1 /*
2 * daemon/cachedump.c - dump the cache to text format.
3 *
4 * Copyright (c) 2008, NLnet Labs. All rights reserved.
5 *
6 * This software is open source.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * Redistributions of source code must retain the above copyright notice,
13 * this list of conditions and the following disclaimer.
14 *
15 * Redistributions in binary form must reproduce the above copyright notice,
16 * this list of conditions and the following disclaimer in the documentation
17 * and/or other materials provided with the distribution.
18 *
19 * Neither the name of the NLNET LABS nor the names of its contributors may
20 * be used to endorse or promote products derived from this software without
21 * specific prior written permission.
22 *
23 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
24 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
25 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
26 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
27 * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
28 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
29 * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
30 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
31 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
32 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
33 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
34 */
35
36 /**
37 * \file
38 *
39 * This file contains functions to read and write the cache(s)
40 * to text format.
41 */
42 #include "config.h"
43 #include <openssl/ssl.h>
44 #include "daemon/cachedump.h"
45 #include "daemon/remote.h"
46 #include "daemon/worker.h"
47 #include "services/cache/rrset.h"
48 #include "services/cache/dns.h"
49 #include "services/cache/infra.h"
50 #include "services/outside_network.h"
51 #include "util/data/msgreply.h"
52 #include "util/regional.h"
53 #include "util/net_help.h"
54 #include "util/data/dname.h"
55 #include "util/config_file.h"
56 #include "iterator/iterator.h"
57 #include "iterator/iter_delegpt.h"
58 #include "iterator/iter_utils.h"
59 #include "iterator/iter_fwd.h"
60 #include "iterator/iter_hints.h"
61 #include "sldns/sbuffer.h"
62 #include "sldns/wire2str.h"
63 #include "sldns/str2wire.h"
64
65 /** dump one rrset zonefile line */
66 static int
dump_rrset_line(RES * ssl,struct ub_packed_rrset_key * k,time_t now,size_t i)67 dump_rrset_line(RES* ssl, struct ub_packed_rrset_key* k, time_t now, size_t i)
68 {
69 char s[65535];
70 if(!packed_rr_to_string(k, i, now, s, sizeof(s))) {
71 return ssl_printf(ssl, "BADRR\n");
72 }
73 return ssl_printf(ssl, "%s", s);
74 }
75
76 /** dump rrset key and data info */
77 static int
dump_rrset(RES * ssl,struct ub_packed_rrset_key * k,struct packed_rrset_data * d,time_t now)78 dump_rrset(RES* ssl, struct ub_packed_rrset_key* k,
79 struct packed_rrset_data* d, time_t now)
80 {
81 size_t i;
82 /* rd lock held by caller */
83 if(!k || !d) return 1;
84 if(k->id == 0) return 1; /* deleted */
85 if(d->ttl < now) return 1; /* expired */
86
87 /* meta line */
88 if(!ssl_printf(ssl, ";rrset%s " ARG_LL "d %u %u %d %d\n",
89 (k->rk.flags & PACKED_RRSET_NSEC_AT_APEX)?" nsec_apex":"",
90 (long long)(d->ttl - now),
91 (unsigned)d->count, (unsigned)d->rrsig_count,
92 (int)d->trust, (int)d->security
93 ))
94 return 0;
95 for(i=0; i<d->count + d->rrsig_count; i++) {
96 if(!dump_rrset_line(ssl, k, now, i))
97 return 0;
98 }
99 return 1;
100 }
101
102 /** dump lruhash rrset cache */
103 static int
dump_rrset_lruhash(RES * ssl,struct lruhash * h,time_t now)104 dump_rrset_lruhash(RES* ssl, struct lruhash* h, time_t now)
105 {
106 struct lruhash_entry* e;
107 /* lruhash already locked by caller */
108 /* walk in order of lru; best first */
109 for(e=h->lru_start; e; e = e->lru_next) {
110 lock_rw_rdlock(&e->lock);
111 if(!dump_rrset(ssl, (struct ub_packed_rrset_key*)e->key,
112 (struct packed_rrset_data*)e->data, now)) {
113 lock_rw_unlock(&e->lock);
114 return 0;
115 }
116 lock_rw_unlock(&e->lock);
117 }
118 return 1;
119 }
120
121 /** dump rrset cache */
122 static int
dump_rrset_cache(RES * ssl,struct worker * worker)123 dump_rrset_cache(RES* ssl, struct worker* worker)
124 {
125 struct rrset_cache* r = worker->env.rrset_cache;
126 size_t slab;
127 if(!ssl_printf(ssl, "START_RRSET_CACHE\n")) return 0;
128 for(slab=0; slab<r->table.size; slab++) {
129 lock_quick_lock(&r->table.array[slab]->lock);
130 if(!dump_rrset_lruhash(ssl, r->table.array[slab],
131 *worker->env.now)) {
132 lock_quick_unlock(&r->table.array[slab]->lock);
133 return 0;
134 }
135 lock_quick_unlock(&r->table.array[slab]->lock);
136 }
137 return ssl_printf(ssl, "END_RRSET_CACHE\n");
138 }
139
140 /** dump message to rrset reference */
141 static int
dump_msg_ref(RES * ssl,struct ub_packed_rrset_key * k)142 dump_msg_ref(RES* ssl, struct ub_packed_rrset_key* k)
143 {
144 char* nm, *tp, *cl;
145 nm = sldns_wire2str_dname(k->rk.dname, k->rk.dname_len);
146 tp = sldns_wire2str_type(ntohs(k->rk.type));
147 cl = sldns_wire2str_class(ntohs(k->rk.rrset_class));
148 if(!nm || !cl || !tp) {
149 free(nm);
150 free(tp);
151 free(cl);
152 return ssl_printf(ssl, "BADREF\n");
153 }
154 if(!ssl_printf(ssl, "%s %s %s %d\n", nm, cl, tp, (int)k->rk.flags)) {
155 free(nm);
156 free(tp);
157 free(cl);
158 return 0;
159 }
160 free(nm);
161 free(tp);
162 free(cl);
163
164 return 1;
165 }
166
167 /** dump message entry */
168 static int
dump_msg(RES * ssl,struct query_info * k,struct reply_info * d,time_t now)169 dump_msg(RES* ssl, struct query_info* k, struct reply_info* d, time_t now)
170 {
171 size_t i;
172 char* nm, *tp, *cl;
173 if(!k || !d) return 1;
174 if(d->ttl < now) return 1; /* expired */
175
176 nm = sldns_wire2str_dname(k->qname, k->qname_len);
177 tp = sldns_wire2str_type(k->qtype);
178 cl = sldns_wire2str_class(k->qclass);
179 if(!nm || !tp || !cl) {
180 free(nm);
181 free(tp);
182 free(cl);
183 return 1; /* skip this entry */
184 }
185 if(!rrset_array_lock(d->ref, d->rrset_count, now)) {
186 /* rrsets have timed out or do not exist */
187 free(nm);
188 free(tp);
189 free(cl);
190 return 1; /* skip this entry */
191 }
192
193 /* meta line */
194 if(!ssl_printf(ssl, "msg %s %s %s %d %d " ARG_LL "d %d %u %u %u %d %s\n",
195 nm, cl, tp,
196 (int)d->flags, (int)d->qdcount,
197 (long long)(d->ttl-now), (int)d->security,
198 (unsigned)d->an_numrrsets,
199 (unsigned)d->ns_numrrsets,
200 (unsigned)d->ar_numrrsets,
201 (int)d->reason_bogus,
202 d->reason_bogus_str?d->reason_bogus_str:"")) {
203 free(nm);
204 free(tp);
205 free(cl);
206 rrset_array_unlock(d->ref, d->rrset_count);
207 return 0;
208 }
209 free(nm);
210 free(tp);
211 free(cl);
212
213 for(i=0; i<d->rrset_count; i++) {
214 if(!dump_msg_ref(ssl, d->rrsets[i])) {
215 rrset_array_unlock(d->ref, d->rrset_count);
216 return 0;
217 }
218 }
219 rrset_array_unlock(d->ref, d->rrset_count);
220
221 return 1;
222 }
223
224 /** copy msg to worker pad */
225 static int
copy_msg(struct regional * region,struct lruhash_entry * e,struct query_info ** k,struct reply_info ** d)226 copy_msg(struct regional* region, struct lruhash_entry* e,
227 struct query_info** k, struct reply_info** d)
228 {
229 struct reply_info* rep = (struct reply_info*)e->data;
230 if(rep->rrset_count > RR_COUNT_MAX)
231 return 0; /* to protect against integer overflow */
232 *d = (struct reply_info*)regional_alloc_init(region, e->data,
233 sizeof(struct reply_info) +
234 sizeof(struct rrset_ref) * (rep->rrset_count-1) +
235 sizeof(struct ub_packed_rrset_key*) * rep->rrset_count);
236 if(!*d)
237 return 0;
238 (*d)->rrsets = (struct ub_packed_rrset_key**)(void *)(
239 (uint8_t*)(&((*d)->ref[0])) +
240 sizeof(struct rrset_ref) * rep->rrset_count);
241 *k = (struct query_info*)regional_alloc_init(region,
242 e->key, sizeof(struct query_info));
243 if(!*k)
244 return 0;
245 (*k)->qname = regional_alloc_init(region,
246 (*k)->qname, (*k)->qname_len);
247 return (*k)->qname != NULL;
248 }
249
250 /** dump lruhash msg cache */
251 static int
dump_msg_lruhash(RES * ssl,struct worker * worker,struct lruhash * h)252 dump_msg_lruhash(RES* ssl, struct worker* worker, struct lruhash* h)
253 {
254 struct lruhash_entry* e;
255 struct query_info* k;
256 struct reply_info* d;
257
258 /* lruhash already locked by caller */
259 /* walk in order of lru; best first */
260 for(e=h->lru_start; e; e = e->lru_next) {
261 regional_free_all(worker->scratchpad);
262 lock_rw_rdlock(&e->lock);
263 /* make copy of rrset in worker buffer */
264 if(!copy_msg(worker->scratchpad, e, &k, &d)) {
265 lock_rw_unlock(&e->lock);
266 return 0;
267 }
268 lock_rw_unlock(&e->lock);
269 /* release lock so we can lookup the rrset references
270 * in the rrset cache */
271 if(!dump_msg(ssl, k, d, *worker->env.now)) {
272 return 0;
273 }
274 }
275 return 1;
276 }
277
278 /** dump msg cache */
279 static int
dump_msg_cache(RES * ssl,struct worker * worker)280 dump_msg_cache(RES* ssl, struct worker* worker)
281 {
282 struct slabhash* sh = worker->env.msg_cache;
283 size_t slab;
284 if(!ssl_printf(ssl, "START_MSG_CACHE\n")) return 0;
285 for(slab=0; slab<sh->size; slab++) {
286 lock_quick_lock(&sh->array[slab]->lock);
287 if(!dump_msg_lruhash(ssl, worker, sh->array[slab])) {
288 lock_quick_unlock(&sh->array[slab]->lock);
289 return 0;
290 }
291 lock_quick_unlock(&sh->array[slab]->lock);
292 }
293 return ssl_printf(ssl, "END_MSG_CACHE\n");
294 }
295
296 int
dump_cache(RES * ssl,struct worker * worker)297 dump_cache(RES* ssl, struct worker* worker)
298 {
299 if(!dump_rrset_cache(ssl, worker))
300 return 0;
301 if(!dump_msg_cache(ssl, worker))
302 return 0;
303 return ssl_printf(ssl, "EOF\n");
304 }
305
306 /** read a line from ssl into buffer */
307 static int
ssl_read_buf(RES * ssl,sldns_buffer * buf)308 ssl_read_buf(RES* ssl, sldns_buffer* buf)
309 {
310 return ssl_read_line(ssl, (char*)sldns_buffer_begin(buf),
311 sldns_buffer_capacity(buf));
312 }
313
314 /** check fixed text on line */
315 static int
read_fixed(RES * ssl,sldns_buffer * buf,const char * str)316 read_fixed(RES* ssl, sldns_buffer* buf, const char* str)
317 {
318 if(!ssl_read_buf(ssl, buf)) return 0;
319 return (strcmp((char*)sldns_buffer_begin(buf), str) == 0);
320 }
321
322 /** load an RR into rrset */
323 static int
load_rr(RES * ssl,sldns_buffer * buf,struct regional * region,struct ub_packed_rrset_key * rk,struct packed_rrset_data * d,unsigned int i,int is_rrsig,int * go_on,time_t now)324 load_rr(RES* ssl, sldns_buffer* buf, struct regional* region,
325 struct ub_packed_rrset_key* rk, struct packed_rrset_data* d,
326 unsigned int i, int is_rrsig, int* go_on, time_t now)
327 {
328 uint8_t rr[LDNS_RR_BUF_SIZE];
329 size_t rr_len = sizeof(rr), dname_len = 0;
330 int status;
331
332 /* read the line */
333 if(!ssl_read_buf(ssl, buf))
334 return 0;
335 if(strncmp((char*)sldns_buffer_begin(buf), "BADRR\n", 6) == 0) {
336 *go_on = 0;
337 return 1;
338 }
339 status = sldns_str2wire_rr_buf((char*)sldns_buffer_begin(buf), rr,
340 &rr_len, &dname_len, 3600, NULL, 0, NULL, 0);
341 if(status != 0) {
342 log_warn("error cannot parse rr: %s: %s",
343 sldns_get_errorstr_parse(status),
344 (char*)sldns_buffer_begin(buf));
345 return 0;
346 }
347 if(is_rrsig && sldns_wirerr_get_type(rr, rr_len, dname_len)
348 != LDNS_RR_TYPE_RRSIG) {
349 log_warn("error expected rrsig but got %s",
350 (char*)sldns_buffer_begin(buf));
351 return 0;
352 }
353
354 /* convert ldns rr into packed_rr */
355 d->rr_ttl[i] = (time_t)sldns_wirerr_get_ttl(rr, rr_len, dname_len) + now;
356 sldns_buffer_clear(buf);
357 d->rr_len[i] = sldns_wirerr_get_rdatalen(rr, rr_len, dname_len)+2;
358 d->rr_data[i] = (uint8_t*)regional_alloc_init(region,
359 sldns_wirerr_get_rdatawl(rr, rr_len, dname_len), d->rr_len[i]);
360 if(!d->rr_data[i]) {
361 log_warn("error out of memory");
362 return 0;
363 }
364
365 /* if first entry, fill the key structure */
366 if(i==0) {
367 rk->rk.type = htons(sldns_wirerr_get_type(rr, rr_len, dname_len));
368 rk->rk.rrset_class = htons(sldns_wirerr_get_class(rr, rr_len, dname_len));
369 rk->rk.dname_len = dname_len;
370 rk->rk.dname = regional_alloc_init(region, rr, dname_len);
371 if(!rk->rk.dname) {
372 log_warn("error out of memory");
373 return 0;
374 }
375 }
376
377 return 1;
378 }
379
380 /** move entry into cache */
381 static int
move_into_cache(struct ub_packed_rrset_key * k,struct packed_rrset_data * d,struct worker * worker)382 move_into_cache(struct ub_packed_rrset_key* k,
383 struct packed_rrset_data* d, struct worker* worker)
384 {
385 struct ub_packed_rrset_key* ak;
386 struct packed_rrset_data* ad;
387 size_t s, i, num = d->count + d->rrsig_count;
388 struct rrset_ref ref;
389 uint8_t* p;
390
391 ak = alloc_special_obtain(worker->alloc);
392 if(!ak) {
393 log_warn("error out of memory");
394 return 0;
395 }
396 ak->entry.data = NULL;
397 ak->rk = k->rk;
398 ak->entry.hash = rrset_key_hash(&k->rk);
399 ak->rk.dname = (uint8_t*)memdup(k->rk.dname, k->rk.dname_len);
400 if(!ak->rk.dname) {
401 log_warn("error out of memory");
402 ub_packed_rrset_parsedelete(ak, worker->alloc);
403 return 0;
404 }
405 s = sizeof(*ad) + (sizeof(size_t) + sizeof(uint8_t*) +
406 sizeof(time_t))* num;
407 for(i=0; i<num; i++)
408 s += d->rr_len[i];
409 ad = (struct packed_rrset_data*)malloc(s);
410 if(!ad) {
411 log_warn("error out of memory");
412 ub_packed_rrset_parsedelete(ak, worker->alloc);
413 return 0;
414 }
415 p = (uint8_t*)ad;
416 memmove(p, d, sizeof(*ad));
417 p += sizeof(*ad);
418 memmove(p, &d->rr_len[0], sizeof(size_t)*num);
419 p += sizeof(size_t)*num;
420 memmove(p, &d->rr_data[0], sizeof(uint8_t*)*num);
421 p += sizeof(uint8_t*)*num;
422 memmove(p, &d->rr_ttl[0], sizeof(time_t)*num);
423 p += sizeof(time_t)*num;
424 for(i=0; i<num; i++) {
425 memmove(p, d->rr_data[i], d->rr_len[i]);
426 p += d->rr_len[i];
427 }
428 packed_rrset_ptr_fixup(ad);
429
430 ak->entry.data = ad;
431
432 ref.key = ak;
433 ref.id = ak->id;
434 (void)rrset_cache_update(worker->env.rrset_cache, &ref,
435 worker->alloc, *worker->env.now);
436
437 return 1;
438 }
439
440 /** load an rrset entry */
441 static int
load_rrset(RES * ssl,sldns_buffer * buf,struct worker * worker)442 load_rrset(RES* ssl, sldns_buffer* buf, struct worker* worker)
443 {
444 char* s = (char*)sldns_buffer_begin(buf);
445 struct regional* region = worker->scratchpad;
446 struct ub_packed_rrset_key* rk;
447 struct packed_rrset_data* d;
448 unsigned int rr_count, rrsig_count, trust, security;
449 long long ttl;
450 unsigned int i;
451 int go_on = 1;
452 regional_free_all(region);
453
454 rk = (struct ub_packed_rrset_key*)regional_alloc_zero(region,
455 sizeof(*rk));
456 d = (struct packed_rrset_data*)regional_alloc_zero(region, sizeof(*d));
457 if(!rk || !d) {
458 log_warn("error out of memory");
459 return 0;
460 }
461
462 if(strncmp(s, ";rrset", 6) != 0) {
463 log_warn("error expected ';rrset' but got %s", s);
464 return 0;
465 }
466 s += 6;
467 if(strncmp(s, " nsec_apex", 10) == 0) {
468 s += 10;
469 rk->rk.flags |= PACKED_RRSET_NSEC_AT_APEX;
470 }
471 if(sscanf(s, " " ARG_LL "d %u %u %u %u", &ttl, &rr_count, &rrsig_count,
472 &trust, &security) != 5) {
473 log_warn("error bad rrset spec %s", s);
474 return 0;
475 }
476 if(rr_count == 0 && rrsig_count == 0) {
477 log_warn("bad rrset without contents");
478 return 0;
479 }
480 if(rr_count > RR_COUNT_MAX || rrsig_count > RR_COUNT_MAX) {
481 log_warn("bad rrset with too many rrs");
482 return 0;
483 }
484 d->count = (size_t)rr_count;
485 d->rrsig_count = (size_t)rrsig_count;
486 d->security = (enum sec_status)security;
487 d->trust = (enum rrset_trust)trust;
488 d->ttl = (time_t)ttl + *worker->env.now;
489
490 d->rr_len = regional_alloc_zero(region,
491 sizeof(size_t)*(d->count+d->rrsig_count));
492 d->rr_ttl = regional_alloc_zero(region,
493 sizeof(time_t)*(d->count+d->rrsig_count));
494 d->rr_data = regional_alloc_zero(region,
495 sizeof(uint8_t*)*(d->count+d->rrsig_count));
496 if(!d->rr_len || !d->rr_ttl || !d->rr_data) {
497 log_warn("error out of memory");
498 return 0;
499 }
500
501 /* read the rr's themselves */
502 for(i=0; i<rr_count; i++) {
503 if(!load_rr(ssl, buf, region, rk, d, i, 0,
504 &go_on, *worker->env.now)) {
505 log_warn("could not read rr %u", i);
506 return 0;
507 }
508 }
509 for(i=0; i<rrsig_count; i++) {
510 if(!load_rr(ssl, buf, region, rk, d, i+rr_count, 1,
511 &go_on, *worker->env.now)) {
512 log_warn("could not read rrsig %u", i);
513 return 0;
514 }
515 }
516 if(!go_on) {
517 /* skip this entry */
518 return 1;
519 }
520
521 return move_into_cache(rk, d, worker);
522 }
523
524 /** load rrset cache */
525 static int
load_rrset_cache(RES * ssl,struct worker * worker)526 load_rrset_cache(RES* ssl, struct worker* worker)
527 {
528 sldns_buffer* buf = worker->env.scratch_buffer;
529 if(!read_fixed(ssl, buf, "START_RRSET_CACHE")) return 0;
530 while(ssl_read_buf(ssl, buf) &&
531 strcmp((char*)sldns_buffer_begin(buf), "END_RRSET_CACHE")!=0) {
532 if(!load_rrset(ssl, buf, worker))
533 return 0;
534 }
535 return 1;
536 }
537
538 /** read qinfo from next three words */
539 static char*
load_qinfo(char * str,struct query_info * qinfo,struct regional * region)540 load_qinfo(char* str, struct query_info* qinfo, struct regional* region)
541 {
542 /* s is part of the buf */
543 char* s = str;
544 uint8_t rr[LDNS_RR_BUF_SIZE];
545 size_t rr_len = sizeof(rr), dname_len = 0;
546 int status;
547
548 /* skip three words */
549 s = strchr(str, ' ');
550 if(s) s = strchr(s+1, ' ');
551 if(s) s = strchr(s+1, ' ');
552 if(!s) {
553 log_warn("error line too short, %s", str);
554 return NULL;
555 }
556 s[0] = 0;
557 s++;
558
559 /* parse them */
560 status = sldns_str2wire_rr_question_buf(str, rr, &rr_len, &dname_len,
561 NULL, 0, NULL, 0);
562 if(status != 0) {
563 log_warn("error cannot parse: %s %s",
564 sldns_get_errorstr_parse(status), str);
565 return NULL;
566 }
567 qinfo->qtype = sldns_wirerr_get_type(rr, rr_len, dname_len);
568 qinfo->qclass = sldns_wirerr_get_class(rr, rr_len, dname_len);
569 qinfo->qname_len = dname_len;
570 qinfo->qname = (uint8_t*)regional_alloc_init(region, rr, dname_len);
571 qinfo->local_alias = NULL;
572 if(!qinfo->qname) {
573 log_warn("error out of memory");
574 return NULL;
575 }
576
577 return s;
578 }
579
580 /** load a msg rrset reference */
581 static int
load_ref(RES * ssl,sldns_buffer * buf,struct worker * worker,struct regional * region,struct ub_packed_rrset_key ** rrset,int * go_on)582 load_ref(RES* ssl, sldns_buffer* buf, struct worker* worker,
583 struct regional *region, struct ub_packed_rrset_key** rrset,
584 int* go_on)
585 {
586 char* s = (char*)sldns_buffer_begin(buf);
587 struct query_info qinfo;
588 unsigned int flags;
589 struct ub_packed_rrset_key* k;
590
591 /* read line */
592 if(!ssl_read_buf(ssl, buf))
593 return 0;
594 if(strncmp(s, "BADREF", 6) == 0) {
595 *go_on = 0; /* its bad, skip it and skip message */
596 return 1;
597 }
598
599 s = load_qinfo(s, &qinfo, region);
600 if(!s) {
601 return 0;
602 }
603 if(sscanf(s, " %u", &flags) != 1) {
604 log_warn("error cannot parse flags: %s", s);
605 return 0;
606 }
607
608 /* lookup in cache */
609 k = rrset_cache_lookup(worker->env.rrset_cache, qinfo.qname,
610 qinfo.qname_len, qinfo.qtype, qinfo.qclass,
611 (uint32_t)flags, *worker->env.now, 0);
612 if(!k) {
613 /* not found or expired */
614 *go_on = 0;
615 return 1;
616 }
617
618 /* store in result */
619 *rrset = packed_rrset_copy_region(k, region, *worker->env.now);
620 lock_rw_unlock(&k->entry.lock);
621
622 return (*rrset != NULL);
623 }
624
625 /** load a msg entry */
626 static int
load_msg(RES * ssl,sldns_buffer * buf,struct worker * worker)627 load_msg(RES* ssl, sldns_buffer* buf, struct worker* worker)
628 {
629 struct regional* region = worker->scratchpad;
630 struct query_info qinf;
631 struct reply_info rep;
632 char* s = (char*)sldns_buffer_begin(buf);
633 unsigned int flags, qdcount, security, an, ns, ar;
634 long long ttl;
635 size_t i;
636 int go_on = 1;
637 int ede;
638 int consumed = 0;
639 char* ede_str = NULL;
640
641 regional_free_all(region);
642
643 if(strncmp(s, "msg ", 4) != 0) {
644 log_warn("error expected msg but got %s", s);
645 return 0;
646 }
647 s += 4;
648 s = load_qinfo(s, &qinf, region);
649 if(!s) {
650 return 0;
651 }
652
653 /* read remainder of line */
654 /* note the last space before any possible EDE text */
655 if(sscanf(s, " %u %u " ARG_LL "d %u %u %u %u %d %n", &flags, &qdcount, &ttl,
656 &security, &an, &ns, &ar, &ede, &consumed) != 8) {
657 log_warn("error cannot parse numbers: %s", s);
658 return 0;
659 }
660 /* there may be EDE text after the numbers */
661 if(consumed > 0 && (size_t)consumed < strlen(s))
662 ede_str = s + consumed;
663 memset(&rep, 0, sizeof(rep));
664 rep.flags = (uint16_t)flags;
665 rep.qdcount = (uint16_t)qdcount;
666 rep.ttl = (time_t)ttl;
667 rep.prefetch_ttl = PREFETCH_TTL_CALC(rep.ttl);
668 rep.serve_expired_ttl = rep.ttl + SERVE_EXPIRED_TTL;
669 rep.security = (enum sec_status)security;
670 if(an > RR_COUNT_MAX || ns > RR_COUNT_MAX || ar > RR_COUNT_MAX) {
671 log_warn("error too many rrsets");
672 return 0; /* protect against integer overflow in alloc */
673 }
674 rep.an_numrrsets = (size_t)an;
675 rep.ns_numrrsets = (size_t)ns;
676 rep.ar_numrrsets = (size_t)ar;
677 rep.rrset_count = (size_t)an+(size_t)ns+(size_t)ar;
678 rep.reason_bogus = (sldns_ede_code)ede;
679 rep.reason_bogus_str = ede_str?(char*)regional_strdup(region, ede_str):NULL;
680 rep.rrsets = (struct ub_packed_rrset_key**)regional_alloc_zero(
681 region, sizeof(struct ub_packed_rrset_key*)*rep.rrset_count);
682
683 /* fill repinfo with references */
684 for(i=0; i<rep.rrset_count; i++) {
685 if(!load_ref(ssl, buf, worker, region, &rep.rrsets[i],
686 &go_on)) {
687 return 0;
688 }
689 }
690
691 if(!go_on)
692 return 1; /* skip this one, not all references satisfied */
693
694 if(!dns_cache_store(&worker->env, &qinf, &rep, 0, 0, 0, NULL, flags,
695 *worker->env.now)) {
696 log_warn("error out of memory");
697 return 0;
698 }
699 return 1;
700 }
701
702 /** load msg cache */
703 static int
load_msg_cache(RES * ssl,struct worker * worker)704 load_msg_cache(RES* ssl, struct worker* worker)
705 {
706 sldns_buffer* buf = worker->env.scratch_buffer;
707 if(!read_fixed(ssl, buf, "START_MSG_CACHE")) return 0;
708 while(ssl_read_buf(ssl, buf) &&
709 strcmp((char*)sldns_buffer_begin(buf), "END_MSG_CACHE")!=0) {
710 if(!load_msg(ssl, buf, worker))
711 return 0;
712 }
713 return 1;
714 }
715
716 int
load_cache(RES * ssl,struct worker * worker)717 load_cache(RES* ssl, struct worker* worker)
718 {
719 if(!load_rrset_cache(ssl, worker))
720 return 0;
721 if(!load_msg_cache(ssl, worker))
722 return 0;
723 return read_fixed(ssl, worker->env.scratch_buffer, "EOF");
724 }
725
726 /** print details on a delegation point */
727 static void
print_dp_details(RES * ssl,struct worker * worker,struct delegpt * dp)728 print_dp_details(RES* ssl, struct worker* worker, struct delegpt* dp)
729 {
730 char buf[257];
731 struct delegpt_addr* a;
732 int lame, dlame, rlame, rto, edns_vs, to, delay,
733 tA = 0, tAAAA = 0, tother = 0;
734 long long entry_ttl;
735 struct rtt_info ri;
736 uint8_t edns_lame_known;
737 for(a = dp->target_list; a; a = a->next_target) {
738 addr_to_str(&a->addr, a->addrlen, buf, sizeof(buf));
739 if(!ssl_printf(ssl, "%-16s\t", buf))
740 return;
741 if(a->bogus) {
742 if(!ssl_printf(ssl, "Address is BOGUS. "))
743 return;
744 }
745 /* lookup in infra cache */
746 delay=0;
747 entry_ttl = infra_get_host_rto(worker->env.infra_cache,
748 &a->addr, a->addrlen, dp->name, dp->namelen,
749 &ri, &delay, *worker->env.now, &tA, &tAAAA, &tother);
750 if(entry_ttl == -2 && ri.rto >= USEFUL_SERVER_TOP_TIMEOUT) {
751 if(!ssl_printf(ssl, "expired, rto %d msec, tA %d "
752 "tAAAA %d tother %d.\n", ri.rto, tA, tAAAA,
753 tother))
754 return;
755 continue;
756 }
757 if(entry_ttl == -1 || entry_ttl == -2) {
758 if(!ssl_printf(ssl, "not in infra cache.\n"))
759 return;
760 continue; /* skip stuff not in infra cache */
761 }
762
763 /* uses type_A because most often looked up, but other
764 * lameness won't be reported then */
765 if(!infra_get_lame_rtt(worker->env.infra_cache,
766 &a->addr, a->addrlen, dp->name, dp->namelen,
767 LDNS_RR_TYPE_A, &lame, &dlame, &rlame, &rto,
768 *worker->env.now)) {
769 if(!ssl_printf(ssl, "not in infra cache.\n"))
770 return;
771 continue; /* skip stuff not in infra cache */
772 }
773 if(!ssl_printf(ssl, "%s%s%s%srto %d msec, ttl " ARG_LL "d, "
774 "ping %d var %d rtt %d, tA %d, tAAAA %d, tother %d",
775 lame?"LAME ":"", dlame?"NoDNSSEC ":"",
776 a->lame?"AddrWasParentSide ":"",
777 rlame?"NoAuthButRecursive ":"", rto, entry_ttl,
778 ri.srtt, ri.rttvar, rtt_notimeout(&ri),
779 tA, tAAAA, tother))
780 return;
781 if(delay)
782 if(!ssl_printf(ssl, ", probedelay %d", delay))
783 return;
784 if(infra_host(worker->env.infra_cache, &a->addr, a->addrlen,
785 dp->name, dp->namelen, *worker->env.now, &edns_vs,
786 &edns_lame_known, &to)) {
787 if(edns_vs == -1) {
788 if(!ssl_printf(ssl, ", noEDNS%s.",
789 edns_lame_known?" probed":" assumed"))
790 return;
791 } else {
792 if(!ssl_printf(ssl, ", EDNS %d%s.", edns_vs,
793 edns_lame_known?" probed":" assumed"))
794 return;
795 }
796 }
797 if(!ssl_printf(ssl, "\n"))
798 return;
799 }
800 }
801
802 /** print main dp info */
803 static void
print_dp_main(RES * ssl,struct delegpt * dp,struct dns_msg * msg)804 print_dp_main(RES* ssl, struct delegpt* dp, struct dns_msg* msg)
805 {
806 size_t i, n_ns, n_miss, n_addr, n_res, n_avail;
807
808 /* print the dp */
809 if(msg)
810 for(i=0; i<msg->rep->rrset_count; i++) {
811 struct ub_packed_rrset_key* k = msg->rep->rrsets[i];
812 struct packed_rrset_data* d =
813 (struct packed_rrset_data*)k->entry.data;
814 if(d->security == sec_status_bogus) {
815 if(!ssl_printf(ssl, "Address is BOGUS:\n"))
816 return;
817 }
818 if(!dump_rrset(ssl, k, d, 0))
819 return;
820 }
821 delegpt_count_ns(dp, &n_ns, &n_miss);
822 delegpt_count_addr(dp, &n_addr, &n_res, &n_avail);
823 /* since dp has not been used by iterator, all are available*/
824 if(!ssl_printf(ssl, "Delegation with %d names, of which %d "
825 "can be examined to query further addresses.\n"
826 "%sIt provides %d IP addresses.\n",
827 (int)n_ns, (int)n_miss, (dp->bogus?"It is BOGUS. ":""),
828 (int)n_addr))
829 return;
830 }
831
print_deleg_lookup(RES * ssl,struct worker * worker,uint8_t * nm,size_t nmlen,int ATTR_UNUSED (nmlabs))832 int print_deleg_lookup(RES* ssl, struct worker* worker, uint8_t* nm,
833 size_t nmlen, int ATTR_UNUSED(nmlabs))
834 {
835 /* deep links into the iterator module */
836 struct delegpt* dp;
837 struct dns_msg* msg;
838 struct regional* region = worker->scratchpad;
839 char b[260];
840 struct query_info qinfo;
841 struct iter_hints_stub* stub;
842 int nolock = 0;
843 regional_free_all(region);
844 qinfo.qname = nm;
845 qinfo.qname_len = nmlen;
846 qinfo.qtype = LDNS_RR_TYPE_A;
847 qinfo.qclass = LDNS_RR_CLASS_IN;
848 qinfo.local_alias = NULL;
849
850 dname_str(nm, b);
851 if(!ssl_printf(ssl, "The following name servers are used for lookup "
852 "of %s\n", b))
853 return 0;
854
855 dp = forwards_lookup(worker->env.fwds, nm, qinfo.qclass, nolock);
856 if(dp) {
857 if(!ssl_printf(ssl, "forwarding request:\n")) {
858 lock_rw_unlock(&worker->env.fwds->lock);
859 return 0;
860 }
861 print_dp_main(ssl, dp, NULL);
862 print_dp_details(ssl, worker, dp);
863 lock_rw_unlock(&worker->env.fwds->lock);
864 return 1;
865 }
866
867 while(1) {
868 dp = dns_cache_find_delegation(&worker->env, nm, nmlen,
869 qinfo.qtype, qinfo.qclass, region, &msg,
870 *worker->env.now, 0, NULL, 0);
871 if(!dp) {
872 return ssl_printf(ssl, "no delegation from "
873 "cache; goes to configured roots\n");
874 }
875 /* go up? */
876 if(iter_dp_is_useless(&qinfo, BIT_RD, dp,
877 (worker->env.cfg->do_ip4 && worker->back->num_ip4 != 0),
878 (worker->env.cfg->do_ip6 && worker->back->num_ip6 != 0),
879 worker->env.cfg->do_nat64)) {
880 print_dp_main(ssl, dp, msg);
881 print_dp_details(ssl, worker, dp);
882 if(!ssl_printf(ssl, "cache delegation was "
883 "useless (no IP addresses)\n"))
884 return 0;
885 if(dname_is_root(nm)) {
886 /* goes to root config */
887 return ssl_printf(ssl, "no delegation from "
888 "cache; goes to configured roots\n");
889 } else {
890 /* useless, goes up */
891 nm = dp->name;
892 nmlen = dp->namelen;
893 dname_remove_label(&nm, &nmlen);
894 dname_str(nm, b);
895 if(!ssl_printf(ssl, "going up, lookup %s\n", b))
896 return 0;
897 continue;
898 }
899 }
900 stub = hints_lookup_stub(worker->env.hints, nm, qinfo.qclass,
901 dp, nolock);
902 if(stub) {
903 if(stub->noprime) {
904 if(!ssl_printf(ssl, "The noprime stub servers "
905 "are used:\n")) {
906 lock_rw_unlock(&worker->env.hints->lock);
907 return 0;
908 }
909 } else {
910 if(!ssl_printf(ssl, "The stub is primed "
911 "with servers:\n")) {
912 lock_rw_unlock(&worker->env.hints->lock);
913 return 0;
914 }
915 }
916 print_dp_main(ssl, stub->dp, NULL);
917 print_dp_details(ssl, worker, stub->dp);
918 lock_rw_unlock(&worker->env.hints->lock);
919 } else {
920 print_dp_main(ssl, dp, msg);
921 print_dp_details(ssl, worker, dp);
922 }
923 break;
924 }
925
926 return 1;
927 }
928