]> git.ipfire.org Git - thirdparty/squid.git/blame - src/dns/rfc1035.cc
projects / thirdparty / squid.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
WCCP: fix inverted range check (#1323)
[thirdparty/squid.git] / src / dns / rfc1035.cc
CommitLineData
7f3647d6 1/*
b8ae064d 2 * Copyright (C) 1996-2023 The Squid Software Foundation and contributors
7f3647d6 3 *
0545caaa
AJ		 4 * Squid software is distributed under GPLv2+ license and includes
5 * contributions from numerous individuals and organizations.
6 * Please see the COPYING and CONTRIBUTORS files for details.
7f3647d6 7 */
8
c415c128 9/*
0545caaa
AJ		 10 * Low level DNS protocol routines
11 *
c415c128 12 * KNOWN BUGS:
26ac0430 13 *
c415c128 14 * UDP replies with TC set should be retried via TCP
15 */
16
f7f3304a 17#include "squid.h"
4a3b98d7
AJ		 18#include "dns/rfc1035.h"
19#include "dns/rfc2671.h"
ec7bade0 20#include "util.h"
fb29421b 21
a05af879
FC		 22#if HAVE_STRING_H
23#include <string.h>
24#endif
fb29421b 25#if HAVE_UNISTD_H
26#include <unistd.h>
27#endif
fb29421b 28#if HAVE_MEMORY_H
29#include <memory.h>
30#endif
fb29421b 31#if HAVE_ASSERT_H
32#include <assert.h>
33#endif
34#if HAVE_NETINET_IN_H
35#include <netinet/in.h>
36#endif
37#if HAVE_ARPA_INET_H
38#include <arpa/inet.h>
39#endif
40#if HAVE_STRINGS_H
41#include <strings.h>
42#endif
43
fb29421b 44#define RFC1035_MAXLABELSZ 63
0768dfce 45#define rfc1035_unpack_error 15
46
47#if 0
48#define RFC1035_UNPACK_DEBUG fprintf(stderr, "unpack error at %s:%d\n", __FILE__,__LINE__)
49#else
50#define RFC1035_UNPACK_DEBUG (void)0
51#endif
52
fb29421b 53/*
54 * rfc1035HeaderPack()
26ac0430 55 *
7b724b86 56 * Packs a rfc1035_header structure into a buffer.
fb29421b 57 * Returns number of octets packed (should always be 12)
58 */
64b636b9 59int
ec7bade0 60rfc1035HeaderPack(char *buf, size_t sz, rfc1035_message * hdr)
fb29421b 61{
fc0f8140 62 int off = 0;
fb29421b 63 unsigned short s;
64 unsigned short t;
65 assert(sz >= 12);
66 s = htons(hdr->id);
67 memcpy(buf + off, &s, sizeof(s));
68 off += sizeof(s);
69 t = 0;
70 t |= hdr->qr << 15;
71 t |= (hdr->opcode << 11);
72 t |= (hdr->aa << 10);
73 t |= (hdr->tc << 9);
74 t |= (hdr->rd << 8);
75 t |= (hdr->ra << 7);
76 t |= hdr->rcode;
77 s = htons(t);
78 memcpy(buf + off, &s, sizeof(s));
79 off += sizeof(s);
80 s = htons(hdr->qdcount);
81 memcpy(buf + off, &s, sizeof(s));
82 off += sizeof(s);
83 s = htons(hdr->ancount);
84 memcpy(buf + off, &s, sizeof(s));
85 off += sizeof(s);
86 s = htons(hdr->nscount);
87 memcpy(buf + off, &s, sizeof(s));
88 off += sizeof(s);
89 s = htons(hdr->arcount);
90 memcpy(buf + off, &s, sizeof(s));
91 off += sizeof(s);
92 assert(off == 12);
93 return off;
94}
95
96/*
97 * rfc1035LabelPack()
26ac0430 98 *
fb29421b 99 * Packs a label into a buffer. The format of
100 * a label is one octet specifying the number of character
101 * bytes to follow. Labels must be smaller than 64 octets.
102 * Returns number of octets packed.
103 */
fc0f8140 104static int
fb29421b 105rfc1035LabelPack(char *buf, size_t sz, const char *label)
106{
fc0f8140 107 int off = 0;
fb29421b 108 size_t len = label ? strlen(label) : 0;
109 if (label)
26ac0430 110 assert(!strchr(label, '.'));
fb29421b 111 if (len > RFC1035_MAXLABELSZ)
26ac0430 112 len = RFC1035_MAXLABELSZ;
fb29421b 113 assert(sz >= len + 1);
114 *(buf + off) = (char) len;
115 off++;
116 memcpy(buf + off, label, len);
117 off += len;
118 return off;
119}
120
121/*
122 * rfc1035NamePack()
26ac0430 123 *
fb29421b 124 * Packs a name into a buffer. Names are packed as a
125 * sequence of labels, terminated with NULL label.
126 * Note message compression is not supported here.
127 * Returns number of octets packed.
128 */
fc0f8140 129static int
fb29421b 130rfc1035NamePack(char *buf, size_t sz, const char *name)
131{
64b636b9 132 unsigned int off = 0;
ec7bade0 133 char *copy = xstrdup(name);
fb29421b 134 char *t;
0a8e6ec2 135 /*
136 * NOTE: use of strtok here makes names like foo....com valid.
137 */
aee3523a 138 for (t = strtok(copy, "."); t; t = strtok(nullptr, "."))
26ac0430 139 off += rfc1035LabelPack(buf + off, sz - off, t);
ec7bade0 140 xfree(copy);
aee3523a 141 off += rfc1035LabelPack(buf + off, sz - off, nullptr);
fb29421b 142 assert(off <= sz);
143 return off;
144}
145
146/*
147 * rfc1035QuestionPack()
26ac0430 148 *
fb29421b 149 * Packs a QUESTION section of a message.
150 * Returns number of octets packed.
151 */
64b636b9 152int
fb29421b 153rfc1035QuestionPack(char *buf,
26ac0430
AJ		 154 const size_t sz,
155 const char *name,
156 const unsigned short type,
157 const unsigned short _class)
fb29421b 158{
64b636b9 159 unsigned int off = 0;
fb29421b 160 unsigned short s;
161 off += rfc1035NamePack(buf + off, sz - off, name);
162 s = htons(type);
163 memcpy(buf + off, &s, sizeof(s));
164 off += sizeof(s);
29b8d8d6 165 s = htons(_class);
fb29421b 166 memcpy(buf + off, &s, sizeof(s));
167 off += sizeof(s);
168 assert(off <= sz);
169 return off;
170}
171
172/*
173 * rfc1035HeaderUnpack()
26ac0430 174 *
ec7bade0 175 * Unpacks a RFC1035 message header buffer into the header fields
176 * of the rfc1035_message structure.
0768dfce 177 *
178 * Updates the buffer offset, which is the same as number of
fb29421b 179 * octects unpacked since the header starts at offset 0.
0768dfce 180 *
181 * Returns 0 (success) or 1 (error)
fb29421b 182 */
64b636b9 183int
184rfc1035HeaderUnpack(const char *buf, size_t sz, unsigned int *off, rfc1035_message * h)
fb29421b 185{
186 unsigned short s;
187 unsigned short t;
0768dfce 188 assert(*off == 0);
189 /*
190 * The header is 12 octets. This is a bogus message if the size
191 * is less than that.
192 */
193 if (sz < 12)
26ac0430 194 return 1;
0768dfce 195 memcpy(&s, buf + (*off), sizeof(s));
196 (*off) += sizeof(s);
fb29421b 197 h->id = ntohs(s);
0768dfce 198 memcpy(&s, buf + (*off), sizeof(s));
199 (*off) += sizeof(s);
fb29421b 200 t = ntohs(s);
201 h->qr = (t >> 15) & 0x01;
202 h->opcode = (t >> 11) & 0x0F;
203 h->aa = (t >> 10) & 0x01;
c415c128 204 h->tc = (t >> 9) & 0x01;
fb29421b 205 h->rd = (t >> 8) & 0x01;
206 h->ra = (t >> 7) & 0x01;
0768dfce 207 /*
208 * We might want to check that the reserved 'Z' bits (6-4) are
209 * all zero as per RFC 1035. If not the message should be
210 * rejected.
64b636b9 211 * NO! RFCs say ignore inbound reserved, they may be used in future.
2f8abb64 212 * NEW messages need to be set 0, that's all.
0768dfce 213 */
fb29421b 214 h->rcode = t & 0x0F;
0768dfce 215 memcpy(&s, buf + (*off), sizeof(s));
216 (*off) += sizeof(s);
fb29421b 217 h->qdcount = ntohs(s);
0768dfce 218 memcpy(&s, buf + (*off), sizeof(s));
219 (*off) += sizeof(s);
fb29421b 220 h->ancount = ntohs(s);
0768dfce 221 memcpy(&s, buf + (*off), sizeof(s));
222 (*off) += sizeof(s);
fb29421b 223 h->nscount = ntohs(s);
0768dfce 224 memcpy(&s, buf + (*off), sizeof(s));
225 (*off) += sizeof(s);
fb29421b 226 h->arcount = ntohs(s);
0768dfce 227 assert((*off) == 12);
228 return 0;
fb29421b 229}
230
231/*
232 * rfc1035NameUnpack()
26ac0430 233 *
fb29421b 234 * Unpacks a Name in a message buffer into a char*.
235 * Note 'buf' points to the beginning of the whole message,
236 * 'off' points to the spot where the Name begins, and 'sz'
237 * is the size of the whole message. 'name' must be allocated
238 * by the caller.
239 *
240 * Supports the RFC1035 message compression through recursion.
241 *
0768dfce 242 * Updates the new buffer offset.
243 *
244 * Returns 0 (success) or 1 (error)
fb29421b 245 */
0768dfce 246static int
64b636b9 247rfc1035NameUnpack(const char *buf, size_t sz, unsigned int *off, unsigned short *rdlength, char *name, size_t ns, int rdepth)
fb29421b 248{
64b636b9 249 unsigned int no = 0;
fb29421b 250 unsigned char c;
251 size_t len;
252 assert(ns > 0);
253 do {
fd7b53a4
AJ		 254 if ((*off) >= sz) {
255 RFC1035_UNPACK_DEBUG;
256 return 1;
257 }
26ac0430
AJ		 258 c = *(buf + (*off));
259 if (c > 191) {
64b636b9 260 /* blasted compression */
261 unsigned short s;
262 unsigned int ptr;
f53969cc 263 if (rdepth > 64) { /* infinite pointer loop */
64b636b9 264 RFC1035_UNPACK_DEBUG;
265 return 1;
266 }
26ac0430
AJ		 267 memcpy(&s, buf + (*off), sizeof(s));
268 s = ntohs(s);
269 (*off) += sizeof(s);
270 /* Sanity check */
1285d970 271 if ((*off) > sz) {
272 RFC1035_UNPACK_DEBUG;
26ac0430 273 return 1;
1285d970 274 }
26ac0430
AJ		 275 ptr = s & 0x3FFF;
276 /* Make sure the pointer is inside this message */
1285d970 277 if (ptr >= sz) {
278 RFC1035_UNPACK_DEBUG;
26ac0430 279 return 1;
1285d970 280 }
26ac0430
AJ		 281 return rfc1035NameUnpack(buf, sz, &ptr, rdlength, name + no, ns - no, rdepth + 1);
282 } else if (c > RFC1035_MAXLABELSZ) {
283 /*
284 * "(The 10 and 01 combinations are reserved for future use.)"
285 */
1285d970 286 RFC1035_UNPACK_DEBUG;
26ac0430
AJ		 287 return 1;
288 } else {
289 (*off)++;
290 len = (size_t) c;
291 if (len == 0)
292 break;
f53969cc 293 if (len > (ns - no - 1)) { /* label won't fit */
64b636b9 294 RFC1035_UNPACK_DEBUG;
295 return 1;
296 }
f53969cc 297 if ((*off) + len >= sz) { /* message is too short */
64b636b9 298 RFC1035_UNPACK_DEBUG;
299 return 1;
300 }
26ac0430
AJ		 301 memcpy(name + no, buf + (*off), len);
302 (*off) += len;
303 no += len;
304 *(name + (no++)) = '.';
305 if (rdlength)
306 *rdlength += len + 1;
307 }
13c900c4 308 } while (c > 0 && no < ns);
4775d711 309 if (no)
26ac0430 310 *(name + no - 1) = '\0';
4775d711 311 else
26ac0430 312 *name = '\0';
0768dfce 313 /* make sure we didn't allow someone to overflow the name buffer */
fb29421b 314 assert(no <= ns);
0768dfce 315 return 0;
fb29421b 316}
317
e210930b
AJ		 318/*
319 * rfc1035RRPack()
320 *
321 * Packs a RFC1035 Resource Record into a message buffer from 'RR'.
322 * The caller must allocate and free RR->rdata and RR->name!
323 *
324 * Updates the new message buffer.
325 *
326 * Returns the number of bytes added to the buffer or 0 for error.
327 */
328int
329rfc1035RRPack(char *buf, const size_t sz, const rfc1035_rr * RR)
330{
331 unsigned int off;
332 uint16_t s;
333 uint32_t i;
334
335 off = rfc1035NamePack(buf, sz, RR->name);
336
337 /*
338 * Make sure the remaining message has enough octets for the
339 * rest of the RR fields.
340 */
341 if ((off + sizeof(s)*3 + sizeof(i) + RR->rdlength) > sz) {
342 return 0;
343 }
344 s = htons(RR->type);
345 memcpy(buf + off, &s, sizeof(s));
346 off += sizeof(s);
347 s = htons(RR->_class);
348 memcpy(buf + off, &s, sizeof(s));
349 off += sizeof(s);
350 i = htonl(RR->ttl);
351 memcpy(buf + off, &i, sizeof(i));
352 off += sizeof(i);
353 s = htons(RR->rdlength);
354 memcpy(buf + off, &s, sizeof(s));
355 off += sizeof(s);
356 memcpy(buf + off, &(RR->rdata), RR->rdlength);
357 off += RR->rdlength;
358 assert(off <= sz);
359 return off;
360}
361
fb29421b 362/*
363 * rfc1035RRUnpack()
26ac0430 364 *
fb29421b 365 * Unpacks a RFC1035 Resource Record into 'RR' from a message buffer.
366 * The caller must free RR->rdata!
0768dfce 367 *
368 * Updates the new message buffer offset.
369 *
370 * Returns 0 (success) or 1 (error)
fb29421b 371 */
0768dfce 372static int
64b636b9 373rfc1035RRUnpack(const char *buf, size_t sz, unsigned int *off, rfc1035_rr * RR)
fb29421b 374{
375 unsigned short s;
376 unsigned int i;
c837c655 377 unsigned short rdlength;
64b636b9 378 unsigned int rdata_off;
aee3523a 379 if (rfc1035NameUnpack(buf, sz, off, nullptr, RR->name, RFC1035_MAXHOSTNAMESZ, 0)) {
26ac0430
AJ		 380 RFC1035_UNPACK_DEBUG;
381 memset(RR, '\0', sizeof(*RR));
382 return 1;
0768dfce 383 }
384 /*
385 * Make sure the remaining message has enough octets for the
386 * rest of the RR fields.
387 */
388 if ((*off) + 10 > sz) {
26ac0430
AJ		 389 RFC1035_UNPACK_DEBUG;
390 memset(RR, '\0', sizeof(*RR));
391 return 1;
0768dfce 392 }
393 memcpy(&s, buf + (*off), sizeof(s));
394 (*off) += sizeof(s);
fb29421b 395 RR->type = ntohs(s);
0768dfce 396 memcpy(&s, buf + (*off), sizeof(s));
397 (*off) += sizeof(s);
29b8d8d6 398 RR->_class = ntohs(s);
0768dfce 399 memcpy(&i, buf + (*off), sizeof(i));
400 (*off) += sizeof(i);
fb29421b 401 RR->ttl = ntohl(i);
0768dfce 402 memcpy(&s, buf + (*off), sizeof(s));
403 (*off) += sizeof(s);
c837c655 404 rdlength = ntohs(s);
405 if ((*off) + rdlength > sz) {
26ac0430
AJ		 406 /*
407 * We got a truncated packet. 'dnscache' truncates UDP
408 * replies at 512 octets, as per RFC 1035.
409 */
410 RFC1035_UNPACK_DEBUG;
411 memset(RR, '\0', sizeof(*RR));
412 return 1;
c415c128 413 }
c837c655 414 RR->rdlength = rdlength;
b8cbc836 415 switch (RR->type) {
416 case RFC1035_TYPE_PTR:
26ac0430
AJ		 417 RR->rdata = (char*)xmalloc(RFC1035_MAXHOSTNAMESZ);
418 rdata_off = *off;
f53969cc 419 RR->rdlength = 0; /* Filled in by rfc1035NameUnpack */
26ac0430 420 if (rfc1035NameUnpack(buf, sz, &rdata_off, &RR->rdlength, RR->rdata, RFC1035_MAXHOSTNAMESZ, 0)) {
64b636b9 421 RFC1035_UNPACK_DEBUG;
422 return 1;
423 }
26ac0430
AJ		 424 if (rdata_off > ((*off) + rdlength)) {
425 /*
426 * This probably doesn't happen for valid packets, but
427 * I want to make sure that NameUnpack doesn't go beyond
428 * the RDATA area.
429 */
430 RFC1035_UNPACK_DEBUG;
431 xfree(RR->rdata);
432 memset(RR, '\0', sizeof(*RR));
433 return 1;
434 }
435 break;
b8cbc836 436 case RFC1035_TYPE_A:
437 default:
26ac0430
AJ		 438 RR->rdata = (char*)xmalloc(rdlength);
439 memcpy(RR->rdata, buf + (*off), rdlength);
440 break;
b8cbc836 441 }
c837c655 442 (*off) += rdlength;
0768dfce 443 assert((*off) <= sz);
444 return 0;
fb29421b 445}
446
42687bb2
HN		 447const char *
448rfc1035ErrorMessage(int n)
76cb2b26 449{
42687bb2 450 if (n < 0)
d45671b8 451 n = -n;
42687bb2 452 switch (n) {
76cb2b26 453 case 0:
42687bb2 454 return "No error condition";
26ac0430 455 break;
76cb2b26 456 case 1:
42687bb2 457 return "Format Error: The name server was "
d45671b8 458 "unable to interpret the query.";
26ac0430 459 break;
76cb2b26 460 case 2:
42687bb2 461 return "Server Failure: The name server was "
d45671b8 462 "unable to process this query.";
26ac0430 463 break;
76cb2b26 464 case 3:
42687bb2 465 return "Name Error: The domain name does "
d45671b8 466 "not exist.";
26ac0430 467 break;
76cb2b26 468 case 4:
42687bb2 469 return "Not Implemented: The name server does "
d45671b8 470 "not support the requested kind of query.";
26ac0430 471 break;
76cb2b26 472 case 5:
42687bb2 473 return "Refused: The name server refuses to "
d45671b8 474 "perform the specified operation.";
26ac0430 475 break;
0768dfce 476 case rfc1035_unpack_error:
42687bb2 477 return "The DNS reply message is corrupt or could "
d45671b8 478 "not be safely parsed.";
26ac0430 479 break;
76cb2b26 480 default:
42687bb2 481 return "Unknown Error";
26ac0430 482 break;
76cb2b26 483 }
484}
485
bae9832d 486void
cc192b50 487rfc1035RRDestroy(rfc1035_rr ** rr, int n)
7b724b86 488{
aee3523a 489 if (*rr == nullptr) {
26ac0430 490 return;
bae9832d 491 }
492
ec6a1b90 493 while (n-- > 0) {
26ac0430
AJ		 494 if ((*rr)[n].rdata)
495 xfree((*rr)[n].rdata);
7b724b86 496 }
cc192b50 497 xfree(*rr);
aee3523a 498 *rr = nullptr;
7b724b86 499}
500
0768dfce 501/*
ec7bade0 502 * rfc1035QueryUnpack()
26ac0430 503 *
ec7bade0 504 * Unpacks a RFC1035 Query Record into 'query' from a message buffer.
505 *
506 * Updates the new message buffer offset.
507 *
508 * Returns 0 (success) or 1 (error)
509 */
510static int
64b636b9 511rfc1035QueryUnpack(const char *buf, size_t sz, unsigned int *off, rfc1035_query * query)
ec7bade0 512{
513 unsigned short s;
aee3523a 514 if (rfc1035NameUnpack(buf, sz, off, nullptr, query->name, RFC1035_MAXHOSTNAMESZ, 0)) {
26ac0430
AJ		 515 RFC1035_UNPACK_DEBUG;
516 memset(query, '\0', sizeof(*query));
517 return 1;
ec7bade0 518 }
519 if (*off + 4 > sz) {
26ac0430
AJ		 520 RFC1035_UNPACK_DEBUG;
521 memset(query, '\0', sizeof(*query));
522 return 1;
ec7bade0 523 }
524 memcpy(&s, buf + *off, 2);
525 *off += 2;
ec7bade0 526 query->qtype = ntohs(s);
527 memcpy(&s, buf + *off, 2);
528 *off += 2;
9e1f210d 529 query->qclass = ntohs(s);
ec7bade0 530 return 0;
531}
532
fc0f8140 533void
cc192b50 534rfc1035MessageDestroy(rfc1035_message ** msg)
ec7bade0 535{
cc192b50 536 if (!*msg)
26ac0430 537 return;
cc192b50 538 if ((*msg)->query)
26ac0430 539 xfree((*msg)->query);
cc192b50 540 if ((*msg)->answer)
26ac0430 541 rfc1035RRDestroy(&(*msg)->answer, (*msg)->ancount);
cc192b50 542 xfree(*msg);
aee3523a 543 *msg = nullptr;
ec7bade0 544}
545
9e1f210d 546/*
547 * rfc1035QueryCompare()
26ac0430 548 *
9e1f210d 549 * Compares two rfc1035_query entries
550 *
551 * Returns 0 (equal) or !=0 (different)
552 */
553int
554rfc1035QueryCompare(const rfc1035_query * a, const rfc1035_query * b)
555{
577090e4 556 size_t la, lb;
9e1f210d 557 if (a->qtype != b->qtype)
26ac0430 558 return 1;
9e1f210d 559 if (a->qclass != b->qclass)
26ac0430 560 return 1;
577090e4 561 la = strlen(a->name);
562 lb = strlen(b->name);
563 if (la != lb) {
26ac0430
AJ		 564 /* Trim root label(s) */
565 while (la > 0 && a->name[la - 1] == '.')
566 la--;
567 while (lb > 0 && b->name[lb - 1] == '.')
568 lb--;
577090e4 569 }
570 if (la != lb)
26ac0430 571 return 1;
577090e4 572
573 return strncasecmp(a->name, b->name, la);
9e1f210d 574}
575
ec7bade0 576/*
577 * rfc1035MessageUnpack()
0768dfce 578 *
579 * Takes the contents of a DNS reply and fills in an array
580 * of resource record structures. The records array is allocated
581 * here, and should be freed by calling rfc1035RRDestroy().
582 *
583 * Returns number of records unpacked, zero if DNS reply indicates
584 * zero answers, or an error number < 0.
585 */
586
fb29421b 587int
ec7bade0 588rfc1035MessageUnpack(const char *buf,
26ac0430
AJ		 589 size_t sz,
590 rfc1035_message ** answer)
fb29421b 591{
64b636b9 592 unsigned int off = 0;
a99dbd09 593 unsigned int i, j;
64b636b9 594 unsigned int nr = 0;
aee3523a
AR		 595 rfc1035_message *msg = nullptr;
596 rfc1035_rr *recs = nullptr;
597 rfc1035_query *querys = nullptr;
64b636b9 598 msg = (rfc1035_message*)xcalloc(1, sizeof(*msg));
ec7bade0 599 if (rfc1035HeaderUnpack(buf + off, sz - off, &off, msg)) {
26ac0430 600 RFC1035_UNPACK_DEBUG;
26ac0430
AJ		 601 xfree(msg);
602 return -rfc1035_unpack_error;
0768dfce 603 }
64b636b9 604 i = (unsigned int) msg->qdcount;
ec7bade0 605 if (i != 1) {
26ac0430
AJ		 606 /* This can not be an answer to our queries.. */
607 RFC1035_UNPACK_DEBUG;
26ac0430
AJ		 608 xfree(msg);
609 return -rfc1035_unpack_error;
ec7bade0 610 }
64b636b9 611 querys = msg->query = (rfc1035_query*)xcalloc(i, sizeof(*querys));
a99dbd09 612 for (j = 0; j < i; j++) {
26ac0430
AJ		 613 if (rfc1035QueryUnpack(buf, sz, &off, &querys[j])) {
614 RFC1035_UNPACK_DEBUG;
26ac0430
AJ		 615 rfc1035MessageDestroy(&msg);
616 return -rfc1035_unpack_error;
617 }
fb29421b 618 }
ec7bade0 619 *answer = msg;
577090e4 620 if (msg->rcode) {
26ac0430 621 RFC1035_UNPACK_DEBUG;
42687bb2 622 return -msg->rcode;
577090e4 623 }
ec7bade0 624 if (msg->ancount == 0)
26ac0430 625 return 0;
64b636b9 626 i = (unsigned int) msg->ancount;
cc192b50 627 recs = msg->answer = (rfc1035_rr*)xcalloc(i, sizeof(*recs));
a99dbd09 628 for (j = 0; j < i; j++) {
f53969cc 629 if (off >= sz) { /* corrupt packet */
26ac0430
AJ		 630 RFC1035_UNPACK_DEBUG;
631 break;
632 }
f53969cc 633 if (rfc1035RRUnpack(buf, sz, &off, &recs[j])) { /* corrupt RR */
26ac0430
AJ		 634 RFC1035_UNPACK_DEBUG;
635 break;
636 }
637 nr++;
fb29421b 638 }
0768dfce 639 if (nr == 0) {
26ac0430
AJ		 640 /*
641 * we expected to unpack some answers (ancount != 0), but
642 * didn't actually get any.
643 */
644 rfc1035MessageDestroy(&msg);
aee3523a 645 *answer = nullptr;
26ac0430 646 return -rfc1035_unpack_error;
0768dfce 647 }
7b724b86 648 return nr;
fb29421b 649}
650
651/*
b8cbc836 652 * rfc1035BuildAQuery()
26ac0430 653 *
fb29421b 654 * Builds a message buffer with a QUESTION to lookup A records
655 * for a hostname. Caller must allocate 'buf' which should
656 * probably be at least 512 octets. The 'szp' initially
657 * specifies the size of the buffer, on return it contains
658 * the size of the message (i.e. how much to write).
108d67a0 659 * Returns the size of the query
fb29421b 660 */
108d67a0 661ssize_t
e210930b 662rfc1035BuildAQuery(const char *hostname, char *buf, size_t sz, unsigned short qid, rfc1035_query * query, ssize_t edns_sz)
fb29421b 663{
ec7bade0 664 static rfc1035_message h;
2d72d4fd 665 size_t offset = 0;
fb29421b 666 memset(&h, '\0', sizeof(h));
108d67a0 667 h.id = qid;
fb29421b 668 h.qr = 0;
669 h.rd = 1;
f53969cc 670 h.opcode = 0; /* QUERY */
fb29421b 671 h.qdcount = (unsigned int) 1;
e210930b 672 h.arcount = (edns_sz > 0 ? 1 : 0);
fb29421b 673 offset += rfc1035HeaderPack(buf + offset, sz - offset, &h);
674 offset += rfc1035QuestionPack(buf + offset,
26ac0430
AJ		 675 sz - offset,
676 hostname,
677 RFC1035_TYPE_A,
678 RFC1035_CLASS_IN);
e210930b
AJ		 679 if (edns_sz > 0)
680 offset += rfc2671RROptPack(buf + offset, sz - offset, edns_sz);
9e1f210d 681 if (query) {
26ac0430
AJ		 682 query->qtype = RFC1035_TYPE_A;
683 query->qclass = RFC1035_CLASS_IN;
684 xstrncpy(query->name, hostname, sizeof(query->name));
9e1f210d 685 }
fb29421b 686 assert(offset <= sz);
108d67a0 687 return offset;
fb29421b 688}
689
b8cbc836 690/*
691 * rfc1035BuildPTRQuery()
26ac0430 692 *
b8cbc836 693 * Builds a message buffer with a QUESTION to lookup PTR records
694 * for an address. Caller must allocate 'buf' which should
695 * probably be at least 512 octets. The 'szp' initially
696 * specifies the size of the buffer, on return it contains
697 * the size of the message (i.e. how much to write).
fc0f8140 698 * Returns the size of the query
b8cbc836 699 */
108d67a0 700ssize_t
e210930b 701rfc1035BuildPTRQuery(const struct in_addr addr, char *buf, size_t sz, unsigned short qid, rfc1035_query * query, ssize_t edns_sz)
b8cbc836 702{
ec7bade0 703 static rfc1035_message h;
2d72d4fd 704 size_t offset = 0;
b8cbc836 705 static char rev[32];
706 unsigned int i;
707 memset(&h, '\0', sizeof(h));
d0017a72 708 i = (unsigned int) ntohl(addr.s_addr);
709 snprintf(rev, 32, "%u.%u.%u.%u.in-addr.arpa.",
26ac0430
AJ		 710 i & 255,
711 (i >> 8) & 255,
712 (i >> 16) & 255,
713 (i >> 24) & 255);
108d67a0 714 h.id = qid;
b8cbc836 715 h.qr = 0;
716 h.rd = 1;
f53969cc 717 h.opcode = 0; /* QUERY */
b8cbc836 718 h.qdcount = (unsigned int) 1;
e210930b 719 h.arcount = (edns_sz > 0 ? 1 : 0);
b8cbc836 720 offset += rfc1035HeaderPack(buf + offset, sz - offset, &h);
721 offset += rfc1035QuestionPack(buf + offset,
26ac0430
AJ		 722 sz - offset,
723 rev,
724 RFC1035_TYPE_PTR,
725 RFC1035_CLASS_IN);
e210930b
AJ		 726 if (edns_sz > 0)
727 offset += rfc2671RROptPack(buf + offset, sz - offset, edns_sz);
9e1f210d 728 if (query) {
26ac0430
AJ		 729 query->qtype = RFC1035_TYPE_PTR;
730 query->qclass = RFC1035_CLASS_IN;
731 xstrncpy(query->name, rev, sizeof(query->name));
9e1f210d 732 }
b8cbc836 733 assert(offset <= sz);
108d67a0 734 return offset;
b8cbc836 735}
736
558be27a 737/*
738 * We're going to retry a former query, but we
739 * just need a new ID for it. Lucky for us ID
740 * is the first field in the message buffer.
741 */
108d67a0 742void
743rfc1035SetQueryID(char *buf, unsigned short qid)
558be27a 744{
558be27a 745 unsigned short s = htons(qid);
746 memcpy(buf, &s, sizeof(s));
558be27a 747}
748
Mirror of https://github.com/squid-cache/squid.git