X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?a=blobdiff_plain;f=src%2Ftypes.c;h=ff3691b5c103250eb5ec5c5ea835d6ceedc36024;hb=e4007092f843cf382791448bcb839ff13c13c535;hp=3708ad5686834e12ea04418cc58188ccfed055c4;hpb=2248cdf4943441c9a98e8ee1611d92926a1f6e66;p=adns.git diff --git a/src/types.c b/src/types.c index 3708ad5..ff3691b 100644 --- a/src/types.c +++ b/src/types.c @@ -3,12 +3,11 @@ * - RR-type-specific code, and the machinery to call it */ /* - * This file is - * Copyright (C) 1997-1999 Ian Jackson - * - * It is part of adns, which is - * Copyright (C) 1997-2000 Ian Jackson - * Copyright (C) 1999-2000 Tony Finch + * This file is part of adns, which is + * Copyright (C) 1997-2000,2003,2006 Ian Jackson + * Copyright (C) 1999-2000,2003,2006 Tony Finch + * Copyright (C) 1991 Massachusetts Institute of Technology + * (See the file INSTALL for full details.) * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -25,12 +24,14 @@ * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ +#include #include #include #include #include #include +#include #include "internal.h" @@ -48,8 +49,10 @@ * _intstr (mf,csp,cs) * _manyistr (mf,cs) * _txt (pa) - * _inaddr (pa,dip,di) - * _addr (pa,di,csp,cs) + * _inaddr (pa,cs,di, +search_sortlist, dip_genaddr) + * _in6addr (pa,cs,di) + * _addr (pap,pa,di,csp,cs,gsz,qs, +search_sortlist_sa, + * dip_sockaddr, rrtypes) * _domain (pap) * _host_raw (pa) * _hostaddr (pap,pa,dip,di,mfp,mf,csp,cs +pap_findaddrs) @@ -63,11 +66,13 @@ * _mailbox (pap +pap_mailbox822) * _rp (pa) * _soa (pa,mf,cs) - * _srv* (qdpl,(pap),pa,mf,di,(csp),cs,postsort) + * _srv* (ckl,(pap),pa,mf,di,(csp),cs,postsort) + * _byteblock (mf) + * _opaque (pa,cs) * _flat (mf) * * within each section: - * qdpl_* + * ckl_* * pap_* * pa_* * dip_* @@ -238,7 +243,7 @@ static adns_status cs_hinfo(vbuf *vb, const void *datap) { } /* - * _inaddr (pa,dip,di) + * _inaddr (pa,di,cs +search_sortlist, dip_genaddr) */ static adns_status pa_inaddr(const parseinfo *pai, int cbyte, @@ -250,32 +255,47 @@ static adns_status pa_inaddr(const parseinfo *pai, int cbyte, return adns_s_ok; } -static int search_sortlist(adns_state ads, struct in_addr ad) { +static int search_sortlist(adns_state ads, int af, const void *ad) { const struct sortlist *slp; + const struct in6_addr *a6; + union gen_addr a; int i; - + int v6mappedp = 0; + + if (af == AF_INET6) { + a6 = ad; + if (IN6_IS_ADDR_V4MAPPED(a6)) { + a.v4.s_addr = htonl(((unsigned long)a6->s6_addr[12] << 24) | + ((unsigned long)a6->s6_addr[13] << 16) | + ((unsigned long)a6->s6_addr[14] << 8) | + ((unsigned long)a6->s6_addr[15] << 0)); + v6mappedp = 1; + } + } + for (i=0, slp=ads->sortlist; insortlist && - !((ad.s_addr & slp->mask.s_addr) == slp->base.s_addr); + !(af == slp->ai->af && + slp->ai->matchp(ad, &slp->base, &slp->mask)) && + !(v6mappedp && slp->ai->af == AF_INET && + slp->ai->matchp(&a, &slp->base, &slp->mask)); i++, slp++); return i; } -static int dip_inaddr(adns_state ads, struct in_addr a, struct in_addr b) { +static int dip_genaddr(adns_state ads, int af, const void *a, const void *b) { int ai, bi; if (!ads->nsortlist) return 0; - ai= search_sortlist(ads,a); - bi= search_sortlist(ads,b); + ai= search_sortlist(ads,af,a); + bi= search_sortlist(ads,af,b); return bis6_addr, pai->dgram + cbyte, 16); + return adns_s_ok; +} + +static int di_in6addr(adns_state ads, + const void *datap_a, const void *datap_b) { + return dip_genaddr(ads,AF_INET6,datap_a,datap_b); +} + +static adns_status cs_in6addr(vbuf *vb, const void *datap) { + char buf[INET6_ADDRSTRLEN]; + const char *ia; + + ia= inet_ntop(AF_INET6, datap, buf, sizeof(buf)); assert(ia); + CSP_ADDSTR(ia); + return adns_s_ok; +} + +/* + * _addr (pap,pa,di,csp,cs,gsz,qs, +search_sortlist_sa, dip_sockaddr, + * addr_rrtypes) + */ + +static const typeinfo tinfo_addrsub; + +#define ADDR_RRTYPES(_) _(a) _(aaaa) + +static const adns_rrtype addr_all_rrtypes[] = { +#define RRTY_CODE(ty) adns_r_##ty, + ADDR_RRTYPES(RRTY_CODE) +#undef RRTY_CODE +}; + +enum { +#define RRTY_INDEX(ty) addr__ri_##ty, + ADDR_RRTYPES(RRTY_INDEX) +#undef RRTY_INDEX + addr_nrrtypes, +#define RRTY_FLAG(ty) addr_rf_##ty = 1 << addr__ri_##ty, + ADDR_RRTYPES(RRTY_FLAG) + addr__rrty_hunoz +#undef RRTY_FLAG +}; + +static unsigned addr_rrtypeflag(adns_rrtype type) +{ + int i; + + type &= adns_rrt_typemask; + for (i = 0; i < addr_nrrtypes && type != addr_all_rrtypes[i]; i++); + assert(i < addr_nrrtypes); + return 1 << i; +} + +/* About CNAME handling in addr queries. + * + * A user-level addr query is translated into a number of protocol-level + * queries, and its job is to reassemble the results. This gets tricky if + * the answers aren't consistent. In particular, if the answers report + * inconsistent indirection via CNAME records (e.g., different CNAMEs, or + * some indirect via a CNAME, and some don't) then we have trouble. + * + * Once we've received an answer, even if it was NODATA, we set + * adns__qf_addr_answer on the parent query. This will let us detect a + * conflict between a no-CNAME-with-NODATA reply and a subsequent CNAME. + * + * If we detect a conflict of any kind, then at least one answer came back + * with a CNAME record, so we pick the first such answer (somewhat + * arbitrarily) as being the `right' canonical name, and set this in the + * parent query's answer->cname slot. We discard address records from the + * wrong name. And finally we cancel the outstanding child queries, and + * resubmit address queries for the address families we don't yet have, with + * adns__qf_addr_cname set so that we know that we're in the fixup state. + */ + +static adns_status pap_addr(const parseinfo *pai, int rrty, size_t rrsz, + int *cbyte_io, int max, adns_rr_addr *storeto) +{ const byte *dgram= pai->dgram; + int af, addrlen, salen; + struct in6_addr v6map; + const void *oaddr = dgram + *cbyte_io; + int avail = max - *cbyte_io; + int step = -1; + void *addrp = 0; + + switch (rrty) { + case adns_r_a: + if (pai->qu->flags & adns_qf_domapv4) { + if (avail < 4) return adns_s_invaliddata; + memset(v6map.s6_addr + 0, 0x00, 10); + memset(v6map.s6_addr + 10, 0xff, 2); + memcpy(v6map.s6_addr + 12, oaddr, 4); + oaddr = v6map.s6_addr; avail = sizeof(v6map.s6_addr); + if (step < 0) step = 4; + goto aaaa; + } + af = AF_INET; addrlen = 4; + addrp = &storeto->addr.inet.sin_addr; + salen = sizeof(storeto->addr.inet); + break; + case adns_r_aaaa: + aaaa: + af = AF_INET6; addrlen = 16; + addrp = storeto->addr.inet6.sin6_addr.s6_addr; + salen = sizeof(storeto->addr.inet6); + break; + } + assert(addrp); - if (max-cbyte != 4) return adns_s_invaliddata; - storeto->len= sizeof(storeto->addr.inet); - memset(&storeto->addr,0,sizeof(storeto->addr.inet)); - storeto->addr.inet.sin_family= AF_INET; - memcpy(&storeto->addr.inet.sin_addr,dgram+cbyte,4); + assert(offsetof(adns_rr_addr, addr) + salen <= rrsz); + if (addrlen < avail) return adns_s_invaliddata; + if (step < 0) step = addrlen; + *cbyte_io += step; + memset(&storeto->addr, 0, salen); + storeto->len = salen; + storeto->addr.sa.sa_family = af; + memcpy(addrp, oaddr, addrlen); + + return adns_s_ok; +} + +static adns_status pa_addr(const parseinfo *pai, int cbyte, + int max, void *datap) { + int err = pap_addr(pai, pai->qu->answer->type & adns_rrt_typemask, + pai->qu->answer->rrsz, &cbyte, max, datap); + if (err) return err; + if (cbyte != max) return adns_s_invaliddata; return adns_s_ok; } +static int search_sortlist_sa(adns_state ads, const struct sockaddr *sa) +{ + const afinfo *ai = 0; + + switch (sa->sa_family) { + case AF_INET: ai = &adns__inet_afinfo; break; + case AF_INET6: ai = &adns__inet6_afinfo; break; + } + assert(ai); + + return search_sortlist(ads, sa->sa_family, ai->sockaddr_to_inaddr(sa)); +} + +static int dip_sockaddr(adns_state ads, + const struct sockaddr *sa, + const struct sockaddr *sb) +{ + if (!ads->sortlist) return 0; + return search_sortlist_sa(ads, sa) > search_sortlist_sa(ads, sb); +} + static int di_addr(adns_state ads, const void *datap_a, const void *datap_b) { const adns_rr_addr *ap= datap_a, *bp= datap_b; - assert(ap->addr.sa.sa_family == AF_INET); - return dip_inaddr(ads, ap->addr.inet.sin_addr, bp->addr.inet.sin_addr); + return dip_sockaddr(ads, &ap->addr.sa, &bp->addr.sa); } static int div_addr(void *context, const void *datap_a, const void *datap_b) { @@ -318,14 +481,20 @@ static int div_addr(void *context, const void *datap_a, const void *datap_b) { } static adns_status csp_addr(vbuf *vb, const adns_rr_addr *rrp) { - const char *ia; - static char buf[30]; + char buf[128]; + int err; switch (rrp->addr.inet.sin_family) { case AF_INET: CSP_ADDSTR("INET "); - ia= inet_ntoa(rrp->addr.inet.sin_addr); assert(ia); - CSP_ADDSTR(ia); + goto ntop; + case AF_INET6: + CSP_ADDSTR("INET6 "); + goto ntop; + ntop: + err= getnameinfo(&rrp->addr.sa, rrp->len, buf, sizeof(buf), 0, 0, + NI_NUMERICHOST); assert(!err); + CSP_ADDSTR(buf); break; default: sprintf(buf,"AF=%u",rrp->addr.sa.sa_family); @@ -341,6 +510,252 @@ static adns_status cs_addr(vbuf *vb, const void *datap) { return csp_addr(vb,rrp); } +static unsigned addr_rrtypes(adns_state ads, adns_rrtype type, + adns_queryflags qf) +{ + adns_queryflags permitaf = 0, hackaf = 0; + unsigned want = 0; + + if (!(qf & (adns_qf_ipv4_only | adns_qf_ipv6_only))) + qf |= adns_qf_ipv4_only | adns_qf_ipv6_only; + if (!(type & adns__qtf_bigaddr) || !(type & adns__qtf_manyaf)) + qf = (qf & adns__qf_afmask) | adns_qf_ipv4_only; + else if (ads->iflags & adns_if_afmask) { + if (ads->iflags & adns_if_af_v4only) { + permitaf |= adns_qf_ipv4_only; + hackaf |= adns_qf_domapv4; + } + if (ads->iflags & adns_if_af_v6only) + permitaf |= adns_qf_ipv6_only; + if (qf & permitaf) + qf &= hackaf | permitaf | ~adns__qf_afmask; + } + + if (qf & adns_qf_ipv4_only) want |= addr_rf_a; + if (qf & adns_qf_ipv6_only) want |= addr_rf_aaaa; + + return want; +} + +static int gsz_addr(adns_rrtype type) +{ + return type & adns__qtf_bigaddr ? + sizeof(adns_rr_addr) : sizeof(adns_rr_addr_v4only); +} + +static adns_status append_addrs(adns_query qu, adns_query from, size_t rrsz, + adns_rr_addr **dp, int *dlen, + const adns_rr_addr *sp, int slen) +{ + size_t drrsz = *dlen*rrsz, srrsz = slen*rrsz; + byte *p; + + if (!slen) return adns_s_ok; + p = adns__alloc_interim(qu, drrsz + srrsz); + if (!p) R_NOMEM; + if (*dlen) { + memcpy(p, *dp, drrsz); + adns__free_interim(qu, *dp); + } + memcpy(p + drrsz, sp, srrsz); + *dlen += slen; + *dp = (adns_rr_addr *)p; + if (from && qu->expires > from->expires) qu->expires = from->expires; + return adns_s_ok; +} + +static void icb_addr(adns_query parent, adns_query child); + +static void addr_subqueries(adns_query qu, struct timeval now, + adns_queryflags qf_extra, + const byte *qd_dgram, int qd_dglen) +{ + int i, err, id; + adns_query cqu; + adns_queryflags qf = (qu->flags & ~adns_qf_search) | qf_extra; + adns_rrtype qtf = qu->answer->type & adns__qtf_deref; + unsigned which = qu->ctx.tinfo.addr.want & ~qu->ctx.tinfo.addr.have; + qcontext ctx; + + memset(&ctx, 0, sizeof(ctx)); + ctx.callback = icb_addr; + for (i = 0; i < addr_nrrtypes; i++) { + if (!(which & (1 << i))) continue; + err = adns__mkquery_frdgram(qu->ads, &qu->vb, &id, qd_dgram, qd_dglen, + DNS_HDRSIZE, addr_all_rrtypes[i], qf); + if (err) goto x_error; + err = adns__internal_submit(qu->ads, &cqu, &tinfo_addrsub, + addr_all_rrtypes[i] | qtf, + &qu->vb, id, qf, now, &ctx); + if (err) goto x_error; + cqu->answer->rrsz = qu->answer->rrsz; + cqu->parent = qu; + LIST_LINK_TAIL_PART(qu->children, cqu,siblings.); + } + qu->state = query_childw; + LIST_LINK_TAIL(qu->ads->childw, qu); + return; + +x_error: + adns__query_fail(qu, err); +} + +static adns_status addr_submit(adns_query parent, adns_query *query_r, + vbuf *qumsg_vb, int id, unsigned want, + adns_queryflags flags, struct timeval now, + qcontext *ctx) +{ + /* This is effectively a substitute for adns__internal_submit, intended for + * the case where the caller (possibly) only wants a subset of the + * available record types. The memory management and callback rules are + * the same as for adns__internal_submit. + * + * Some differences: the query is linked onto the parent's children list + * before exit (though the parent's state is not changed, and it is not + * linked into the childw list queue); and we fiddle with the `tinfo' + * portion of the context structure (yes, modifying *ctx), since this is, + * in fact, the main purpose of this function. + */ + + adns_state ads = parent->ads; + adns_query qu; + adns_status err; + adns_rrtype type = + (adns_r_addr & adns_rrt_reprmask) | + (parent->answer->type & ~adns_rrt_reprmask); + + ctx->tinfo.addr.want = want; + ctx->tinfo.addr.have = 0; + err = adns__internal_submit(ads, &qu, adns__findtype(adns_r_addr), + type, qumsg_vb, id, flags, now, ctx); + if (err) return err; + + qu->parent = parent; + LIST_LINK_TAIL_PART(parent->children, qu, siblings.); + *query_r = qu; + return adns_s_ok; +} + +static adns_status copy_cname_from_child(adns_query parent, adns_query child) +{ + adns_answer *pans = parent->answer, *cans = child->answer; + size_t n = strlen(cans->cname) + 1; + + pans->cname = adns__alloc_preserved(parent, n); + if (!pans->cname) R_NOMEM; + memcpy(pans->cname, cans->cname, n); + return adns_s_ok; +} + +static void done_addr_type(adns_query qu, adns_rrtype type) + { qu->ctx.tinfo.addr.have |= addr_rrtypeflag(type); } + +static void icb_addr(adns_query parent, adns_query child) +{ + adns_state ads = parent->ads; + adns_answer *pans = parent->answer, *cans = child->answer; + struct timeval now; + adns_status err; + int id; + + if (!(child->flags & adns__qf_addr_cname) && + (parent->flags & adns__qf_addr_answer) && + (!!pans->cname != !!cans->cname || + (pans->cname && strcmp(pans->cname, cans->cname) != 0))) { + /* We've detected an inconsistency in CNAME records, and must deploy + * countermeasures. + */ + + if (!pans->cname) { + /* The child has a CNAME record, but the parent doesn't. We must + * discard all of the parent's addresses, and substitute the child's. + */ + + assert(pans->rrsz == cans->rrsz); + adns__free_interim(parent, pans->rrs.bytes); + adns__transfer_interim(child, parent, cans->rrs.bytes); + pans->rrs.bytes = cans->rrs.bytes; + pans->nrrs = cans->nrrs; + parent->ctx.tinfo.addr.have = 0; + done_addr_type(parent, cans->type); + err = copy_cname_from_child(parent, child); if (err) goto x_err; + } + + /* We've settled on the CNAME (now) associated with the parent, which + * already has appropriate address records. Build a query datagram for + * this name so that we can issue child queries for the missing address + * families. The child's vbuf looks handy for this. + */ + err = adns__mkquery(ads, &child->vb, &id, pans->cname, + strlen(pans->cname), &tinfo_addrsub, + adns_r_addr, parent->flags); + if (err) goto x_err; + + /* Now cancel the remaining children, and try again with the CNAME we've + * settled on. + */ + adns__cancel_children(parent); + if (gettimeofday(&now, 0)) goto x_gtod; + addr_subqueries(parent, now, adns__qf_addr_cname, + child->vb.buf, child->vb.used); + return; + } + + if (cans->cname && !pans->cname) { + err = copy_cname_from_child(parent, child); + if (err) goto x_err; + } + + if ((parent->flags & adns_qf_search) && + !pans->cname && cans->status == adns_s_nxdomain) { + /* We're searching a list of suffixes, this is the first answer, and it + * tells us that the name doesn't exist. Try the next one. + */ + + if (parent->expires > child->expires) parent->expires = child->expires; + adns__cancel_children(parent); + adns__free_interim(parent, pans->rrs.bytes); + pans->rrs.bytes = 0; pans->nrrs = 0; + if (gettimeofday(&now, 0)) goto x_gtod; + adns__search_next(ads, parent, now); + return; + } + + if (cans->status && cans->status != adns_s_nodata) + { err = cans->status; goto x_err; } + + assert(pans->rrsz == cans->rrsz); + err = append_addrs(parent, child, pans->rrsz, + &pans->rrs.addr, &pans->nrrs, + cans->rrs.addr, cans->nrrs); + if (err) goto x_err; + done_addr_type(parent, cans->type); + + if (parent->children.head) LIST_LINK_TAIL(ads->childw, parent); + else if (!pans->nrrs) adns__query_fail(parent, adns_s_nodata); + else adns__query_done(parent); + parent->flags |= adns__qf_addr_answer; + return; + +x_gtod: + adns__diag(ads, -1, parent, "gettimeofday failed: %s", strerror(errno)); + err = adns_s_systemfail; + goto x_err; + +x_err: + adns__query_fail(parent, err); +} + +static void qs_addr(adns_query qu, struct timeval now) +{ + if (!qu->ctx.tinfo.addr.want) { + qu->ctx.tinfo.addr.want = + addr_rrtypes(qu->ads, qu->answer->type, qu->flags); + qu->ctx.tinfo.addr.have = 0; + } + addr_subqueries(qu, now, 0, qu->query_dgram, qu->query_dglen); +} + /* * _domain (pap,csp,cs) * _dom_raw (pa) @@ -411,58 +826,77 @@ static adns_status pa_host_raw(const parseinfo *pai, int cbyte, */ static adns_status pap_findaddrs(const parseinfo *pai, adns_rr_hostaddr *ha, + unsigned *want_io, size_t addrsz, int *cbyte_io, int count, int dmstart) { int rri, naddrs; - int type, class, rdlen, rdstart, ownermatched; + unsigned typef, want = *want_io; + int type, class, rdlen, rdend, rdstart, ownermatched; unsigned long ttl; adns_status st; - for (rri=0, naddrs=-1; rriqu, pai->serv, pai->dgram, pai->dglen, cbyte_io, &type, &class, &ttl, &rdlen, &rdstart, pai->dgram, pai->dglen, dmstart, &ownermatched); if (st) return st; - if (!ownermatched || class != DNS_CLASS_IN || type != adns_r_a) { - if (naddrs>0) break; else continue; - } - if (naddrs == -1) { - naddrs= 0; - } - if (!adns__vbuf_ensure(&pai->qu->vb, (naddrs+1)*sizeof(adns_rr_addr))) - R_NOMEM; + if (!ownermatched || class != DNS_CLASS_IN) continue; + typef = addr_rrtypeflag(type); + if (!(want & typef)) continue; + want &= ~typef; + if (!adns__vbuf_ensure(&pai->qu->vb, (naddrs+1)*addrsz)) R_NOMEM; adns__update_expires(pai->qu,ttl,pai->now); - st= pa_addr(pai, rdstart,rdstart+rdlen, - pai->qu->vb.buf + naddrs*sizeof(adns_rr_addr)); + rdend = rdstart + rdlen; + st= pap_addr(pai, type, addrsz, &rdstart, rdend, + (adns_rr_addr *)(pai->qu->vb.buf + naddrs*addrsz)); if (st) return st; + if (rdstart != rdend) return adns_s_invaliddata; naddrs++; } - if (naddrs >= 0) { - ha->addrs= adns__alloc_interim(pai->qu, naddrs*sizeof(adns_rr_addr)); - if (!ha->addrs) R_NOMEM; - memcpy(ha->addrs, pai->qu->vb.buf, naddrs*sizeof(adns_rr_addr)); - ha->naddrs= naddrs; + if (naddrs > 0) { + st = append_addrs(pai->qu, 0, addrsz, &ha->addrs, &ha->naddrs, + (const adns_rr_addr *)pai->qu->vb.buf, naddrs); + if (st) return st; ha->astatus= adns_s_ok; - adns__isort(ha->addrs, naddrs, sizeof(adns_rr_addr), pai->qu->vb.buf, - div_addr, pai->ads); + if (!want) { + adns__isort(ha->addrs, naddrs, addrsz, pai->qu->vb.buf, + div_addr, pai->ads); + } } + *want_io = want; return adns_s_ok; } static void icb_hostaddr(adns_query parent, adns_query child) { adns_answer *cans= child->answer; - adns_rr_hostaddr *rrp= child->ctx.info.hostaddr; + adns_rr_hostaddr *rrp= child->ctx.pinfo.hostaddr; adns_state ads= parent->ads; adns_status st; + size_t addrsz = gsz_addr(parent->answer->type); + + st= cans->status == adns_s_nodata ? adns_s_ok : cans->status; + + if (st) goto done; + assert(addrsz == cans->rrsz); + st = append_addrs(parent, child, addrsz, + &rrp->addrs, &rrp->naddrs, + cans->rrs.addr, cans->nrrs); + if (st) goto done; + if (!rrp->naddrs) { st = adns_s_nodata; goto done; } + + if (!adns__vbuf_ensure(&parent->vb, addrsz)) + { st = adns_s_nomemory; goto done; } + adns__isort(rrp->addrs, rrp->naddrs, addrsz, parent->vb.buf, + div_addr, ads); + +done: + if (st) { + adns__free_interim(parent, rrp->addrs); + rrp->naddrs= (st>0 && st<=adns_s_max_tempfail) ? -1 : 0; + } - st= cans->status; rrp->astatus= st; - rrp->naddrs= (st>0 && st<=adns_s_max_tempfail) ? -1 : cans->nrrs; - rrp->addrs= cans->rrs.addr; - adns__transfer_interim(child, parent, rrp->addrs, - rrp->naddrs*sizeof(adns_rr_addr)); - if (parent->children.head) { LIST_LINK_TAIL(ads->childw,parent); } else { @@ -478,6 +912,8 @@ static adns_status pap_hostaddr(const parseinfo *pai, int *cbyte_io, int id; adns_query nqu; adns_queryflags nflags; + unsigned want; + size_t addrsz = gsz_addr(pai->qu->answer->type); dmstart= cbyte= *cbyte_io; st= pap_domain(pai, &cbyte, max, &rrp->host, @@ -486,18 +922,20 @@ static adns_status pap_hostaddr(const parseinfo *pai, int *cbyte_io, *cbyte_io= cbyte; rrp->astatus= adns_s_ok; - rrp->naddrs= -1; + rrp->naddrs= 0; rrp->addrs= 0; cbyte= pai->nsstart; - st= pap_findaddrs(pai, rrp, &cbyte, pai->nscount, dmstart); + want = addr_rrtypes(pai->ads, pai->qu->answer->type, pai->qu->flags); + + st= pap_findaddrs(pai, rrp, &want, addrsz, &cbyte, pai->nscount, dmstart); if (st) return st; - if (rrp->naddrs != -1) return adns_s_ok; + if (!want) return adns_s_ok; - st= pap_findaddrs(pai, rrp, &cbyte, pai->arcount, dmstart); + st= pap_findaddrs(pai, rrp, &want, addrsz, &cbyte, pai->arcount, dmstart); if (st) return st; - if (rrp->naddrs != -1) return adns_s_ok; + if (!want) return adns_s_ok; st= adns__mkquery_frdgram(pai->ads, &pai->qu->vb, &id, pai->dgram, pai->dglen, dmstart, @@ -506,18 +944,15 @@ static adns_status pap_hostaddr(const parseinfo *pai, int *cbyte_io, ctx.ext= 0; ctx.callback= icb_hostaddr; - ctx.info.hostaddr= rrp; + ctx.pinfo.hostaddr= rrp; - nflags= adns_qf_quoteok_query; + nflags= adns_qf_quoteok_query | (pai->qu->flags & adns__qf_afmask); if (!(pai->qu->flags & adns_qf_cname_loose)) nflags |= adns_qf_cname_forbid; - st= adns__internal_submit(pai->ads, &nqu, adns__findtype(adns_r_addr), - &pai->qu->vb, id, nflags, pai->now, &ctx); + st= addr_submit(pai->qu, &nqu, &pai->qu->vb, id, want, + nflags, pai->now, &ctx); if (st) return st; - nqu->parent= pai->qu; - LIST_LINK_TAIL_PART(pai->qu->children,nqu,siblings.); - return adns_s_ok; } @@ -538,11 +973,7 @@ static int dip_hostaddr(adns_state ads, if (ap->astatus != bp->astatus) return ap->astatus; if (ap->astatus) return 0; - assert(ap->addrs[0].addr.sa.sa_family == AF_INET); - assert(bp->addrs[0].addr.sa.sa_family == AF_INET); - return dip_inaddr(ads, - ap->addrs[0].addr.inet.sin_addr, - bp->addrs[0].addr.inet.sin_addr); + return dip_sockaddr(ads, &ap->addrs[0].addr.sa, &bp->addrs[0].addr.sa); } static int di_hostaddr(adns_state ads, @@ -554,10 +985,11 @@ static int di_hostaddr(adns_state ads, static void mfp_hostaddr(adns_query qu, adns_rr_hostaddr *rrp) { void *tablev; - + size_t sz = qu->answer->type & adns__qtf_bigaddr ? + sizeof(adns_rr_addr) : sizeof(adns_rr_addr_v4only); adns__makefinal_str(qu,&rrp->host); tablev= rrp->addrs; - adns__makefinal_block(qu, &tablev, rrp->naddrs*sizeof(*rrp->addrs)); + adns__makefinal_block(qu, &tablev, rrp->naddrs*sz); rrp->addrs= tablev; } @@ -704,7 +1136,8 @@ static adns_status cs_inthost(vbuf *vb, const void *datap) { static void icb_ptr(adns_query parent, adns_query child) { adns_answer *cans= child->answer; - const adns_rr_addr *queried, *found; + const union gen_addr *queried; + const unsigned char *found; adns_state ads= parent->ads; int i; @@ -716,10 +1149,9 @@ static void icb_ptr(adns_query parent, adns_query child) { return; } - queried= &parent->ctx.info.ptr_parent_addr; - for (i=0, found=cans->rrs.addr; inrrs; i++, found++) { - if (queried->len == found->len && - !memcmp(&queried->addr,&found->addr,queried->len)) { + queried= &parent->ctx.tinfo.ptr.addr.addr; + for (i=0, found=cans->rrs.bytes; inrrs; i++, found += cans->rrsz) { + if (!memcmp(queried,found,cans->rrsz)) { if (!parent->children.head) { adns__query_done(parent); return; @@ -733,18 +1165,75 @@ static void icb_ptr(adns_query parent, adns_query child) { adns__query_fail(parent,adns_s_inconsistent); } +static const struct ptr_expectdomain { + const afinfo *ai; + const char *const tail[3]; +} ptr_expectdomain[PTR_NDOMAIN] = { + { &adns__inet_afinfo, { DNS_INADDR_ARPA, 0 } }, + { &adns__inet6_afinfo, { DNS_IP6_ARPA, 0 } } +}; + +static adns_status ckl_ptr(adns_state ads, adns_queryflags flags, + union checklabel_state *css, qcontext *ctx, + int labnum, const char *label, int lablen) +{ + int i, found, ac; + unsigned f = labnum ? css->ptr.domainmap : (1 << PTR_NDOMAIN) - 1; + unsigned d; + const char *tp; + const struct ptr_expectdomain *ed; + struct afinfo_addr *ap; + + if (lablen) { + for (ed = ptr_expectdomain, i = 0, d = 1; + i < PTR_NDOMAIN; + ed++, i++, d <<= 1) { + if (!(f & d)) continue; + if (labnum < ed->ai->nrevcomp) { + ac = ed->ai->rev_parsecomp(label, lablen); + if (ac < 0) goto mismatch; + assert(labnum < sizeof(css->ptr.ipv[i])); + css->ptr.ipv[i][labnum] = ac; + } else { + tp = ed->tail[labnum - ed->ai->nrevcomp]; + if (!tp || strncmp(label, tp, lablen) != 0 || tp[lablen]) + goto mismatch; + } + continue; + + mismatch: + f &= ~d; + if (!f) return adns_s_querydomainwrong; + } + } else { + found = -1; + for (ed = ptr_expectdomain, i = 0, d = 1; + i < PTR_NDOMAIN; + ed++, i++, d <<= 1) { + if (!(f & d)) continue; + if (labnum >= ed->ai->nrevcomp && !ed->tail[labnum - ed->ai->nrevcomp]) + { found = i; continue; } + f &= ~d; + if (!f) return adns_s_querydomainwrong; + } + assert(found >= 0 && f == (1 << found)); + + ed = &ptr_expectdomain[found]; + ap = &ctx->tinfo.ptr.addr; + ap->ai = ed->ai; + ed->ai->rev_mkaddr(&ap->addr, css->ptr.ipv[found]); + } + + css->ptr.domainmap = f; + return adns_s_ok; +} + static adns_status pa_ptr(const parseinfo *pai, int dmstart, int max, void *datap) { - static const char *(expectdomain[])= { DNS_INADDR_ARPA }; - char **rrp= datap; adns_status st; - adns_rr_addr *ap; - findlabel_state fls; - char *ep; - byte ipv[4]; - char labbuf[4]; - int cbyte, i, lablen, labstart, l, id; + struct afinfo_addr *ap; + int cbyte, id; adns_query nqu; qcontext ctx; @@ -754,48 +1243,20 @@ static adns_status pa_ptr(const parseinfo *pai, int dmstart, if (st) return st; if (cbyte != max) return adns_s_invaliddata; - ap= &pai->qu->ctx.info.ptr_parent_addr; - if (!ap->len) { - adns__findlabel_start(&fls, pai->ads, -1, pai->qu, - pai->qu->query_dgram, pai->qu->query_dglen, - pai->qu->query_dglen, DNS_HDRSIZE, 0); - for (i=0; i<4; i++) { - st= adns__findlabel_next(&fls,&lablen,&labstart); assert(!st); - if (lablen<=0 || lablen>3) return adns_s_querydomainwrong; - memcpy(labbuf, pai->qu->query_dgram + labstart, lablen); - labbuf[lablen]= 0; - ipv[3-i]= strtoul(labbuf,&ep,10); - if (*ep) return adns_s_querydomainwrong; - if (lablen>1 && pai->qu->query_dgram[labstart]=='0') - return adns_s_querydomainwrong; - } - for (i=0; iqu->query_dgram + labstart, expectdomain[i], l)) - return adns_s_querydomainwrong; - } - st= adns__findlabel_next(&fls,&lablen,0); assert(!st); - if (lablen) return adns_s_querydomainwrong; - - ap->len= sizeof(struct sockaddr_in); - memset(&ap->addr,0,sizeof(ap->addr.inet)); - ap->addr.inet.sin_family= AF_INET; - ap->addr.inet.sin_addr.s_addr= - htonl((ipv[0]<<24) | (ipv[1]<<16) | (ipv[2]<<8) | (ipv[3])); - } + ap= &pai->qu->ctx.tinfo.ptr.addr; + assert(ap->ai); st= adns__mkquery_frdgram(pai->ads, &pai->qu->vb, &id, pai->dgram, pai->dglen, dmstart, - adns_r_addr, adns_qf_quoteok_query); + ap->ai->rrtype, adns_qf_quoteok_query); if (st) return st; ctx.ext= 0; ctx.callback= icb_ptr; - memset(&ctx.info,0,sizeof(ctx.info)); - st= adns__internal_submit(pai->ads, &nqu, adns__findtype(adns_r_addr), - &pai->qu->vb, id, + memset(&ctx.pinfo,0,sizeof(ctx.pinfo)); + memset(&ctx.tinfo,0,sizeof(ctx.tinfo)); + st= adns__internal_submit(pai->ads, &nqu, adns__findtype(ap->ai->rrtype), + ap->ai->rrtype, &pai->qu->vb, id, adns_qf_quoteok_query, pai->now, &ctx); if (st) return st; @@ -908,7 +1369,7 @@ static adns_status pap_mailbox822(const parseinfo *pai, static adns_status pap_mailbox(const parseinfo *pai, int *cbyte_io, int max, char **mb_r) { - if (pai->qu->typei->type & adns__qtf_mail822) { + if (pai->qu->typei->typekey & adns__qtf_mail822) { return pap_mailbox822(pai, cbyte_io, max, mb_r); } else { return pap_domain(pai, cbyte_io, max, mb_r, pdf_quoteok); @@ -1004,44 +1465,28 @@ static adns_status cs_soa(vbuf *vb, const void *datap) { } /* - * _srv* (pa*2,di,cs*2,qdpl,postsort) + * _srv* (pa*2,di,cs*2,ckl,postsort) */ -static adns_status qdpl_srv(adns_state ads, - const char **p_io, const char *pe, int labelnum, - char label_r[DNS_MAXDOMAIN], int *ll_io, - adns_queryflags flags, - const typeinfo *typei) { - int useflags; - const char *p_orig; - adns_status st; - - if (labelnum < 2 && !(flags & adns_qf_quoteok_query)) { - useflags= adns_qf_quoteok_query; - p_orig= *p_io; - } else { - useflags= flags; - p_orig= 0; +static adns_status ckl_srv(adns_state ads, adns_queryflags flags, + union checklabel_state *css, qcontext *ctx, + int labnum, const char *label, int lablen) +{ + if (labnum < 2 && !(flags & adns_qf_quoteok_query)) { + if (!lablen || label[0] != '_') return adns_s_querydomaininvalid; + label++; lablen--; } - st= adns__qdpl_normal(ads, p_io,pe, labelnum,label_r, ll_io, useflags,typei); - if (st) return st; - - if (p_orig) { - int ll= *ll_io; - if (!ll || label_r[0]!='_') - return adns_s_querydomaininvalid; - if (memchr(p_orig+1, '\\', pe - (p_orig+1))) - return adns_s_querydomaininvalid; - } - return adns_s_ok; + return adns__ckl_hostname(ads, flags, css, ctx, labnum, label, lablen); } -static adns_status pap_srv_begin(const parseinfo *pai, int cbyte, int max, - adns_rr_srvraw *rrp - /* might be adns_rr_srvha* */) { +static adns_status pap_srv_begin(const parseinfo *pai, int *cbyte_io, int max, + adns_rr_srvha *rrp + /* might be adns_rr_srvraw* */) { const byte *dgram= pai->dgram; - int ti; - if (cbyte+6 > max) return adns_s_invaliddata; + int ti, cbyte; + + cbyte= *cbyte_io; + if ((*cbyte_io += 6) > max) return adns_s_invaliddata; rrp->priority= GET_W(cbyte, ti); rrp->weight= GET_W(cbyte, ti); @@ -1054,7 +1499,7 @@ static adns_status pa_srvraw(const parseinfo *pai, int cbyte, adns_rr_srvraw *rrp= datap; adns_status st; - st= pap_srv_begin(pai,cbyte,max,datap); + st= pap_srv_begin(pai,&cbyte,max,datap); if (st) return st; st= pap_domain(pai, &cbyte, max, &rrp->host, @@ -1070,7 +1515,7 @@ static adns_status pa_srvha(const parseinfo *pai, int cbyte, adns_rr_srvha *rrp= datap; adns_status st; - st= pap_srv_begin(pai,cbyte,max,datap); if (st) return st; + st= pap_srv_begin(pai,&cbyte,max,datap); if (st) return st; st= pap_hostaddr(pai, &cbyte, max, &rrp->ha); if (st) return st; if (cbyte != max) return adns_s_invaliddata; return adns_s_ok; @@ -1095,8 +1540,8 @@ static int di_srv(adns_state ads, const void *datap_a, const void *datap_b) { return 0; } -static adns_status csp_srv_begin(vbuf *vb, const adns_rr_srvraw *rrp - /* might be adns_rr_srvha* */) { +static adns_status csp_srv_begin(vbuf *vb, const adns_rr_srvha *rrp + /* might be adns_rr_srvraw* */) { char buf[30]; sprintf(buf,"%u %u %u ", rrp->priority, rrp->weight, rrp->port); CSP_ADDSTR(buf); @@ -1107,7 +1552,7 @@ static adns_status cs_srvraw(vbuf *vb, const void *datap) { const adns_rr_srvraw *rrp= datap; adns_status st; - st= csp_srv_begin(vb,rrp); if (st) return st; + st= csp_srv_begin(vb,(const void*)rrp); if (st) return st; return csp_domain(vb,rrp->host); } @@ -1115,13 +1560,64 @@ static adns_status cs_srvha(vbuf *vb, const void *datap) { const adns_rr_srvha *rrp= datap; adns_status st; - st= csp_srv_begin(vb,datap); if (st) return st; + st= csp_srv_begin(vb,(const void*)datap); if (st) return st; return csp_hostaddr(vb,&rrp->ha); } -static void postsort_srv(adns_state ads, void *array, int nobjs, +static void postsort_srv(adns_state ads, void *array, int nrrs, const struct typeinfo *typei) { - fprintf(stderr,"(postsort_srv)\n"); + /* we treat everything in the array as if it were an adns_rr_srvha + * even though the array might be of adns_rr_srvraw. That's OK + * because they have the same prefix, which is all we access. + * We use typei->rrsz, too, rather than naive array indexing, of course. + */ + char *workbegin, *workend, *search, *arrayend; + const adns_rr_srvha *rr; + union { adns_rr_srvha ha; adns_rr_srvraw raw; } rrtmp; + int cpriority, totalweight, runtotal; + long randval; + + for (workbegin= array, arrayend= workbegin + typei->rrsz * nrrs; + workbegin < arrayend; + workbegin= workend) { + cpriority= (rr=(void*)workbegin)->priority; + + for (workend= workbegin, totalweight= 0; + workend < arrayend && (rr=(void*)workend)->priority == cpriority; + workend += typei->rrsz) { + totalweight += rr->weight; + } + + /* Now workbegin..(workend-1) incl. are exactly all of the RRs of + * cpriority. From now on, workbegin points to the `remaining' + * records: we select one record at a time (RFC2782 `Usage rules' + * and `Format of the SRV RR' subsection `Weight') to place at + * workbegin (swapping with the one that was there, and then + * advance workbegin. */ + for (; + workbegin + typei->rrsz < workend; /* don't bother if just one */ + workbegin += typei->rrsz) { + + randval= nrand48(ads->rand48xsubi); + randval %= (totalweight + 1); + /* makes it into 0..totalweight inclusive; with 2^10 RRs, + * totalweight must be <= 2^26 so probability nonuniformity is + * no worse than 1 in 2^(31-26) ie 1 in 2^5, ie + * abs(log(P_intended(RR_i) / P_actual(RR_i)) <= log(2^-5). + */ + + for (search=workbegin, runtotal=0; + (runtotal += (rr=(void*)search)->weight) < randval; + search += typei->rrsz); + assert(search < arrayend); + totalweight -= rr->weight; + if (search != workbegin) { + memcpy(&rrtmp, workbegin, typei->rrsz); + memcpy(workbegin, search, typei->rrsz); + memcpy(search, &rrtmp, typei->rrsz); + } + } + } /* tests: * dig -t srv _srv._tcp.test.iwj.relativity.greenend.org.uk. * ./adnshost_s -t srv- _sip._udp.voip.net.cam.ac.uk. @@ -1129,6 +1625,56 @@ static void postsort_srv(adns_state ads, void *array, int nobjs, */ } +/* + * _byteblock (mf) + */ + +static void mf_byteblock(adns_query qu, void *datap) { + adns_rr_byteblock *rrp= datap; + void *bytes= rrp->data; + adns__makefinal_block(qu,&bytes,rrp->len); + rrp->data= bytes; +} + +/* + * _opaque (pa,cs) + */ + +static adns_status pa_opaque(const parseinfo *pai, int cbyte, + int max, void *datap) { + adns_rr_byteblock *rrp= datap; + + rrp->len= max - cbyte; + rrp->data= adns__alloc_interim(pai->qu, rrp->len); + if (!rrp->data) R_NOMEM; + memcpy(rrp->data, pai->dgram + cbyte, rrp->len); + return adns_s_ok; +} + +static adns_status cs_opaque(vbuf *vb, const void *datap) { + const adns_rr_byteblock *rrp= datap; + char buf[10]; + int l; + unsigned char *p; + + sprintf(buf,"\\# %d",rrp->len); + CSP_ADDSTR(buf); + + for (l= rrp->len, p= rrp->data; + l>=4; + l -= 4, p += 4) { + sprintf(buf," %02x%02x%02x%02x",p[0],p[1],p[2],p[3]); + CSP_ADDSTR(buf); + } + for (; + l>0; + l--, p++) { + sprintf(buf," %02x",*p); + CSP_ADDSTR(buf); + } + return adns_s_ok; +} + /* * _flat (mf) */ @@ -1145,14 +1691,15 @@ static void mf_flat(adns_query qu, void *data) { } #define FLAT_MEMB(memb) TYPESZ_M(memb), mf_flat, cs_##memb #define DEEP_TYPE(code,rrt,fmt,memb,parser,comparer,printer) \ - { adns_r_##code, rrt,fmt,TYPESZ_M(memb), mf_##memb, \ - printer,parser,comparer, adns__qdpl_normal,0 } +{ adns_r_##code & adns_rrt_reprmask, rrt,fmt,TYPESZ_M(memb), \ + mf_##memb, printer,parser,comparer, adns__ckl_hostname,0,0,0 } #define FLAT_TYPE(code,rrt,fmt,memb,parser,comparer,printer) \ - { adns_r_##code, rrt,fmt,TYPESZ_M(memb), mf_flat, \ - printer,parser,comparer, adns__qdpl_normal,0 } -#define XTRA_TYPE(code,rrt,fmt,memb,parser,comparer,printer,qdpl,postsort) \ - { adns_r_##code, rrt,fmt,TYPESZ_M(memb), mf_##memb, \ - printer,parser,comparer,qdpl,postsort } +{ adns_r_##code & adns_rrt_reprmask, rrt,fmt,TYPESZ_M(memb), \ + mf_flat, printer,parser,comparer, adns__ckl_hostname,0,0,0 } +#define XTRA_TYPE(code,rrt,fmt,memb,parser,comparer,printer, \ + makefinal,ckl,postsort,getrrsz,sender) \ +{ adns_r_##code & adns_rrt_reprmask, rrt,fmt,TYPESZ_M(memb), makefinal, \ + printer,parser,comparer,ckl,postsort,getrrsz,sender } static const typeinfo typeinfos[] = { /* Must be in ascending order of rrtype ! */ @@ -1167,29 +1714,42 @@ DEEP_TYPE(hinfo, "HINFO", 0, intstrpair,pa_hinfo, 0, cs_hinfo ), DEEP_TYPE(mx_raw, "MX", "raw",intstr, pa_mx_raw, di_mx_raw,cs_inthost ), DEEP_TYPE(txt, "TXT", 0, manyistr,pa_txt, 0, cs_txt ), DEEP_TYPE(rp_raw, "RP", "raw",strpair, pa_rp, 0, cs_rp ), +FLAT_TYPE(aaaa, "AAAA", 0, in6addr, pa_in6addr, di_in6addr,cs_in6addr ), XTRA_TYPE(srv_raw,"SRV", "raw",srvraw , pa_srvraw, di_srv, cs_srvraw, - qdpl_srv, postsort_srv), + mf_srvraw, ckl_srv, postsort_srv, 0, 0), -FLAT_TYPE(addr, "A", "addr", addr, pa_addr, di_addr, cs_addr ), +XTRA_TYPE(addr, "A", "addr", addr, pa_addr, di_addr, cs_addr, + mf_flat, adns__ckl_hostname, 0, gsz_addr, qs_addr), DEEP_TYPE(ns, "NS", "+addr",hostaddr,pa_hostaddr,di_hostaddr,cs_hostaddr ), -DEEP_TYPE(ptr, "PTR","checked",str, pa_ptr, 0, cs_domain ), +XTRA_TYPE(ptr, "PTR","checked",str, pa_ptr, 0, cs_domain, + mf_str, ckl_ptr, 0, 0, 0), DEEP_TYPE(mx, "MX", "+addr",inthostaddr,pa_mx, di_mx, cs_inthostaddr), XTRA_TYPE(srv, "SRV","+addr",srvha, pa_srvha, di_srv, cs_srvha, - qdpl_srv, postsort_srv), + mf_srvha, ckl_srv, postsort_srv, 0, 0), DEEP_TYPE(soa, "SOA","822", soa, pa_soa, 0, cs_soa ), DEEP_TYPE(rp, "RP", "822", strpair, pa_rp, 0, cs_rp ), }; +static const typeinfo tinfo_addrsub = +XTRA_TYPE(none, "","sub",addr, pa_addr, 0, cs_addr, + mf_flat, adns__ckl_hostname, 0, gsz_addr, 0); + +static const typeinfo typeinfo_unknown= +DEEP_TYPE(unknown,0, "unknown",byteblock,pa_opaque, 0, cs_opaque ); + const typeinfo *adns__findtype(adns_rrtype type) { const typeinfo *begin, *end, *mid; + if (type & adns_r_unknown) return &typeinfo_unknown; + type &= adns_rrt_reprmask; + begin= typeinfos; end= typeinfos+(sizeof(typeinfos)/sizeof(typeinfo)); while (begin < end) { mid= begin + ((end-begin)>>1); - if (mid->type == type) return mid; - if (type > mid->type) begin= mid+1; + if (mid->typekey == type) return mid; + if (type > mid->typekey) begin= mid+1; else end= mid; } return 0;