlen != 1 || *sldns_buffer_begin(buf) != (uint8_t)spec) {
sldns_buffer_write_u8(buf, 0);
log_err("trusted-keys, line %d, expected %c",
*line, spec);
return 0;
}
return 1;
}
log_err("trusted-keys, line %d, expected %c got EOF", *line, spec);
return 0;
}
/**
* read contents of trusted-keys{ ... ; clauses and insert keys into storage.
* @param anchors: where to store keys
* @param buf: buffer to use
* @param line: line number in file
* @param in: file to read from.
* @return 0 on error.
*/
static int
process_bind_contents(struct val_anchors* anchors, sldns_buffer* buf,
int* line, FILE* in)
{
/* loop over contents, collate strings before ; */
/* contents is (numbered): 0 1 2 3 4 5 6 7 8 */
/* name. 257 3 5 base64 base64 */
/* quoted value: 0 "111" 0 0 0 0 0 0 0 */
/* comments value: 1 "000" 1 1 1 "0 0 0 0" 1 */
int contnum = 0;
int quoted = 0;
int comments = 1;
int rdlen;
char* str = 0;
sldns_buffer_clear(buf);
while((rdlen=readkeyword_bindfile(in, buf, line, comments))) {
if(rdlen == 1 && sldns_buffer_position(buf) == 1
&& isspace((unsigned char)*sldns_buffer_begin(buf))) {
/* starting whitespace is removed */
sldns_buffer_clear(buf);
continue;
} else if(rdlen == 1 && sldns_buffer_current(buf)[-1] == '"') {
/* remove " from the string */
if(contnum == 0) {
quoted = 1;
comments = 0;
}
sldns_buffer_skip(buf, -1);
if(contnum > 0 && quoted) {
if(sldns_buffer_remaining(buf) < 8+1) {
log_err("line %d, too long", *line);
return 0;
}
sldns_buffer_write(buf, " DNSKEY ", 8);
quoted = 0;
comments = 1;
} else if(contnum > 0)
comments = !comments;
continue;
} else if(rdlen == 1 && sldns_buffer_current(buf)[-1] == ';') {
if(contnum < 5) {
sldns_buffer_write_u8(buf, 0);
log_err("line %d, bad key", *line);
return 0;
}
sldns_buffer_skip(buf, -1);
sldns_buffer_write_u8(buf, 0);
str = strdup((char*)sldns_buffer_begin(buf));
if(!str) {
log_err("line %d, allocation failure", *line);
return 0;
}
if(!anchor_store_str(anchors, buf, str)) {
log_err("line %d, bad key", *line);
free(str);
return 0;
}
free(str);
sldns_buffer_clear(buf);
contnum = 0;
quoted = 0;
comments = 1;
continue;
} else if(rdlen == 1 && sldns_buffer_current(buf)[-1] == '}') {
if(contnum > 0) {
sldns_buffer_write_u8(buf, 0);
log_err("line %d, bad key before }", *line);
return 0;
}
return 1;
} else if(rdlen == 1 &&
isspace((unsigned char)sldns_buffer_current(buf)[-1])) {
/* leave whitespace here */
} else {
/* not space or whatnot, so actual content */
contnum ++;
if(contnum == 1 && !quoted) {
if(sldns_buffer_remaining(buf) < 8+1) {
log_err("line %d, too long", *line);
return 0;
}
sldns_buffer_write(buf, " DNSKEY ", 8);
}
}
}
log_err("line %d, EOF before }", *line);
return 0;
}
/**
* Read a keyword skipping bind comments; spaces, specials, restkeywords.
* The file is split into the following tokens:
* * special characters, on their own, rdlen=1, { } doublequote ;
* * whitespace becomes a single ' ' or tab. Newlines become spaces.
* * other words ('keywords')
* * comments are skipped if desired
* / / C++ style comment to end of line
* # to end of line
* / * C style comment * /
* @param in: file to read from.
* @param buf: buffer, what is read is stored after current buffer position.
* Space is left in the buffer to write a terminating 0.
* @param line: line number is increased per line, for error reports.
* @param comments: if 0, comments are not possible and become text.
* if 1, comments are skipped entirely.
* In BIND files, this is when reading quoted strings, for example
* " base 64 text with / / in there "
* @return the number of character written to the buffer.
* 0 on end of file.
*/
static int
readkeyword_bindfile(FILE* in, sldns_buffer* buf, int* line, int comments)
{
int c;
int numdone = 0;
while((c = getc(in)) != EOF ) {
if(comments && c == '#') { /* # blabla */
skip_to_eol(in);
(*line)++;
continue;
} else if(comments && c=='/' && numdone>0 && /* /_/ bla*/
sldns_buffer_read_u8_at(buf,
sldns_buffer_position(buf)-1) == '/') {
sldns_buffer_skip(buf, -1);
numdone--;
skip_to_eol(in);
(*line)++;
continue;
} else if(comments && c=='*' && numdone>0 && /* /_* bla *_/ */
sldns_buffer_read_u8_at(buf,
sldns_buffer_position(buf)-1) == '/') {
sldns_buffer_skip(buf, -1);
numdone--;
/* skip to end of comment */
while(c != EOF && (c=getc(in)) != EOF ) {
if(c == '*') {
if((c=getc(in)) == '/')
break;
}
if(c == '\n')
(*line)++;
}
continue;
}
/* not a comment, complete the keyword */
if(numdone > 0) {
/* check same type */
if(isspace((unsigned char)c)) {
ungetc(c, in);
return numdone;
}
if(is_bind_special(c)) {
ungetc(c, in);
return numdone;
}
}
if(c == '\n') {
c = ' ';
(*line)++;
}
/* space for 1 char + 0 string terminator */
if(sldns_buffer_remaining(buf) < 2) {
fatal_exit("trusted-keys, %d, string too long", *line);
}
sldns_buffer_write_u8(buf, (uint8_t)c);
numdone++;
if(isspace((unsigned char)c)) {
/* collate whitespace into ' ' */
while((c = getc(in)) != EOF ) {
if(c == '\n')
(*line)++;
if(!isspace((unsigned char)c)) {
ungetc(c, in);
break;
}
}
return numdone;
}
if(is_bind_special(c))
return numdone;
}
return numdone;
}
