/** verify and test an entry - every rr in the message */ static void verifytest_entry(struct entry* e, struct alloc_cache* alloc, struct regional* region, sldns_buffer* pkt, struct ub_packed_rrset_key* dnskey, struct module_env* env, struct val_env* ve) { struct query_info qinfo; struct reply_info* rep = NULL; size_t i; regional_free_all(region); if(vsig) { char* s = sldns_wire2str_pkt(e->reply_list->reply_pkt, e->reply_list->reply_len); printf("verifying pkt:\n%s\n", s?s:"outofmemory"); free(s); } entry_to_repinfo(e, alloc, region, pkt, &qinfo, &rep); for(i=0; i<rep->rrset_count; i++) { verifytest_rrset(env, ve, rep->rrsets[i], dnskey, &qinfo); } reply_info_parsedelete(rep, alloc); query_info_clear(&qinfo); }
/** helper function that logs a sldns_pkt packet to logfile */ static void log_pkt(const char* desc, uint8_t* pkt, size_t len) { char* str = sldns_wire2str_pkt(pkt, len); if(!str) fatal_exit("%s: (failed out of memory wire2str_pkt)", desc); else { log_info("%s%s", desc, str); free(str); } }
/** check if unbound formerr equals ldns formerr */ static void checkformerr(sldns_buffer* pkt) { int status = 0; char* s = sldns_wire2str_pkt(sldns_buffer_begin(pkt), sldns_buffer_limit(pkt)); if(!s) fatal_exit("out of memory"); if(strstr(s, "Error")) status = 1; if(strstr(s, "error")) status = 1; if(status == 0) { printf("Formerr, but ldns gives packet:\n"); printf("%s\n", s); free(s); exit(1); } free(s); unit_assert(status != 0); }
/** Test hash algo - NSEC3 hash it and compare result */ static void nsec3_hash_test_entry(struct entry* e, rbtree_type* ct, struct alloc_cache* alloc, struct regional* region, sldns_buffer* buf) { struct query_info qinfo; struct reply_info* rep = NULL; struct ub_packed_rrset_key* answer, *nsec3; struct nsec3_cached_hash* hash = NULL; int ret; uint8_t* qname; if(vsig) { char* s = sldns_wire2str_pkt(e->reply_list->reply_pkt, e->reply_list->reply_len); printf("verifying NSEC3 hash:\n%s\n", s?s:"outofmemory"); free(s); } entry_to_repinfo(e, alloc, region, buf, &qinfo, &rep); nsec3 = find_rrset_type(rep, LDNS_RR_TYPE_NSEC3); answer = find_rrset_type(rep, LDNS_RR_TYPE_AAAA); qname = regional_alloc_init(region, qinfo.qname, qinfo.qname_len); /* check test is OK */ unit_assert(nsec3 && answer && qname); ret = nsec3_hash_name(ct, region, buf, nsec3, 0, qname, qinfo.qname_len, &hash); if(ret != 1) { printf("Bad nsec3_hash_name retcode %d\n", ret); unit_assert(ret == 1); } unit_assert(hash->dname && hash->hash && hash->hash_len && hash->b32 && hash->b32_len); unit_assert(hash->b32_len == (size_t)answer->rk.dname[0]); /* does not do lowercasing. */ unit_assert(memcmp(hash->b32, answer->rk.dname+1, hash->b32_len) == 0); reply_info_parsedelete(rep, alloc); query_info_clear(&qinfo); }
/** DS sig test an entry - get DNSKEY and DS in entry and verify */ static void dstest_entry(struct entry* e, struct alloc_cache* alloc, struct regional* region, sldns_buffer* pkt, struct module_env* env) { struct query_info qinfo; struct reply_info* rep = NULL; struct ub_packed_rrset_key* ds, *dnskey; int ret; regional_free_all(region); if(vsig) { char* s = sldns_wire2str_pkt(e->reply_list->reply_pkt, e->reply_list->reply_len); printf("verifying DS-DNSKEY match:\n%s\n", s?s:"outofmemory"); free(s); } entry_to_repinfo(e, alloc, region, pkt, &qinfo, &rep); ds = find_rrset_type(rep, LDNS_RR_TYPE_DS); dnskey = find_rrset_type(rep, LDNS_RR_TYPE_DNSKEY); /* check test is OK */ unit_assert(ds && dnskey); ret = ds_digest_match_dnskey(env, dnskey, 0, ds, 0); if(strncmp((char*)qinfo.qname, "\003yes", 4) == 0) { if(vsig) { printf("result(yes)= %s\n", ret?"yes":"no"); } unit_assert(ret); } else if (strncmp((char*)qinfo.qname, "\002no", 3) == 0) { if(vsig) { printf("result(no)= %s\n", ret?"yes":"no"); } unit_assert(!ret); verbose(VERB_QUERY, "DS fail: OK; matched unit test"); } else { fatal_exit("Bad qname in DS unit test, yes or no"); } reply_info_parsedelete(rep, alloc); query_info_clear(&qinfo); }
void log_dns_msg(const char* str, struct query_info* qinfo, struct reply_info* rep) { /* not particularly fast but flexible, make wireformat and print */ sldns_buffer* buf = sldns_buffer_new(65535); struct regional* region = regional_create(); if(!reply_info_encode(qinfo, rep, 0, rep->flags, buf, 0, region, 65535, 1)) { log_info("%s: log_dns_msg: out of memory", str); } else { char* s = sldns_wire2str_pkt(sldns_buffer_begin(buf), sldns_buffer_limit(buf)); if(!s) { log_info("%s: log_dns_msg: ldns tostr failed", str); } else { log_info("%s %s", str, s); } free(s); } sldns_buffer_free(buf); regional_destroy(region); }
/** see if buffers contain the same packet */ static int test_buffers(sldns_buffer* pkt, sldns_buffer* out) { /* check binary same */ if(sldns_buffer_limit(pkt) == sldns_buffer_limit(out) && memcmp(sldns_buffer_begin(pkt), sldns_buffer_begin(out), sldns_buffer_limit(pkt)) == 0) { if(vbmp) printf("binary the same (length=%u)\n", (unsigned)sldns_buffer_limit(pkt)); return 1; } if(vbmp) { size_t sz = 16; size_t count; size_t lim = sldns_buffer_limit(out); if(sldns_buffer_limit(pkt) < lim) lim = sldns_buffer_limit(pkt); for(count=0; count<lim; count+=sz) { size_t rem = sz; if(lim-count < sz) rem = lim-count; if(memcmp(sldns_buffer_at(pkt, count), sldns_buffer_at(out, count), rem) == 0) { log_info("same %d %d", (int)count, (int)rem); log_hex("same: ", sldns_buffer_at(pkt, count), rem); } else { log_info("diff %d %d", (int)count, (int)rem); log_hex("difp: ", sldns_buffer_at(pkt, count), rem); log_hex("difo: ", sldns_buffer_at(out, count), rem); } } } /* check if it 'means the same' */ if(vbmp) { char* s1, *s2; log_buf(0, "orig in hex", pkt); log_buf(0, "unbound out in hex", out); printf("\npacket from unbound (%d):\n", (int)sldns_buffer_limit(out)); s1 = sldns_wire2str_pkt(sldns_buffer_begin(out), sldns_buffer_limit(out)); printf("%s\n", s1?s1:"null"); free(s1); printf("\npacket original (%d):\n", (int)sldns_buffer_limit(pkt)); s2 = sldns_wire2str_pkt(sldns_buffer_begin(pkt), sldns_buffer_limit(pkt)); printf("%s\n", s2?s2:"null"); free(s2); printf("\n"); } /* if it had two EDNS sections, skip comparison */ if(1) { char* s = sldns_wire2str_pkt(sldns_buffer_begin(pkt), sldns_buffer_limit(pkt)); char* e1 = strstr(s, "; EDNS:"); if(e1 && strstr(e1+4, "; EDNS:")) { free(s); return 0; } free(s); } /* compare packets */ unit_assert(match_all(sldns_buffer_begin(pkt), sldns_buffer_limit(pkt), sldns_buffer_begin(out), sldns_buffer_limit(out), 1, matches_nolocation)); return 0; }
/** pretty line of output for results */ static void pretty_output(char* q, int t, int c, struct ub_result* result, int docname) { int i; const char *secstatus = secure_str(result); char tstr[16]; char cstr[16]; char rcodestr[16]; pretty_type(tstr, 16, t); pretty_class(cstr, 16, c); pretty_rcode(rcodestr, 16, result->rcode); if(!result->havedata && result->rcode) { printf("Host %s not found: %d(%s).", q, result->rcode, rcodestr); if(verb > 0) printf(" %s", secstatus); printf("\n"); if(result->bogus && result->why_bogus) printf("%s\n", result->why_bogus); return; } if(docname && result->canonname && result->canonname != result->qname) { printf("%s is an alias for %s", result->qname, result->canonname); if(verb > 0) printf(" %s", secstatus); printf("\n"); } /* remove trailing . from long canonnames for nicer output */ if(result->canonname && strlen(result->canonname) > 1 && result->canonname[strlen(result->canonname)-1] == '.') result->canonname[strlen(result->canonname)-1] = 0; if(!result->havedata) { if(verb > 0) { printf("%s", result->canonname?result->canonname:q); if(strcmp(cstr, "IN") != 0) printf(" in class %s", cstr); if(t == LDNS_RR_TYPE_A) printf(" has no address"); else if(t == LDNS_RR_TYPE_AAAA) printf(" has no IPv6 address"); else if(t == LDNS_RR_TYPE_PTR) printf(" has no domain name ptr"); else if(t == LDNS_RR_TYPE_MX) printf(" has no mail handler record"); else if(t == LDNS_RR_TYPE_ANY) { char* s = sldns_wire2str_pkt( result->answer_packet, (size_t)result->answer_len); if(!s) { fprintf(stderr, "alloc failure\n"); exit(1); } printf("%s\n", s); } else printf(" has no %s record", tstr); printf(" %s\n", secstatus); } /* else: emptiness to indicate no data */ if(result->bogus && result->why_bogus) printf("%s\n", result->why_bogus); return; } i=0; while(result->data[i]) { pretty_rdata( result->canonname?result->canonname:q, cstr, tstr, t, secstatus, result->data[i], (size_t)result->len[i]); i++; } if(result->bogus && result->why_bogus) printf("%s\n", result->why_bogus); }
/** receive DNS datagram over TCP and print it */ static void recv_one(int fd, int udp, SSL* ssl, sldns_buffer* buf) { char* pktstr; uint16_t len; if(!udp) { if(ssl) { if(SSL_read(ssl, (void*)&len, (int)sizeof(len)) <= 0) { log_crypto_err("could not SSL_read"); exit(1); } } else { if(recv(fd, (void*)&len, sizeof(len), 0) < (ssize_t)sizeof(len)) { #ifndef USE_WINSOCK perror("read() len failed"); #else printf("read len: %s\n", wsa_strerror(WSAGetLastError())); #endif exit(1); } } len = ntohs(len); sldns_buffer_clear(buf); sldns_buffer_set_limit(buf, len); if(ssl) { int r = SSL_read(ssl, (void*)sldns_buffer_begin(buf), (int)len); if(r <= 0) { log_crypto_err("could not SSL_read"); exit(1); } if(r != (int)len) fatal_exit("ssl_read %d of %d", r, len); } else { if(recv(fd, (void*)sldns_buffer_begin(buf), len, 0) < (ssize_t)len) { #ifndef USE_WINSOCK perror("read() data failed"); #else printf("read data: %s\n", wsa_strerror(WSAGetLastError())); #endif exit(1); } } } else { ssize_t l; sldns_buffer_clear(buf); if((l=recv(fd, (void*)sldns_buffer_begin(buf), sldns_buffer_capacity(buf), 0)) < 0) { #ifndef USE_WINSOCK perror("read() data failed"); #else printf("read data: %s\n", wsa_strerror(WSAGetLastError())); #endif exit(1); } sldns_buffer_set_limit(buf, (size_t)l); len = (size_t)l; } printf("\nnext received packet\n"); log_buf(0, "data", buf); pktstr = sldns_wire2str_pkt(sldns_buffer_begin(buf), len); printf("%s", pktstr); free(pktstr); }