1 /*
2 * daemon/cachedump.c - dump the cache to text format.
3 *
4 * Copyright (c) 2008, NLnet Labs. All rights reserved.
5 *
6 * This software is open source.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * Redistributions of source code must retain the above copyright notice,
13 * this list of conditions and the following disclaimer.
14 *
15 * Redistributions in binary form must reproduce the above copyright notice,
16 * this list of conditions and the following disclaimer in the documentation
17 * and/or other materials provided with the distribution.
18 *
19 * Neither the name of the NLNET LABS nor the names of its contributors may
20 * be used to endorse or promote products derived from this software without
21 * specific prior written permission.
22 *
23 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
24 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
25 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
26 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
27 * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
28 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
29 * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
30 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
31 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
32 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
33 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
34 */
35
36 /**
37 * \file
38 *
39 * This file contains functions to read and write the cache(s)
40 * to text format.
41 */
42 #include "config.h"
43 #include <openssl/ssl.h>
44 #include "daemon/cachedump.h"
45 #include "daemon/remote.h"
46 #include "daemon/worker.h"
47 #include "services/cache/rrset.h"
48 #include "services/cache/dns.h"
49 #include "services/cache/infra.h"
50 #include "services/outside_network.h"
51 #include "util/data/msgreply.h"
52 #include "util/regional.h"
53 #include "util/net_help.h"
54 #include "util/data/dname.h"
55 #include "util/config_file.h"
56 #include "iterator/iterator.h"
57 #include "iterator/iter_delegpt.h"
58 #include "iterator/iter_utils.h"
59 #include "iterator/iter_fwd.h"
60 #include "iterator/iter_hints.h"
61 #include "sldns/sbuffer.h"
62 #include "sldns/wire2str.h"
63 #include "sldns/str2wire.h"
64
65 static void spool_txt_printf(struct config_strlist_head* txt,
66 const char* format, ...) ATTR_FORMAT(printf, 2, 3);
67
68 /** Append to strlist at end, and log error if out of memory. */
69 static void
spool_txt_string(struct config_strlist_head * txt,char * str)70 spool_txt_string(struct config_strlist_head* txt, char* str)
71 {
72 if(!cfg_strlist_append(txt, strdup(str))) {
73 log_err("out of memory in spool text");
74 }
75 }
76
77 /** Spool txt to spool list. */
78 static void
spool_txt_vmsg(struct config_strlist_head * txt,const char * format,va_list args)79 spool_txt_vmsg(struct config_strlist_head* txt, const char* format,
80 va_list args)
81 {
82 char msg[65535];
83 vsnprintf(msg, sizeof(msg), format, args);
84 spool_txt_string(txt, msg);
85 }
86
87 /** Print item to spool list. On alloc failure the list is as before. */
88 static void
spool_txt_printf(struct config_strlist_head * txt,const char * format,...)89 spool_txt_printf(struct config_strlist_head* txt, const char* format, ...)
90 {
91 va_list args;
92 va_start(args, format);
93 spool_txt_vmsg(txt, format, args);
94 va_end(args);
95 }
96
97 /** dump one rrset zonefile line */
98 static void
dump_rrset_line(struct config_strlist_head * txt,struct ub_packed_rrset_key * k,time_t now,size_t i)99 dump_rrset_line(struct config_strlist_head* txt, struct ub_packed_rrset_key* k,
100 time_t now, size_t i)
101 {
102 char s[65535];
103 if(!packed_rr_to_string(k, i, now, s, sizeof(s))) {
104 spool_txt_string(txt, "BADRR\n");
105 return;
106 }
107 spool_txt_string(txt, s);
108 }
109
110 /** dump rrset key and data info */
111 static void
dump_rrset(struct config_strlist_head * txt,struct ub_packed_rrset_key * k,struct packed_rrset_data * d,time_t now)112 dump_rrset(struct config_strlist_head* txt, struct ub_packed_rrset_key* k,
113 struct packed_rrset_data* d, time_t now)
114 {
115 size_t i;
116 /* rd lock held by caller */
117 if(!k || !d) return;
118 if(k->id == 0) return; /* deleted */
119 if(d->ttl < now) return; /* expired */
120
121 /* meta line */
122 spool_txt_printf(txt, ";rrset%s " ARG_LL "d %u %u %d %d\n",
123 (k->rk.flags & PACKED_RRSET_NSEC_AT_APEX)?" nsec_apex":"",
124 (long long)(d->ttl - now),
125 (unsigned)d->count, (unsigned)d->rrsig_count,
126 (int)d->trust, (int)d->security
127 );
128 for(i=0; i<d->count + d->rrsig_count; i++) {
129 dump_rrset_line(txt, k, now, i);
130 }
131 }
132
133 /** Spool strlist to the output. */
134 static int
spool_strlist(RES * ssl,struct config_strlist * list)135 spool_strlist(RES* ssl, struct config_strlist* list)
136 {
137 struct config_strlist* s;
138 for(s=list; s; s=s->next) {
139 if(!ssl_printf(ssl, "%s", s->str))
140 return 0;
141 }
142 return 1;
143 }
144
145 /** dump lruhash cache and call callback for every item. */
146 static int
dump_lruhash(struct lruhash * table,void (* func)(struct lruhash_entry *,struct config_strlist_head *,void *),RES * ssl,void * arg)147 dump_lruhash(struct lruhash* table,
148 void (*func)(struct lruhash_entry*, struct config_strlist_head*, void*),
149 RES* ssl, void* arg)
150 {
151 int just_started = 1;
152 int not_done = 1;
153 hashvalue_type hash;
154 size_t num = 0; /* number of entries processed. */
155 size_t max = 2; /* number of entries after which it unlocks. */
156 struct config_strlist_head txt; /* Text strings spooled. */
157 memset(&txt, 0, sizeof(txt));
158
159 while(not_done) {
160 size_t i; /* hash bin. */
161 /* Process a number of items. */
162 num = 0;
163 lock_quick_lock(&table->lock);
164 if(just_started) {
165 i = 0;
166 } else {
167 i = hash&table->size_mask;
168 }
169 while(num < max) {
170 /* Process bin. */
171 int found = 0;
172 size_t num_bin = 0;
173 struct lruhash_bin* bin = &table->array[i];
174 struct lruhash_entry* e;
175 lock_quick_lock(&bin->lock);
176 for(e = bin->overflow_list; e; e = e->overflow_next) {
177 /* Entry e is locked by the func. */
178 func(e, &txt, arg);
179 num_bin++;
180 }
181 lock_quick_unlock(&bin->lock);
182 /* This addition of bin number of entries may take
183 * it over the max. */
184 num += num_bin;
185
186 /* Move to next bin. */
187 /* Find one with an entry, with a hash value, so we
188 * can continue from the hash value. The hash value
189 * can be indexed also if the array changes size. */
190 i++;
191 while(i < table->size) {
192 bin = &table->array[i];
193 lock_quick_lock(&bin->lock);
194 if(bin->overflow_list) {
195 hash = bin->overflow_list->hash;
196 lock_quick_unlock(&bin->lock);
197 found = 1;
198 just_started = 0;
199 break;
200 }
201 lock_quick_unlock(&bin->lock);
202 i++;
203 }
204 if(!found) {
205 not_done = 0;
206 break;
207 }
208 }
209 lock_quick_unlock(&table->lock);
210 /* Print the spooled items, that are collected while the
211 * locks are locked. The print happens while they are not
212 * locked. */
213 if(txt.first) {
214 if(!spool_strlist(ssl, txt.first)) {
215 config_delstrlist(txt.first);
216 return 0;
217 }
218 config_delstrlist(txt.first);
219 memset(&txt, 0, sizeof(txt));
220 }
221 }
222 /* Print the final spooled items. */
223 if(txt.first) {
224 if(!spool_strlist(ssl, txt.first)) {
225 config_delstrlist(txt.first);
226 return 0;
227 }
228 config_delstrlist(txt.first);
229 }
230 return 1;
231 }
232
233 /** dump slabhash cache and call callback for every item. */
234 static int
dump_slabhash(struct slabhash * sh,void (* func)(struct lruhash_entry *,struct config_strlist_head *,void *),RES * ssl,void * arg)235 dump_slabhash(struct slabhash* sh,
236 void (*func)(struct lruhash_entry*, struct config_strlist_head*, void*),
237 RES* ssl, void* arg)
238 {
239 /* Process a number of items at a time, then unlock the cache,
240 * so that ordinary processing can continue. Keep an iteration marker
241 * to continue the loop. That means the cache can change, items
242 * could be inserted and deleted. And, for example, the hash table
243 * can grow. */
244 size_t slab;
245 for(slab=0; slab<sh->size; slab++) {
246 if(!dump_lruhash(sh->array[slab], func, ssl, arg))
247 return 0;
248 }
249 return 1;
250 }
251
252 /** Struct for dump information. */
253 struct dump_info {
254 /** The worker. */
255 struct worker* worker;
256 /** The printout connection. */
257 RES* ssl;
258 };
259
260 /** Dump the rrset cache entry */
261 static void
dump_rrset_entry(struct lruhash_entry * e,struct config_strlist_head * txt,void * arg)262 dump_rrset_entry(struct lruhash_entry* e, struct config_strlist_head* txt,
263 void* arg)
264 {
265 struct dump_info* dump_info = (struct dump_info*)arg;
266 lock_rw_rdlock(&e->lock);
267 dump_rrset(txt, (struct ub_packed_rrset_key*)e->key,
268 (struct packed_rrset_data*)e->data,
269 *dump_info->worker->env.now);
270 lock_rw_unlock(&e->lock);
271 }
272
273 /** dump rrset cache */
274 static int
dump_rrset_cache(RES * ssl,struct worker * worker)275 dump_rrset_cache(RES* ssl, struct worker* worker)
276 {
277 struct rrset_cache* r = worker->env.rrset_cache;
278 struct dump_info dump_info;
279 dump_info.worker = worker;
280 dump_info.ssl = ssl;
281 if(!ssl_printf(ssl, "START_RRSET_CACHE\n")) return 0;
282 if(!dump_slabhash(&r->table, &dump_rrset_entry, ssl, &dump_info))
283 return 0;
284 return ssl_printf(ssl, "END_RRSET_CACHE\n");
285 }
286
287 /** dump message to rrset reference */
288 static void
dump_msg_ref(struct config_strlist_head * txt,struct ub_packed_rrset_key * k)289 dump_msg_ref(struct config_strlist_head* txt, struct ub_packed_rrset_key* k)
290 {
291 char* nm, *tp, *cl;
292 nm = sldns_wire2str_dname(k->rk.dname, k->rk.dname_len);
293 tp = sldns_wire2str_type(ntohs(k->rk.type));
294 cl = sldns_wire2str_class(ntohs(k->rk.rrset_class));
295 if(!nm || !cl || !tp) {
296 free(nm);
297 free(tp);
298 free(cl);
299 spool_txt_string(txt, "BADREF\n");
300 return;
301 }
302 spool_txt_printf(txt, "%s %s %s %d\n", nm, cl, tp, (int)k->rk.flags);
303 free(nm);
304 free(tp);
305 free(cl);
306 }
307
308 /** dump message entry */
309 static void
dump_msg(struct config_strlist_head * txt,struct query_info * k,struct reply_info * d,time_t now)310 dump_msg(struct config_strlist_head* txt, struct query_info* k,
311 struct reply_info* d, time_t now)
312 {
313 size_t i;
314 char* nm, *tp, *cl;
315 if(!k || !d) return;
316 if(d->ttl < now) return; /* expired */
317
318 nm = sldns_wire2str_dname(k->qname, k->qname_len);
319 tp = sldns_wire2str_type(k->qtype);
320 cl = sldns_wire2str_class(k->qclass);
321 if(!nm || !tp || !cl) {
322 free(nm);
323 free(tp);
324 free(cl);
325 return; /* skip this entry */
326 }
327 if(!rrset_array_lock(d->ref, d->rrset_count, now)) {
328 /* rrsets have timed out or do not exist */
329 free(nm);
330 free(tp);
331 free(cl);
332 return; /* skip this entry */
333 }
334
335 /* meta line */
336 spool_txt_printf(txt,
337 "msg %s %s %s %d %d " ARG_LL "d %d %u %u %u %d %s\n",
338 nm, cl, tp,
339 (int)d->flags, (int)d->qdcount,
340 (long long)(d->ttl-now), (int)d->security,
341 (unsigned)d->an_numrrsets,
342 (unsigned)d->ns_numrrsets,
343 (unsigned)d->ar_numrrsets,
344 (int)d->reason_bogus,
345 d->reason_bogus_str?d->reason_bogus_str:"");
346 free(nm);
347 free(tp);
348 free(cl);
349
350 for(i=0; i<d->rrset_count; i++) {
351 dump_msg_ref(txt, d->rrsets[i]);
352 }
353 rrset_array_unlock(d->ref, d->rrset_count);
354 }
355
356 /** copy msg to worker pad */
357 static int
copy_msg(struct regional * region,struct lruhash_entry * e,struct query_info ** k,struct reply_info ** d)358 copy_msg(struct regional* region, struct lruhash_entry* e,
359 struct query_info** k, struct reply_info** d)
360 {
361 struct reply_info* rep = (struct reply_info*)e->data;
362 if(rep->rrset_count > RR_COUNT_MAX)
363 return 0; /* to protect against integer overflow */
364 *d = (struct reply_info*)regional_alloc_init(region, e->data,
365 sizeof(struct reply_info) +
366 sizeof(struct rrset_ref) * (rep->rrset_count-1) +
367 sizeof(struct ub_packed_rrset_key*) * rep->rrset_count);
368 if(!*d)
369 return 0;
370 (*d)->rrsets = (struct ub_packed_rrset_key**)(void *)(
371 (uint8_t*)(&((*d)->ref[0])) +
372 sizeof(struct rrset_ref) * rep->rrset_count);
373 *k = (struct query_info*)regional_alloc_init(region,
374 e->key, sizeof(struct query_info));
375 if(!*k)
376 return 0;
377 (*k)->qname = regional_alloc_init(region,
378 (*k)->qname, (*k)->qname_len);
379 return (*k)->qname != NULL;
380 }
381
382 /** Dump the msg entry. */
383 static void
dump_msg_entry(struct lruhash_entry * e,struct config_strlist_head * txt,void * arg)384 dump_msg_entry(struct lruhash_entry* e, struct config_strlist_head* txt,
385 void* arg)
386 {
387 struct dump_info* dump_info = (struct dump_info*)arg;
388 struct query_info* k;
389 struct reply_info* d;
390
391 regional_free_all(dump_info->worker->scratchpad);
392 /* Make copy of rrset in worker buffer. */
393 lock_rw_rdlock(&e->lock);
394 if(!copy_msg(dump_info->worker->scratchpad, e, &k, &d)) {
395 lock_rw_unlock(&e->lock);
396 log_err("out of memory in dump_msg_entry");
397 return;
398 }
399 lock_rw_unlock(&e->lock);
400 /* Release lock so we can lookup the rrset references
401 * in the rrset cache. */
402 dump_msg(txt, k, d, *dump_info->worker->env.now);
403 }
404
405 /** dump msg cache */
406 static int
dump_msg_cache(RES * ssl,struct worker * worker)407 dump_msg_cache(RES* ssl, struct worker* worker)
408 {
409 struct dump_info dump_info;
410 dump_info.worker = worker;
411 dump_info.ssl = ssl;
412 if(!ssl_printf(ssl, "START_MSG_CACHE\n")) return 0;
413 if(!dump_slabhash(worker->env.msg_cache, &dump_msg_entry, ssl,
414 &dump_info))
415 return 0;
416 return ssl_printf(ssl, "END_MSG_CACHE\n");
417 }
418
419 int
dump_cache(RES * ssl,struct worker * worker)420 dump_cache(RES* ssl, struct worker* worker)
421 {
422 if(!dump_rrset_cache(ssl, worker))
423 return 0;
424 if(!dump_msg_cache(ssl, worker))
425 return 0;
426 return ssl_printf(ssl, "EOF\n");
427 }
428
429 /** read a line from ssl into buffer */
430 static int
ssl_read_buf(RES * ssl,sldns_buffer * buf)431 ssl_read_buf(RES* ssl, sldns_buffer* buf)
432 {
433 return ssl_read_line(ssl, (char*)sldns_buffer_begin(buf),
434 sldns_buffer_capacity(buf));
435 }
436
437 /** check fixed text on line */
438 static int
read_fixed(RES * ssl,sldns_buffer * buf,const char * str)439 read_fixed(RES* ssl, sldns_buffer* buf, const char* str)
440 {
441 if(!ssl_read_buf(ssl, buf)) return 0;
442 return (strcmp((char*)sldns_buffer_begin(buf), str) == 0);
443 }
444
445 /** load an RR into rrset */
446 static int
load_rr(RES * ssl,sldns_buffer * buf,struct regional * region,struct ub_packed_rrset_key * rk,struct packed_rrset_data * d,unsigned int i,int is_rrsig,int * go_on,time_t now)447 load_rr(RES* ssl, sldns_buffer* buf, struct regional* region,
448 struct ub_packed_rrset_key* rk, struct packed_rrset_data* d,
449 unsigned int i, int is_rrsig, int* go_on, time_t now)
450 {
451 uint8_t rr[LDNS_RR_BUF_SIZE];
452 size_t rr_len = sizeof(rr), dname_len = 0;
453 int status;
454
455 /* read the line */
456 if(!ssl_read_buf(ssl, buf))
457 return 0;
458 if(strncmp((char*)sldns_buffer_begin(buf), "BADRR\n", 6) == 0) {
459 *go_on = 0;
460 return 1;
461 }
462 status = sldns_str2wire_rr_buf((char*)sldns_buffer_begin(buf), rr,
463 &rr_len, &dname_len, 3600, NULL, 0, NULL, 0);
464 if(status != 0) {
465 log_warn("error cannot parse rr: %s: %s",
466 sldns_get_errorstr_parse(status),
467 (char*)sldns_buffer_begin(buf));
468 return 0;
469 }
470 if(is_rrsig && sldns_wirerr_get_type(rr, rr_len, dname_len)
471 != LDNS_RR_TYPE_RRSIG) {
472 log_warn("error expected rrsig but got %s",
473 (char*)sldns_buffer_begin(buf));
474 return 0;
475 }
476
477 /* convert ldns rr into packed_rr */
478 d->rr_ttl[i] = (time_t)sldns_wirerr_get_ttl(rr, rr_len, dname_len) + now;
479 sldns_buffer_clear(buf);
480 d->rr_len[i] = sldns_wirerr_get_rdatalen(rr, rr_len, dname_len)+2;
481 d->rr_data[i] = (uint8_t*)regional_alloc_init(region,
482 sldns_wirerr_get_rdatawl(rr, rr_len, dname_len), d->rr_len[i]);
483 if(!d->rr_data[i]) {
484 log_warn("error out of memory");
485 return 0;
486 }
487
488 /* if first entry, fill the key structure */
489 if(i==0) {
490 rk->rk.type = htons(sldns_wirerr_get_type(rr, rr_len, dname_len));
491 rk->rk.rrset_class = htons(sldns_wirerr_get_class(rr, rr_len, dname_len));
492 rk->rk.dname_len = dname_len;
493 rk->rk.dname = regional_alloc_init(region, rr, dname_len);
494 if(!rk->rk.dname) {
495 log_warn("error out of memory");
496 return 0;
497 }
498 }
499
500 return 1;
501 }
502
503 /** move entry into cache */
504 static int
move_into_cache(struct ub_packed_rrset_key * k,struct packed_rrset_data * d,struct worker * worker)505 move_into_cache(struct ub_packed_rrset_key* k,
506 struct packed_rrset_data* d, struct worker* worker)
507 {
508 struct ub_packed_rrset_key* ak;
509 struct packed_rrset_data* ad;
510 size_t s, i, num = d->count + d->rrsig_count;
511 struct rrset_ref ref;
512 uint8_t* p;
513
514 ak = alloc_special_obtain(worker->alloc);
515 if(!ak) {
516 log_warn("error out of memory");
517 return 0;
518 }
519 ak->entry.data = NULL;
520 ak->rk = k->rk;
521 ak->entry.hash = rrset_key_hash(&k->rk);
522 ak->rk.dname = (uint8_t*)memdup(k->rk.dname, k->rk.dname_len);
523 if(!ak->rk.dname) {
524 log_warn("error out of memory");
525 ub_packed_rrset_parsedelete(ak, worker->alloc);
526 return 0;
527 }
528 s = sizeof(*ad) + (sizeof(size_t) + sizeof(uint8_t*) +
529 sizeof(time_t))* num;
530 for(i=0; i<num; i++)
531 s += d->rr_len[i];
532 ad = (struct packed_rrset_data*)malloc(s);
533 if(!ad) {
534 log_warn("error out of memory");
535 ub_packed_rrset_parsedelete(ak, worker->alloc);
536 return 0;
537 }
538 p = (uint8_t*)ad;
539 memmove(p, d, sizeof(*ad));
540 p += sizeof(*ad);
541 memmove(p, &d->rr_len[0], sizeof(size_t)*num);
542 p += sizeof(size_t)*num;
543 memmove(p, &d->rr_data[0], sizeof(uint8_t*)*num);
544 p += sizeof(uint8_t*)*num;
545 memmove(p, &d->rr_ttl[0], sizeof(time_t)*num);
546 p += sizeof(time_t)*num;
547 for(i=0; i<num; i++) {
548 memmove(p, d->rr_data[i], d->rr_len[i]);
549 p += d->rr_len[i];
550 }
551 packed_rrset_ptr_fixup(ad);
552
553 ak->entry.data = ad;
554
555 ref.key = ak;
556 ref.id = ak->id;
557 (void)rrset_cache_update(worker->env.rrset_cache, &ref,
558 worker->alloc, *worker->env.now);
559
560 return 1;
561 }
562
563 /** load an rrset entry */
564 static int
load_rrset(RES * ssl,sldns_buffer * buf,struct worker * worker)565 load_rrset(RES* ssl, sldns_buffer* buf, struct worker* worker)
566 {
567 char* s = (char*)sldns_buffer_begin(buf);
568 struct regional* region = worker->scratchpad;
569 struct ub_packed_rrset_key* rk;
570 struct packed_rrset_data* d;
571 unsigned int rr_count, rrsig_count, trust, security;
572 long long ttl;
573 unsigned int i;
574 int go_on = 1;
575 regional_free_all(region);
576
577 rk = (struct ub_packed_rrset_key*)regional_alloc_zero(region,
578 sizeof(*rk));
579 d = (struct packed_rrset_data*)regional_alloc_zero(region, sizeof(*d));
580 if(!rk || !d) {
581 log_warn("error out of memory");
582 return 0;
583 }
584
585 if(strncmp(s, ";rrset", 6) != 0) {
586 log_warn("error expected ';rrset' but got %s", s);
587 return 0;
588 }
589 s += 6;
590 if(strncmp(s, " nsec_apex", 10) == 0) {
591 s += 10;
592 rk->rk.flags |= PACKED_RRSET_NSEC_AT_APEX;
593 }
594 if(sscanf(s, " " ARG_LL "d %u %u %u %u", &ttl, &rr_count, &rrsig_count,
595 &trust, &security) != 5) {
596 log_warn("error bad rrset spec %s", s);
597 return 0;
598 }
599 if(rr_count == 0 && rrsig_count == 0) {
600 log_warn("bad rrset without contents");
601 return 0;
602 }
603 if(rr_count > RR_COUNT_MAX || rrsig_count > RR_COUNT_MAX) {
604 log_warn("bad rrset with too many rrs");
605 return 0;
606 }
607 d->count = (size_t)rr_count;
608 d->rrsig_count = (size_t)rrsig_count;
609 d->security = (enum sec_status)security;
610 d->trust = (enum rrset_trust)trust;
611 d->ttl = (time_t)ttl + *worker->env.now;
612
613 d->rr_len = regional_alloc_zero(region,
614 sizeof(size_t)*(d->count+d->rrsig_count));
615 d->rr_ttl = regional_alloc_zero(region,
616 sizeof(time_t)*(d->count+d->rrsig_count));
617 d->rr_data = regional_alloc_zero(region,
618 sizeof(uint8_t*)*(d->count+d->rrsig_count));
619 if(!d->rr_len || !d->rr_ttl || !d->rr_data) {
620 log_warn("error out of memory");
621 return 0;
622 }
623
624 /* read the rr's themselves */
625 for(i=0; i<rr_count; i++) {
626 if(!load_rr(ssl, buf, region, rk, d, i, 0,
627 &go_on, *worker->env.now)) {
628 log_warn("could not read rr %u", i);
629 return 0;
630 }
631 }
632 for(i=0; i<rrsig_count; i++) {
633 if(!load_rr(ssl, buf, region, rk, d, i+rr_count, 1,
634 &go_on, *worker->env.now)) {
635 log_warn("could not read rrsig %u", i);
636 return 0;
637 }
638 }
639 if(!go_on) {
640 /* skip this entry */
641 return 1;
642 }
643
644 return move_into_cache(rk, d, worker);
645 }
646
647 /** load rrset cache */
648 static int
load_rrset_cache(RES * ssl,struct worker * worker)649 load_rrset_cache(RES* ssl, struct worker* worker)
650 {
651 sldns_buffer* buf = worker->env.scratch_buffer;
652 if(!read_fixed(ssl, buf, "START_RRSET_CACHE")) return 0;
653 while(ssl_read_buf(ssl, buf) &&
654 strcmp((char*)sldns_buffer_begin(buf), "END_RRSET_CACHE")!=0) {
655 if(!load_rrset(ssl, buf, worker))
656 return 0;
657 }
658 return 1;
659 }
660
661 /** read qinfo from next three words */
662 static char*
load_qinfo(char * str,struct query_info * qinfo,struct regional * region)663 load_qinfo(char* str, struct query_info* qinfo, struct regional* region)
664 {
665 /* s is part of the buf */
666 char* s = str;
667 uint8_t rr[LDNS_RR_BUF_SIZE];
668 size_t rr_len = sizeof(rr), dname_len = 0;
669 int status;
670
671 /* skip three words */
672 s = strchr(str, ' ');
673 if(s) s = strchr(s+1, ' ');
674 if(s) s = strchr(s+1, ' ');
675 if(!s) {
676 log_warn("error line too short, %s", str);
677 return NULL;
678 }
679 s[0] = 0;
680 s++;
681
682 /* parse them */
683 status = sldns_str2wire_rr_question_buf(str, rr, &rr_len, &dname_len,
684 NULL, 0, NULL, 0);
685 if(status != 0) {
686 log_warn("error cannot parse: %s %s",
687 sldns_get_errorstr_parse(status), str);
688 return NULL;
689 }
690 qinfo->qtype = sldns_wirerr_get_type(rr, rr_len, dname_len);
691 qinfo->qclass = sldns_wirerr_get_class(rr, rr_len, dname_len);
692 qinfo->qname_len = dname_len;
693 qinfo->qname = (uint8_t*)regional_alloc_init(region, rr, dname_len);
694 qinfo->local_alias = NULL;
695 if(!qinfo->qname) {
696 log_warn("error out of memory");
697 return NULL;
698 }
699
700 return s;
701 }
702
703 /** load a msg rrset reference */
704 static int
load_ref(RES * ssl,sldns_buffer * buf,struct worker * worker,struct regional * region,struct ub_packed_rrset_key ** rrset,int * go_on)705 load_ref(RES* ssl, sldns_buffer* buf, struct worker* worker,
706 struct regional *region, struct ub_packed_rrset_key** rrset,
707 int* go_on)
708 {
709 char* s = (char*)sldns_buffer_begin(buf);
710 struct query_info qinfo;
711 unsigned int flags;
712 struct ub_packed_rrset_key* k;
713
714 /* read line */
715 if(!ssl_read_buf(ssl, buf))
716 return 0;
717 if(strncmp(s, "BADREF", 6) == 0) {
718 *go_on = 0; /* its bad, skip it and skip message */
719 return 1;
720 }
721
722 s = load_qinfo(s, &qinfo, region);
723 if(!s) {
724 return 0;
725 }
726 if(sscanf(s, " %u", &flags) != 1) {
727 log_warn("error cannot parse flags: %s", s);
728 return 0;
729 }
730
731 /* lookup in cache */
732 k = rrset_cache_lookup(worker->env.rrset_cache, qinfo.qname,
733 qinfo.qname_len, qinfo.qtype, qinfo.qclass,
734 (uint32_t)flags, *worker->env.now, 0);
735 if(!k) {
736 /* not found or expired */
737 *go_on = 0;
738 return 1;
739 }
740
741 /* store in result */
742 *rrset = packed_rrset_copy_region(k, region, *worker->env.now);
743 lock_rw_unlock(&k->entry.lock);
744
745 return (*rrset != NULL);
746 }
747
748 /** load a msg entry */
749 static int
load_msg(RES * ssl,sldns_buffer * buf,struct worker * worker)750 load_msg(RES* ssl, sldns_buffer* buf, struct worker* worker)
751 {
752 struct regional* region = worker->scratchpad;
753 struct query_info qinf;
754 struct reply_info rep;
755 char* s = (char*)sldns_buffer_begin(buf);
756 unsigned int flags, qdcount, security, an, ns, ar;
757 long long ttl;
758 size_t i;
759 int go_on = 1;
760 int ede;
761 int consumed = 0;
762 char* ede_str = NULL;
763
764 regional_free_all(region);
765
766 if(strncmp(s, "msg ", 4) != 0) {
767 log_warn("error expected msg but got %s", s);
768 return 0;
769 }
770 s += 4;
771 s = load_qinfo(s, &qinf, region);
772 if(!s) {
773 return 0;
774 }
775
776 /* read remainder of line */
777 /* note the last space before any possible EDE text */
778 if(sscanf(s, " %u %u " ARG_LL "d %u %u %u %u %d %n", &flags, &qdcount, &ttl,
779 &security, &an, &ns, &ar, &ede, &consumed) != 8) {
780 log_warn("error cannot parse numbers: %s", s);
781 return 0;
782 }
783 /* there may be EDE text after the numbers */
784 if(consumed > 0 && (size_t)consumed < strlen(s))
785 ede_str = s + consumed;
786 memset(&rep, 0, sizeof(rep));
787 rep.flags = (uint16_t)flags;
788 rep.qdcount = (uint16_t)qdcount;
789 rep.ttl = (time_t)ttl;
790 rep.prefetch_ttl = PREFETCH_TTL_CALC(rep.ttl);
791 rep.serve_expired_ttl = rep.ttl + SERVE_EXPIRED_TTL;
792 rep.security = (enum sec_status)security;
793 if(an > RR_COUNT_MAX || ns > RR_COUNT_MAX || ar > RR_COUNT_MAX) {
794 log_warn("error too many rrsets");
795 return 0; /* protect against integer overflow in alloc */
796 }
797 rep.an_numrrsets = (size_t)an;
798 rep.ns_numrrsets = (size_t)ns;
799 rep.ar_numrrsets = (size_t)ar;
800 rep.rrset_count = (size_t)an+(size_t)ns+(size_t)ar;
801 rep.reason_bogus = (sldns_ede_code)ede;
802 rep.reason_bogus_str = ede_str?(char*)regional_strdup(region, ede_str):NULL;
803 rep.rrsets = (struct ub_packed_rrset_key**)regional_alloc_zero(
804 region, sizeof(struct ub_packed_rrset_key*)*rep.rrset_count);
805
806 /* fill repinfo with references */
807 for(i=0; i<rep.rrset_count; i++) {
808 if(!load_ref(ssl, buf, worker, region, &rep.rrsets[i],
809 &go_on)) {
810 return 0;
811 }
812 }
813
814 if(!go_on)
815 return 1; /* skip this one, not all references satisfied */
816
817 if(!dns_cache_store(&worker->env, &qinf, &rep, 0, 0, 0, NULL, flags,
818 *worker->env.now, 1)) {
819 log_warn("error out of memory");
820 return 0;
821 }
822 return 1;
823 }
824
825 /** load msg cache */
826 static int
load_msg_cache(RES * ssl,struct worker * worker)827 load_msg_cache(RES* ssl, struct worker* worker)
828 {
829 sldns_buffer* buf = worker->env.scratch_buffer;
830 if(!read_fixed(ssl, buf, "START_MSG_CACHE")) return 0;
831 while(ssl_read_buf(ssl, buf) &&
832 strcmp((char*)sldns_buffer_begin(buf), "END_MSG_CACHE")!=0) {
833 if(!load_msg(ssl, buf, worker))
834 return 0;
835 }
836 return 1;
837 }
838
839 int
load_cache(RES * ssl,struct worker * worker)840 load_cache(RES* ssl, struct worker* worker)
841 {
842 if(!load_rrset_cache(ssl, worker))
843 return 0;
844 if(!load_msg_cache(ssl, worker))
845 return 0;
846 return read_fixed(ssl, worker->env.scratch_buffer, "EOF");
847 }
848
849 /** print details on a delegation point */
850 static void
print_dp_details(RES * ssl,struct worker * worker,struct delegpt * dp)851 print_dp_details(RES* ssl, struct worker* worker, struct delegpt* dp)
852 {
853 char buf[257];
854 struct delegpt_addr* a;
855 int lame, dlame, rlame, rto, edns_vs, to, delay,
856 tA = 0, tAAAA = 0, tother = 0;
857 long long entry_ttl;
858 struct rtt_info ri;
859 uint8_t edns_lame_known;
860 for(a = dp->target_list; a; a = a->next_target) {
861 addr_to_str(&a->addr, a->addrlen, buf, sizeof(buf));
862 if(!ssl_printf(ssl, "%-16s\t", buf))
863 return;
864 if(a->bogus) {
865 if(!ssl_printf(ssl, "Address is BOGUS. "))
866 return;
867 }
868 /* lookup in infra cache */
869 delay=0;
870 entry_ttl = infra_get_host_rto(worker->env.infra_cache,
871 &a->addr, a->addrlen, dp->name, dp->namelen,
872 &ri, &delay, *worker->env.now, &tA, &tAAAA, &tother);
873 if(entry_ttl == -2 && ri.rto >= USEFUL_SERVER_TOP_TIMEOUT) {
874 if(!ssl_printf(ssl, "expired, rto %d msec, tA %d "
875 "tAAAA %d tother %d.\n", ri.rto, tA, tAAAA,
876 tother))
877 return;
878 continue;
879 }
880 if(entry_ttl == -1 || entry_ttl == -2) {
881 if(!ssl_printf(ssl, "not in infra cache.\n"))
882 return;
883 continue; /* skip stuff not in infra cache */
884 }
885
886 /* uses type_A because most often looked up, but other
887 * lameness won't be reported then */
888 if(!infra_get_lame_rtt(worker->env.infra_cache,
889 &a->addr, a->addrlen, dp->name, dp->namelen,
890 LDNS_RR_TYPE_A, &lame, &dlame, &rlame, &rto,
891 *worker->env.now)) {
892 if(!ssl_printf(ssl, "not in infra cache.\n"))
893 return;
894 continue; /* skip stuff not in infra cache */
895 }
896 if(!ssl_printf(ssl, "%s%s%s%srto %d msec, ttl " ARG_LL "d, "
897 "ping %d var %d rtt %d, tA %d, tAAAA %d, tother %d",
898 lame?"LAME ":"", dlame?"NoDNSSEC ":"",
899 a->lame?"AddrWasParentSide ":"",
900 rlame?"NoAuthButRecursive ":"", rto, entry_ttl,
901 ri.srtt, ri.rttvar, rtt_notimeout(&ri),
902 tA, tAAAA, tother))
903 return;
904 if(delay)
905 if(!ssl_printf(ssl, ", probedelay %d", delay))
906 return;
907 if(infra_host(worker->env.infra_cache, &a->addr, a->addrlen,
908 dp->name, dp->namelen, *worker->env.now, &edns_vs,
909 &edns_lame_known, &to)) {
910 if(edns_vs == -1) {
911 if(!ssl_printf(ssl, ", noEDNS%s.",
912 edns_lame_known?" probed":" assumed"))
913 return;
914 } else {
915 if(!ssl_printf(ssl, ", EDNS %d%s.", edns_vs,
916 edns_lame_known?" probed":" assumed"))
917 return;
918 }
919 }
920 if(!ssl_printf(ssl, "\n"))
921 return;
922 }
923 }
924
925 /** print main dp info */
926 static void
print_dp_main(RES * ssl,struct delegpt * dp,struct dns_msg * msg)927 print_dp_main(RES* ssl, struct delegpt* dp, struct dns_msg* msg)
928 {
929 size_t i, n_ns, n_miss, n_addr, n_res, n_avail;
930
931 /* print the dp */
932 if(msg)
933 for(i=0; i<msg->rep->rrset_count; i++) {
934 struct ub_packed_rrset_key* k = msg->rep->rrsets[i];
935 struct packed_rrset_data* d =
936 (struct packed_rrset_data*)k->entry.data;
937 struct config_strlist_head txt;
938 memset(&txt, 0, sizeof(txt));
939 if(d->security == sec_status_bogus) {
940 if(!ssl_printf(ssl, "Address is BOGUS:\n"))
941 return;
942 }
943 dump_rrset(&txt, k, d, 0);
944 if(!spool_strlist(ssl, txt.first)) {
945 config_delstrlist(txt.first);
946 return;
947 }
948 config_delstrlist(txt.first);
949 }
950 delegpt_count_ns(dp, &n_ns, &n_miss);
951 delegpt_count_addr(dp, &n_addr, &n_res, &n_avail);
952 /* since dp has not been used by iterator, all are available*/
953 if(!ssl_printf(ssl, "Delegation with %d names, of which %d "
954 "can be examined to query further addresses.\n"
955 "%sIt provides %d IP addresses.\n",
956 (int)n_ns, (int)n_miss, (dp->bogus?"It is BOGUS. ":""),
957 (int)n_addr))
958 return;
959 }
960
print_deleg_lookup(RES * ssl,struct worker * worker,uint8_t * nm,size_t nmlen,int ATTR_UNUSED (nmlabs))961 int print_deleg_lookup(RES* ssl, struct worker* worker, uint8_t* nm,
962 size_t nmlen, int ATTR_UNUSED(nmlabs))
963 {
964 /* deep links into the iterator module */
965 struct delegpt* dp;
966 struct dns_msg* msg;
967 struct regional* region = worker->scratchpad;
968 char b[LDNS_MAX_DOMAINLEN];
969 struct query_info qinfo;
970 struct iter_hints_stub* stub;
971 int nolock = 0;
972 regional_free_all(region);
973 qinfo.qname = nm;
974 qinfo.qname_len = nmlen;
975 qinfo.qtype = LDNS_RR_TYPE_A;
976 qinfo.qclass = LDNS_RR_CLASS_IN;
977 qinfo.local_alias = NULL;
978
979 dname_str(nm, b);
980 if(!ssl_printf(ssl, "The following name servers are used for lookup "
981 "of %s\n", b))
982 return 0;
983
984 dp = forwards_lookup(worker->env.fwds, nm, qinfo.qclass, nolock);
985 if(dp) {
986 if(!ssl_printf(ssl, "forwarding request:\n")) {
987 lock_rw_unlock(&worker->env.fwds->lock);
988 return 0;
989 }
990 print_dp_main(ssl, dp, NULL);
991 print_dp_details(ssl, worker, dp);
992 lock_rw_unlock(&worker->env.fwds->lock);
993 return 1;
994 }
995
996 while(1) {
997 dp = dns_cache_find_delegation(&worker->env, nm, nmlen,
998 qinfo.qtype, qinfo.qclass, region, &msg,
999 *worker->env.now, 0, NULL, 0);
1000 if(!dp) {
1001 return ssl_printf(ssl, "no delegation from "
1002 "cache; goes to configured roots\n");
1003 }
1004 /* go up? */
1005 if(iter_dp_is_useless(&qinfo, BIT_RD, dp,
1006 (worker->env.cfg->do_ip4 && worker->back->num_ip4 != 0),
1007 (worker->env.cfg->do_ip6 && worker->back->num_ip6 != 0),
1008 worker->env.cfg->do_nat64)) {
1009 print_dp_main(ssl, dp, msg);
1010 print_dp_details(ssl, worker, dp);
1011 if(!ssl_printf(ssl, "cache delegation was "
1012 "useless (no IP addresses)\n"))
1013 return 0;
1014 if(dname_is_root(nm)) {
1015 /* goes to root config */
1016 return ssl_printf(ssl, "no delegation from "
1017 "cache; goes to configured roots\n");
1018 } else {
1019 /* useless, goes up */
1020 nm = dp->name;
1021 nmlen = dp->namelen;
1022 dname_remove_label(&nm, &nmlen);
1023 dname_str(nm, b);
1024 if(!ssl_printf(ssl, "going up, lookup %s\n", b))
1025 return 0;
1026 continue;
1027 }
1028 }
1029 stub = hints_lookup_stub(worker->env.hints, nm, qinfo.qclass,
1030 dp, nolock);
1031 if(stub) {
1032 if(stub->noprime) {
1033 if(!ssl_printf(ssl, "The noprime stub servers "
1034 "are used:\n")) {
1035 lock_rw_unlock(&worker->env.hints->lock);
1036 return 0;
1037 }
1038 } else {
1039 if(!ssl_printf(ssl, "The stub is primed "
1040 "with servers:\n")) {
1041 lock_rw_unlock(&worker->env.hints->lock);
1042 return 0;
1043 }
1044 }
1045 print_dp_main(ssl, stub->dp, NULL);
1046 print_dp_details(ssl, worker, stub->dp);
1047 lock_rw_unlock(&worker->env.hints->lock);
1048 } else {
1049 print_dp_main(ssl, dp, msg);
1050 print_dp_details(ssl, worker, dp);
1051 }
1052 break;
1053 }
1054
1055 return 1;
1056 }
1057