1/* 2 * daemon/cachedump.c - dump the cache to text format. 3 * 4 * Copyright (c) 2008, NLnet Labs. All rights reserved. 5 * 6 * This software is open source. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 12 * Redistributions of source code must retain the above copyright notice, 13 * this list of conditions and the following disclaimer. 14 * 15 * Redistributions in binary form must reproduce the above copyright notice, 16 * this list of conditions and the following disclaimer in the documentation 17 * and/or other materials provided with the distribution. 18 * 19 * Neither the name of the NLNET LABS nor the names of its contributors may 20 * be used to endorse or promote products derived from this software without 21 * specific prior written permission. 22 * 23 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 24 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 25 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 26 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 27 * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 28 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED 29 * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR 30 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF 31 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING 32 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS 33 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 34 */ 35 36/** 37 * \file 38 * 39 * This file contains functions to read and write the cache(s) 40 * to text format. 41 */ 42#include "config.h" 43#include <openssl/ssl.h> 44#include "daemon/cachedump.h" 45#include "daemon/remote.h" 46#include "daemon/worker.h" 47#include "services/cache/rrset.h" 48#include "services/cache/dns.h" 49#include "services/cache/infra.h" 50#include "services/outside_network.h" 51#include "util/data/msgreply.h" 52#include "util/regional.h" 53#include "util/net_help.h" 54#include "util/data/dname.h" 55#include "util/config_file.h" 56#include "iterator/iterator.h" 57#include "iterator/iter_delegpt.h" 58#include "iterator/iter_utils.h" 59#include "iterator/iter_fwd.h" 60#include "iterator/iter_hints.h" 61#include "sldns/sbuffer.h" 62#include "sldns/wire2str.h" 63#include "sldns/str2wire.h" 64 65/** dump one rrset zonefile line */ 66static int 67dump_rrset_line(RES* ssl, struct ub_packed_rrset_key* k, time_t now, size_t i) 68{ 69 char s[65535]; 70 if(!packed_rr_to_string(k, i, now, s, sizeof(s))) { 71 return ssl_printf(ssl, "BADRR\n"); 72 } 73 return ssl_printf(ssl, "%s", s); 74} 75 76/** dump rrset key and data info */ 77static int 78dump_rrset(RES* ssl, struct ub_packed_rrset_key* k, 79 struct packed_rrset_data* d, time_t now) 80{ 81 size_t i; 82 /* rd lock held by caller */ 83 if(!k || !d) return 1; 84 if(k->id == 0) return 1; /* deleted */ 85 if(d->ttl < now) return 1; /* expired */ 86 87 /* meta line */ 88 if(!ssl_printf(ssl, ";rrset%s " ARG_LL "d %u %u %d %d\n", 89 (k->rk.flags & PACKED_RRSET_NSEC_AT_APEX)?" nsec_apex":"", 90 (long long)(d->ttl - now), 91 (unsigned)d->count, (unsigned)d->rrsig_count, 92 (int)d->trust, (int)d->security 93 )) 94 return 0; 95 for(i=0; i<d->count + d->rrsig_count; i++) { 96 if(!dump_rrset_line(ssl, k, now, i)) 97 return 0; 98 } 99 return 1; 100} 101 102/** dump lruhash rrset cache */ 103static int 104dump_rrset_lruhash(RES* ssl, struct lruhash* h, time_t now) 105{ 106 struct lruhash_entry* e; 107 /* lruhash already locked by caller */ 108 /* walk in order of lru; best first */ 109 for(e=h->lru_start; e; e = e->lru_next) { 110 lock_rw_rdlock(&e->lock); 111 if(!dump_rrset(ssl, (struct ub_packed_rrset_key*)e->key, 112 (struct packed_rrset_data*)e->data, now)) { 113 lock_rw_unlock(&e->lock); 114 return 0; 115 } 116 lock_rw_unlock(&e->lock); 117 } 118 return 1; 119} 120 121/** dump rrset cache */ 122static int 123dump_rrset_cache(RES* ssl, struct worker* worker) 124{ 125 struct rrset_cache* r = worker->env.rrset_cache; 126 size_t slab; 127 if(!ssl_printf(ssl, "START_RRSET_CACHE\n")) return 0; 128 for(slab=0; slab<r->table.size; slab++) { 129 lock_quick_lock(&r->table.array[slab]->lock); 130 if(!dump_rrset_lruhash(ssl, r->table.array[slab], 131 *worker->env.now)) { 132 lock_quick_unlock(&r->table.array[slab]->lock); 133 return 0; 134 } 135 lock_quick_unlock(&r->table.array[slab]->lock); 136 } 137 return ssl_printf(ssl, "END_RRSET_CACHE\n"); 138} 139 140/** dump message to rrset reference */ 141static int 142dump_msg_ref(RES* ssl, struct ub_packed_rrset_key* k) 143{ 144 char* nm, *tp, *cl; 145 nm = sldns_wire2str_dname(k->rk.dname, k->rk.dname_len); 146 tp = sldns_wire2str_type(ntohs(k->rk.type)); 147 cl = sldns_wire2str_class(ntohs(k->rk.rrset_class)); 148 if(!nm || !cl || !tp) { 149 free(nm); 150 free(tp); 151 free(cl); 152 return ssl_printf(ssl, "BADREF\n"); 153 } 154 if(!ssl_printf(ssl, "%s %s %s %d\n", nm, cl, tp, (int)k->rk.flags)) { 155 free(nm); 156 free(tp); 157 free(cl); 158 return 0; 159 } 160 free(nm); 161 free(tp); 162 free(cl); 163 164 return 1; 165} 166 167/** dump message entry */ 168static int 169dump_msg(RES* ssl, struct query_info* k, struct reply_info* d, time_t now) 170{ 171 size_t i; 172 char* nm, *tp, *cl; 173 if(!k || !d) return 1; 174 if(d->ttl < now) return 1; /* expired */ 175 176 nm = sldns_wire2str_dname(k->qname, k->qname_len); 177 tp = sldns_wire2str_type(k->qtype); 178 cl = sldns_wire2str_class(k->qclass); 179 if(!nm || !tp || !cl) { 180 free(nm); 181 free(tp); 182 free(cl); 183 return 1; /* skip this entry */ 184 } 185 if(!rrset_array_lock(d->ref, d->rrset_count, now)) { 186 /* rrsets have timed out or do not exist */ 187 free(nm); 188 free(tp); 189 free(cl); 190 return 1; /* skip this entry */ 191 } 192 193 /* meta line */ 194 if(!ssl_printf(ssl, "msg %s %s %s %d %d " ARG_LL "d %d %u %u %u %d %s\n", 195 nm, cl, tp, 196 (int)d->flags, (int)d->qdcount, 197 (long long)(d->ttl-now), (int)d->security, 198 (unsigned)d->an_numrrsets, 199 (unsigned)d->ns_numrrsets, 200 (unsigned)d->ar_numrrsets, 201 (int)d->reason_bogus, 202 d->reason_bogus_str?d->reason_bogus_str:"")) { 203 free(nm); 204 free(tp); 205 free(cl); 206 rrset_array_unlock(d->ref, d->rrset_count); 207 return 0; 208 } 209 free(nm); 210 free(tp); 211 free(cl); 212 213 for(i=0; i<d->rrset_count; i++) { 214 if(!dump_msg_ref(ssl, d->rrsets[i])) { 215 rrset_array_unlock(d->ref, d->rrset_count); 216 return 0; 217 } 218 } 219 rrset_array_unlock(d->ref, d->rrset_count); 220 221 return 1; 222} 223 224/** copy msg to worker pad */ 225static int 226copy_msg(struct regional* region, struct lruhash_entry* e, 227 struct query_info** k, struct reply_info** d) 228{ 229 struct reply_info* rep = (struct reply_info*)e->data; 230 if(rep->rrset_count > RR_COUNT_MAX) 231 return 0; /* to protect against integer overflow */ 232 *d = (struct reply_info*)regional_alloc_init(region, e->data, 233 sizeof(struct reply_info) + 234 sizeof(struct rrset_ref) * (rep->rrset_count-1) + 235 sizeof(struct ub_packed_rrset_key*) * rep->rrset_count); 236 if(!*d) 237 return 0; 238 (*d)->rrsets = (struct ub_packed_rrset_key**)(void *)( 239 (uint8_t*)(&((*d)->ref[0])) + 240 sizeof(struct rrset_ref) * rep->rrset_count); 241 *k = (struct query_info*)regional_alloc_init(region, 242 e->key, sizeof(struct query_info)); 243 if(!*k) 244 return 0; 245 (*k)->qname = regional_alloc_init(region, 246 (*k)->qname, (*k)->qname_len); 247 return (*k)->qname != NULL; 248} 249 250/** dump lruhash msg cache */ 251static int 252dump_msg_lruhash(RES* ssl, struct worker* worker, struct lruhash* h) 253{ 254 struct lruhash_entry* e; 255 struct query_info* k; 256 struct reply_info* d; 257 258 /* lruhash already locked by caller */ 259 /* walk in order of lru; best first */ 260 for(e=h->lru_start; e; e = e->lru_next) { 261 regional_free_all(worker->scratchpad); 262 lock_rw_rdlock(&e->lock); 263 /* make copy of rrset in worker buffer */ 264 if(!copy_msg(worker->scratchpad, e, &k, &d)) { 265 lock_rw_unlock(&e->lock); 266 return 0; 267 } 268 lock_rw_unlock(&e->lock); 269 /* release lock so we can lookup the rrset references 270 * in the rrset cache */ 271 if(!dump_msg(ssl, k, d, *worker->env.now)) { 272 return 0; 273 } 274 } 275 return 1; 276} 277 278/** dump msg cache */ 279static int 280dump_msg_cache(RES* ssl, struct worker* worker) 281{ 282 struct slabhash* sh = worker->env.msg_cache; 283 size_t slab; 284 if(!ssl_printf(ssl, "START_MSG_CACHE\n")) return 0; 285 for(slab=0; slab<sh->size; slab++) { 286 lock_quick_lock(&sh->array[slab]->lock); 287 if(!dump_msg_lruhash(ssl, worker, sh->array[slab])) { 288 lock_quick_unlock(&sh->array[slab]->lock); 289 return 0; 290 } 291 lock_quick_unlock(&sh->array[slab]->lock); 292 } 293 return ssl_printf(ssl, "END_MSG_CACHE\n"); 294} 295 296int 297dump_cache(RES* ssl, struct worker* worker) 298{ 299 if(!dump_rrset_cache(ssl, worker)) 300 return 0; 301 if(!dump_msg_cache(ssl, worker)) 302 return 0; 303 return ssl_printf(ssl, "EOF\n"); 304} 305 306/** read a line from ssl into buffer */ 307static int 308ssl_read_buf(RES* ssl, sldns_buffer* buf) 309{ 310 return ssl_read_line(ssl, (char*)sldns_buffer_begin(buf), 311 sldns_buffer_capacity(buf)); 312} 313 314/** check fixed text on line */ 315static int 316read_fixed(RES* ssl, sldns_buffer* buf, const char* str) 317{ 318 if(!ssl_read_buf(ssl, buf)) return 0; 319 return (strcmp((char*)sldns_buffer_begin(buf), str) == 0); 320} 321 322/** load an RR into rrset */ 323static int 324load_rr(RES* ssl, sldns_buffer* buf, struct regional* region, 325 struct ub_packed_rrset_key* rk, struct packed_rrset_data* d, 326 unsigned int i, int is_rrsig, int* go_on, time_t now) 327{ 328 uint8_t rr[LDNS_RR_BUF_SIZE]; 329 size_t rr_len = sizeof(rr), dname_len = 0; 330 int status; 331 332 /* read the line */ 333 if(!ssl_read_buf(ssl, buf)) 334 return 0; 335 if(strncmp((char*)sldns_buffer_begin(buf), "BADRR\n", 6) == 0) { 336 *go_on = 0; 337 return 1; 338 } 339 status = sldns_str2wire_rr_buf((char*)sldns_buffer_begin(buf), rr, 340 &rr_len, &dname_len, 3600, NULL, 0, NULL, 0); 341 if(status != 0) { 342 log_warn("error cannot parse rr: %s: %s", 343 sldns_get_errorstr_parse(status), 344 (char*)sldns_buffer_begin(buf)); 345 return 0; 346 } 347 if(is_rrsig && sldns_wirerr_get_type(rr, rr_len, dname_len) 348 != LDNS_RR_TYPE_RRSIG) { 349 log_warn("error expected rrsig but got %s", 350 (char*)sldns_buffer_begin(buf)); 351 return 0; 352 } 353 354 /* convert ldns rr into packed_rr */ 355 d->rr_ttl[i] = (time_t)sldns_wirerr_get_ttl(rr, rr_len, dname_len) + now; 356 sldns_buffer_clear(buf); 357 d->rr_len[i] = sldns_wirerr_get_rdatalen(rr, rr_len, dname_len)+2; 358 d->rr_data[i] = (uint8_t*)regional_alloc_init(region, 359 sldns_wirerr_get_rdatawl(rr, rr_len, dname_len), d->rr_len[i]); 360 if(!d->rr_data[i]) { 361 log_warn("error out of memory"); 362 return 0; 363 } 364 365 /* if first entry, fill the key structure */ 366 if(i==0) { 367 rk->rk.type = htons(sldns_wirerr_get_type(rr, rr_len, dname_len)); 368 rk->rk.rrset_class = htons(sldns_wirerr_get_class(rr, rr_len, dname_len)); 369 rk->rk.dname_len = dname_len; 370 rk->rk.dname = regional_alloc_init(region, rr, dname_len); 371 if(!rk->rk.dname) { 372 log_warn("error out of memory"); 373 return 0; 374 } 375 } 376 377 return 1; 378} 379 380/** move entry into cache */ 381static int 382move_into_cache(struct ub_packed_rrset_key* k, 383 struct packed_rrset_data* d, struct worker* worker) 384{ 385 struct ub_packed_rrset_key* ak; 386 struct packed_rrset_data* ad; 387 size_t s, i, num = d->count + d->rrsig_count; 388 struct rrset_ref ref; 389 uint8_t* p; 390 391 ak = alloc_special_obtain(worker->alloc); 392 if(!ak) { 393 log_warn("error out of memory"); 394 return 0; 395 } 396 ak->entry.data = NULL; 397 ak->rk = k->rk; 398 ak->entry.hash = rrset_key_hash(&k->rk); 399 ak->rk.dname = (uint8_t*)memdup(k->rk.dname, k->rk.dname_len); 400 if(!ak->rk.dname) { 401 log_warn("error out of memory"); 402 ub_packed_rrset_parsedelete(ak, worker->alloc); 403 return 0; 404 } 405 s = sizeof(*ad) + (sizeof(size_t) + sizeof(uint8_t*) + 406 sizeof(time_t))* num; 407 for(i=0; i<num; i++) 408 s += d->rr_len[i]; 409 ad = (struct packed_rrset_data*)malloc(s); 410 if(!ad) { 411 log_warn("error out of memory"); 412 ub_packed_rrset_parsedelete(ak, worker->alloc); 413 return 0; 414 } 415 p = (uint8_t*)ad; 416 memmove(p, d, sizeof(*ad)); 417 p += sizeof(*ad); 418 memmove(p, &d->rr_len[0], sizeof(size_t)*num); 419 p += sizeof(size_t)*num; 420 memmove(p, &d->rr_data[0], sizeof(uint8_t*)*num); 421 p += sizeof(uint8_t*)*num; 422 memmove(p, &d->rr_ttl[0], sizeof(time_t)*num); 423 p += sizeof(time_t)*num; 424 for(i=0; i<num; i++) { 425 memmove(p, d->rr_data[i], d->rr_len[i]); 426 p += d->rr_len[i]; 427 } 428 packed_rrset_ptr_fixup(ad); 429 430 ak->entry.data = ad; 431 432 ref.key = ak; 433 ref.id = ak->id; 434 (void)rrset_cache_update(worker->env.rrset_cache, &ref, 435 worker->alloc, *worker->env.now); 436 437 return 1; 438} 439 440/** load an rrset entry */ 441static int 442load_rrset(RES* ssl, sldns_buffer* buf, struct worker* worker) 443{ 444 char* s = (char*)sldns_buffer_begin(buf); 445 struct regional* region = worker->scratchpad; 446 struct ub_packed_rrset_key* rk; 447 struct packed_rrset_data* d; 448 unsigned int rr_count, rrsig_count, trust, security; 449 long long ttl; 450 unsigned int i; 451 int go_on = 1; 452 regional_free_all(region); 453 454 rk = (struct ub_packed_rrset_key*)regional_alloc_zero(region, 455 sizeof(*rk)); 456 d = (struct packed_rrset_data*)regional_alloc_zero(region, sizeof(*d)); 457 if(!rk || !d) { 458 log_warn("error out of memory"); 459 return 0; 460 } 461 462 if(strncmp(s, ";rrset", 6) != 0) { 463 log_warn("error expected ';rrset' but got %s", s); 464 return 0; 465 } 466 s += 6; 467 if(strncmp(s, " nsec_apex", 10) == 0) { 468 s += 10; 469 rk->rk.flags |= PACKED_RRSET_NSEC_AT_APEX; 470 } 471 if(sscanf(s, " " ARG_LL "d %u %u %u %u", &ttl, &rr_count, &rrsig_count, 472 &trust, &security) != 5) { 473 log_warn("error bad rrset spec %s", s); 474 return 0; 475 } 476 if(rr_count == 0 && rrsig_count == 0) { 477 log_warn("bad rrset without contents"); 478 return 0; 479 } 480 if(rr_count > RR_COUNT_MAX || rrsig_count > RR_COUNT_MAX) { 481 log_warn("bad rrset with too many rrs"); 482 return 0; 483 } 484 d->count = (size_t)rr_count; 485 d->rrsig_count = (size_t)rrsig_count; 486 d->security = (enum sec_status)security; 487 d->trust = (enum rrset_trust)trust; 488 d->ttl = (time_t)ttl + *worker->env.now; 489 490 d->rr_len = regional_alloc_zero(region, 491 sizeof(size_t)*(d->count+d->rrsig_count)); 492 d->rr_ttl = regional_alloc_zero(region, 493 sizeof(time_t)*(d->count+d->rrsig_count)); 494 d->rr_data = regional_alloc_zero(region, 495 sizeof(uint8_t*)*(d->count+d->rrsig_count)); 496 if(!d->rr_len || !d->rr_ttl || !d->rr_data) { 497 log_warn("error out of memory"); 498 return 0; 499 } 500 501 /* read the rr's themselves */ 502 for(i=0; i<rr_count; i++) { 503 if(!load_rr(ssl, buf, region, rk, d, i, 0, 504 &go_on, *worker->env.now)) { 505 log_warn("could not read rr %u", i); 506 return 0; 507 } 508 } 509 for(i=0; i<rrsig_count; i++) { 510 if(!load_rr(ssl, buf, region, rk, d, i+rr_count, 1, 511 &go_on, *worker->env.now)) { 512 log_warn("could not read rrsig %u", i); 513 return 0; 514 } 515 } 516 if(!go_on) { 517 /* skip this entry */ 518 return 1; 519 } 520 521 return move_into_cache(rk, d, worker); 522} 523 524/** load rrset cache */ 525static int 526load_rrset_cache(RES* ssl, struct worker* worker) 527{ 528 sldns_buffer* buf = worker->env.scratch_buffer; 529 if(!read_fixed(ssl, buf, "START_RRSET_CACHE")) return 0; 530 while(ssl_read_buf(ssl, buf) && 531 strcmp((char*)sldns_buffer_begin(buf), "END_RRSET_CACHE")!=0) { 532 if(!load_rrset(ssl, buf, worker)) 533 return 0; 534 } 535 return 1; 536} 537 538/** read qinfo from next three words */ 539static char* 540load_qinfo(char* str, struct query_info* qinfo, struct regional* region) 541{ 542 /* s is part of the buf */ 543 char* s = str; 544 uint8_t rr[LDNS_RR_BUF_SIZE]; 545 size_t rr_len = sizeof(rr), dname_len = 0; 546 int status; 547 548 /* skip three words */ 549 s = strchr(str, ' '); 550 if(s) s = strchr(s+1, ' '); 551 if(s) s = strchr(s+1, ' '); 552 if(!s) { 553 log_warn("error line too short, %s", str); 554 return NULL; 555 } 556 s[0] = 0; 557 s++; 558 559 /* parse them */ 560 status = sldns_str2wire_rr_question_buf(str, rr, &rr_len, &dname_len, 561 NULL, 0, NULL, 0); 562 if(status != 0) { 563 log_warn("error cannot parse: %s %s", 564 sldns_get_errorstr_parse(status), str); 565 return NULL; 566 } 567 qinfo->qtype = sldns_wirerr_get_type(rr, rr_len, dname_len); 568 qinfo->qclass = sldns_wirerr_get_class(rr, rr_len, dname_len); 569 qinfo->qname_len = dname_len; 570 qinfo->qname = (uint8_t*)regional_alloc_init(region, rr, dname_len); 571 qinfo->local_alias = NULL; 572 if(!qinfo->qname) { 573 log_warn("error out of memory"); 574 return NULL; 575 } 576 577 return s; 578} 579 580/** load a msg rrset reference */ 581static int 582load_ref(RES* ssl, sldns_buffer* buf, struct worker* worker, 583 struct regional *region, struct ub_packed_rrset_key** rrset, 584 int* go_on) 585{ 586 char* s = (char*)sldns_buffer_begin(buf); 587 struct query_info qinfo; 588 unsigned int flags; 589 struct ub_packed_rrset_key* k; 590 591 /* read line */ 592 if(!ssl_read_buf(ssl, buf)) 593 return 0; 594 if(strncmp(s, "BADREF", 6) == 0) { 595 *go_on = 0; /* its bad, skip it and skip message */ 596 return 1; 597 } 598 599 s = load_qinfo(s, &qinfo, region); 600 if(!s) { 601 return 0; 602 } 603 if(sscanf(s, " %u", &flags) != 1) { 604 log_warn("error cannot parse flags: %s", s); 605 return 0; 606 } 607 608 /* lookup in cache */ 609 k = rrset_cache_lookup(worker->env.rrset_cache, qinfo.qname, 610 qinfo.qname_len, qinfo.qtype, qinfo.qclass, 611 (uint32_t)flags, *worker->env.now, 0); 612 if(!k) { 613 /* not found or expired */ 614 *go_on = 0; 615 return 1; 616 } 617 618 /* store in result */ 619 *rrset = packed_rrset_copy_region(k, region, *worker->env.now); 620 lock_rw_unlock(&k->entry.lock); 621 622 return (*rrset != NULL); 623} 624 625/** load a msg entry */ 626static int 627load_msg(RES* ssl, sldns_buffer* buf, struct worker* worker) 628{ 629 struct regional* region = worker->scratchpad; 630 struct query_info qinf; 631 struct reply_info rep; 632 char* s = (char*)sldns_buffer_begin(buf); 633 unsigned int flags, qdcount, security, an, ns, ar; 634 long long ttl; 635 size_t i; 636 int go_on = 1; 637 int ede; 638 int consumed = 0; 639 char* ede_str = NULL; 640 641 regional_free_all(region); 642 643 if(strncmp(s, "msg ", 4) != 0) { 644 log_warn("error expected msg but got %s", s); 645 return 0; 646 } 647 s += 4; 648 s = load_qinfo(s, &qinf, region); 649 if(!s) { 650 return 0; 651 } 652 653 /* read remainder of line */ 654 /* note the last space before any possible EDE text */ 655 if(sscanf(s, " %u %u " ARG_LL "d %u %u %u %u %d %n", &flags, &qdcount, &ttl, 656 &security, &an, &ns, &ar, &ede, &consumed) != 8) { 657 log_warn("error cannot parse numbers: %s", s); 658 return 0; 659 } 660 /* there may be EDE text after the numbers */ 661 if(consumed > 0 && (size_t)consumed < strlen(s)) 662 ede_str = s + consumed; 663 memset(&rep, 0, sizeof(rep)); 664 rep.flags = (uint16_t)flags; 665 rep.qdcount = (uint16_t)qdcount; 666 rep.ttl = (time_t)ttl; 667 rep.prefetch_ttl = PREFETCH_TTL_CALC(rep.ttl); 668 rep.serve_expired_ttl = rep.ttl + SERVE_EXPIRED_TTL; 669 rep.security = (enum sec_status)security; 670 if(an > RR_COUNT_MAX || ns > RR_COUNT_MAX || ar > RR_COUNT_MAX) { 671 log_warn("error too many rrsets"); 672 return 0; /* protect against integer overflow in alloc */ 673 } 674 rep.an_numrrsets = (size_t)an; 675 rep.ns_numrrsets = (size_t)ns; 676 rep.ar_numrrsets = (size_t)ar; 677 rep.rrset_count = (size_t)an+(size_t)ns+(size_t)ar; 678 rep.reason_bogus = (sldns_ede_code)ede; 679 rep.reason_bogus_str = ede_str?(char*)regional_strdup(region, ede_str):NULL; 680 rep.rrsets = (struct ub_packed_rrset_key**)regional_alloc_zero( 681 region, sizeof(struct ub_packed_rrset_key*)*rep.rrset_count); 682 683 /* fill repinfo with references */ 684 for(i=0; i<rep.rrset_count; i++) { 685 if(!load_ref(ssl, buf, worker, region, &rep.rrsets[i], 686 &go_on)) { 687 return 0; 688 } 689 } 690 691 if(!go_on) 692 return 1; /* skip this one, not all references satisfied */ 693 694 if(!dns_cache_store(&worker->env, &qinf, &rep, 0, 0, 0, NULL, flags, 695 *worker->env.now)) { 696 log_warn("error out of memory"); 697 return 0; 698 } 699 return 1; 700} 701 702/** load msg cache */ 703static int 704load_msg_cache(RES* ssl, struct worker* worker) 705{ 706 sldns_buffer* buf = worker->env.scratch_buffer; 707 if(!read_fixed(ssl, buf, "START_MSG_CACHE")) return 0; 708 while(ssl_read_buf(ssl, buf) && 709 strcmp((char*)sldns_buffer_begin(buf), "END_MSG_CACHE")!=0) { 710 if(!load_msg(ssl, buf, worker)) 711 return 0; 712 } 713 return 1; 714} 715 716int 717load_cache(RES* ssl, struct worker* worker) 718{ 719 if(!load_rrset_cache(ssl, worker)) 720 return 0; 721 if(!load_msg_cache(ssl, worker)) 722 return 0; 723 return read_fixed(ssl, worker->env.scratch_buffer, "EOF"); 724} 725 726/** print details on a delegation point */ 727static void 728print_dp_details(RES* ssl, struct worker* worker, struct delegpt* dp) 729{ 730 char buf[257]; 731 struct delegpt_addr* a; 732 int lame, dlame, rlame, rto, edns_vs, to, delay, 733 tA = 0, tAAAA = 0, tother = 0; 734 long long entry_ttl; 735 struct rtt_info ri; 736 uint8_t edns_lame_known; 737 for(a = dp->target_list; a; a = a->next_target) { 738 addr_to_str(&a->addr, a->addrlen, buf, sizeof(buf)); 739 if(!ssl_printf(ssl, "%-16s\t", buf)) 740 return; 741 if(a->bogus) { 742 if(!ssl_printf(ssl, "Address is BOGUS. ")) 743 return; 744 } 745 /* lookup in infra cache */ 746 delay=0; 747 entry_ttl = infra_get_host_rto(worker->env.infra_cache, 748 &a->addr, a->addrlen, dp->name, dp->namelen, 749 &ri, &delay, *worker->env.now, &tA, &tAAAA, &tother); 750 if(entry_ttl == -2 && ri.rto >= USEFUL_SERVER_TOP_TIMEOUT) { 751 if(!ssl_printf(ssl, "expired, rto %d msec, tA %d " 752 "tAAAA %d tother %d.\n", ri.rto, tA, tAAAA, 753 tother)) 754 return; 755 continue; 756 } 757 if(entry_ttl == -1 || entry_ttl == -2) { 758 if(!ssl_printf(ssl, "not in infra cache.\n")) 759 return; 760 continue; /* skip stuff not in infra cache */ 761 } 762 763 /* uses type_A because most often looked up, but other 764 * lameness won't be reported then */ 765 if(!infra_get_lame_rtt(worker->env.infra_cache, 766 &a->addr, a->addrlen, dp->name, dp->namelen, 767 LDNS_RR_TYPE_A, &lame, &dlame, &rlame, &rto, 768 *worker->env.now)) { 769 if(!ssl_printf(ssl, "not in infra cache.\n")) 770 return; 771 continue; /* skip stuff not in infra cache */ 772 } 773 if(!ssl_printf(ssl, "%s%s%s%srto %d msec, ttl " ARG_LL "d, " 774 "ping %d var %d rtt %d, tA %d, tAAAA %d, tother %d", 775 lame?"LAME ":"", dlame?"NoDNSSEC ":"", 776 a->lame?"AddrWasParentSide ":"", 777 rlame?"NoAuthButRecursive ":"", rto, entry_ttl, 778 ri.srtt, ri.rttvar, rtt_notimeout(&ri), 779 tA, tAAAA, tother)) 780 return; 781 if(delay) 782 if(!ssl_printf(ssl, ", probedelay %d", delay)) 783 return; 784 if(infra_host(worker->env.infra_cache, &a->addr, a->addrlen, 785 dp->name, dp->namelen, *worker->env.now, &edns_vs, 786 &edns_lame_known, &to)) { 787 if(edns_vs == -1) { 788 if(!ssl_printf(ssl, ", noEDNS%s.", 789 edns_lame_known?" probed":" assumed")) 790 return; 791 } else { 792 if(!ssl_printf(ssl, ", EDNS %d%s.", edns_vs, 793 edns_lame_known?" probed":" assumed")) 794 return; 795 } 796 } 797 if(!ssl_printf(ssl, "\n")) 798 return; 799 } 800} 801 802/** print main dp info */ 803static void 804print_dp_main(RES* ssl, struct delegpt* dp, struct dns_msg* msg) 805{ 806 size_t i, n_ns, n_miss, n_addr, n_res, n_avail; 807 808 /* print the dp */ 809 if(msg) 810 for(i=0; i<msg->rep->rrset_count; i++) { 811 struct ub_packed_rrset_key* k = msg->rep->rrsets[i]; 812 struct packed_rrset_data* d = 813 (struct packed_rrset_data*)k->entry.data; 814 if(d->security == sec_status_bogus) { 815 if(!ssl_printf(ssl, "Address is BOGUS:\n")) 816 return; 817 } 818 if(!dump_rrset(ssl, k, d, 0)) 819 return; 820 } 821 delegpt_count_ns(dp, &n_ns, &n_miss); 822 delegpt_count_addr(dp, &n_addr, &n_res, &n_avail); 823 /* since dp has not been used by iterator, all are available*/ 824 if(!ssl_printf(ssl, "Delegation with %d names, of which %d " 825 "can be examined to query further addresses.\n" 826 "%sIt provides %d IP addresses.\n", 827 (int)n_ns, (int)n_miss, (dp->bogus?"It is BOGUS. ":""), 828 (int)n_addr)) 829 return; 830} 831 832int print_deleg_lookup(RES* ssl, struct worker* worker, uint8_t* nm, 833 size_t nmlen, int ATTR_UNUSED(nmlabs)) 834{ 835 /* deep links into the iterator module */ 836 struct delegpt* dp; 837 struct dns_msg* msg; 838 struct regional* region = worker->scratchpad; 839 char b[260]; 840 struct query_info qinfo; 841 struct iter_hints_stub* stub; 842 int nolock = 0; 843 regional_free_all(region); 844 qinfo.qname = nm; 845 qinfo.qname_len = nmlen; 846 qinfo.qtype = LDNS_RR_TYPE_A; 847 qinfo.qclass = LDNS_RR_CLASS_IN; 848 qinfo.local_alias = NULL; 849 850 dname_str(nm, b); 851 if(!ssl_printf(ssl, "The following name servers are used for lookup " 852 "of %s\n", b)) 853 return 0; 854 855 dp = forwards_lookup(worker->env.fwds, nm, qinfo.qclass, nolock); 856 if(dp) { 857 if(!ssl_printf(ssl, "forwarding request:\n")) { 858 lock_rw_unlock(&worker->env.fwds->lock); 859 return 0; 860 } 861 print_dp_main(ssl, dp, NULL); 862 print_dp_details(ssl, worker, dp); 863 lock_rw_unlock(&worker->env.fwds->lock); 864 return 1; 865 } 866 867 while(1) { 868 dp = dns_cache_find_delegation(&worker->env, nm, nmlen, 869 qinfo.qtype, qinfo.qclass, region, &msg, 870 *worker->env.now, 0, NULL, 0); 871 if(!dp) { 872 return ssl_printf(ssl, "no delegation from " 873 "cache; goes to configured roots\n"); 874 } 875 /* go up? */ 876 if(iter_dp_is_useless(&qinfo, BIT_RD, dp, 877 (worker->env.cfg->do_ip4 && worker->back->num_ip4 != 0), 878 (worker->env.cfg->do_ip6 && worker->back->num_ip6 != 0), 879 worker->env.cfg->do_nat64)) { 880 print_dp_main(ssl, dp, msg); 881 print_dp_details(ssl, worker, dp); 882 if(!ssl_printf(ssl, "cache delegation was " 883 "useless (no IP addresses)\n")) 884 return 0; 885 if(dname_is_root(nm)) { 886 /* goes to root config */ 887 return ssl_printf(ssl, "no delegation from " 888 "cache; goes to configured roots\n"); 889 } else { 890 /* useless, goes up */ 891 nm = dp->name; 892 nmlen = dp->namelen; 893 dname_remove_label(&nm, &nmlen); 894 dname_str(nm, b); 895 if(!ssl_printf(ssl, "going up, lookup %s\n", b)) 896 return 0; 897 continue; 898 } 899 } 900 stub = hints_lookup_stub(worker->env.hints, nm, qinfo.qclass, 901 dp, nolock); 902 if(stub) { 903 if(stub->noprime) { 904 if(!ssl_printf(ssl, "The noprime stub servers " 905 "are used:\n")) { 906 lock_rw_unlock(&worker->env.hints->lock); 907 return 0; 908 } 909 } else { 910 if(!ssl_printf(ssl, "The stub is primed " 911 "with servers:\n")) { 912 lock_rw_unlock(&worker->env.hints->lock); 913 return 0; 914 } 915 } 916 print_dp_main(ssl, stub->dp, NULL); 917 print_dp_details(ssl, worker, stub->dp); 918 lock_rw_unlock(&worker->env.hints->lock); 919 } else { 920 print_dp_main(ssl, dp, msg); 921 print_dp_details(ssl, worker, dp); 922 } 923 break; 924 } 925 926 return 1; 927} 928