xref: /freebsd/contrib/unbound/daemon/cachedump.c (revision b197d4b893974c9eb4d7b38704c6d5c486235d6f)
1 /*
2  * daemon/cachedump.c - dump the cache to text format.
3  *
4  * Copyright (c) 2008, NLnet Labs. All rights reserved.
5  *
6  * This software is open source.
7  *
8  * Redistribution and use in source and binary forms, with or without
9  * modification, are permitted provided that the following conditions
10  * are met:
11  *
12  * Redistributions of source code must retain the above copyright notice,
13  * this list of conditions and the following disclaimer.
14  *
15  * Redistributions in binary form must reproduce the above copyright notice,
16  * this list of conditions and the following disclaimer in the documentation
17  * and/or other materials provided with the distribution.
18  *
19  * Neither the name of the NLNET LABS nor the names of its contributors may
20  * be used to endorse or promote products derived from this software without
21  * specific prior written permission.
22  *
23  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
24  * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
25  * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
26  * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
27  * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
28  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
29  * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
30  * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
31  * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
32  * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
33  * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
34  */
35 
36 /**
37  * \file
38  *
39  * This file contains functions to read and write the cache(s)
40  * to text format.
41  */
42 #include "config.h"
43 #include <openssl/ssl.h>
44 #include "daemon/cachedump.h"
45 #include "daemon/remote.h"
46 #include "daemon/worker.h"
47 #include "services/cache/rrset.h"
48 #include "services/cache/dns.h"
49 #include "services/cache/infra.h"
50 #include "services/outside_network.h"
51 #include "util/data/msgreply.h"
52 #include "util/regional.h"
53 #include "util/net_help.h"
54 #include "util/data/dname.h"
55 #include "util/config_file.h"
56 #include "iterator/iterator.h"
57 #include "iterator/iter_delegpt.h"
58 #include "iterator/iter_utils.h"
59 #include "iterator/iter_fwd.h"
60 #include "iterator/iter_hints.h"
61 #include "sldns/sbuffer.h"
62 #include "sldns/wire2str.h"
63 #include "sldns/str2wire.h"
64 
65 /** dump one rrset zonefile line */
66 static int
67 dump_rrset_line(RES* ssl, struct ub_packed_rrset_key* k, time_t now, size_t i)
68 {
69 	char s[65535];
70 	if(!packed_rr_to_string(k, i, now, s, sizeof(s))) {
71 		return ssl_printf(ssl, "BADRR\n");
72 	}
73 	return ssl_printf(ssl, "%s", s);
74 }
75 
76 /** dump rrset key and data info */
77 static int
78 dump_rrset(RES* ssl, struct ub_packed_rrset_key* k,
79 	struct packed_rrset_data* d, time_t now)
80 {
81 	size_t i;
82 	/* rd lock held by caller */
83 	if(!k || !d) return 1;
84 	if(k->id == 0) return 1; /* deleted */
85 	if(d->ttl < now) return 1; /* expired */
86 
87 	/* meta line */
88 	if(!ssl_printf(ssl, ";rrset%s " ARG_LL "d %u %u %d %d\n",
89 		(k->rk.flags & PACKED_RRSET_NSEC_AT_APEX)?" nsec_apex":"",
90 		(long long)(d->ttl - now),
91 		(unsigned)d->count, (unsigned)d->rrsig_count,
92 		(int)d->trust, (int)d->security
93 		))
94 		return 0;
95 	for(i=0; i<d->count + d->rrsig_count; i++) {
96 		if(!dump_rrset_line(ssl, k, now, i))
97 			return 0;
98 	}
99 	return 1;
100 }
101 
102 /** dump lruhash rrset cache */
103 static int
104 dump_rrset_lruhash(RES* ssl, struct lruhash* h, time_t now)
105 {
106 	struct lruhash_entry* e;
107 	/* lruhash already locked by caller */
108 	/* walk in order of lru; best first */
109 	for(e=h->lru_start; e; e = e->lru_next) {
110 		lock_rw_rdlock(&e->lock);
111 		if(!dump_rrset(ssl, (struct ub_packed_rrset_key*)e->key,
112 			(struct packed_rrset_data*)e->data, now)) {
113 			lock_rw_unlock(&e->lock);
114 			return 0;
115 		}
116 		lock_rw_unlock(&e->lock);
117 	}
118 	return 1;
119 }
120 
121 /** dump rrset cache */
122 static int
123 dump_rrset_cache(RES* ssl, struct worker* worker)
124 {
125 	struct rrset_cache* r = worker->env.rrset_cache;
126 	size_t slab;
127 	if(!ssl_printf(ssl, "START_RRSET_CACHE\n")) return 0;
128 	for(slab=0; slab<r->table.size; slab++) {
129 		lock_quick_lock(&r->table.array[slab]->lock);
130 		if(!dump_rrset_lruhash(ssl, r->table.array[slab],
131 			*worker->env.now)) {
132 			lock_quick_unlock(&r->table.array[slab]->lock);
133 			return 0;
134 		}
135 		lock_quick_unlock(&r->table.array[slab]->lock);
136 	}
137 	return ssl_printf(ssl, "END_RRSET_CACHE\n");
138 }
139 
140 /** dump message to rrset reference */
141 static int
142 dump_msg_ref(RES* ssl, struct ub_packed_rrset_key* k)
143 {
144 	char* nm, *tp, *cl;
145 	nm = sldns_wire2str_dname(k->rk.dname, k->rk.dname_len);
146 	tp = sldns_wire2str_type(ntohs(k->rk.type));
147 	cl = sldns_wire2str_class(ntohs(k->rk.rrset_class));
148 	if(!nm || !cl || !tp) {
149 		free(nm);
150 		free(tp);
151 		free(cl);
152 		return ssl_printf(ssl, "BADREF\n");
153 	}
154 	if(!ssl_printf(ssl, "%s %s %s %d\n", nm, cl, tp, (int)k->rk.flags)) {
155 		free(nm);
156 		free(tp);
157 		free(cl);
158 		return 0;
159 	}
160 	free(nm);
161 	free(tp);
162 	free(cl);
163 
164 	return 1;
165 }
166 
167 /** dump message entry */
168 static int
169 dump_msg(RES* ssl, struct query_info* k, struct reply_info* d,
170 	time_t now)
171 {
172 	size_t i;
173 	char* nm, *tp, *cl;
174 	if(!k || !d) return 1;
175 	if(d->ttl < now) return 1; /* expired */
176 
177 	nm = sldns_wire2str_dname(k->qname, k->qname_len);
178 	tp = sldns_wire2str_type(k->qtype);
179 	cl = sldns_wire2str_class(k->qclass);
180 	if(!nm || !tp || !cl) {
181 		free(nm);
182 		free(tp);
183 		free(cl);
184 		return 1; /* skip this entry */
185 	}
186 	if(!rrset_array_lock(d->ref, d->rrset_count, now)) {
187 		/* rrsets have timed out or do not exist */
188 		free(nm);
189 		free(tp);
190 		free(cl);
191 		return 1; /* skip this entry */
192 	}
193 
194 	/* meta line */
195 	if(!ssl_printf(ssl, "msg %s %s %s %d %d " ARG_LL "d %d %u %u %u\n",
196 			nm, cl, tp,
197 			(int)d->flags, (int)d->qdcount,
198 			(long long)(d->ttl-now), (int)d->security,
199 			(unsigned)d->an_numrrsets,
200 			(unsigned)d->ns_numrrsets,
201 			(unsigned)d->ar_numrrsets)) {
202 		free(nm);
203 		free(tp);
204 		free(cl);
205 		rrset_array_unlock(d->ref, d->rrset_count);
206 		return 0;
207 	}
208 	free(nm);
209 	free(tp);
210 	free(cl);
211 
212 	for(i=0; i<d->rrset_count; i++) {
213 		if(!dump_msg_ref(ssl, d->rrsets[i])) {
214 			rrset_array_unlock(d->ref, d->rrset_count);
215 			return 0;
216 		}
217 	}
218 	rrset_array_unlock(d->ref, d->rrset_count);
219 
220 	return 1;
221 }
222 
223 /** copy msg to worker pad */
224 static int
225 copy_msg(struct regional* region, struct lruhash_entry* e,
226 	struct query_info** k, struct reply_info** d)
227 {
228 	struct reply_info* rep = (struct reply_info*)e->data;
229 	if(rep->rrset_count > RR_COUNT_MAX)
230 		return 0; /* to protect against integer overflow */
231 	*d = (struct reply_info*)regional_alloc_init(region, e->data,
232 		sizeof(struct reply_info) +
233 		sizeof(struct rrset_ref) * (rep->rrset_count-1) +
234 		sizeof(struct ub_packed_rrset_key*) * rep->rrset_count);
235 	if(!*d)
236 		return 0;
237 	(*d)->rrsets = (struct ub_packed_rrset_key**)(void *)(
238 		(uint8_t*)(&((*d)->ref[0])) +
239 		sizeof(struct rrset_ref) * rep->rrset_count);
240 	*k = (struct query_info*)regional_alloc_init(region,
241 		e->key, sizeof(struct query_info));
242 	if(!*k)
243 		return 0;
244 	(*k)->qname = regional_alloc_init(region,
245 		(*k)->qname, (*k)->qname_len);
246 	return (*k)->qname != NULL;
247 }
248 
249 /** dump lruhash msg cache */
250 static int
251 dump_msg_lruhash(RES* ssl, struct worker* worker, struct lruhash* h)
252 {
253 	struct lruhash_entry* e;
254 	struct query_info* k;
255 	struct reply_info* d;
256 
257 	/* lruhash already locked by caller */
258 	/* walk in order of lru; best first */
259 	for(e=h->lru_start; e; e = e->lru_next) {
260 		regional_free_all(worker->scratchpad);
261 		lock_rw_rdlock(&e->lock);
262 		/* make copy of rrset in worker buffer */
263 		if(!copy_msg(worker->scratchpad, e, &k, &d)) {
264 			lock_rw_unlock(&e->lock);
265 			return 0;
266 		}
267 		lock_rw_unlock(&e->lock);
268 		/* release lock so we can lookup the rrset references
269 		 * in the rrset cache */
270 		if(!dump_msg(ssl, k, d, *worker->env.now)) {
271 			return 0;
272 		}
273 	}
274 	return 1;
275 }
276 
277 /** dump msg cache */
278 static int
279 dump_msg_cache(RES* ssl, struct worker* worker)
280 {
281 	struct slabhash* sh = worker->env.msg_cache;
282 	size_t slab;
283 	if(!ssl_printf(ssl, "START_MSG_CACHE\n")) return 0;
284 	for(slab=0; slab<sh->size; slab++) {
285 		lock_quick_lock(&sh->array[slab]->lock);
286 		if(!dump_msg_lruhash(ssl, worker, sh->array[slab])) {
287 			lock_quick_unlock(&sh->array[slab]->lock);
288 			return 0;
289 		}
290 		lock_quick_unlock(&sh->array[slab]->lock);
291 	}
292 	return ssl_printf(ssl, "END_MSG_CACHE\n");
293 }
294 
295 int
296 dump_cache(RES* ssl, struct worker* worker)
297 {
298 	if(!dump_rrset_cache(ssl, worker))
299 		return 0;
300 	if(!dump_msg_cache(ssl, worker))
301 		return 0;
302 	return ssl_printf(ssl, "EOF\n");
303 }
304 
305 /** read a line from ssl into buffer */
306 static int
307 ssl_read_buf(RES* ssl, sldns_buffer* buf)
308 {
309 	return ssl_read_line(ssl, (char*)sldns_buffer_begin(buf),
310 		sldns_buffer_capacity(buf));
311 }
312 
313 /** check fixed text on line */
314 static int
315 read_fixed(RES* ssl, sldns_buffer* buf, const char* str)
316 {
317 	if(!ssl_read_buf(ssl, buf)) return 0;
318 	return (strcmp((char*)sldns_buffer_begin(buf), str) == 0);
319 }
320 
321 /** load an RR into rrset */
322 static int
323 load_rr(RES* ssl, sldns_buffer* buf, struct regional* region,
324 	struct ub_packed_rrset_key* rk, struct packed_rrset_data* d,
325 	unsigned int i, int is_rrsig, int* go_on, time_t now)
326 {
327 	uint8_t rr[LDNS_RR_BUF_SIZE];
328 	size_t rr_len = sizeof(rr), dname_len = 0;
329 	int status;
330 
331 	/* read the line */
332 	if(!ssl_read_buf(ssl, buf))
333 		return 0;
334 	if(strncmp((char*)sldns_buffer_begin(buf), "BADRR\n", 6) == 0) {
335 		*go_on = 0;
336 		return 1;
337 	}
338 	status = sldns_str2wire_rr_buf((char*)sldns_buffer_begin(buf), rr,
339 		&rr_len, &dname_len, 3600, NULL, 0, NULL, 0);
340 	if(status != 0) {
341 		log_warn("error cannot parse rr: %s: %s",
342 			sldns_get_errorstr_parse(status),
343 			(char*)sldns_buffer_begin(buf));
344 		return 0;
345 	}
346 	if(is_rrsig && sldns_wirerr_get_type(rr, rr_len, dname_len)
347 		!= LDNS_RR_TYPE_RRSIG) {
348 		log_warn("error expected rrsig but got %s",
349 			(char*)sldns_buffer_begin(buf));
350 		return 0;
351 	}
352 
353 	/* convert ldns rr into packed_rr */
354 	d->rr_ttl[i] = (time_t)sldns_wirerr_get_ttl(rr, rr_len, dname_len) + now;
355 	sldns_buffer_clear(buf);
356 	d->rr_len[i] = sldns_wirerr_get_rdatalen(rr, rr_len, dname_len)+2;
357 	d->rr_data[i] = (uint8_t*)regional_alloc_init(region,
358 		sldns_wirerr_get_rdatawl(rr, rr_len, dname_len), d->rr_len[i]);
359 	if(!d->rr_data[i]) {
360 		log_warn("error out of memory");
361 		return 0;
362 	}
363 
364 	/* if first entry, fill the key structure */
365 	if(i==0) {
366 		rk->rk.type = htons(sldns_wirerr_get_type(rr, rr_len, dname_len));
367 		rk->rk.rrset_class = htons(sldns_wirerr_get_class(rr, rr_len, dname_len));
368 		rk->rk.dname_len = dname_len;
369 		rk->rk.dname = regional_alloc_init(region, rr, dname_len);
370 		if(!rk->rk.dname) {
371 			log_warn("error out of memory");
372 			return 0;
373 		}
374 	}
375 
376 	return 1;
377 }
378 
379 /** move entry into cache */
380 static int
381 move_into_cache(struct ub_packed_rrset_key* k,
382 	struct packed_rrset_data* d, struct worker* worker)
383 {
384 	struct ub_packed_rrset_key* ak;
385 	struct packed_rrset_data* ad;
386 	size_t s, i, num = d->count + d->rrsig_count;
387 	struct rrset_ref ref;
388 	uint8_t* p;
389 
390 	ak = alloc_special_obtain(&worker->alloc);
391 	if(!ak) {
392 		log_warn("error out of memory");
393 		return 0;
394 	}
395 	ak->entry.data = NULL;
396 	ak->rk = k->rk;
397 	ak->entry.hash = rrset_key_hash(&k->rk);
398 	ak->rk.dname = (uint8_t*)memdup(k->rk.dname, k->rk.dname_len);
399 	if(!ak->rk.dname) {
400 		log_warn("error out of memory");
401 		ub_packed_rrset_parsedelete(ak, &worker->alloc);
402 		return 0;
403 	}
404 	s = sizeof(*ad) + (sizeof(size_t) + sizeof(uint8_t*) +
405 		sizeof(time_t))* num;
406 	for(i=0; i<num; i++)
407 		s += d->rr_len[i];
408 	ad = (struct packed_rrset_data*)malloc(s);
409 	if(!ad) {
410 		log_warn("error out of memory");
411 		ub_packed_rrset_parsedelete(ak, &worker->alloc);
412 		return 0;
413 	}
414 	p = (uint8_t*)ad;
415 	memmove(p, d, sizeof(*ad));
416 	p += sizeof(*ad);
417 	memmove(p, &d->rr_len[0], sizeof(size_t)*num);
418 	p += sizeof(size_t)*num;
419 	memmove(p, &d->rr_data[0], sizeof(uint8_t*)*num);
420 	p += sizeof(uint8_t*)*num;
421 	memmove(p, &d->rr_ttl[0], sizeof(time_t)*num);
422 	p += sizeof(time_t)*num;
423 	for(i=0; i<num; i++) {
424 		memmove(p, d->rr_data[i], d->rr_len[i]);
425 		p += d->rr_len[i];
426 	}
427 	packed_rrset_ptr_fixup(ad);
428 
429 	ak->entry.data = ad;
430 
431 	ref.key = ak;
432 	ref.id = ak->id;
433 	(void)rrset_cache_update(worker->env.rrset_cache, &ref,
434 		&worker->alloc, *worker->env.now);
435 	return 1;
436 }
437 
438 /** load an rrset entry */
439 static int
440 load_rrset(RES* ssl, sldns_buffer* buf, struct worker* worker)
441 {
442 	char* s = (char*)sldns_buffer_begin(buf);
443 	struct regional* region = worker->scratchpad;
444 	struct ub_packed_rrset_key* rk;
445 	struct packed_rrset_data* d;
446 	unsigned int rr_count, rrsig_count, trust, security;
447 	long long ttl;
448 	unsigned int i;
449 	int go_on = 1;
450 	regional_free_all(region);
451 
452 	rk = (struct ub_packed_rrset_key*)regional_alloc_zero(region,
453 		sizeof(*rk));
454 	d = (struct packed_rrset_data*)regional_alloc_zero(region, sizeof(*d));
455 	if(!rk || !d) {
456 		log_warn("error out of memory");
457 		return 0;
458 	}
459 
460 	if(strncmp(s, ";rrset", 6) != 0) {
461 		log_warn("error expected ';rrset' but got %s", s);
462 		return 0;
463 	}
464 	s += 6;
465 	if(strncmp(s, " nsec_apex", 10) == 0) {
466 		s += 10;
467 		rk->rk.flags |= PACKED_RRSET_NSEC_AT_APEX;
468 	}
469 	if(sscanf(s, " " ARG_LL "d %u %u %u %u", &ttl, &rr_count, &rrsig_count,
470 		&trust, &security) != 5) {
471 		log_warn("error bad rrset spec %s", s);
472 		return 0;
473 	}
474 	if(rr_count == 0 && rrsig_count == 0) {
475 		log_warn("bad rrset without contents");
476 		return 0;
477 	}
478 	if(rr_count > RR_COUNT_MAX || rrsig_count > RR_COUNT_MAX) {
479 		log_warn("bad rrset with too many rrs");
480 		return 0;
481 	}
482 	d->count = (size_t)rr_count;
483 	d->rrsig_count = (size_t)rrsig_count;
484 	d->security = (enum sec_status)security;
485 	d->trust = (enum rrset_trust)trust;
486 	d->ttl = (time_t)ttl + *worker->env.now;
487 
488 	d->rr_len = regional_alloc_zero(region,
489 		sizeof(size_t)*(d->count+d->rrsig_count));
490 	d->rr_ttl = regional_alloc_zero(region,
491 		sizeof(time_t)*(d->count+d->rrsig_count));
492 	d->rr_data = regional_alloc_zero(region,
493 		sizeof(uint8_t*)*(d->count+d->rrsig_count));
494 	if(!d->rr_len || !d->rr_ttl || !d->rr_data) {
495 		log_warn("error out of memory");
496 		return 0;
497 	}
498 
499 	/* read the rr's themselves */
500 	for(i=0; i<rr_count; i++) {
501 		if(!load_rr(ssl, buf, region, rk, d, i, 0,
502 			&go_on, *worker->env.now)) {
503 			log_warn("could not read rr %u", i);
504 			return 0;
505 		}
506 	}
507 	for(i=0; i<rrsig_count; i++) {
508 		if(!load_rr(ssl, buf, region, rk, d, i+rr_count, 1,
509 			&go_on, *worker->env.now)) {
510 			log_warn("could not read rrsig %u", i);
511 			return 0;
512 		}
513 	}
514 	if(!go_on) {
515 		/* skip this entry */
516 		return 1;
517 	}
518 
519 	return move_into_cache(rk, d, worker);
520 }
521 
522 /** load rrset cache */
523 static int
524 load_rrset_cache(RES* ssl, struct worker* worker)
525 {
526 	sldns_buffer* buf = worker->env.scratch_buffer;
527 	if(!read_fixed(ssl, buf, "START_RRSET_CACHE")) return 0;
528 	while(ssl_read_buf(ssl, buf) &&
529 		strcmp((char*)sldns_buffer_begin(buf), "END_RRSET_CACHE")!=0) {
530 		if(!load_rrset(ssl, buf, worker))
531 			return 0;
532 	}
533 	return 1;
534 }
535 
536 /** read qinfo from next three words */
537 static char*
538 load_qinfo(char* str, struct query_info* qinfo, struct regional* region)
539 {
540 	/* s is part of the buf */
541 	char* s = str;
542 	uint8_t rr[LDNS_RR_BUF_SIZE];
543 	size_t rr_len = sizeof(rr), dname_len = 0;
544 	int status;
545 
546 	/* skip three words */
547 	s = strchr(str, ' ');
548 	if(s) s = strchr(s+1, ' ');
549 	if(s) s = strchr(s+1, ' ');
550 	if(!s) {
551 		log_warn("error line too short, %s", str);
552 		return NULL;
553 	}
554 	s[0] = 0;
555 	s++;
556 
557 	/* parse them */
558 	status = sldns_str2wire_rr_question_buf(str, rr, &rr_len, &dname_len,
559 		NULL, 0, NULL, 0);
560 	if(status != 0) {
561 		log_warn("error cannot parse: %s %s",
562 			sldns_get_errorstr_parse(status), str);
563 		return NULL;
564 	}
565 	qinfo->qtype = sldns_wirerr_get_type(rr, rr_len, dname_len);
566 	qinfo->qclass = sldns_wirerr_get_class(rr, rr_len, dname_len);
567 	qinfo->qname_len = dname_len;
568 	qinfo->qname = (uint8_t*)regional_alloc_init(region, rr, dname_len);
569 	qinfo->local_alias = NULL;
570 	if(!qinfo->qname) {
571 		log_warn("error out of memory");
572 		return NULL;
573 	}
574 
575 	return s;
576 }
577 
578 /** load a msg rrset reference */
579 static int
580 load_ref(RES* ssl, sldns_buffer* buf, struct worker* worker,
581 	struct regional *region, struct ub_packed_rrset_key** rrset,
582 	int* go_on)
583 {
584 	char* s = (char*)sldns_buffer_begin(buf);
585 	struct query_info qinfo;
586 	unsigned int flags;
587 	struct ub_packed_rrset_key* k;
588 
589 	/* read line */
590 	if(!ssl_read_buf(ssl, buf))
591 		return 0;
592 	if(strncmp(s, "BADREF", 6) == 0) {
593 		*go_on = 0; /* its bad, skip it and skip message */
594 		return 1;
595 	}
596 
597 	s = load_qinfo(s, &qinfo, region);
598 	if(!s) {
599 		return 0;
600 	}
601 	if(sscanf(s, " %u", &flags) != 1) {
602 		log_warn("error cannot parse flags: %s", s);
603 		return 0;
604 	}
605 
606 	/* lookup in cache */
607 	k = rrset_cache_lookup(worker->env.rrset_cache, qinfo.qname,
608 		qinfo.qname_len, qinfo.qtype, qinfo.qclass,
609 		(uint32_t)flags, *worker->env.now, 0);
610 	if(!k) {
611 		/* not found or expired */
612 		*go_on = 0;
613 		return 1;
614 	}
615 
616 	/* store in result */
617 	*rrset = packed_rrset_copy_region(k, region, *worker->env.now);
618 	lock_rw_unlock(&k->entry.lock);
619 
620 	return (*rrset != NULL);
621 }
622 
623 /** load a msg entry */
624 static int
625 load_msg(RES* ssl, sldns_buffer* buf, struct worker* worker)
626 {
627 	struct regional* region = worker->scratchpad;
628 	struct query_info qinf;
629 	struct reply_info rep;
630 	char* s = (char*)sldns_buffer_begin(buf);
631 	unsigned int flags, qdcount, security, an, ns, ar;
632 	long long ttl;
633 	size_t i;
634 	int go_on = 1;
635 
636 	regional_free_all(region);
637 
638 	if(strncmp(s, "msg ", 4) != 0) {
639 		log_warn("error expected msg but got %s", s);
640 		return 0;
641 	}
642 	s += 4;
643 	s = load_qinfo(s, &qinf, region);
644 	if(!s) {
645 		return 0;
646 	}
647 
648 	/* read remainder of line */
649 	if(sscanf(s, " %u %u " ARG_LL "d %u %u %u %u", &flags, &qdcount, &ttl,
650 		&security, &an, &ns, &ar) != 7) {
651 		log_warn("error cannot parse numbers: %s", s);
652 		return 0;
653 	}
654 	rep.flags = (uint16_t)flags;
655 	rep.qdcount = (uint16_t)qdcount;
656 	rep.ttl = (time_t)ttl;
657 	rep.prefetch_ttl = PREFETCH_TTL_CALC(rep.ttl);
658 	rep.serve_expired_ttl = rep.ttl + SERVE_EXPIRED_TTL;
659 	rep.security = (enum sec_status)security;
660 	if(an > RR_COUNT_MAX || ns > RR_COUNT_MAX || ar > RR_COUNT_MAX) {
661 		log_warn("error too many rrsets");
662 		return 0; /* protect against integer overflow in alloc */
663 	}
664 	rep.an_numrrsets = (size_t)an;
665 	rep.ns_numrrsets = (size_t)ns;
666 	rep.ar_numrrsets = (size_t)ar;
667 	rep.rrset_count = (size_t)an+(size_t)ns+(size_t)ar;
668 	rep.rrsets = (struct ub_packed_rrset_key**)regional_alloc_zero(
669 		region, sizeof(struct ub_packed_rrset_key*)*rep.rrset_count);
670 
671 	/* fill repinfo with references */
672 	for(i=0; i<rep.rrset_count; i++) {
673 		if(!load_ref(ssl, buf, worker, region, &rep.rrsets[i],
674 			&go_on)) {
675 			return 0;
676 		}
677 	}
678 
679 	if(!go_on)
680 		return 1; /* skip this one, not all references satisfied */
681 
682 	if(!dns_cache_store(&worker->env, &qinf, &rep, 0, 0, 0, NULL, flags,
683 		*worker->env.now)) {
684 		log_warn("error out of memory");
685 		return 0;
686 	}
687 	return 1;
688 }
689 
690 /** load msg cache */
691 static int
692 load_msg_cache(RES* ssl, struct worker* worker)
693 {
694 	sldns_buffer* buf = worker->env.scratch_buffer;
695 	if(!read_fixed(ssl, buf, "START_MSG_CACHE")) return 0;
696 	while(ssl_read_buf(ssl, buf) &&
697 		strcmp((char*)sldns_buffer_begin(buf), "END_MSG_CACHE")!=0) {
698 		if(!load_msg(ssl, buf, worker))
699 			return 0;
700 	}
701 	return 1;
702 }
703 
704 int
705 load_cache(RES* ssl, struct worker* worker)
706 {
707 	if(!load_rrset_cache(ssl, worker))
708 		return 0;
709 	if(!load_msg_cache(ssl, worker))
710 		return 0;
711 	return read_fixed(ssl, worker->env.scratch_buffer, "EOF");
712 }
713 
714 /** print details on a delegation point */
715 static void
716 print_dp_details(RES* ssl, struct worker* worker, struct delegpt* dp)
717 {
718 	char buf[257];
719 	struct delegpt_addr* a;
720 	int lame, dlame, rlame, rto, edns_vs, to, delay,
721 		tA = 0, tAAAA = 0, tother = 0;
722 	long long entry_ttl;
723 	struct rtt_info ri;
724 	uint8_t edns_lame_known;
725 	for(a = dp->target_list; a; a = a->next_target) {
726 		addr_to_str(&a->addr, a->addrlen, buf, sizeof(buf));
727 		if(!ssl_printf(ssl, "%-16s\t", buf))
728 			return;
729 		if(a->bogus) {
730 			if(!ssl_printf(ssl, "Address is BOGUS. "))
731 				return;
732 		}
733 		/* lookup in infra cache */
734 		delay=0;
735 		entry_ttl = infra_get_host_rto(worker->env.infra_cache,
736 			&a->addr, a->addrlen, dp->name, dp->namelen,
737 			&ri, &delay, *worker->env.now, &tA, &tAAAA, &tother);
738 		if(entry_ttl == -2 && ri.rto >= USEFUL_SERVER_TOP_TIMEOUT) {
739 			if(!ssl_printf(ssl, "expired, rto %d msec, tA %d "
740 				"tAAAA %d tother %d.\n", ri.rto, tA, tAAAA,
741 				tother))
742 				return;
743 			continue;
744 		}
745 		if(entry_ttl == -1 || entry_ttl == -2) {
746 			if(!ssl_printf(ssl, "not in infra cache.\n"))
747 				return;
748 			continue; /* skip stuff not in infra cache */
749 		}
750 
751 		/* uses type_A because most often looked up, but other
752 		 * lameness won't be reported then */
753 		if(!infra_get_lame_rtt(worker->env.infra_cache,
754 			&a->addr, a->addrlen, dp->name, dp->namelen,
755 			LDNS_RR_TYPE_A, &lame, &dlame, &rlame, &rto,
756 			*worker->env.now)) {
757 			if(!ssl_printf(ssl, "not in infra cache.\n"))
758 				return;
759 			continue; /* skip stuff not in infra cache */
760 		}
761 		if(!ssl_printf(ssl, "%s%s%s%srto %d msec, ttl " ARG_LL "d, "
762 			"ping %d var %d rtt %d, tA %d, tAAAA %d, tother %d",
763 			lame?"LAME ":"", dlame?"NoDNSSEC ":"",
764 			a->lame?"AddrWasParentSide ":"",
765 			rlame?"NoAuthButRecursive ":"", rto, entry_ttl,
766 			ri.srtt, ri.rttvar, rtt_notimeout(&ri),
767 			tA, tAAAA, tother))
768 			return;
769 		if(delay)
770 			if(!ssl_printf(ssl, ", probedelay %d", delay))
771 				return;
772 		if(infra_host(worker->env.infra_cache, &a->addr, a->addrlen,
773 			dp->name, dp->namelen, *worker->env.now, &edns_vs,
774 			&edns_lame_known, &to)) {
775 			if(edns_vs == -1) {
776 				if(!ssl_printf(ssl, ", noEDNS%s.",
777 					edns_lame_known?" probed":" assumed"))
778 					return;
779 			} else {
780 				if(!ssl_printf(ssl, ", EDNS %d%s.", edns_vs,
781 					edns_lame_known?" probed":" assumed"))
782 					return;
783 			}
784 		}
785 		if(!ssl_printf(ssl, "\n"))
786 			return;
787 	}
788 }
789 
790 /** print main dp info */
791 static void
792 print_dp_main(RES* ssl, struct delegpt* dp, struct dns_msg* msg)
793 {
794 	size_t i, n_ns, n_miss, n_addr, n_res, n_avail;
795 
796 	/* print the dp */
797 	if(msg)
798 	    for(i=0; i<msg->rep->rrset_count; i++) {
799 		struct ub_packed_rrset_key* k = msg->rep->rrsets[i];
800 		struct packed_rrset_data* d =
801 			(struct packed_rrset_data*)k->entry.data;
802 		if(d->security == sec_status_bogus) {
803 			if(!ssl_printf(ssl, "Address is BOGUS:\n"))
804 				return;
805 		}
806 		if(!dump_rrset(ssl, k, d, 0))
807 			return;
808 	    }
809 	delegpt_count_ns(dp, &n_ns, &n_miss);
810 	delegpt_count_addr(dp, &n_addr, &n_res, &n_avail);
811 	/* since dp has not been used by iterator, all are available*/
812 	if(!ssl_printf(ssl, "Delegation with %d names, of which %d "
813 		"can be examined to query further addresses.\n"
814 		"%sIt provides %d IP addresses.\n",
815 		(int)n_ns, (int)n_miss, (dp->bogus?"It is BOGUS. ":""),
816 		(int)n_addr))
817 		return;
818 }
819 
820 int print_deleg_lookup(RES* ssl, struct worker* worker, uint8_t* nm,
821 	size_t nmlen, int ATTR_UNUSED(nmlabs))
822 {
823 	/* deep links into the iterator module */
824 	struct delegpt* dp;
825 	struct dns_msg* msg;
826 	struct regional* region = worker->scratchpad;
827 	char b[260];
828 	struct query_info qinfo;
829 	struct iter_hints_stub* stub;
830 	regional_free_all(region);
831 	qinfo.qname = nm;
832 	qinfo.qname_len = nmlen;
833 	qinfo.qtype = LDNS_RR_TYPE_A;
834 	qinfo.qclass = LDNS_RR_CLASS_IN;
835 	qinfo.local_alias = NULL;
836 
837 	dname_str(nm, b);
838 	if(!ssl_printf(ssl, "The following name servers are used for lookup "
839 		"of %s\n", b))
840 		return 0;
841 
842 	dp = forwards_lookup(worker->env.fwds, nm, qinfo.qclass);
843 	if(dp) {
844 		if(!ssl_printf(ssl, "forwarding request:\n"))
845 			return 0;
846 		print_dp_main(ssl, dp, NULL);
847 		print_dp_details(ssl, worker, dp);
848 		return 1;
849 	}
850 
851 	while(1) {
852 		dp = dns_cache_find_delegation(&worker->env, nm, nmlen,
853 			qinfo.qtype, qinfo.qclass, region, &msg,
854 			*worker->env.now, 0, NULL, 0);
855 		if(!dp) {
856 			return ssl_printf(ssl, "no delegation from "
857 				"cache; goes to configured roots\n");
858 		}
859 		/* go up? */
860 		if(iter_dp_is_useless(&qinfo, BIT_RD, dp,
861 			(worker->env.cfg->do_ip4 && worker->back->num_ip4 != 0),
862 			(worker->env.cfg->do_ip6 && worker->back->num_ip6 != 0))) {
863 			print_dp_main(ssl, dp, msg);
864 			print_dp_details(ssl, worker, dp);
865 			if(!ssl_printf(ssl, "cache delegation was "
866 				"useless (no IP addresses)\n"))
867 				return 0;
868 			if(dname_is_root(nm)) {
869 				/* goes to root config */
870 				return ssl_printf(ssl, "no delegation from "
871 					"cache; goes to configured roots\n");
872 			} else {
873 				/* useless, goes up */
874 				nm = dp->name;
875 				nmlen = dp->namelen;
876 				dname_remove_label(&nm, &nmlen);
877 				dname_str(nm, b);
878 				if(!ssl_printf(ssl, "going up, lookup %s\n", b))
879 					return 0;
880 				continue;
881 			}
882 		}
883 		stub = hints_lookup_stub(worker->env.hints, nm, qinfo.qclass,
884 			dp);
885 		if(stub) {
886 			if(stub->noprime) {
887 				if(!ssl_printf(ssl, "The noprime stub servers "
888 					"are used:\n"))
889 					return 0;
890 			} else {
891 				if(!ssl_printf(ssl, "The stub is primed "
892 						"with servers:\n"))
893 					return 0;
894 			}
895 			print_dp_main(ssl, stub->dp, NULL);
896 			print_dp_details(ssl, worker, stub->dp);
897 		} else {
898 			print_dp_main(ssl, dp, msg);
899 			print_dp_details(ssl, worker, dp);
900 		}
901 		break;
902 	}
903 
904 	return 1;
905 }
906