xref: /freebsd/contrib/unbound/edns-subnet/subnetmod.c (revision a12eb9e4ae534557867d49803a1e28bfe519a207)
1 /*
2  * edns-subnet/subnetmod.c - edns subnet module. Must be called before validator
3  * and iterator.
4  *
5  * Copyright (c) 2013, NLnet Labs. All rights reserved.
6  *
7  * This software is open source.
8  *
9  * Redistribution and use in source and binary forms, with or without
10  * modification, are permitted provided that the following conditions
11  * are met:
12  *
13  * Redistributions of source code must retain the above copyright notice,
14  * this list of conditions and the following disclaimer.
15  *
16  * Redistributions in binary form must reproduce the above copyright notice,
17  * this list of conditions and the following disclaimer in the documentation
18  * and/or other materials provided with the distribution.
19  *
20  * Neither the name of the NLNET LABS nor the names of its contributors may
21  * be used to endorse or promote products derived from this software without
22  * specific prior written permission.
23  *
24  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
25  * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
26  * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
27  * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
28  * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
29  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
30  * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
31  * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
32  * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
33  * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
34  * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
35  */
36  /**
37  * \file
38  * subnet module for unbound.
39  */
40 
41 #include "config.h"
42 
43 #ifdef CLIENT_SUBNET /* keeps splint happy */
44 
45 #include "edns-subnet/subnetmod.h"
46 #include "edns-subnet/edns-subnet.h"
47 #include "edns-subnet/addrtree.h"
48 #include "edns-subnet/subnet-whitelist.h"
49 
50 #include "services/mesh.h"
51 #include "services/cache/dns.h"
52 #include "util/module.h"
53 #include "util/regional.h"
54 #include "util/storage/slabhash.h"
55 #include "util/config_file.h"
56 #include "util/data/msgreply.h"
57 #include "sldns/sbuffer.h"
58 #include "iterator/iter_utils.h"
59 
60 /** externally called */
61 void
62 subnet_data_delete(void *d, void *ATTR_UNUSED(arg))
63 {
64 	struct subnet_msg_cache_data *r;
65 	r = (struct subnet_msg_cache_data*)d;
66 	addrtree_delete(r->tree4);
67 	addrtree_delete(r->tree6);
68 	free(r);
69 }
70 
71 /** externally called */
72 size_t
73 msg_cache_sizefunc(void *k, void *d)
74 {
75 	struct msgreply_entry *q = (struct msgreply_entry*)k;
76 	struct subnet_msg_cache_data *r = (struct subnet_msg_cache_data*)d;
77 	size_t s = sizeof(struct msgreply_entry)
78 		+ sizeof(struct subnet_msg_cache_data)
79 		+ q->key.qname_len + lock_get_mem(&q->entry.lock);
80 	s += addrtree_size(r->tree4);
81 	s += addrtree_size(r->tree6);
82 	return s;
83 }
84 
85 /** new query for ecs module */
86 static int
87 subnet_new_qstate(struct module_qstate *qstate, int id)
88 {
89 	struct subnet_qstate *sq = (struct subnet_qstate*)regional_alloc(
90 		qstate->region, sizeof(struct subnet_qstate));
91 	if(!sq)
92 		return 0;
93 	qstate->minfo[id] = sq;
94 	memset(sq, 0, sizeof(*sq));
95 	sq->started_no_cache_store = qstate->no_cache_store;
96 	sq->started_no_cache_lookup = qstate->no_cache_lookup;
97 	return 1;
98 }
99 
100 /** Add ecs struct to edns list, after parsing it to wire format. */
101 void
102 subnet_ecs_opt_list_append(struct ecs_data* ecs, struct edns_option** list,
103 	struct module_qstate *qstate, struct regional *region)
104 {
105 	size_t sn_octs, sn_octs_remainder;
106 	sldns_buffer* buf = qstate->env->scratch_buffer;
107 
108 	if(ecs->subnet_validdata) {
109 		log_assert(ecs->subnet_addr_fam == EDNSSUBNET_ADDRFAM_IP4 ||
110 			ecs->subnet_addr_fam == EDNSSUBNET_ADDRFAM_IP6);
111 		log_assert(ecs->subnet_addr_fam != EDNSSUBNET_ADDRFAM_IP4 ||
112 			ecs->subnet_source_mask <=  INET_SIZE*8);
113 		log_assert(ecs->subnet_addr_fam != EDNSSUBNET_ADDRFAM_IP6 ||
114 			ecs->subnet_source_mask <= INET6_SIZE*8);
115 
116 		sn_octs = ecs->subnet_source_mask / 8;
117 		sn_octs_remainder =
118 			(size_t)((ecs->subnet_source_mask % 8)>0?1:0);
119 
120 		log_assert(sn_octs + sn_octs_remainder <= INET6_SIZE);
121 
122 		sldns_buffer_clear(buf);
123 		sldns_buffer_write_u16(buf, ecs->subnet_addr_fam);
124 		sldns_buffer_write_u8(buf, ecs->subnet_source_mask);
125 		sldns_buffer_write_u8(buf, ecs->subnet_scope_mask);
126 		sldns_buffer_write(buf, ecs->subnet_addr, sn_octs);
127 		if(sn_octs_remainder)
128 			sldns_buffer_write_u8(buf, ecs->subnet_addr[sn_octs] &
129 				~(0xFF >> (ecs->subnet_source_mask % 8)));
130 		sldns_buffer_flip(buf);
131 
132 		edns_opt_list_append(list,
133 				qstate->env->cfg->client_subnet_opcode,
134 				sn_octs + sn_octs_remainder + 4,
135 				sldns_buffer_begin(buf), region);
136 	}
137 }
138 
139 int ecs_whitelist_check(struct query_info* qinfo,
140 	uint16_t ATTR_UNUSED(flags), struct module_qstate* qstate,
141 	struct sockaddr_storage* addr, socklen_t addrlen,
142 	uint8_t* ATTR_UNUSED(zone), size_t ATTR_UNUSED(zonelen),
143 	struct regional *region, int id, void* ATTR_UNUSED(cbargs))
144 {
145 	struct subnet_qstate *sq;
146 	struct subnet_env *sn_env;
147 
148 	if(!(sq=(struct subnet_qstate*)qstate->minfo[id]))
149 		return 1;
150 	sn_env = (struct subnet_env*)qstate->env->modinfo[id];
151 
152 	/* Cache by default, might be disabled after parsing EDNS option
153 	 * received from nameserver. */
154 	if(!iter_stub_fwd_no_cache(qstate, &qstate->qinfo, NULL, NULL)) {
155 		qstate->no_cache_store = 0;
156 	}
157 
158 	if(sq->ecs_server_out.subnet_validdata && ((sq->subnet_downstream &&
159 		qstate->env->cfg->client_subnet_always_forward) ||
160 		ecs_is_whitelisted(sn_env->whitelist,
161 		addr, addrlen, qinfo->qname, qinfo->qname_len,
162 		qinfo->qclass))) {
163 		/* Address on whitelist or client query contains ECS option, we
164 		 * want to sent out ECS. Only add option if it is not already
165 		 * set. */
166 		if(!edns_opt_list_find(qstate->edns_opts_back_out,
167 			qstate->env->cfg->client_subnet_opcode)) {
168 			subnet_ecs_opt_list_append(&sq->ecs_server_out,
169 				&qstate->edns_opts_back_out, qstate, region);
170 		}
171 		sq->subnet_sent = 1;
172 	}
173 	else {
174 		/* Outgoing ECS option is set, but we don't want to sent it to
175 		 * this address, remove option. */
176 		if(edns_opt_list_find(qstate->edns_opts_back_out,
177 			qstate->env->cfg->client_subnet_opcode)) {
178 			edns_opt_list_remove(&qstate->edns_opts_back_out,
179 				qstate->env->cfg->client_subnet_opcode);
180 		}
181 		sq->subnet_sent = 0;
182 	}
183 	return 1;
184 }
185 
186 
187 void
188 subnet_markdel(void* key)
189 {
190 	struct msgreply_entry *e = (struct msgreply_entry*)key;
191 	e->key.qtype = 0;
192 	e->key.qclass = 0;
193 }
194 
195 int
196 subnetmod_init(struct module_env *env, int id)
197 {
198 	struct subnet_env *sn_env = (struct subnet_env*)calloc(1,
199 		sizeof(struct subnet_env));
200 	if(!sn_env) {
201 		log_err("malloc failure");
202 		return 0;
203 	}
204 	alloc_init(&sn_env->alloc, NULL, 0);
205 	env->modinfo[id] = (void*)sn_env;
206 	/* Copy msg_cache settings */
207 	sn_env->subnet_msg_cache = slabhash_create(env->cfg->msg_cache_slabs,
208 		HASH_DEFAULT_STARTARRAY, env->cfg->msg_cache_size,
209 		msg_cache_sizefunc, query_info_compare, query_entry_delete,
210 		subnet_data_delete, NULL);
211 	slabhash_setmarkdel(sn_env->subnet_msg_cache, &subnet_markdel);
212 	if(!sn_env->subnet_msg_cache) {
213 		log_err("subnetcache: could not create cache");
214 		free(sn_env);
215 		env->modinfo[id] = NULL;
216 		return 0;
217 	}
218 	/* whitelist for edns subnet capable servers */
219 	sn_env->whitelist = ecs_whitelist_create();
220 	if(!sn_env->whitelist ||
221 		!ecs_whitelist_apply_cfg(sn_env->whitelist, env->cfg)) {
222 		log_err("subnetcache: could not create ECS whitelist");
223 		slabhash_delete(sn_env->subnet_msg_cache);
224 		free(sn_env);
225 		env->modinfo[id] = NULL;
226 		return 0;
227 	}
228 
229 	verbose(VERB_QUERY, "subnetcache: option registered (%d)",
230 		env->cfg->client_subnet_opcode);
231 	/* Create new mesh state for all queries. */
232 	env->unique_mesh = 1;
233 	if(!edns_register_option(env->cfg->client_subnet_opcode,
234 		env->cfg->client_subnet_always_forward /* bypass cache */,
235 		1 /* no aggregation */, env)) {
236 		log_err("subnetcache: could not register opcode");
237 		ecs_whitelist_delete(sn_env->whitelist);
238 		slabhash_delete(sn_env->subnet_msg_cache);
239 		free(sn_env);
240 		env->modinfo[id] = NULL;
241 		return 0;
242 	}
243 	inplace_cb_register((void*)ecs_whitelist_check, inplace_cb_query, NULL,
244 		env, id);
245 	inplace_cb_register((void*)ecs_edns_back_parsed,
246 		inplace_cb_edns_back_parsed, NULL, env, id);
247 	inplace_cb_register((void*)ecs_query_response,
248 		inplace_cb_query_response, NULL, env, id);
249 	lock_rw_init(&sn_env->biglock);
250 	return 1;
251 }
252 
253 void
254 subnetmod_deinit(struct module_env *env, int id)
255 {
256 	struct subnet_env *sn_env;
257 	if(!env || !env->modinfo[id])
258 		return;
259 	sn_env = (struct subnet_env*)env->modinfo[id];
260 	lock_rw_destroy(&sn_env->biglock);
261 	inplace_cb_delete(env, inplace_cb_edns_back_parsed, id);
262 	inplace_cb_delete(env, inplace_cb_query, id);
263 	inplace_cb_delete(env, inplace_cb_query_response, id);
264 	ecs_whitelist_delete(sn_env->whitelist);
265 	slabhash_delete(sn_env->subnet_msg_cache);
266 	alloc_clear(&sn_env->alloc);
267 	free(sn_env);
268 	env->modinfo[id] = NULL;
269 }
270 
271 /** Tells client that upstream has no/improper support */
272 static void
273 cp_edns_bad_response(struct ecs_data *target, struct ecs_data *source)
274 {
275 	target->subnet_scope_mask  = 0;
276 	target->subnet_source_mask = source->subnet_source_mask;
277 	target->subnet_addr_fam    = source->subnet_addr_fam;
278 	memcpy(target->subnet_addr, source->subnet_addr, INET6_SIZE);
279 	target->subnet_validdata = 1;
280 }
281 
282 static void
283 delfunc(void *envptr, void *elemptr) {
284 	struct reply_info *elem = (struct reply_info *)elemptr;
285 	struct subnet_env *env = (struct subnet_env *)envptr;
286 	reply_info_parsedelete(elem, &env->alloc);
287 }
288 
289 static size_t
290 sizefunc(void *elemptr) {
291 	struct reply_info *elem  = (struct reply_info *)elemptr;
292 	return sizeof (struct reply_info) - sizeof (struct rrset_ref)
293 		+ elem->rrset_count * sizeof (struct rrset_ref)
294 		+ elem->rrset_count * sizeof (struct ub_packed_rrset_key *);
295 }
296 
297 /**
298  * Select tree from cache entry based on edns data.
299  * If for address family not present it will create a new one.
300  * NULL on failure to create. */
301 static struct addrtree*
302 get_tree(struct subnet_msg_cache_data *data, struct ecs_data *edns,
303 	struct subnet_env *env, struct config_file* cfg)
304 {
305 	struct addrtree *tree;
306 	if (edns->subnet_addr_fam == EDNSSUBNET_ADDRFAM_IP4) {
307 		if (!data->tree4)
308 			data->tree4 = addrtree_create(
309 				cfg->max_client_subnet_ipv4, &delfunc,
310 				&sizefunc, env, cfg->max_ecs_tree_size_ipv4);
311 		tree = data->tree4;
312 	} else {
313 		if (!data->tree6)
314 			data->tree6 = addrtree_create(
315 				cfg->max_client_subnet_ipv6, &delfunc,
316 				&sizefunc, env, cfg->max_ecs_tree_size_ipv6);
317 		tree = data->tree6;
318 	}
319 	return tree;
320 }
321 
322 static void
323 update_cache(struct module_qstate *qstate, int id)
324 {
325 	struct msgreply_entry *mrep_entry;
326 	struct addrtree *tree;
327 	struct reply_info *rep;
328 	struct query_info qinf;
329 	struct subnet_env *sne = qstate->env->modinfo[id];
330 	struct subnet_qstate *sq = (struct subnet_qstate*)qstate->minfo[id];
331 	struct slabhash *subnet_msg_cache = sne->subnet_msg_cache;
332 	struct ecs_data *edns = &sq->ecs_client_in;
333 	size_t i;
334 
335 	/* We already calculated hash upon lookup (lookup_and_reply) if we were
336 	 * allowed to look in the ECS cache */
337 	hashvalue_type h = qstate->minfo[id] &&
338 		((struct subnet_qstate*)qstate->minfo[id])->qinfo_hash_calculated?
339 		((struct subnet_qstate*)qstate->minfo[id])->qinfo_hash :
340 		query_info_hash(&qstate->qinfo, qstate->query_flags);
341 	/* Step 1, general qinfo lookup */
342 	struct lruhash_entry *lru_entry = slabhash_lookup(subnet_msg_cache, h,
343 		&qstate->qinfo, 1);
344 	int need_to_insert = (lru_entry == NULL);
345 	if (!lru_entry) {
346 		void* data = calloc(1,
347 			sizeof(struct subnet_msg_cache_data));
348 		if(!data) {
349 			log_err("malloc failed");
350 			return;
351 		}
352 		qinf = qstate->qinfo;
353 		qinf.qname = memdup(qstate->qinfo.qname,
354 			qstate->qinfo.qname_len);
355 		if(!qinf.qname) {
356 			free(data);
357 			log_err("memdup failed");
358 			return;
359 		}
360 		mrep_entry = query_info_entrysetup(&qinf, data, h);
361 		free(qinf.qname); /* if qname 'consumed', it is set to NULL */
362 		if (!mrep_entry) {
363 			free(data);
364 			log_err("query_info_entrysetup failed");
365 			return;
366 		}
367 		lru_entry = &mrep_entry->entry;
368 		lock_rw_wrlock(&lru_entry->lock);
369 	}
370 	/* lru_entry->lock is locked regardless of how we got here,
371 	 * either from the slabhash_lookup, or above in the new allocated */
372 	/* Step 2, find the correct tree */
373 	if (!(tree = get_tree(lru_entry->data, edns, sne, qstate->env->cfg))) {
374 		lock_rw_unlock(&lru_entry->lock);
375 		log_err("subnetcache: cache insertion failed");
376 		return;
377 	}
378 	lock_quick_lock(&sne->alloc.lock);
379 	rep = reply_info_copy(qstate->return_msg->rep, &sne->alloc, NULL);
380 	lock_quick_unlock(&sne->alloc.lock);
381 	if (!rep) {
382 		lock_rw_unlock(&lru_entry->lock);
383 		log_err("subnetcache: cache insertion failed");
384 		return;
385 	}
386 
387 	/* store RRsets */
388 	for(i=0; i<rep->rrset_count; i++) {
389 		rep->ref[i].key = rep->rrsets[i];
390 		rep->ref[i].id = rep->rrsets[i]->id;
391 	}
392 	reply_info_set_ttls(rep, *qstate->env->now);
393 	rep->flags |= (BIT_RA | BIT_QR); /* fix flags to be sensible for */
394 	rep->flags &= ~(BIT_AA | BIT_CD);/* a reply based on the cache   */
395 	addrtree_insert(tree, (addrkey_t*)edns->subnet_addr,
396 		edns->subnet_source_mask, sq->max_scope, rep,
397 		rep->ttl, *qstate->env->now);
398 
399 	lock_rw_unlock(&lru_entry->lock);
400 	if (need_to_insert) {
401 		slabhash_insert(subnet_msg_cache, h, lru_entry, lru_entry->data,
402 			NULL);
403 	}
404 }
405 
406 /** Lookup in cache and reply true iff reply is sent. */
407 static int
408 lookup_and_reply(struct module_qstate *qstate, int id, struct subnet_qstate *sq)
409 {
410 	struct lruhash_entry *e;
411 	struct module_env *env = qstate->env;
412 	struct subnet_env *sne = (struct subnet_env*)env->modinfo[id];
413 	hashvalue_type h = query_info_hash(&qstate->qinfo, qstate->query_flags);
414 	struct subnet_msg_cache_data *data;
415 	struct ecs_data *ecs = &sq->ecs_client_in;
416 	struct addrtree *tree;
417 	struct addrnode *node;
418 	uint8_t scope;
419 
420 	memset(&sq->ecs_client_out, 0, sizeof(sq->ecs_client_out));
421 
422 	if (sq) {
423 		sq->qinfo_hash = h; /* Might be useful on cache miss */
424 		sq->qinfo_hash_calculated = 1;
425 	}
426 	e = slabhash_lookup(sne->subnet_msg_cache, h, &qstate->qinfo, 1);
427 	if (!e) return 0; /* qinfo not in cache */
428 	data = e->data;
429 	tree = (ecs->subnet_addr_fam == EDNSSUBNET_ADDRFAM_IP4)?
430 		data->tree4 : data->tree6;
431 	if (!tree) { /* qinfo in cache but not for this family */
432 		lock_rw_unlock(&e->lock);
433 		return 0;
434 	}
435 	node = addrtree_find(tree, (addrkey_t*)ecs->subnet_addr,
436 		ecs->subnet_source_mask, *env->now);
437 	if (!node) { /* plain old cache miss */
438 		lock_rw_unlock(&e->lock);
439 		return 0;
440 	}
441 
442 	qstate->return_msg = tomsg(NULL, &qstate->qinfo,
443 		(struct reply_info *)node->elem, qstate->region, *env->now, 0,
444 		env->scratch);
445 	scope = (uint8_t)node->scope;
446 	lock_rw_unlock(&e->lock);
447 
448 	if (!qstate->return_msg) { /* Failed allocation or expired TTL */
449 		return 0;
450 	}
451 
452 	if (sq->subnet_downstream) { /* relay to interested client */
453 		sq->ecs_client_out.subnet_scope_mask = scope;
454 		sq->ecs_client_out.subnet_addr_fam = ecs->subnet_addr_fam;
455 		sq->ecs_client_out.subnet_source_mask = ecs->subnet_source_mask;
456 		memcpy(&sq->ecs_client_out.subnet_addr, &ecs->subnet_addr,
457 			INET6_SIZE);
458 		sq->ecs_client_out.subnet_validdata = 1;
459 	}
460 	return 1;
461 }
462 
463 /**
464  * Test first bits of addresses for equality. Caller is responsible
465  * for making sure that both a and b are at least net/8 octets long.
466  * @param a: first address.
467  * @param a: seconds address.
468  * @param net: Number of bits to test.
469  * @return: 1 if equal, 0 otherwise.
470  */
471 static int
472 common_prefix(uint8_t *a, uint8_t *b, uint8_t net)
473 {
474 	size_t n = (size_t)net / 8;
475 	return !memcmp(a, b, n) && ((net % 8) == 0 || a[n] == b[n]);
476 }
477 
478 static enum module_ext_state
479 eval_response(struct module_qstate *qstate, int id, struct subnet_qstate *sq)
480 {
481 	struct subnet_env *sne = qstate->env->modinfo[id];
482 
483 	struct ecs_data *c_in  = &sq->ecs_client_in; /* rcvd from client */
484 	struct ecs_data *c_out = &sq->ecs_client_out;/* will send to client */
485 	struct ecs_data *s_in  = &sq->ecs_server_in; /* rcvd from auth */
486 	struct ecs_data *s_out = &sq->ecs_server_out;/* sent to auth */
487 
488 	memset(c_out, 0, sizeof(*c_out));
489 
490 	if (!qstate->return_msg) {
491 		/* already an answer and its not a message, but retain
492 		 * the actual rcode, instead of module_error, so send
493 		 * module_finished */
494 		return module_finished;
495 	}
496 
497 	/* We have not asked for subnet data */
498 	if (!sq->subnet_sent) {
499 		if (s_in->subnet_validdata)
500 			verbose(VERB_QUERY, "subnetcache: received spurious data");
501 		if (sq->subnet_downstream) /* Copy back to client */
502 			cp_edns_bad_response(c_out, c_in);
503 		return module_finished;
504 	}
505 
506 	/* subnet sent but nothing came back */
507 	if (!s_in->subnet_validdata) {
508 		/* The authority indicated no support for edns subnet. As a
509 		 * consequence the answer ended up in the regular cache. It
510 		 * is still useful to put it in the edns subnet cache for
511 		 * when a client explicitly asks for subnet specific answer. */
512 		verbose(VERB_QUERY, "subnetcache: Authority indicates no support");
513 		if(!sq->started_no_cache_store) {
514 			lock_rw_wrlock(&sne->biglock);
515 			update_cache(qstate, id);
516 			lock_rw_unlock(&sne->biglock);
517 		}
518 		if (sq->subnet_downstream)
519 			cp_edns_bad_response(c_out, c_in);
520 		return module_finished;
521 	}
522 
523 	/* Being here means we have asked for and got a subnet specific
524 	 * answer. Also, the answer from the authority is not yet cached
525 	 * anywhere. */
526 
527 	/* can we accept response? */
528 	if(s_out->subnet_addr_fam != s_in->subnet_addr_fam ||
529 		s_out->subnet_source_mask != s_in->subnet_source_mask ||
530 		!common_prefix(s_out->subnet_addr, s_in->subnet_addr,
531 			s_out->subnet_source_mask))
532 	{
533 		/* we can not accept, restart query without option */
534 		verbose(VERB_QUERY, "subnetcache: forged data");
535 		s_out->subnet_validdata = 0;
536 		(void)edns_opt_list_remove(&qstate->edns_opts_back_out,
537 			qstate->env->cfg->client_subnet_opcode);
538 		sq->subnet_sent = 0;
539 		return module_restart_next;
540 	}
541 
542 	lock_rw_wrlock(&sne->biglock);
543 	if(!sq->started_no_cache_store) {
544 		update_cache(qstate, id);
545 	}
546 	sne->num_msg_nocache++;
547 	lock_rw_unlock(&sne->biglock);
548 
549 	if (sq->subnet_downstream) {
550 		/* Client wants to see the answer, echo option back
551 		 * and adjust the scope. */
552 		c_out->subnet_addr_fam = c_in->subnet_addr_fam;
553 		c_out->subnet_source_mask = c_in->subnet_source_mask;
554 		memcpy(&c_out->subnet_addr, &c_in->subnet_addr, INET6_SIZE);
555 		c_out->subnet_scope_mask = sq->max_scope;
556 		/* Limit scope returned to client to scope used for caching. */
557 		if(c_out->subnet_addr_fam == EDNSSUBNET_ADDRFAM_IP4) {
558 			if(c_out->subnet_scope_mask >
559 				qstate->env->cfg->max_client_subnet_ipv4) {
560 				c_out->subnet_scope_mask =
561 					qstate->env->cfg->max_client_subnet_ipv4;
562 			}
563 		}
564 		else if(c_out->subnet_scope_mask >
565 				qstate->env->cfg->max_client_subnet_ipv6) {
566 				c_out->subnet_scope_mask =
567 					qstate->env->cfg->max_client_subnet_ipv6;
568 		}
569 		c_out->subnet_validdata = 1;
570 	}
571 	return module_finished;
572 }
573 
574 /** Parse EDNS opt data containing ECS */
575 static int
576 parse_subnet_option(struct edns_option* ecs_option, struct ecs_data* ecs)
577 {
578 	memset(ecs, 0, sizeof(*ecs));
579 	if (ecs_option->opt_len < 4)
580 		return 0;
581 
582 	ecs->subnet_addr_fam = sldns_read_uint16(ecs_option->opt_data);
583 	ecs->subnet_source_mask = ecs_option->opt_data[2];
584 	ecs->subnet_scope_mask = ecs_option->opt_data[3];
585 	/* remaining bytes indicate address */
586 
587 	/* validate input*/
588 	/* option length matches calculated length? */
589 	if (ecs_option->opt_len != (size_t)((ecs->subnet_source_mask+7)/8 + 4))
590 		return 0;
591 	if (ecs_option->opt_len - 4 > INET6_SIZE || ecs_option->opt_len == 0)
592 		return 0;
593 	if (ecs->subnet_addr_fam == EDNSSUBNET_ADDRFAM_IP4) {
594 		if (ecs->subnet_source_mask > 32 || ecs->subnet_scope_mask > 32)
595 			return 0;
596 	} else if (ecs->subnet_addr_fam == EDNSSUBNET_ADDRFAM_IP6) {
597 		if (ecs->subnet_source_mask > 128 ||
598 			ecs->subnet_scope_mask > 128)
599 			return 0;
600 	} else
601 		return 0;
602 
603 	/* valid ECS data, write to ecs_data */
604 	if (copy_clear(ecs->subnet_addr, INET6_SIZE, ecs_option->opt_data + 4,
605 		ecs_option->opt_len - 4, ecs->subnet_source_mask))
606 		return 0;
607 	ecs->subnet_validdata = 1;
608 	return 1;
609 }
610 
611 void
612 subnet_option_from_ss(struct sockaddr_storage *ss, struct ecs_data* ecs,
613 	struct config_file* cfg)
614 {
615 	void* sinaddr;
616 
617 	/* Construct subnet option from original query */
618 	if(((struct sockaddr_in*)ss)->sin_family == AF_INET) {
619 		ecs->subnet_source_mask = cfg->max_client_subnet_ipv4;
620 		ecs->subnet_addr_fam = EDNSSUBNET_ADDRFAM_IP4;
621 		sinaddr = &((struct sockaddr_in*)ss)->sin_addr;
622 		if (!copy_clear( ecs->subnet_addr, INET6_SIZE,
623 			(uint8_t *)sinaddr, INET_SIZE,
624 			ecs->subnet_source_mask)) {
625 			ecs->subnet_validdata = 1;
626 		}
627 	}
628 #ifdef INET6
629 	else {
630 		ecs->subnet_source_mask = cfg->max_client_subnet_ipv6;
631 		ecs->subnet_addr_fam = EDNSSUBNET_ADDRFAM_IP6;
632 		sinaddr = &((struct sockaddr_in6*)ss)->sin6_addr;
633 		if (!copy_clear( ecs->subnet_addr, INET6_SIZE,
634 			(uint8_t *)sinaddr, INET6_SIZE,
635 			ecs->subnet_source_mask)) {
636 			ecs->subnet_validdata = 1;
637 		}
638 	}
639 #else
640 			/* We don't know how to handle ip6, just pass */
641 #endif /* INET6 */
642 }
643 
644 int
645 ecs_query_response(struct module_qstate* qstate, struct dns_msg* response,
646 	int id, void* ATTR_UNUSED(cbargs))
647 {
648 	struct subnet_qstate *sq;
649 
650 	if(!response || !(sq=(struct subnet_qstate*)qstate->minfo[id]))
651 		return 1;
652 
653 	if(sq->subnet_sent &&
654 		FLAGS_GET_RCODE(response->rep->flags) == LDNS_RCODE_REFUSED) {
655 		/* REFUSED response to ECS query, remove ECS option. */
656 		edns_opt_list_remove(&qstate->edns_opts_back_out,
657 			qstate->env->cfg->client_subnet_opcode);
658 		sq->subnet_sent = 0;
659 		memset(&sq->ecs_server_out, 0, sizeof(sq->ecs_server_out));
660 	} else if (!sq->track_max_scope &&
661 		FLAGS_GET_RCODE(response->rep->flags) == LDNS_RCODE_NOERROR &&
662 		response->rep->an_numrrsets > 0
663 		) {
664 		struct ub_packed_rrset_key* s = response->rep->rrsets[0];
665 		if(ntohs(s->rk.type) == LDNS_RR_TYPE_CNAME &&
666 			query_dname_compare(qstate->qinfo.qname,
667 			s->rk.dname) == 0) {
668 			/* CNAME response for QNAME. From now on keep track of
669 			 * longest received ECS prefix for all queries on this
670 			 * qstate. */
671 			sq->track_max_scope = 1;
672 		}
673 	}
674 	return 1;
675 }
676 
677 int
678 ecs_edns_back_parsed(struct module_qstate* qstate, int id,
679 	void* ATTR_UNUSED(cbargs))
680 {
681 	struct subnet_qstate *sq;
682 	struct edns_option* ecs_opt;
683 
684 	if(!(sq=(struct subnet_qstate*)qstate->minfo[id]))
685 		return 1;
686 	if((ecs_opt = edns_opt_list_find(
687 		qstate->edns_opts_back_in,
688 		qstate->env->cfg->client_subnet_opcode)) &&
689 		parse_subnet_option(ecs_opt, &sq->ecs_server_in) &&
690 		sq->subnet_sent && sq->ecs_server_in.subnet_validdata) {
691 			/* Only skip global cache store if we sent an ECS option
692 			 * and received one back. Answers from non-whitelisted
693 			 * servers will end up in global cache. Answers for
694 			 * queries with 0 source will not (unless nameserver
695 			 * does not support ECS). */
696 			qstate->no_cache_store = 1;
697 			if(!sq->track_max_scope || (sq->track_max_scope &&
698 				sq->ecs_server_in.subnet_scope_mask >
699 				sq->max_scope))
700 				sq->max_scope = sq->ecs_server_in.subnet_scope_mask;
701 	}
702 
703 	return 1;
704 }
705 
706 void
707 subnetmod_operate(struct module_qstate *qstate, enum module_ev event,
708 	int id, struct outbound_entry* outbound)
709 {
710 	struct subnet_env *sne = qstate->env->modinfo[id];
711 	struct subnet_qstate *sq = (struct subnet_qstate*)qstate->minfo[id];
712 
713 	verbose(VERB_QUERY, "subnetcache[module %d] operate: extstate:%s "
714 		"event:%s", id, strextstate(qstate->ext_state[id]),
715 		strmodulevent(event));
716 	log_query_info(VERB_QUERY, "subnetcache operate: query", &qstate->qinfo);
717 
718 	if((event == module_event_new || event == module_event_pass) &&
719 		sq == NULL) {
720 		struct edns_option* ecs_opt;
721 		if(!subnet_new_qstate(qstate, id)) {
722 			qstate->return_msg = NULL;
723 			qstate->ext_state[id] = module_finished;
724 			return;
725 		}
726 
727 		sq = (struct subnet_qstate*)qstate->minfo[id];
728 
729 		if((ecs_opt = edns_opt_list_find(
730 			qstate->edns_opts_front_in,
731 			qstate->env->cfg->client_subnet_opcode))) {
732 			if(!parse_subnet_option(ecs_opt, &sq->ecs_client_in)) {
733 				/* Wrongly formatted ECS option. RFC mandates to
734 				 * return FORMERROR. */
735 				qstate->return_rcode = LDNS_RCODE_FORMERR;
736 				qstate->ext_state[id] = module_finished;
737 				return;
738 			}
739 			sq->subnet_downstream = 1;
740 		}
741 		else if(qstate->mesh_info->reply_list) {
742 			subnet_option_from_ss(
743 				&qstate->mesh_info->reply_list->query_reply.addr,
744 				&sq->ecs_client_in, qstate->env->cfg);
745 		}
746 
747 		if(sq->ecs_client_in.subnet_validdata == 0) {
748 			/* No clients are interested in result or we could not
749 			 * parse it, we don't do client subnet */
750 			sq->ecs_server_out.subnet_validdata = 0;
751 			verbose(VERB_ALGO, "subnetcache: pass to next module");
752 			qstate->ext_state[id] = module_wait_module;
753 			return;
754 		}
755 
756 		/* Limit to minimum allowed source mask */
757 		if(sq->ecs_client_in.subnet_source_mask != 0 && (
758 			(sq->ecs_client_in.subnet_addr_fam == EDNSSUBNET_ADDRFAM_IP4 &&
759 			 sq->ecs_client_in.subnet_source_mask < qstate->env->cfg->min_client_subnet_ipv4) ||
760 			(sq->ecs_client_in.subnet_addr_fam == EDNSSUBNET_ADDRFAM_IP6 &&
761 			 sq->ecs_client_in.subnet_source_mask < qstate->env->cfg->min_client_subnet_ipv6))) {
762 				qstate->return_rcode = LDNS_RCODE_REFUSED;
763 				qstate->ext_state[id] = module_finished;
764 				return;
765 		}
766 
767 		if(!sq->started_no_cache_lookup && !qstate->blacklist) {
768 			lock_rw_wrlock(&sne->biglock);
769 			if(lookup_and_reply(qstate, id, sq)) {
770 				sne->num_msg_cache++;
771 				lock_rw_unlock(&sne->biglock);
772 				verbose(VERB_QUERY, "subnetcache: answered from cache");
773 				qstate->ext_state[id] = module_finished;
774 
775 				subnet_ecs_opt_list_append(&sq->ecs_client_out,
776 					&qstate->edns_opts_front_out, qstate,
777 					qstate->region);
778 				return;
779 			}
780 			lock_rw_unlock(&sne->biglock);
781 		}
782 
783 		sq->ecs_server_out.subnet_addr_fam =
784 			sq->ecs_client_in.subnet_addr_fam;
785 		sq->ecs_server_out.subnet_source_mask =
786 			sq->ecs_client_in.subnet_source_mask;
787 		/* Limit source prefix to configured maximum */
788 		if(sq->ecs_server_out.subnet_addr_fam == EDNSSUBNET_ADDRFAM_IP4
789 			&& sq->ecs_server_out.subnet_source_mask >
790 			qstate->env->cfg->max_client_subnet_ipv4)
791 			sq->ecs_server_out.subnet_source_mask =
792 				qstate->env->cfg->max_client_subnet_ipv4;
793 		else if(sq->ecs_server_out.subnet_addr_fam == EDNSSUBNET_ADDRFAM_IP6
794 			&& sq->ecs_server_out.subnet_source_mask >
795 			qstate->env->cfg->max_client_subnet_ipv6)
796 			sq->ecs_server_out.subnet_source_mask =
797 				qstate->env->cfg->max_client_subnet_ipv6;
798 		/* Safe to copy completely, even if the source is limited by the
799 		 * configuration. subnet_ecs_opt_list_append() will limit the address.
800 		 * */
801 		memcpy(&sq->ecs_server_out.subnet_addr,
802 			sq->ecs_client_in.subnet_addr, INET6_SIZE);
803 		sq->ecs_server_out.subnet_scope_mask = 0;
804 		sq->ecs_server_out.subnet_validdata = 1;
805 		if(sq->ecs_server_out.subnet_source_mask != 0 &&
806 			qstate->env->cfg->client_subnet_always_forward &&
807 			sq->subnet_downstream)
808 			/* ECS specific data required, do not look at the global
809 			 * cache in other modules. */
810 			qstate->no_cache_lookup = 1;
811 
812 		/* pass request to next module */
813 		verbose(VERB_ALGO,
814 			"subnetcache: not found in cache. pass to next module");
815 		qstate->ext_state[id] = module_wait_module;
816 		return;
817 	}
818 	/* Query handed back by next module, we have a 'final' answer */
819 	if(sq && event == module_event_moddone) {
820 		qstate->ext_state[id] = eval_response(qstate, id, sq);
821 		if(qstate->ext_state[id] == module_finished &&
822 			qstate->return_msg) {
823 			subnet_ecs_opt_list_append(&sq->ecs_client_out,
824 				&qstate->edns_opts_front_out, qstate,
825 				qstate->region);
826 		}
827 		qstate->no_cache_store = sq->started_no_cache_store;
828 		qstate->no_cache_lookup = sq->started_no_cache_lookup;
829 		return;
830 	}
831 	if(sq && outbound) {
832 		return;
833 	}
834 	/* We are being revisited */
835 	if(event == module_event_pass || event == module_event_new) {
836 		/* Just pass it on, we already did the work */
837 		verbose(VERB_ALGO, "subnetcache: pass to next module");
838 		qstate->ext_state[id] = module_wait_module;
839 		return;
840 	}
841 	if(!sq && (event == module_event_moddone)) {
842 		/* during priming, module done but we never started */
843 		qstate->ext_state[id] = module_finished;
844 		return;
845 	}
846 	log_err("subnetcache: bad event %s", strmodulevent(event));
847 	qstate->ext_state[id] = module_error;
848 	return;
849 }
850 
851 void
852 subnetmod_clear(struct module_qstate *ATTR_UNUSED(qstate),
853 	int ATTR_UNUSED(id))
854 {
855 	/* qstate has no data outside region */
856 }
857 
858 void
859 subnetmod_inform_super(struct module_qstate *ATTR_UNUSED(qstate),
860 	int ATTR_UNUSED(id), struct module_qstate *ATTR_UNUSED(super))
861 {
862 	/* Not used */
863 }
864 
865 size_t
866 subnetmod_get_mem(struct module_env *env, int id)
867 {
868 	struct subnet_env *sn_env = env->modinfo[id];
869 	if (!sn_env) return 0;
870 	return sizeof(*sn_env) +
871 		slabhash_get_mem(sn_env->subnet_msg_cache) +
872 		ecs_whitelist_get_mem(sn_env->whitelist);
873 }
874 
875 /**
876  * The module function block
877  */
878 static struct module_func_block subnetmod_block = {
879 	"subnetcache", &subnetmod_init, &subnetmod_deinit, &subnetmod_operate,
880 	&subnetmod_inform_super, &subnetmod_clear, &subnetmod_get_mem
881 };
882 
883 struct module_func_block*
884 subnetmod_get_funcblock(void)
885 {
886 	return &subnetmod_block;
887 }
888 
889 /** Wrappers for static functions to unit test */
890 size_t
891 unittest_wrapper_subnetmod_sizefunc(void *elemptr)
892 {
893 	return sizefunc(elemptr);
894 }
895 
896 #endif  /* CLIENT_SUBNET */
897