search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
In pstrerror(), add missing break for case ESOCKS_REJECT_IDENTD.
[polipo.git] / dns.c
blob1a5b39ba43a17f5c9c6c287182b747ad02561193
1 /*
2 Copyright (c) 2003-2006 by Juliusz Chroboczek
3
4 Permission is hereby granted, free of charge, to any person obtaining a copy
5 of this software and associated documentation files (the "Software"), to deal
6 in the Software without restriction, including without limitation the rights
7 to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
8 copies of the Software, and to permit persons to whom the Software is
9 furnished to do so, subject to the following conditions:
10
11 The above copyright notice and this permission notice shall be included in
12 all copies or substantial portions of the Software.
13
14 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
15 IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
16 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
17 AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
18 LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
19 OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
20 THE SOFTWARE.
21 */
22
23 #include "polipo.h"
24
25 #ifndef NO_STANDARD_RESOLVER
26 #ifndef NO_FANCY_RESOLVER
27 int dnsUseGethostbyname = 1;
28 #else
29 const int dnsUseGethostbyname = 3;
30 #endif
31 #else
32 #ifndef NO_FANCY_RESOLVER
33 const int dnsUseGethostbyname = 0;
34 #else
35 #error use no resolver at all?
36 #endif
37 #endif
38
39 #ifndef NO_FANCY_RESOLVER
40 AtomPtr dnsNameServer = NULL;
41 int dnsMaxTimeout = 60;
42 #endif
43
44 #ifndef NO_STANDARD_RESOLVER
45 int dnsGethostbynameTtl = 1200;
46 #endif
47
48 int dnsNegativeTtl = 120;
49
50 #ifdef HAVE_IPv6
51 int dnsQueryIPv6 = 2;
52 #else
53 const int dnsQueryIPv6 = 0;
54 #endif
55
56 typedef struct _DnsQuery {
57 unsigned id;
58 AtomPtr name;
59 ObjectPtr object;
60 AtomPtr inet4, inet6;
61 time_t ttl4, ttl6;
62 time_t time;
63 int timeout;
64 TimeEventHandlerPtr timeout_handler;
65 struct _DnsQuery *next;
66 } DnsQueryRec, *DnsQueryPtr;
67
68 union {
69 struct sockaddr sa;
70 struct sockaddr_in sin;
71 #ifdef HAVE_IPv6
72 struct sockaddr_in6 sin6;
73 #endif
74 } nameserverAddress_storage;
75
76 #ifndef NO_FANCY_RESOLVER
77 static AtomPtr atomLocalhost, atomLocalhostDot;
78
79 #define nameserverAddress nameserverAddress_storage.sa
80
81 static DnsQueryPtr inFlightDnsQueries;
82 static DnsQueryPtr inFlightDnsQueriesLast;
83 #endif
84
85 static int really_do_gethostbyname(AtomPtr name, ObjectPtr object);
86 static int really_do_dns(AtomPtr name, ObjectPtr object);
87
88 #ifndef NO_FANCY_RESOLVER
89 static int stringToLabels(char *buf, int offset, int n, char *string);
90 static int labelsToString(char *buf, int offset, int n, char *d,
91 int m, int *j_return);
92 static int dnsBuildQuery(int id, char *buf, int offset, int n,
93 AtomPtr name, int af);
94 static int dnsReplyHandler(int abort, FdEventHandlerPtr event);
95 static int dnsReplyId(char *buf, int offset, int n, int *id_return);
96 static int dnsDecodeReply(char *buf, int offset, int n,
97 int *id_return,
98 AtomPtr *name_return, AtomPtr *value_return,
99 int *af_return, unsigned *ttl_return);
100 static int dnsHandler(int status, ConditionHandlerPtr chandler);
101 static int dnsGethostbynameFallback(int id, AtomPtr message);
102 static int sendQuery(DnsQueryPtr query);
103
104 static int idSeed;
105 #endif
106
107 #ifndef NO_FANCY_RESOLVER
108 static int
109 parseResolvConf(char *filename)
110 {
111 FILE *f;
112 char buf[512];
113 char *p, *q;
114 int n;
115 AtomPtr nameserver = NULL;
116
117 f = fopen(filename, "r");
118 if(f == NULL) {
119 do_log_error(L_ERROR, errno, "DNS: couldn't open %s", filename);
120 return 0;
121 }
122
123 while(1) {
124 p = fgets(buf, 512, f);
125 if(p == NULL)
126 break;
127
128 n = strlen(buf);
129 if(buf[n - 1] != '\n') {
130 int c;
131 do_log(L_WARN, "DNS: overly long line in %s -- skipping.\n",
132 filename);
133 do {
134 c = fgetc(f);
135 if(c == EOF)
136 break;
137 } while(c != '\n');
138 if(c == EOF)
139 break;
140 }
141
142 while(*p == ' ' || *p == '\t')
143 p++;
144 if(strcasecmp_n("nameserver", p, 10) != 0)
145 continue;
146 p += 10;
147 while(*p == ' ' || *p == '\t')
148 p++;
149 q = p;
150 while(*q == '.' || *q == ':' || digit(*q) || letter(*q))
151 q++;
152 if(*q != ' ' && *q != '\t' && *q != '\r' && *q != '\n') {
153 do_log(L_WARN, "DNS: couldn't parse line in %s -- skipping.\n",
154 filename);
155 continue;
156 }
157 nameserver = internAtomLowerN(p, q - p);
158 break;
159 }
160
161 fclose(f);
162 if(nameserver) {
163 dnsNameServer = nameserver;
164 return 1;
165 } else {
166 return 0;
167 }
168 }
169 #endif
170
171 void
172 preinitDns()
173 {
174 #ifdef HAVE_IPv6
175 int fd;
176 #endif
177
178 assert(sizeof(struct in_addr) == 4);
179 #ifdef HAVE_IPv6
180 assert(sizeof(struct in6_addr) == 16);
181 #endif
182
183 #ifndef NO_STANDARD_RESOLVER
184 CONFIG_VARIABLE(dnsGethostbynameTtl, CONFIG_TIME,
185 "TTL for gethostbyname addresses.");
186 #endif
187
188 #ifdef HAVE_IPv6
189 fd = socket(PF_INET6, SOCK_STREAM, 0);
190 if(fd < 0) {
191 if(errno == EPROTONOSUPPORT || errno == EAFNOSUPPORT) {
192 dnsQueryIPv6 = 0;
193 } else {
194 do_log_error(L_WARN, errno, "DNS: couldn't create socket");
195 }
196 } else {
197 close(fd);
198 }
199 #endif
200
201 #ifndef NO_FANCY_RESOLVER
202 parseResolvConf("/etc/resolv.conf");
203 if(dnsNameServer == NULL || dnsNameServer->string[0] == '\0')
204 dnsNameServer = internAtom("127.0.0.1");
205 CONFIG_VARIABLE(dnsMaxTimeout, CONFIG_TIME,
206 "Max timeout for DNS queries.");
207 CONFIG_VARIABLE(dnsNegativeTtl, CONFIG_TIME,
208 "TTL for negative DNS replies with no TTL.");
209 CONFIG_VARIABLE(dnsNameServer, CONFIG_ATOM_LOWER,
210 "The name server to use.");
211 #ifndef NO_STANDARD_RESOLVER
212 CONFIG_VARIABLE(dnsUseGethostbyname, CONFIG_TETRASTATE,
213 "Use the system resolver.");
214 #endif
215 #endif
216
217 #ifdef HAVE_IPv6
218 CONFIG_VARIABLE(dnsQueryIPv6, CONFIG_TETRASTATE,
219 "Query for IPv6 addresses.");
220 #endif
221 }
222
223 void
224 initDns()
225 {
226 #ifndef NO_FANCY_RESOLVER
227 int rc;
228 struct timeval t;
229 struct sockaddr_in *sin = (struct sockaddr_in*)&nameserverAddress;
230 #ifdef HAVE_IPv6
231 struct sockaddr_in6 *sin6 = (struct sockaddr_in6*)&nameserverAddress;
232 #endif
233
234 atomLocalhost = internAtom("localhost");
235 atomLocalhostDot = internAtom("localhost.");
236 inFlightDnsQueries = NULL;
237 inFlightDnsQueriesLast = NULL;
238
239 gettimeofday(&t, NULL);
240 idSeed = t.tv_usec & 0xFFFF;
241 sin->sin_family = AF_INET;
242 sin->sin_port = htons(53);
243 rc = inet_aton(dnsNameServer->string, &sin->sin_addr);
244 #ifdef HAVE_IPv6
245 if(rc != 1) {
246 sin6->sin6_family = AF_INET6;
247 sin6->sin6_port = htons(53);
248 rc = inet_pton(AF_INET6, dnsNameServer->string, &sin6->sin6_addr);
249 }
250 #endif
251 if(rc != 1) {
252 do_log(L_ERROR, "DNS: couldn't parse name server %s.\n",
253 dnsNameServer->string);
254 exit(1);
255 }
256 #endif
257 }
258
259 int
260 do_gethostbyname(char *origname,
261 int count,
262 int (*handler)(int, GethostbynameRequestPtr),
263 void *data)
264 {
265 ObjectPtr object;
266 int n = strlen(origname);
267 AtomPtr name;
268 GethostbynameRequestRec request;
269 int done, rc;
270
271 memset(&request, 0, sizeof(request));
272 request.name = NULL;
273 request.addr = NULL;
274 request.error_message = NULL;
275 request.count = count;
276 request.handler = handler;
277 request.data = data;
278
279 if(n <= 0 || n > 131) {
280 if(n <= 0) {
281 request.error_message = internAtom("empty name");
282 do_log(L_ERROR, "Empty DNS name.\n");
283 done = handler(-EINVAL, &request);
284 } else {
285 request.error_message = internAtom("name too long");
286 do_log(L_ERROR, "DNS name too long.\n");
287 done = handler(-ENAMETOOLONG, &request);
288 }
289 assert(done);
290 releaseAtom(request.error_message);
291 return 1;
292 }
293
294 if(origname[n - 1] == '.')
295 n--;
296
297 name = internAtomLowerN(origname, n);
298
299 if(name == NULL) {
300 request.error_message = internAtom("couldn't allocate name");
301 do_log(L_ERROR, "Couldn't allocate DNS name.\n");
302 done = handler(-ENOMEM, &request);
303 assert(done);
304 releaseAtom(request.error_message);
305 return 1;
306 }
307
308 request.name = name;
309 request.addr = NULL;
310 request.error_message = NULL;
311 request.count = count;
312 request.object = NULL;
313 request.handler = handler;
314 request.data = data;
315
316 object = findObject(OBJECT_DNS, name->string, name->length);
317 if(object == NULL || objectMustRevalidate(object, NULL)) {
318 if(object) {
319 privatiseObject(object, 0);
320 releaseObject(object);
321 }
322 object = makeObject(OBJECT_DNS, name->string, name->length, 1, 0,
323 NULL, NULL);
324 if(object == NULL) {
325 request.error_message = internAtom("Couldn't allocate object");
326 do_log(L_ERROR, "Couldn't allocate DNS object.\n");
327 done = handler(-ENOMEM, &request);
328 assert(done);
329 releaseAtom(name);
330 releaseAtom(request.error_message);
331 return 1;
332 }
333 }
334
335 if((object->flags & (OBJECT_INITIAL | OBJECT_INPROGRESS)) ==
336 OBJECT_INITIAL) {
337 if(dnsUseGethostbyname >= 3)
338 rc = really_do_gethostbyname(name, object);
339 else
340 rc = really_do_dns(name, object);
341 if(rc < 0) {
342 assert(!(object->flags & (OBJECT_INITIAL | OBJECT_INPROGRESS)));
343 goto fail;
344 }
345 }
346
347 if(dnsUseGethostbyname >= 3)
348 assert(!(object->flags & OBJECT_INITIAL));
349
350 #ifndef NO_FANCY_RESOLVER
351 if(object->flags & OBJECT_INITIAL) {
352 ConditionHandlerPtr chandler;
353 assert(object->flags & OBJECT_INPROGRESS);
354 request.object = object;
355 chandler = conditionWait(&object->condition, dnsHandler,
356 sizeof(request), &request);
357 if(chandler == NULL) {
358 rc = ENOMEM;
359 goto fail;
360 }
361 return 1;
362 }
363 #endif
364
365 if(object->headers && object->headers->length > 0) {
366 if(object->headers->string[0] == DNS_A)
367 assert(((object->headers->length - 1) %
368 sizeof(HostAddressRec)) == 0);
369 else
370 assert(object->headers->string[0] == DNS_CNAME);
371 request.addr = retainAtom(object->headers);
372 } else if(object->message) {
373 request.error_message = retainAtom(object->message);
374 }
375
376 releaseObject(object);
377
378 if(request.addr && request.addr->length > 0)
379 done = handler(1, &request);
380 else
381 done = handler(-EDNS_HOST_NOT_FOUND, &request);
382 assert(done);
383
384 releaseAtom(request.addr); request.addr = NULL;
385 releaseAtom(request.name); request.name = NULL;
386 releaseAtom(request.error_message); request.error_message = NULL;
387 return 1;
388
389 fail:
390 releaseNotifyObject(object);
391 done = handler(-errno, &request);
392 assert(done);
393 releaseAtom(name);
394 return 1;
395 }
396
397 static int
398 dnsDelayedErrorNotifyHandler(TimeEventHandlerPtr event)
399 {
400 int done;
401 GethostbynameRequestRec request =
402 *(GethostbynameRequestPtr)event->data;
403 done = request.handler(-EDNS_HOST_NOT_FOUND, &request);
404 assert(done);
405 releaseAtom(request.name); request.name = NULL;
406 releaseAtom(request.addr); request.addr = NULL;
407 releaseAtom(request.error_message); request.error_message = NULL;
408 return 1;
409 }
410
411 static int
412 dnsDelayedDoneNotifyHandler(TimeEventHandlerPtr event)
413 {
414 int done;
415 GethostbynameRequestRec request = *(GethostbynameRequestPtr)event->data;
416 done = request.handler(1, &request);
417 assert(done);
418 releaseAtom(request.name); request.name = NULL;
419 releaseAtom(request.addr); request.addr = NULL;
420 releaseAtom(request.error_message); request.error_message = NULL;
421 return 1;
422 }
423
424 static int
425 dnsDelayedNotify(int error, GethostbynameRequestPtr request)
426 {
427 TimeEventHandlerPtr handler;
428
429 if(error)
430 handler = scheduleTimeEvent(0,
431 dnsDelayedErrorNotifyHandler,
432 sizeof(*request), request);
433 else
434 handler = scheduleTimeEvent(0,
435 dnsDelayedDoneNotifyHandler,
436 sizeof(*request), request);
437 if(handler == NULL) {
438 do_log(L_ERROR, "Couldn't schedule DNS notification.\n");
439 return -1;
440 }
441 return 1;
442 }
443
444 #ifdef HAVE_IPv6
445 AtomPtr
446 rfc2732(AtomPtr name)
447 {
448 char buf[38];
449 int rc;
450 AtomPtr a = NULL;
451
452 if(name->length < 38 &&
453 name->string[0] == '[' && name->string[name->length - 1] == ']') {
454 struct in6_addr in6a;
455 memcpy(buf, name->string + 1, name->length - 2);
456 buf[name->length - 2] = '\0';
457 rc = inet_pton(AF_INET6, buf, &in6a);
458 if(rc == 1) {
459 char s[1 + sizeof(HostAddressRec)];
460 memset(s, 0, sizeof(s));
461 s[0] = DNS_A;
462 s[1] = 6;
463 memcpy(s + 2, &in6a, 16);
464 a = internAtomN(s, 1 + sizeof(HostAddressRec));
465 if(a == NULL)
466 return NULL;
467 }
468 }
469 return a;
470 }
471
472 /* Used for sorting host addresses depending on the value of dnsQueryIPv6 */
473 int
474 compare_hostaddr(const void *av, const void *bv)
475 {
476 const HostAddressRec *a = av, *b = bv;
477 int r;
478 if(a->af == 4) {
479 if(b->af == 4)
480 r = 0;
481 else
482 r = -1;
483 } else {
484 if(b->af == 6)
485 r = 0;
486 else
487 r = 1;
488 }
489 if(dnsQueryIPv6 >= 2)
490 return -r;
491 else
492 return r;
493 }
494
495 #ifndef NO_STANDARD_RESOLVER
496 static int
497 really_do_gethostbyname(AtomPtr name, ObjectPtr object)
498 {
499 struct addrinfo *ai, *entry, hints;
500 int rc;
501 int error, i;
502 char buf[1024];
503 AtomPtr a;
504
505 a = rfc2732(name);
506 if(a) {
507 object->headers = a;
508 object->age = current_time.tv_sec;
509 object->expires = current_time.tv_sec + 240;
510 object->flags &= ~(OBJECT_INITIAL | OBJECT_INPROGRESS);
511 notifyObject(object);
512 return 0;
513 }
514
515 memset(&hints, 0, sizeof(hints));
516 hints.ai_protocol = IPPROTO_TCP;
517 if(dnsQueryIPv6 <= 0)
518 hints.ai_family = AF_INET;
519 else if(dnsQueryIPv6 >= 3)
520 hints.ai_family = AF_INET6;
521
522 rc = getaddrinfo(name->string, NULL, &hints, &ai);
523
524 switch(rc) {
525 case 0: error = 0; break;
526 case EAI_FAMILY:
527 #ifdef EAI_ADDRFAMILY
528 case EAI_ADDRFAMILY:
529 #endif
530 case EAI_SOCKTYPE:
531 error = EAFNOSUPPORT; break;
532 case EAI_BADFLAGS: error = EINVAL; break;
533 case EAI_SERVICE: error = EDNS_NO_RECOVERY; break;
534 #ifdef EAI_NONAME
535 case EAI_NONAME:
536 #endif
537 #ifdef EAI_NODATA
538 case EAI_NODATA:
539 #endif
540 error = EDNS_NO_ADDRESS; break;
541 case EAI_FAIL: error = EDNS_NO_RECOVERY; break;
542 case EAI_AGAIN: error = EDNS_TRY_AGAIN; break;
543 #ifdef EAI_MEMORY
544 case EAI_MEMORY: error = ENOMEM; break;
545 #endif
546 case EAI_SYSTEM: error = errno; break;
547 default: error = EUNKNOWN;
548 }
549
550 if(error == EDNS_NO_ADDRESS) {
551 object->headers = NULL;
552 object->age = current_time.tv_sec;
553 object->expires = current_time.tv_sec + dnsNegativeTtl;
554 object->flags &= ~(OBJECT_INITIAL | OBJECT_INPROGRESS);
555 notifyObject(object);
556 return 0;
557 } else if(error) {
558 do_log_error(L_ERROR, error, "Getaddrinfo failed");
559 object->flags &= ~OBJECT_INPROGRESS;
560 abortObject(object, 404,
561 internAtomError(error, "Getaddrinfo failed"));
562 notifyObject(object);
563 return 0;
564 }
565
566 entry = ai;
567 buf[0] = DNS_A;
568 i = 0;
569 while(entry) {
570 HostAddressRec host;
571 int host_valid = 0;
572 if(entry->ai_family == AF_INET && entry->ai_protocol == IPPROTO_TCP) {
573 if(dnsQueryIPv6 < 3) {
574 host.af = 4;
575 memset(host.data, 0, sizeof(host.data));
576 memcpy(&host.data,
577 &((struct sockaddr_in*)entry->ai_addr)->sin_addr,
578 4);
579 host_valid = 1;
580 }
581 } else if(entry->ai_family == AF_INET6 &&
582 entry->ai_protocol == IPPROTO_TCP) {
583 if(dnsQueryIPv6 > 0) {
584 host.af = 6;
585 memset(&host.data, 0, sizeof(host.data));
586 memcpy(&host.data,
587 &((struct sockaddr_in6*)entry->ai_addr)->sin6_addr,
588 16);
589 host_valid = 1;
590 }
591 }
592 if(host_valid) {
593 if(i >= 1024 / sizeof(HostAddressRec) - 2) {
594 do_log(L_ERROR, "Too many addresses for host %s\n",
595 name->string);
596 break;
597 }
598 memcpy(buf + 1 + i * sizeof(HostAddressRec),
599 &host, sizeof(HostAddressRec));
600 i++;
601 }
602 entry = entry->ai_next;
603 }
604 freeaddrinfo(ai);
605 if(i == 0) {
606 do_log(L_ERROR, "Getaddrinfo returned no useful addresses\n");
607 object->flags &= ~OBJECT_INPROGRESS;
608 abortObject(object, 404,
609 internAtom("Getaddrinfo returned no useful addresses"));
610 notifyObject(object);
611 return 0;
612 }
613
614 if(1 <= dnsQueryIPv6 && dnsQueryIPv6 <= 2)
615 qsort(buf + 1, i, sizeof(HostAddressRec), compare_hostaddr);
616
617 a = internAtomN(buf, 1 + i * sizeof(HostAddressRec));
618 if(a == NULL) {
619 object->flags &= ~OBJECT_INPROGRESS;
620 abortObject(object, 501, internAtom("Couldn't allocate address"));
621 notifyObject(object);
622 return 0;
623 }
624 object->headers = a;
625 object->age = current_time.tv_sec;
626 object->expires = current_time.tv_sec + dnsGethostbynameTtl;
627 object->flags &= ~(OBJECT_INITIAL | OBJECT_INPROGRESS);
628 notifyObject(object);
629 return 0;
630 }
631 #endif
632
633 #else
634
635 #ifndef NO_STANDARD_RESOLVER
636 static int
637 really_do_gethostbyname(AtomPtr name, ObjectPtr object)
638 {
639 struct hostent *host;
640 char *s;
641 AtomPtr a;
642 int i, j;
643 int error;
644
645 host = gethostbyname(name->string);
646 if(host == NULL) {
647 switch(h_errno) {
648 case HOST_NOT_FOUND: error = EDNS_HOST_NOT_FOUND; break;
649 case NO_ADDRESS: error = EDNS_NO_ADDRESS; break;
650 case NO_RECOVERY: error = EDNS_NO_RECOVERY; break;
651 case TRY_AGAIN: error = EDNS_TRY_AGAIN; break;
652 default: error = EUNKNOWN; break;
653 }
654 if(error == EDNS_HOST_NOT_FOUND) {
655 object->headers = NULL;
656 object->age = current_time.tv_sec;
657 object->expires = current_time.tv_sec + dnsNegativeTtl;
658 object->flags &= ~(OBJECT_INITIAL | OBJECT_INPROGRESS);
659 object->flags &= ~OBJECT_INPROGRESS;
660 notifyObject(object);
661 return 0;
662 } else {
663 do_log_error(L_ERROR, error, "Gethostbyname failed");
664 abortObject(object, 404,
665 internAtomError(error, "Gethostbyname failed"));
666 object->flags &= ~OBJECT_INPROGRESS;
667 notifyObject(object);
668 return 0;
669 }
670 }
671 if(host->h_addrtype != AF_INET) {
672 do_log(L_ERROR, "Address is not AF_INET.\n");
673 object->flags &= ~OBJECT_INPROGRESS;
674 abortObject(object, 404, internAtom("Address is not AF_INET"));
675 notifyObject(object);
676 return -1;
677 }
678 if(host->h_length != sizeof(struct in_addr)) {
679 do_log(L_ERROR, "Address size inconsistent.\n");
680 object->flags &= ~OBJECT_INPROGRESS;
681 abortObject(object, 404, internAtom("Address size inconsistent"));
682 notifyObject(object);
683 return 0;
684 }
685 i = 0;
686 while(host->h_addr_list[i] != NULL) i++;
687 s = malloc(1 + i * sizeof(HostAddressRec));
688 if(s == NULL) {
689 a = NULL;
690 } else {
691 memset(s, 0, 1 + i * sizeof(HostAddressRec));
692 s[0] = DNS_A;
693 for(j = 0; j < i; j++) {
694 s[j * sizeof(HostAddressRec) + 1] = 4;
695 memcpy(&s[j * sizeof(HostAddressRec) + 2], host->h_addr_list[j],
696 sizeof(struct in_addr));
697 }
698 a = internAtomN(s, i * sizeof(HostAddressRec) + 1);
699 free(s);
700 }
701 if(!a) {
702 object->flags &= ~OBJECT_INPROGRESS;
703 abortObject(object, 501, internAtom("Couldn't allocate address"));
704 notifyObject(object);
705 return 0;
706 }
707 object->headers = a;
708 object->age = current_time.tv_sec;
709 object->expires = current_time.tv_sec + dnsGethostbynameTtl;
710 object->flags &= ~(OBJECT_INITIAL | OBJECT_INPROGRESS);
711 notifyObject(object);
712 return 0;
713
714 }
715 #endif
716
717 #endif
718
719 #ifdef NO_STANDARD_RESOLVER
720 static int
721 really_do_gethostbyname(AtomPtr name, ObjectPtr object)
722 {
723 abort();
724 }
725 #endif
726
727 #ifndef NO_FANCY_RESOLVER
728
729 static int dnsSocket = -1;
730 static FdEventHandlerPtr dnsSocketHandler = NULL;
731
732 static int
733 dnsHandler(int status, ConditionHandlerPtr chandler)
734 {
735 GethostbynameRequestRec request = *(GethostbynameRequestPtr)chandler->data;
736 ObjectPtr object = request.object;
737
738 assert(!(object->flags & OBJECT_INPROGRESS));
739
740 if(object->headers) {
741 request.addr = retainAtom(object->headers);
742 dnsDelayedNotify(0, &request);
743 } else {
744 if(object->message)
745 request.error_message = retainAtom(object->message);
746 dnsDelayedNotify(1, &request);
747 }
748 releaseObject(object);
749 return 1;
750 }
751
752 static int
753 queryInFlight(DnsQueryPtr query)
754 {
755 DnsQueryPtr other;
756 other = inFlightDnsQueries;
757 while(other) {
758 if(other == query)
759 return 1;
760 other = other->next;
761 }
762 return 0;
763 }
764
765 static void
766 removeQuery(DnsQueryPtr query)
767 {
768 DnsQueryPtr previous;
769 if(query == inFlightDnsQueries) {
770 inFlightDnsQueries = query->next;
771 if(inFlightDnsQueries == NULL)
772 inFlightDnsQueriesLast = NULL;
773 } else {
774 previous = inFlightDnsQueries;
775 while(previous->next) {
776 if(previous->next == query)
777 break;
778 previous = previous->next;
779 }
780 assert(previous->next != NULL);
781 previous->next = query->next;
782 if(previous->next == NULL)
783 inFlightDnsQueriesLast = previous;
784 }
785 }
786
787 static void
788 insertQuery(DnsQueryPtr query)
789 {
790 if(inFlightDnsQueriesLast)
791 inFlightDnsQueriesLast->next = query;
792 else
793 inFlightDnsQueries = query;
794 inFlightDnsQueriesLast = query;
795 }
796
797 static DnsQueryPtr
798 findQuery(int id, AtomPtr name)
799 {
800 DnsQueryPtr query;
801 query = inFlightDnsQueries;
802 while(query) {
803 if(query->id == id && (name == NULL || query->name == name))
804 return query;
805 query = query->next;
806 }
807 return NULL;
808 }
809
810 static int
811 dnsTimeoutHandler(TimeEventHandlerPtr event)
812 {
813 DnsQueryPtr query = *(DnsQueryPtr*)event->data;
814 ObjectPtr object = query->object;
815 int rc;
816
817 /* People are reporting that this does happen. And I have no idea why. */
818 if(!queryInFlight(query)) {
819 do_log(L_ERROR, "BUG: timing out martian query (%s, flags: 0x%x).\n",
820 scrub(query->name->string), (unsigned)object->flags);
821 return 1;
822 }
823
824 query->timeout = MAX(10, query->timeout * 2);
825
826 if(query->timeout > dnsMaxTimeout) {
827 abortObject(object, 501, internAtom("Timeout"));
828 goto fail;
829 } else {
830 rc = sendQuery(query);
831 if(rc < 0) {
832 if(rc != -EWOULDBLOCK && rc != -EAGAIN && rc != -ENOBUFS) {
833 abortObject(object, 501,
834 internAtomError(-rc,
835 "Couldn't send DNS query"));
836 goto fail;
837 }
838 /* else let it timeout */
839 }
840 query->timeout_handler =
841 scheduleTimeEvent(query->timeout, dnsTimeoutHandler,
842 sizeof(query), &query);
843 if(query->timeout_handler == NULL) {
844 do_log(L_ERROR, "Couldn't schedule DNS timeout handler.\n");
845 abortObject(object, 501,
846 internAtom("Couldn't schedule DNS timeout handler"));
847 goto fail;
848 }
849 return 1;
850 }
851
852 fail:
853 removeQuery(query);
854 object->flags &= ~OBJECT_INPROGRESS;
855 if(query->inet4) releaseAtom(query->inet4);
856 if(query->inet6) releaseAtom(query->inet6);
857 free(query);
858 releaseNotifyObject(object);
859 return 1;
860 }
861
862 static int
863 establishDnsSocket()
864 {
865 int rc;
866 #ifdef HAVE_IPv6
867 int inet6 = (nameserverAddress.sa_family == AF_INET6);
868 int pf = inet6 ? PF_INET6 : PF_INET;
869 int sa_size =
870 inet6 ? sizeof(struct sockaddr_in6) : sizeof(struct sockaddr_in);
871 #else
872 int pf = PF_INET;
873 int sa_size = sizeof(struct sockaddr_in);
874 #endif
875
876 if(dnsSocket < 0) {
877 assert(!dnsSocketHandler);
878 dnsSocket = socket(pf, SOCK_DGRAM, 0);
879 if(dnsSocket < 0) {
880 do_log_error(L_ERROR, errno, "Couldn't create DNS socket");
881 return -errno;
882 }
883
884 rc = connect(dnsSocket, &nameserverAddress, sa_size);
885 if(rc < 0) {
886 CLOSE(dnsSocket);
887 dnsSocket = -1;
888 do_log_error(L_ERROR, errno, "Couldn't create DNS \"connection\"");
889 return -errno;
890 }
891 }
892
893 if(!dnsSocketHandler) {
894 dnsSocketHandler =
895 registerFdEvent(dnsSocket, POLLIN, dnsReplyHandler, 0, NULL);
896 if(dnsSocketHandler == NULL) {
897 do_log(L_ERROR, "Couldn't register DNS socket handler.\n");
898 CLOSE(dnsSocket);
899 dnsSocket = -1;
900 return -ENOMEM;
901 }
902 }
903
904 return 1;
905 }
906
907 static int
908 sendQuery(DnsQueryPtr query)
909 {
910 char buf[512];
911 int buflen;
912 int rc;
913 int af[2];
914 int i;
915
916 if(dnsSocket < 0)
917 return -1;
918
919 if(dnsQueryIPv6 <= 0) {
920 af[0] = 4; af[1] = 0;
921 } else if(dnsQueryIPv6 <= 2) {
922 af[0] = 4; af[1] = 6;
923 } else {
924 af[0] = 6; af[1] = 0;
925 }
926
927 for(i = 0; i < 2; i++) {
928 if(af[i] == 0)
929 continue;
930 if(af[i] == 4 && query->inet4)
931 continue;
932 else if(af[i] == 6 && query->inet6)
933 continue;
934
935 buflen = dnsBuildQuery(query->id, buf, 0, 512, query->name, af[i]);
936 if(buflen <= 0) {
937 do_log(L_ERROR, "Couldn't build DNS query.\n");
938 return buflen;
939 }
940
941 rc = send(dnsSocket, buf, buflen, 0);
942 if(rc < buflen) {
943 if(rc >= 0) {
944 do_log(L_ERROR, "Couldn't send DNS query: partial send.\n");
945 return -EAGAIN;
946 } else {
947 do_log_error(L_ERROR, errno, "Couldn't send DNS query");
948 return -errno;
949 }
950 }
951 }
952 return 1;
953 }
954
955 static int
956 really_do_dns(AtomPtr name, ObjectPtr object)
957 {
958 int rc;
959 DnsQueryPtr query;
960 AtomPtr message = NULL;
961 int id;
962 AtomPtr a = NULL;
963
964 if(a == NULL) {
965 if(name == atomLocalhost || name == atomLocalhostDot) {
966 char s[1 + sizeof(HostAddressRec)];
967 memset(s, 0, sizeof(s));
968 s[0] = DNS_A;
969 s[1] = 4;
970 s[2] = 127;
971 s[3] = 0;
972 s[4] = 0;
973 s[5] = 1;
974 a = internAtomN(s, 1 + sizeof(HostAddressRec));
975 if(a == NULL) {
976 abortObject(object, 501,
977 internAtom("Couldn't allocate address"));
978 notifyObject(object);
979 errno = ENOMEM;
980 return -1;
981 }
982 }
983 }
984
985 if(a == NULL) {
986 struct in_addr ina;
987 rc = inet_aton(name->string, &ina);
988 if(rc == 1) {
989 char s[1 + sizeof(HostAddressRec)];
990 memset(s, 0, sizeof(s));
991 s[0] = DNS_A;
992 s[1] = 4;
993 memcpy(s + 2, &ina, 4);
994 a = internAtomN(s, 1 + sizeof(HostAddressRec));
995 if(a == NULL) {
996 abortObject(object, 501,
997 internAtom("Couldn't allocate address"));
998 notifyObject(object);
999 errno = ENOMEM;
1000 return -1;
1001 }
1002 }
1003 }
1004 #ifdef HAVE_IPv6
1005 if(a == NULL)
1006 a = rfc2732(name);
1007 #endif
1008
1009 if(a) {
1010 object->headers = a;
1011 object->age = current_time.tv_sec;
1012 object->expires = current_time.tv_sec + 240;
1013 object->flags &= ~(OBJECT_INITIAL | OBJECT_INPROGRESS);
1014 notifyObject(object);
1015 return 0;
1016 }
1017
1018 rc = establishDnsSocket();
1019 if(rc < 0) {
1020 do_log_error(L_ERROR, -rc, "Couldn't establish DNS socket.\n");
1021 message = internAtomError(-rc, "Couldn't establish DNS socket");
1022 goto fallback;
1023 }
1024
1025 /* The id is used to speed up detecting replies to queries that
1026 are no longer current -- see dnsReplyHandler. */
1027 id = (idSeed++) & 0xFFFF;
1028
1029 query = malloc(sizeof(DnsQueryRec));
1030 if(query == NULL) {
1031 do_log(L_ERROR, "Couldn't allocate DNS query.\n");
1032 message = internAtom("Couldn't allocate DNS query");
1033 goto fallback;
1034 }
1035 query->id = id;
1036 query->inet4 = NULL;
1037 query->inet6 = NULL;
1038 query->name = name;
1039 query->time = current_time.tv_sec;
1040 query->object = retainObject(object);
1041 query->timeout = 4;
1042 query->timeout_handler = NULL;
1043 query->next = NULL;
1044
1045 query->timeout_handler =
1046 scheduleTimeEvent(query->timeout, dnsTimeoutHandler,
1047 sizeof(query), &query);
1048 if(query->timeout_handler == NULL) {
1049 do_log(L_ERROR, "Couldn't schedule DNS timeout handler.\n");
1050 message = internAtom("Couldn't schedule DNS timeout handler");
1051 goto free_fallback;
1052 }
1053 insertQuery(query);
1054
1055 object->flags |= OBJECT_INPROGRESS;
1056 rc = sendQuery(query);
1057 if(rc < 0) {
1058 if(rc != -EWOULDBLOCK && rc != -EAGAIN && rc != -ENOBUFS) {
1059 object->flags &= ~OBJECT_INPROGRESS;
1060 message = internAtomError(-rc, "Couldn't send DNS query");
1061 goto remove_fallback;
1062 }
1063 /* else let it timeout */
1064 }
1065 releaseAtom(message);
1066 return 1;
1067
1068 remove_fallback:
1069 removeQuery(query);
1070 free_fallback:
1071 releaseObject(query->object);
1072 cancelTimeEvent(query->timeout_handler);
1073 free(query);
1074 fallback:
1075 if(dnsUseGethostbyname >= 1) {
1076 releaseAtom(message);
1077 do_log(L_WARN, "Falling back on gethostbyname.\n");
1078 return really_do_gethostbyname(name, object);
1079 } else {
1080 abortObject(object, 501, message);
1081 notifyObject(object);
1082 return 1;
1083 }
1084 }
1085
1086 static int
1087 dnsReplyHandler(int abort, FdEventHandlerPtr event)
1088 {
1089 int fd = event->fd;
1090 char buf[2048];
1091 int len, rc;
1092 ObjectPtr object;
1093 unsigned ttl = 0;
1094 AtomPtr name, value, message = NULL;
1095 int id;
1096 int af;
1097 DnsQueryPtr query;
1098 AtomPtr cname = NULL;
1099
1100 if(abort) {
1101 dnsSocketHandler = NULL;
1102 rc = establishDnsSocket();
1103 if(rc < 0) {
1104 do_log(L_ERROR, "Couldn't reestablish DNS socket.\n");
1105 /* At this point, we should abort all in-flight
1106 DNS requests. Oh, well, they'll timeout anyway. */
1107 }
1108 return 1;
1109 }
1110
1111 len = recv(fd, buf, 2048, 0);
1112 if(len <= 0) {
1113 if(errno == EINTR || errno == EAGAIN) return 0;
1114 /* This is where we get ECONNREFUSED for an ICMP port unreachable */
1115 do_log_error(L_ERROR, errno, "DNS: recv failed");
1116 dnsGethostbynameFallback(-1, message);
1117 return 0;
1118 }
1119
1120 /* This could be a late reply to a query that timed out and was
1121 resent, a reply to a query that timed out, or a reply to an
1122 AAAA query when we already got a CNAME reply to the associated
1123 A. We filter such replies straight away, without trying to
1124 parse them. */
1125 rc = dnsReplyId(buf, 0, len, &id);
1126 if(rc < 0) {
1127 do_log(L_WARN, "Short DNS reply.\n");
1128 return 0;
1129 }
1130 if(!findQuery(id, NULL)) {
1131 return 0;
1132 }
1133
1134 rc = dnsDecodeReply(buf, 0, len, &id, &name, &value, &af, &ttl);
1135 if(rc < 0) {
1136 assert(value == NULL);
1137 /* We only want to fallback on gethostbyname if we received a
1138 reply that we could not understand. What about truncated
1139 replies? */
1140 if(rc < 0) {
1141 do_log_error(L_WARN, -rc, "DNS");
1142 if(dnsUseGethostbyname >= 2 ||
1143 (dnsUseGethostbyname &&
1144 (rc != -EDNS_HOST_NOT_FOUND && rc != -EDNS_NO_RECOVERY &&
1145 rc != -EDNS_FORMAT))) {
1146 dnsGethostbynameFallback(id, message);
1147 return 0;
1148 } else {
1149 message = internAtomError(-rc, NULL);
1150 }
1151 } else {
1152 assert(name != NULL && id >= 0 && af >= 0);
1153 }
1154 }
1155
1156 query = findQuery(id, name);
1157 if(query == NULL) {
1158 /* Duplicate id ? */
1159 releaseAtom(value);
1160 releaseAtom(name);
1161 return 0;
1162 }
1163
1164 /* We're going to use the information in this reply. If it was an
1165 error, construct an empty atom to distinguish it from information
1166 we're still waiting for. */
1167 if(value == NULL)
1168 value = internAtom("");
1169
1170 again:
1171 if(af == 4) {
1172 if(query->inet4 == NULL) {
1173 query->inet4 = value;
1174 query->ttl4 = current_time.tv_sec + ttl;
1175 } else
1176 releaseAtom(value);
1177 } else if(af == 6) {
1178 if(query->inet6 == NULL) {
1179 query->inet6 = value;
1180 query->ttl6 = current_time.tv_sec + ttl;
1181 } else
1182 releaseAtom(value);
1183 } else if(af == 0) {
1184 /* Ignore errors in this case. */
1185 if(query->inet4 && query->inet4->length == 0) {
1186 releaseAtom(query->inet4);
1187 query->inet4 = NULL;
1188 }
1189 if(query->inet6 && query->inet6->length == 0) {
1190 releaseAtom(query->inet6);
1191 query->inet6 = NULL;
1192 }
1193 if(query->inet4 || query->inet6) {
1194 do_log(L_WARN, "Host %s has both %s and CNAME -- "
1195 "ignoring CNAME.\n", scrub(query->name->string),
1196 query->inet4 ? "A" : "AAAA");
1197 releaseAtom(value);
1198 value = internAtom("");
1199 af = query->inet4 ? 4 : 6;
1200 goto again;
1201 } else {
1202 cname = value;
1203 }
1204 }
1205
1206 if(rc >= 0 && !cname &&
1207 ((dnsQueryIPv6 < 3 && query->inet4 == NULL) ||
1208 (dnsQueryIPv6 > 0 && query->inet6 == NULL)))
1209 return 0;
1210
1211 /* This query is complete */
1212
1213 cancelTimeEvent(query->timeout_handler);
1214 object = query->object;
1215
1216 if(object->flags & OBJECT_INITIAL) {
1217 assert(!object->headers);
1218 if(cname) {
1219 assert(query->inet4 == NULL && query->inet6 == NULL);
1220 object->headers = cname;
1221 object->expires = current_time.tv_sec + ttl;
1222 } else if((!query->inet4 || query->inet4->length == 0) &&
1223 (!query->inet6 || query->inet6->length == 0)) {
1224 releaseAtom(query->inet4);
1225 releaseAtom(query->inet6);
1226 object->expires = current_time.tv_sec + dnsNegativeTtl;
1227 abortObject(object, 500, retainAtom(message));
1228 } else if(!query->inet4 || query->inet4->length == 0) {
1229 object->headers = query->inet6;
1230 object->expires = query->ttl6;
1231 releaseAtom(query->inet4);
1232 } else if(!query->inet6 || query->inet6->length == 0) {
1233 object->headers = query->inet4;
1234 object->expires = query->ttl4;
1235 releaseAtom(query->inet6);
1236 } else {
1237 /* need to merge results */
1238 char buf[1024];
1239 if(query->inet4->length + query->inet6->length > 1024) {
1240 releaseAtom(query->inet4);
1241 releaseAtom(query->inet6);
1242 abortObject(object, 500, internAtom("DNS reply too long"));
1243 } else {
1244 if(dnsQueryIPv6 <= 1) {
1245 memcpy(buf, query->inet4->string, query->inet4->length);
1246 memcpy(buf + query->inet4->length,
1247 query->inet6->string + 1, query->inet6->length - 1);
1248 } else {
1249 memcpy(buf, query->inet6->string, query->inet6->length);
1250 memcpy(buf + query->inet6->length,
1251 query->inet4->string + 1, query->inet4->length - 1);
1252 }
1253 object->headers =
1254 internAtomN(buf,
1255 query->inet4->length +
1256 query->inet6->length - 1);
1257 if(object->headers == NULL)
1258 abortObject(object, 500,
1259 internAtom("Couldn't allocate DNS atom"));
1260 }
1261 object->expires = MIN(query->ttl4, query->ttl6);
1262 }
1263 object->age = current_time.tv_sec;
1264 object->flags &= ~(OBJECT_INITIAL | OBJECT_INPROGRESS);
1265 } else {
1266 do_log(L_WARN, "DNS object ex nihilo for %s.\n",
1267 scrub(query->name->string));
1268 }
1269
1270 removeQuery(query);
1271 free(query);
1272
1273 releaseAtom(name);
1274 releaseAtom(message);
1275 releaseNotifyObject(object);
1276 return 0;
1277 }
1278
1279 static int
1280 dnsGethostbynameFallback(int id, AtomPtr message)
1281 {
1282 DnsQueryPtr query, previous;
1283 ObjectPtr object;
1284
1285 if(inFlightDnsQueries == NULL) {
1286 releaseAtom(message);
1287 return 1;
1288 }
1289
1290 query = NULL;
1291 if(id < 0 || inFlightDnsQueries->id == id) {
1292 previous = NULL;
1293 query = inFlightDnsQueries;
1294 } else {
1295 previous = inFlightDnsQueries;
1296 while(previous->next) {
1297 if(previous->next->id == id) {
1298 query = previous->next;
1299 break;
1300 }
1301 previous = previous->next;
1302 }
1303 if(!query) {
1304 previous = NULL;
1305 query = inFlightDnsQueries;
1306 }
1307 }
1308
1309 if(previous == NULL) {
1310 inFlightDnsQueries = query->next;
1311 if(inFlightDnsQueries == NULL)
1312 inFlightDnsQueriesLast = NULL;
1313 } else {
1314 previous->next = query->next;
1315 if(query->next == NULL)
1316 inFlightDnsQueriesLast = NULL;
1317 }
1318
1319 object = makeObject(OBJECT_DNS, query->name->string, query->name->length,
1320 1, 0, NULL, NULL);
1321 if(!object) {
1322 do_log(L_ERROR, "Couldn't make DNS object.\n");
1323 releaseAtom(query->name);
1324 releaseAtom(message);
1325 releaseObject(query->object);
1326 cancelTimeEvent(query->timeout_handler);
1327 free(query);
1328 return -1;
1329 }
1330 if(dnsUseGethostbyname >= 1) {
1331 releaseAtom(message);
1332 do_log(L_WARN, "Falling back to using system resolver.\n");
1333 really_do_gethostbyname(retainAtom(query->name), object);
1334 } else {
1335 releaseAtom(object->message);
1336 object->message = message;
1337 object->flags &= ~OBJECT_INPROGRESS;
1338 releaseNotifyObject(object);
1339 }
1340 cancelTimeEvent(query->timeout_handler);
1341 releaseAtom(query->name);
1342 if(query->inet4) releaseAtom(query->inet4);
1343 if(query->inet6) releaseAtom(query->inet6);
1344 releaseObject(query->object);
1345 free(query);
1346 return 1;
1347 }
1348
1349 static int
1350 stringToLabels(char *buf, int offset, int n, char *string)
1351 {
1352 int i = offset;
1353 int j = 0, k = 0;
1354 while(1) {
1355 while(string[k] != '.' && string[k] != '\0')
1356 k++;
1357 if(k >= j + 256) return -1;
1358 buf[i] = (unsigned char)(k - j); i++; if(i >= n) return -1;
1359 while(j < k) {
1360 buf[i] = string[j]; i++; j++; if(i >= n) return -1;
1361 }
1362 if(string[j] == '\0') {
1363 buf[i] = '\0';
1364 i++; if(i >= n) return -1;
1365 break;
1366 }
1367 j++; k++;
1368 }
1369
1370 return i;
1371 }
1372
1373 #ifdef UNALIGNED_ACCESS
1374 #define DO_NTOHS(_d, _s) _d = ntohs(*(short*)(_s));
1375 #define DO_NTOHL(_d, _s) _d = ntohl(*(unsigned*)(_s))
1376 #define DO_HTONS(_d, _s) *(short*)(_d) = htons(_s);
1377 #define DO_HTONL(_d, _s) *(unsigned*)(_d) = htonl(_s)
1378 #else
1379 #define DO_NTOHS(_d, _s) \
1380 do { short _dd; \
1381 memcpy(&(_dd), (_s), sizeof(short)); \
1382 _d = ntohs(_dd); } while(0)
1383 #define DO_NTOHL(_d, _s) \
1384 do { unsigned _dd; \
1385 memcpy(&(_dd), (_s), sizeof(unsigned)); \
1386 _d = ntohl(_dd); } while(0)
1387 #define DO_HTONS(_d, _s) \
1388 do { unsigned short _dd; \
1389 _dd = htons(_s); \
1390 memcpy((_d), &(_dd), sizeof(unsigned short)); } while(0);
1391 #define DO_HTONL(_d, _s) \
1392 do { unsigned _dd; \
1393 _dd = htonl(_s); \
1394 memcpy((_d), &(_dd), sizeof(unsigned)); } while(0);
1395 #endif
1396
1397 static int
1398 labelsToString(char *buf, int offset, int n, char *d, int m, int *j_return)
1399 {
1400 int i = offset, j, k;
1401 int ll;
1402
1403 j = 0;
1404 while(1) {
1405 if(i >= n) return -1;
1406 ll = *(unsigned char*)&buf[i]; i++;
1407 if(ll == 0) {
1408 break;
1409 }
1410 if((ll & (3 << 6)) == (3 << 6)) {
1411 /* RFC 1035, 4.1.4 */
1412 int o;
1413 if(i >= n) return -1;
1414 o = (ll & ~(3 << 6)) << 8 | *(unsigned char*)&buf[i];
1415 i++;
1416 labelsToString(buf, o, n, &d[j], m - j, &k);
1417 j += k;
1418 break;
1419 } else if((ll & (3 << 6)) == 0) {
1420 for(k = 0; k < ll; k++) {
1421 if(i >= n || j >= m) return -1;
1422 d[j++] = buf[i++];
1423 }
1424 if(i >= n) return -1;
1425 if(buf[i] != '\0') {
1426 if(j >= m) return -1;
1427 d[j++] = '.';
1428 }
1429 } else {
1430 return -1;
1431 }
1432 }
1433 *j_return = j;
1434 return i;
1435 }
1436
1437 static int
1438 dnsBuildQuery(int id, char *buf, int offset, int n, AtomPtr name, int af)
1439 {
1440 int i = offset;
1441 int type;
1442 switch(af) {
1443 case 4: type = 1; break;
1444 case 6: type = 28; break;
1445 default: return -EINVAL;
1446 }
1447
1448 if(i + 12 >= n) return -1;
1449 DO_HTONS(&buf[i], id); i += 2;
1450 DO_HTONS(&buf[i], 1<<8); i += 2;
1451 DO_HTONS(&buf[i], 1); i += 2;
1452 DO_HTONS(&buf[i], 0); i += 2;
1453 DO_HTONS(&buf[i], 0); i += 2;
1454 DO_HTONS(&buf[i], 0); i += 2;
1455
1456 i = stringToLabels(buf, i, n, name->string);
1457 if(i < 0) return -ENAMETOOLONG;
1458
1459 if(i + 4 >= n) return -ENAMETOOLONG;
1460 DO_HTONS(&buf[i], type); i += 2;
1461 DO_HTONS(&buf[i], 1); i += 2;
1462 return i;
1463 }
1464
1465 static int
1466 dnsReplyId(char *buf, int offset, int n, int *id_return)
1467 {
1468 if(n - offset < 12)
1469 return -1;
1470 DO_NTOHS(*id_return, &buf[offset]);
1471 return 1;
1472 }
1473
1474 static int
1475 dnsDecodeReply(char *buf, int offset, int n, int *id_return,
1476 AtomPtr *name_return, AtomPtr *value_return,
1477 int *af_return, unsigned *ttl_return)
1478 {
1479 int i = offset, j, m;
1480 int id = -1, b23, qdcount, ancount, nscount, arcount, rdlength;
1481 int class, type;
1482 unsigned int ttl;
1483 char b[2048];
1484 int af = -1;
1485 AtomPtr name = NULL, value;
1486 char addresses[1024];
1487 int addr_index = 0;
1488 int error = EDNS_NO_ADDRESS;
1489 unsigned final_ttl = 7 * 24 * 3600;
1490 int dnserror;
1491
1492 if(n - i < 12) {
1493 error = EDNS_INVALID;
1494 goto fail;
1495 }
1496
1497 DO_NTOHS(id, &buf[i]); i += 2;
1498 DO_NTOHS(b23, &buf[i]); i += 2;
1499 DO_NTOHS(qdcount, &buf[i]); i += 2;
1500 DO_NTOHS(ancount, &buf[i]); i += 2;
1501 DO_NTOHS(nscount, &buf[i]); i += 2;
1502 DO_NTOHS(arcount, &buf[i]); i += 2;
1503
1504 do_log(D_DNS,
1505 "DNS id %d, b23 0x%x, qdcount %d, ancount %d, "
1506 "nscount %d, arcount %d\n",
1507 id, b23, qdcount, ancount, nscount, arcount);
1508
1509 if((b23 & (0xF870)) != 0x8000) {
1510 do_log(L_ERROR, "Incorrect DNS reply (b23 = 0x%x).\n", b23);
1511 error = EDNS_INVALID;
1512 goto fail;
1513 }
1514
1515 dnserror = b23 & 0xF;
1516
1517 if(b23 & 0x200) {
1518 do_log(L_WARN, "Truncated DNS reply (b23 = 0x%x).\n", b23);
1519 }
1520
1521 if(dnserror || qdcount != 1) {
1522 if(!dnserror)
1523 do_log(L_ERROR,
1524 "Unexpected number %d of DNS questions.\n", qdcount);
1525 if(dnserror == 1)
1526 error = EDNS_FORMAT;
1527 else if(dnserror == 2)
1528 error = EDNS_NO_RECOVERY;
1529 else if(dnserror == 3)
1530 error = EDNS_HOST_NOT_FOUND;
1531 else if(dnserror == 4 || dnserror == 5)
1532 error = EDNS_REFUSED;
1533 else if(dnserror == 0)
1534 error = EDNS_INVALID;
1535 else
1536 error = EUNKNOWN;
1537 goto fail;
1538 }
1539
1540 /* We do this early, so that we can return the address family to
1541 the caller in case of error. */
1542 i = labelsToString(buf, i, n, b, 2048, &m);
1543 if(i < 0) {
1544 error = EDNS_FORMAT;
1545 goto fail;
1546 }
1547 DO_NTOHS(type, &buf[i]); i += 2;
1548 DO_NTOHS(class, &buf[i]); i += 2;
1549
1550 if(type == 1)
1551 af = 4;
1552 else if(type == 28)
1553 af = 6;
1554 else {
1555 error = EDNS_FORMAT;
1556 goto fail;
1557 }
1558
1559 do_log(D_DNS, "DNS q: ");
1560 do_log_n(D_DNS, b, m);
1561 do_log(D_DNS, " (%d, %d)\n", type, class);
1562 name = internAtomLowerN(b, m);
1563 if(name == NULL) {
1564 error = ENOMEM;
1565 goto fail;
1566 }
1567
1568 if(class != 1) {
1569 error = EDNS_FORMAT;
1570 goto fail;
1571 }
1572
1573 #define PARSE_ANSWER(kind, label) \
1574 do { \
1575 i = labelsToString(buf, i, 1024, b, 2048, &m); \
1576 if(i < 0) goto label; \
1577 DO_NTOHS(type, &buf[i]); i += 2; if(i > 1024) goto label; \
1578 DO_NTOHS(class, &buf[i]); i += 2; if(i > 1024) goto label; \
1579 DO_NTOHL(ttl, &buf[i]); i += 4; if(i > 1024) goto label; \
1580 DO_NTOHS(rdlength, &buf[i]); i += 2; if(i > 1024) goto label; \
1581 do_log(D_DNS, "DNS " kind ": "); \
1582 do_log_n(D_DNS, b, m); \
1583 do_log(D_DNS, " (%d, %d): %d bytes, ttl %u\n", \
1584 type, class, rdlength, ttl); \
1585 } while(0)
1586
1587
1588 for(j = 0; j < ancount; j++) {
1589 PARSE_ANSWER("an", fail);
1590 if(strcasecmp_n(name->string, b, m) == 0) {
1591 if(class != 1) {
1592 do_log(D_DNS, "DNS: %s: unknown class %d.\n",
1593 name->string, class);
1594 error = EDNS_UNSUPPORTED;
1595 goto cont;
1596 }
1597 if(type == 1 || type == 28) {
1598 if((type == 1 && rdlength != 4) ||
1599 (type == 28 && rdlength != 16)) {
1600 do_log(L_ERROR,
1601 "DNS: %s: unexpected length %d of %s record.\n",
1602 scrub(name->string),
1603 rdlength, type == 1 ? "A" : "AAAA");
1604 error = EDNS_INVALID;
1605 if(rdlength <= 0 || rdlength >= 32)
1606 goto fail;
1607 goto cont;
1608 }
1609 if(af == 0) {
1610 do_log(L_WARN, "DNS: %s: host has both A and CNAME -- "
1611 "ignoring CNAME.\n", scrub(name->string));
1612 addr_index = 0;
1613 af = -1;
1614 }
1615 if(type == 1) {
1616 if(af < 0)
1617 af = 4;
1618 else if(af == 6) {
1619 do_log(L_WARN, "Unexpected AAAA reply.\n");
1620 goto cont;
1621 }
1622 } else {
1623 if(af < 0)
1624 af = 6;
1625 else if(af == 4) {
1626 do_log(L_WARN, "Unexpected A reply.\n");
1627 goto cont;
1628 }
1629 }
1630
1631 if(addr_index == 0) {
1632 addresses[0] = DNS_A;
1633 addr_index++;
1634 } else {
1635 if(addr_index > 1000) {
1636 error = EDNS_INVALID;
1637 goto fail;
1638 }
1639 }
1640 assert(addresses[0] == DNS_A);
1641 if(final_ttl > ttl)
1642 final_ttl = ttl;
1643 memset(&addresses[addr_index], 0, sizeof(HostAddressRec));
1644 if(type == 1) {
1645 addresses[addr_index] = 4;
1646 memcpy(addresses + addr_index + 1, buf + i, 4);
1647 } else {
1648 addresses[addr_index] = 6;
1649 memcpy(addresses + addr_index + 1, buf + i, 16);
1650 }
1651 addr_index += sizeof(HostAddressRec);
1652 } else if(type == 5) {
1653 int j, k;
1654 if(af != 0 && addr_index > 0) {
1655 do_log(L_WARN, "DNS: host has both CNAME and A -- "
1656 "ignoring CNAME.\n");
1657 goto cont;
1658 }
1659 af = 0;
1660
1661 if(addr_index != 0) {
1662 /* Only warn if the CNAMEs are not identical */
1663 char tmp[512]; int jj, kk;
1664 assert(addresses[0] == DNS_CNAME);
1665 jj = labelsToString(buf, i, n,
1666 tmp, 512, &kk);
1667 if(jj < 0 ||
1668 kk != strlen(addresses + 1) ||
1669 memcmp(addresses + 1, tmp, kk) != 0) {
1670 do_log(L_WARN, "DNS: "
1671 "%s: host has multiple CNAMEs -- "
1672 "ignoring subsequent.\n",
1673 scrub(name->string));
1674
1675 }
1676 goto cont;
1677 }
1678 addresses[0] = DNS_CNAME;
1679 addr_index++;
1680 j = labelsToString(buf, i, n,
1681 addresses + 1, 1020, &k);
1682 if(j < 0) {
1683 addr_index = 0;
1684 error = ENAMETOOLONG;
1685 continue;
1686 }
1687 addr_index = k + 1;
1688 } else {
1689 error = EDNS_NO_ADDRESS;
1690 i += rdlength;
1691 continue;
1692 }
1693
1694 }
1695 cont:
1696 i += rdlength;
1697 }
1698
1699 #if (LOGGING_MAX & D_DNS)
1700 for(j = 0; j < nscount; j++) {
1701 PARSE_ANSWER("ns", nofail);
1702 i += rdlength;
1703 }
1704
1705 for(j = 0; j < arcount; j++) {
1706 PARSE_ANSWER("ar", nofail);
1707 i += rdlength;
1708 }
1709
1710 nofail:
1711 #endif
1712
1713 #undef PARSE_ANSWER
1714
1715 do_log(D_DNS, "DNS: %d bytes\n", addr_index);
1716 if(af < 0)
1717 goto fail;
1718
1719 value = internAtomN(addresses, addr_index);
1720 if(value == NULL) {
1721 error = ENOMEM;
1722 goto fail;
1723 }
1724
1725 assert(af >= 0);
1726 *id_return = id;
1727 *name_return = name;
1728 *value_return = value;
1729 *af_return = af;
1730 *ttl_return = final_ttl;
1731 return 1;
1732
1733 fail:
1734 *id_return = id;
1735 *name_return = name;
1736 *value_return = NULL;
1737 *af_return = af;
1738 return -error;
1739 }
1740
1741 #else
1742
1743 static int
1744 really_do_dns(AtomPtr name, ObjectPtr object)
1745 {
1746 abort();
1747 }
1748
1749 #endif
Caching web proxy