1/* 2 * daemon/cachedump.c - dump the cache to text format. 3 * 4 * Copyright (c) 2008, NLnet Labs. All rights reserved. 5 * 6 * This software is open source. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 12 * Redistributions of source code must retain the above copyright notice, 13 * this list of conditions and the following disclaimer. 14 * 15 * Redistributions in binary form must reproduce the above copyright notice, 16 * this list of conditions and the following disclaimer in the documentation 17 * and/or other materials provided with the distribution. 18 * 19 * Neither the name of the NLNET LABS nor the names of its contributors may 20 * be used to endorse or promote products derived from this software without 21 * specific prior written permission. 22 * 23 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 24 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 25 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 26 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 27 * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 28 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED 29 * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR 30 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF 31 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING 32 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS 33 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 34 */ 35 36/** 37 * \file 38 * 39 * This file contains functions to read and write the cache(s) 40 * to text format. 41 */ 42#include "config.h" 43#include <openssl/ssl.h> 44#include "daemon/cachedump.h" 45#include "daemon/remote.h" 46#include "daemon/worker.h" 47#include "services/cache/rrset.h" 48#include "services/cache/dns.h" 49#include "services/cache/infra.h" 50#include "util/data/msgreply.h" 51#include "util/regional.h" 52#include "util/net_help.h" 53#include "util/data/dname.h" 54#include "iterator/iterator.h" 55#include "iterator/iter_delegpt.h" 56#include "iterator/iter_utils.h" 57#include "iterator/iter_fwd.h" 58#include "iterator/iter_hints.h" 59#include "sldns/sbuffer.h" 60#include "sldns/wire2str.h" 61#include "sldns/str2wire.h" 62 63/** dump one rrset zonefile line */ 64static int 65dump_rrset_line(SSL* ssl, struct ub_packed_rrset_key* k, time_t now, size_t i) 66{ 67 char s[65535]; 68 if(!packed_rr_to_string(k, i, now, s, sizeof(s))) { 69 return ssl_printf(ssl, "BADRR\n"); 70 } 71 return ssl_printf(ssl, "%s", s); 72} 73 74/** dump rrset key and data info */ 75static int 76dump_rrset(SSL* ssl, struct ub_packed_rrset_key* k, 77 struct packed_rrset_data* d, time_t now) 78{ 79 size_t i; 80 /* rd lock held by caller */ 81 if(!k || !d) return 1; 82 if(d->ttl < now) return 1; /* expired */ 83 84 /* meta line */ 85 if(!ssl_printf(ssl, ";rrset%s " ARG_LL "d %u %u %d %d\n", 86 (k->rk.flags & PACKED_RRSET_NSEC_AT_APEX)?" nsec_apex":"", 87 (long long)(d->ttl - now), 88 (unsigned)d->count, (unsigned)d->rrsig_count, 89 (int)d->trust, (int)d->security 90 )) 91 return 0; 92 for(i=0; i<d->count + d->rrsig_count; i++) { 93 if(!dump_rrset_line(ssl, k, now, i)) 94 return 0; 95 } 96 return 1; 97} 98 99/** dump lruhash rrset cache */ 100static int 101dump_rrset_lruhash(SSL* ssl, struct lruhash* h, time_t now) 102{ 103 struct lruhash_entry* e; 104 /* lruhash already locked by caller */ 105 /* walk in order of lru; best first */ 106 for(e=h->lru_start; e; e = e->lru_next) { 107 lock_rw_rdlock(&e->lock); 108 if(!dump_rrset(ssl, (struct ub_packed_rrset_key*)e->key, 109 (struct packed_rrset_data*)e->data, now)) { 110 lock_rw_unlock(&e->lock); 111 return 0; 112 } 113 lock_rw_unlock(&e->lock); 114 } 115 return 1; 116} 117 118/** dump rrset cache */ 119static int 120dump_rrset_cache(SSL* ssl, struct worker* worker) 121{ 122 struct rrset_cache* r = worker->env.rrset_cache; 123 size_t slab; 124 if(!ssl_printf(ssl, "START_RRSET_CACHE\n")) return 0; 125 for(slab=0; slab<r->table.size; slab++) { 126 lock_quick_lock(&r->table.array[slab]->lock); 127 if(!dump_rrset_lruhash(ssl, r->table.array[slab], 128 *worker->env.now)) { 129 lock_quick_unlock(&r->table.array[slab]->lock); 130 return 0; 131 } 132 lock_quick_unlock(&r->table.array[slab]->lock); 133 } 134 return ssl_printf(ssl, "END_RRSET_CACHE\n"); 135} 136 137/** dump message to rrset reference */ 138static int 139dump_msg_ref(SSL* ssl, struct ub_packed_rrset_key* k) 140{ 141 char* nm, *tp, *cl; 142 nm = sldns_wire2str_dname(k->rk.dname, k->rk.dname_len); 143 tp = sldns_wire2str_type(ntohs(k->rk.type)); 144 cl = sldns_wire2str_class(ntohs(k->rk.rrset_class)); 145 if(!nm || !cl || !tp) { 146 free(nm); 147 free(tp); 148 free(cl); 149 return ssl_printf(ssl, "BADREF\n"); 150 } 151 if(!ssl_printf(ssl, "%s %s %s %d\n", nm, cl, tp, (int)k->rk.flags)) { 152 free(nm); 153 free(tp); 154 free(cl); 155 return 0; 156 } 157 free(nm); 158 free(tp); 159 free(cl); 160 161 return 1; 162} 163 164/** dump message entry */ 165static int 166dump_msg(SSL* ssl, struct query_info* k, struct reply_info* d, 167 time_t now) 168{ 169 size_t i; 170 char* nm, *tp, *cl; 171 if(!k || !d) return 1; 172 if(d->ttl < now) return 1; /* expired */ 173 174 nm = sldns_wire2str_dname(k->qname, k->qname_len); 175 tp = sldns_wire2str_type(k->qtype); 176 cl = sldns_wire2str_class(k->qclass); 177 if(!nm || !tp || !cl) { 178 free(nm); 179 free(tp); 180 free(cl); 181 return 1; /* skip this entry */ 182 } 183 if(!rrset_array_lock(d->ref, d->rrset_count, now)) { 184 /* rrsets have timed out or do not exist */ 185 free(nm); 186 free(tp); 187 free(cl); 188 return 1; /* skip this entry */ 189 } 190 191 /* meta line */ 192 if(!ssl_printf(ssl, "msg %s %s %s %d %d " ARG_LL "d %d %u %u %u\n", 193 nm, cl, tp, 194 (int)d->flags, (int)d->qdcount, 195 (long long)(d->ttl-now), (int)d->security, 196 (unsigned)d->an_numrrsets, 197 (unsigned)d->ns_numrrsets, 198 (unsigned)d->ar_numrrsets)) { 199 free(nm); 200 free(tp); 201 free(cl); 202 rrset_array_unlock(d->ref, d->rrset_count); 203 return 0; 204 } 205 free(nm); 206 free(tp); 207 free(cl); 208 209 for(i=0; i<d->rrset_count; i++) { 210 if(!dump_msg_ref(ssl, d->rrsets[i])) { 211 rrset_array_unlock(d->ref, d->rrset_count); 212 return 0; 213 } 214 } 215 rrset_array_unlock(d->ref, d->rrset_count); 216 217 return 1; 218} 219 220/** copy msg to worker pad */ 221static int 222copy_msg(struct regional* region, struct lruhash_entry* e, 223 struct query_info** k, struct reply_info** d) 224{ 225 struct reply_info* rep = (struct reply_info*)e->data; 226 if(rep->rrset_count > RR_COUNT_MAX) 227 return 0; /* to protect against integer overflow */ 228 *d = (struct reply_info*)regional_alloc_init(region, e->data, 229 sizeof(struct reply_info) + 230 sizeof(struct rrset_ref) * (rep->rrset_count-1) + 231 sizeof(struct ub_packed_rrset_key*) * rep->rrset_count); 232 if(!*d) 233 return 0; 234 (*d)->rrsets = (struct ub_packed_rrset_key**)(void *)( 235 (uint8_t*)(&((*d)->ref[0])) + 236 sizeof(struct rrset_ref) * rep->rrset_count); 237 *k = (struct query_info*)regional_alloc_init(region, 238 e->key, sizeof(struct query_info)); 239 if(!*k) 240 return 0; 241 (*k)->qname = regional_alloc_init(region, 242 (*k)->qname, (*k)->qname_len); 243 return (*k)->qname != NULL; 244} 245 246/** dump lruhash msg cache */ 247static int 248dump_msg_lruhash(SSL* ssl, struct worker* worker, struct lruhash* h) 249{ 250 struct lruhash_entry* e; 251 struct query_info* k; 252 struct reply_info* d; 253 254 /* lruhash already locked by caller */ 255 /* walk in order of lru; best first */ 256 for(e=h->lru_start; e; e = e->lru_next) { 257 regional_free_all(worker->scratchpad); 258 lock_rw_rdlock(&e->lock); 259 /* make copy of rrset in worker buffer */ 260 if(!copy_msg(worker->scratchpad, e, &k, &d)) { 261 lock_rw_unlock(&e->lock); 262 return 0; 263 } 264 lock_rw_unlock(&e->lock); 265 /* release lock so we can lookup the rrset references 266 * in the rrset cache */ 267 if(!dump_msg(ssl, k, d, *worker->env.now)) { 268 return 0; 269 } 270 } 271 return 1; 272} 273 274/** dump msg cache */ 275static int 276dump_msg_cache(SSL* ssl, struct worker* worker) 277{ 278 struct slabhash* sh = worker->env.msg_cache; 279 size_t slab; 280 if(!ssl_printf(ssl, "START_MSG_CACHE\n")) return 0; 281 for(slab=0; slab<sh->size; slab++) { 282 lock_quick_lock(&sh->array[slab]->lock); 283 if(!dump_msg_lruhash(ssl, worker, sh->array[slab])) { 284 lock_quick_unlock(&sh->array[slab]->lock); 285 return 0; 286 } 287 lock_quick_unlock(&sh->array[slab]->lock); 288 } 289 return ssl_printf(ssl, "END_MSG_CACHE\n"); 290} 291 292int 293dump_cache(SSL* ssl, struct worker* worker) 294{ 295 if(!dump_rrset_cache(ssl, worker)) 296 return 0; 297 if(!dump_msg_cache(ssl, worker)) 298 return 0; 299 return ssl_printf(ssl, "EOF\n"); 300} 301 302/** read a line from ssl into buffer */ 303static int 304ssl_read_buf(SSL* ssl, sldns_buffer* buf) 305{ 306 return ssl_read_line(ssl, (char*)sldns_buffer_begin(buf), 307 sldns_buffer_capacity(buf)); 308} 309 310/** check fixed text on line */ 311static int 312read_fixed(SSL* ssl, sldns_buffer* buf, const char* str) 313{ 314 if(!ssl_read_buf(ssl, buf)) return 0; 315 return (strcmp((char*)sldns_buffer_begin(buf), str) == 0); 316} 317 318/** load an RR into rrset */ 319static int 320load_rr(SSL* ssl, sldns_buffer* buf, struct regional* region, 321 struct ub_packed_rrset_key* rk, struct packed_rrset_data* d, 322 unsigned int i, int is_rrsig, int* go_on, time_t now) 323{ 324 uint8_t rr[LDNS_RR_BUF_SIZE]; 325 size_t rr_len = sizeof(rr), dname_len = 0; 326 int status; 327 328 /* read the line */ 329 if(!ssl_read_buf(ssl, buf)) 330 return 0; 331 if(strncmp((char*)sldns_buffer_begin(buf), "BADRR\n", 6) == 0) { 332 *go_on = 0; 333 return 1; 334 } 335 status = sldns_str2wire_rr_buf((char*)sldns_buffer_begin(buf), rr, 336 &rr_len, &dname_len, 3600, NULL, 0, NULL, 0); 337 if(status != 0) { 338 log_warn("error cannot parse rr: %s: %s", 339 sldns_get_errorstr_parse(status), 340 (char*)sldns_buffer_begin(buf)); 341 return 0; 342 } 343 if(is_rrsig && sldns_wirerr_get_type(rr, rr_len, dname_len) 344 != LDNS_RR_TYPE_RRSIG) { 345 log_warn("error expected rrsig but got %s", 346 (char*)sldns_buffer_begin(buf)); 347 return 0; 348 } 349 350 /* convert ldns rr into packed_rr */ 351 d->rr_ttl[i] = (time_t)sldns_wirerr_get_ttl(rr, rr_len, dname_len) + now; 352 sldns_buffer_clear(buf); 353 d->rr_len[i] = sldns_wirerr_get_rdatalen(rr, rr_len, dname_len)+2; 354 d->rr_data[i] = (uint8_t*)regional_alloc_init(region, 355 sldns_wirerr_get_rdatawl(rr, rr_len, dname_len), d->rr_len[i]); 356 if(!d->rr_data[i]) { 357 log_warn("error out of memory"); 358 return 0; 359 } 360 361 /* if first entry, fill the key structure */ 362 if(i==0) { 363 rk->rk.type = htons(sldns_wirerr_get_type(rr, rr_len, dname_len)); 364 rk->rk.rrset_class = htons(sldns_wirerr_get_class(rr, rr_len, dname_len)); 365 rk->rk.dname_len = dname_len; 366 rk->rk.dname = regional_alloc_init(region, rr, dname_len); 367 if(!rk->rk.dname) { 368 log_warn("error out of memory"); 369 return 0; 370 } 371 } 372 373 return 1; 374} 375 376/** move entry into cache */ 377static int 378move_into_cache(struct ub_packed_rrset_key* k, 379 struct packed_rrset_data* d, struct worker* worker) 380{ 381 struct ub_packed_rrset_key* ak; 382 struct packed_rrset_data* ad; 383 size_t s, i, num = d->count + d->rrsig_count; 384 struct rrset_ref ref; 385 uint8_t* p; 386 387 ak = alloc_special_obtain(&worker->alloc); 388 if(!ak) { 389 log_warn("error out of memory"); 390 return 0; 391 } 392 ak->entry.data = NULL; 393 ak->rk = k->rk; 394 ak->entry.hash = rrset_key_hash(&k->rk); 395 ak->rk.dname = (uint8_t*)memdup(k->rk.dname, k->rk.dname_len); 396 if(!ak->rk.dname) { 397 log_warn("error out of memory"); 398 ub_packed_rrset_parsedelete(ak, &worker->alloc); 399 return 0; 400 } 401 s = sizeof(*ad) + (sizeof(size_t) + sizeof(uint8_t*) + 402 sizeof(time_t))* num; 403 for(i=0; i<num; i++) 404 s += d->rr_len[i]; 405 ad = (struct packed_rrset_data*)malloc(s); 406 if(!ad) { 407 log_warn("error out of memory"); 408 ub_packed_rrset_parsedelete(ak, &worker->alloc); 409 return 0; 410 } 411 p = (uint8_t*)ad; 412 memmove(p, d, sizeof(*ad)); 413 p += sizeof(*ad); 414 memmove(p, &d->rr_len[0], sizeof(size_t)*num); 415 p += sizeof(size_t)*num; 416 memmove(p, &d->rr_data[0], sizeof(uint8_t*)*num); 417 p += sizeof(uint8_t*)*num; 418 memmove(p, &d->rr_ttl[0], sizeof(time_t)*num); 419 p += sizeof(time_t)*num; 420 for(i=0; i<num; i++) { 421 memmove(p, d->rr_data[i], d->rr_len[i]); 422 p += d->rr_len[i]; 423 } 424 packed_rrset_ptr_fixup(ad); 425 426 ak->entry.data = ad; 427 428 ref.key = ak; 429 ref.id = ak->id; 430 (void)rrset_cache_update(worker->env.rrset_cache, &ref, 431 &worker->alloc, *worker->env.now); 432 return 1; 433} 434 435/** load an rrset entry */ 436static int 437load_rrset(SSL* ssl, sldns_buffer* buf, struct worker* worker) 438{ 439 char* s = (char*)sldns_buffer_begin(buf); 440 struct regional* region = worker->scratchpad; 441 struct ub_packed_rrset_key* rk; 442 struct packed_rrset_data* d; 443 unsigned int rr_count, rrsig_count, trust, security; 444 long long ttl; 445 unsigned int i; 446 int go_on = 1; 447 regional_free_all(region); 448 449 rk = (struct ub_packed_rrset_key*)regional_alloc_zero(region, 450 sizeof(*rk)); 451 d = (struct packed_rrset_data*)regional_alloc_zero(region, sizeof(*d)); 452 if(!rk || !d) { 453 log_warn("error out of memory"); 454 return 0; 455 } 456 457 if(strncmp(s, ";rrset", 6) != 0) { 458 log_warn("error expected ';rrset' but got %s", s); 459 return 0; 460 } 461 s += 6; 462 if(strncmp(s, " nsec_apex", 10) == 0) { 463 s += 10; 464 rk->rk.flags |= PACKED_RRSET_NSEC_AT_APEX; 465 } 466 if(sscanf(s, " " ARG_LL "d %u %u %u %u", &ttl, &rr_count, &rrsig_count, 467 &trust, &security) != 5) { 468 log_warn("error bad rrset spec %s", s); 469 return 0; 470 } 471 if(rr_count == 0 && rrsig_count == 0) { 472 log_warn("bad rrset without contents"); 473 return 0; 474 } 475 if(rr_count > RR_COUNT_MAX || rrsig_count > RR_COUNT_MAX) { 476 log_warn("bad rrset with too many rrs"); 477 return 0; 478 } 479 d->count = (size_t)rr_count; 480 d->rrsig_count = (size_t)rrsig_count; 481 d->security = (enum sec_status)security; 482 d->trust = (enum rrset_trust)trust; 483 d->ttl = (time_t)ttl + *worker->env.now; 484 485 d->rr_len = regional_alloc_zero(region, 486 sizeof(size_t)*(d->count+d->rrsig_count)); 487 d->rr_ttl = regional_alloc_zero(region, 488 sizeof(time_t)*(d->count+d->rrsig_count)); 489 d->rr_data = regional_alloc_zero(region, 490 sizeof(uint8_t*)*(d->count+d->rrsig_count)); 491 if(!d->rr_len || !d->rr_ttl || !d->rr_data) { 492 log_warn("error out of memory"); 493 return 0; 494 } 495 496 /* read the rr's themselves */ 497 for(i=0; i<rr_count; i++) { 498 if(!load_rr(ssl, buf, region, rk, d, i, 0, 499 &go_on, *worker->env.now)) { 500 log_warn("could not read rr %u", i); 501 return 0; 502 } 503 } 504 for(i=0; i<rrsig_count; i++) { 505 if(!load_rr(ssl, buf, region, rk, d, i+rr_count, 1, 506 &go_on, *worker->env.now)) { 507 log_warn("could not read rrsig %u", i); 508 return 0; 509 } 510 } 511 if(!go_on) { 512 /* skip this entry */ 513 return 1; 514 } 515 516 return move_into_cache(rk, d, worker); 517} 518 519/** load rrset cache */ 520static int 521load_rrset_cache(SSL* ssl, struct worker* worker) 522{ 523 sldns_buffer* buf = worker->env.scratch_buffer; 524 if(!read_fixed(ssl, buf, "START_RRSET_CACHE")) return 0; 525 while(ssl_read_buf(ssl, buf) && 526 strcmp((char*)sldns_buffer_begin(buf), "END_RRSET_CACHE")!=0) { 527 if(!load_rrset(ssl, buf, worker)) 528 return 0; 529 } 530 return 1; 531} 532 533/** read qinfo from next three words */ 534static char* 535load_qinfo(char* str, struct query_info* qinfo, struct regional* region) 536{ 537 /* s is part of the buf */ 538 char* s = str; 539 uint8_t rr[LDNS_RR_BUF_SIZE]; 540 size_t rr_len = sizeof(rr), dname_len = 0; 541 int status; 542 543 /* skip three words */ 544 s = strchr(str, ' '); 545 if(s) s = strchr(s+1, ' '); 546 if(s) s = strchr(s+1, ' '); 547 if(!s) { 548 log_warn("error line too short, %s", str); 549 return NULL; 550 } 551 s[0] = 0; 552 s++; 553 554 /* parse them */ 555 status = sldns_str2wire_rr_question_buf(str, rr, &rr_len, &dname_len, 556 NULL, 0, NULL, 0); 557 if(status != 0) { 558 log_warn("error cannot parse: %s %s", 559 sldns_get_errorstr_parse(status), str); 560 return NULL; 561 } 562 qinfo->qtype = sldns_wirerr_get_type(rr, rr_len, dname_len); 563 qinfo->qclass = sldns_wirerr_get_class(rr, rr_len, dname_len); 564 qinfo->qname_len = dname_len; 565 qinfo->qname = (uint8_t*)regional_alloc_init(region, rr, dname_len); 566 if(!qinfo->qname) { 567 log_warn("error out of memory"); 568 return NULL; 569 } 570 571 return s; 572} 573 574/** load a msg rrset reference */ 575static int 576load_ref(SSL* ssl, sldns_buffer* buf, struct worker* worker, 577 struct regional *region, struct ub_packed_rrset_key** rrset, 578 int* go_on) 579{ 580 char* s = (char*)sldns_buffer_begin(buf); 581 struct query_info qinfo; 582 unsigned int flags; 583 struct ub_packed_rrset_key* k; 584 585 /* read line */ 586 if(!ssl_read_buf(ssl, buf)) 587 return 0; 588 if(strncmp(s, "BADREF", 6) == 0) { 589 *go_on = 0; /* its bad, skip it and skip message */ 590 return 1; 591 } 592 593 s = load_qinfo(s, &qinfo, region); 594 if(!s) { 595 return 0; 596 } 597 if(sscanf(s, " %u", &flags) != 1) { 598 log_warn("error cannot parse flags: %s", s); 599 return 0; 600 } 601 602 /* lookup in cache */ 603 k = rrset_cache_lookup(worker->env.rrset_cache, qinfo.qname, 604 qinfo.qname_len, qinfo.qtype, qinfo.qclass, 605 (uint32_t)flags, *worker->env.now, 0); 606 if(!k) { 607 /* not found or expired */ 608 *go_on = 0; 609 return 1; 610 } 611 612 /* store in result */ 613 *rrset = packed_rrset_copy_region(k, region, *worker->env.now); 614 lock_rw_unlock(&k->entry.lock); 615 616 return (*rrset != NULL); 617} 618 619/** load a msg entry */ 620static int 621load_msg(SSL* ssl, sldns_buffer* buf, struct worker* worker) 622{ 623 struct regional* region = worker->scratchpad; 624 struct query_info qinf; 625 struct reply_info rep; 626 char* s = (char*)sldns_buffer_begin(buf); 627 unsigned int flags, qdcount, security, an, ns, ar; 628 long long ttl; 629 size_t i; 630 int go_on = 1; 631 632 regional_free_all(region); 633 634 if(strncmp(s, "msg ", 4) != 0) { 635 log_warn("error expected msg but got %s", s); 636 return 0; 637 } 638 s += 4; 639 s = load_qinfo(s, &qinf, region); 640 if(!s) { 641 return 0; 642 } 643 644 /* read remainder of line */ 645 if(sscanf(s, " %u %u " ARG_LL "d %u %u %u %u", &flags, &qdcount, &ttl, 646 &security, &an, &ns, &ar) != 7) { 647 log_warn("error cannot parse numbers: %s", s); 648 return 0; 649 } 650 rep.flags = (uint16_t)flags; 651 rep.qdcount = (uint16_t)qdcount; 652 rep.ttl = (time_t)ttl; 653 rep.prefetch_ttl = PREFETCH_TTL_CALC(rep.ttl); 654 rep.security = (enum sec_status)security; 655 if(an > RR_COUNT_MAX || ns > RR_COUNT_MAX || ar > RR_COUNT_MAX) { 656 log_warn("error too many rrsets"); 657 return 0; /* protect against integer overflow in alloc */ 658 } 659 rep.an_numrrsets = (size_t)an; 660 rep.ns_numrrsets = (size_t)ns; 661 rep.ar_numrrsets = (size_t)ar; 662 rep.rrset_count = (size_t)an+(size_t)ns+(size_t)ar; 663 rep.rrsets = (struct ub_packed_rrset_key**)regional_alloc_zero( 664 region, sizeof(struct ub_packed_rrset_key*)*rep.rrset_count); 665 666 /* fill repinfo with references */ 667 for(i=0; i<rep.rrset_count; i++) { 668 if(!load_ref(ssl, buf, worker, region, &rep.rrsets[i], 669 &go_on)) { 670 return 0; 671 } 672 } 673 674 if(!go_on) 675 return 1; /* skip this one, not all references satisfied */ 676 677 if(!dns_cache_store(&worker->env, &qinf, &rep, 0, 0, 0, NULL, flags)) { 678 log_warn("error out of memory"); 679 return 0; 680 } 681 return 1; 682} 683 684/** load msg cache */ 685static int 686load_msg_cache(SSL* ssl, struct worker* worker) 687{ 688 sldns_buffer* buf = worker->env.scratch_buffer; 689 if(!read_fixed(ssl, buf, "START_MSG_CACHE")) return 0; 690 while(ssl_read_buf(ssl, buf) && 691 strcmp((char*)sldns_buffer_begin(buf), "END_MSG_CACHE")!=0) { 692 if(!load_msg(ssl, buf, worker)) 693 return 0; 694 } 695 return 1; 696} 697 698int 699load_cache(SSL* ssl, struct worker* worker) 700{ 701 if(!load_rrset_cache(ssl, worker)) 702 return 0; 703 if(!load_msg_cache(ssl, worker)) 704 return 0; 705 return read_fixed(ssl, worker->env.scratch_buffer, "EOF"); 706} 707 708/** print details on a delegation point */ 709static void 710print_dp_details(SSL* ssl, struct worker* worker, struct delegpt* dp) 711{ 712 char buf[257]; 713 struct delegpt_addr* a; 714 int lame, dlame, rlame, rto, edns_vs, to, delay, 715 tA = 0, tAAAA = 0, tother = 0; 716 long long entry_ttl; 717 struct rtt_info ri; 718 uint8_t edns_lame_known; 719 for(a = dp->target_list; a; a = a->next_target) { 720 addr_to_str(&a->addr, a->addrlen, buf, sizeof(buf)); 721 if(!ssl_printf(ssl, "%-16s\t", buf)) 722 return; 723 if(a->bogus) { 724 if(!ssl_printf(ssl, "Address is BOGUS. ")) 725 return; 726 } 727 /* lookup in infra cache */ 728 delay=0; 729 entry_ttl = infra_get_host_rto(worker->env.infra_cache, 730 &a->addr, a->addrlen, dp->name, dp->namelen, 731 &ri, &delay, *worker->env.now, &tA, &tAAAA, &tother); 732 if(entry_ttl == -2 && ri.rto >= USEFUL_SERVER_TOP_TIMEOUT) { 733 if(!ssl_printf(ssl, "expired, rto %d msec, tA %d " 734 "tAAAA %d tother %d.\n", ri.rto, tA, tAAAA, 735 tother)) 736 return; 737 continue; 738 } 739 if(entry_ttl == -1 || entry_ttl == -2) { 740 if(!ssl_printf(ssl, "not in infra cache.\n")) 741 return; 742 continue; /* skip stuff not in infra cache */ 743 } 744 745 /* uses type_A because most often looked up, but other 746 * lameness won't be reported then */ 747 if(!infra_get_lame_rtt(worker->env.infra_cache, 748 &a->addr, a->addrlen, dp->name, dp->namelen, 749 LDNS_RR_TYPE_A, &lame, &dlame, &rlame, &rto, 750 *worker->env.now)) { 751 if(!ssl_printf(ssl, "not in infra cache.\n")) 752 return; 753 continue; /* skip stuff not in infra cache */ 754 } 755 if(!ssl_printf(ssl, "%s%s%s%srto %d msec, ttl " ARG_LL "d, " 756 "ping %d var %d rtt %d, tA %d, tAAAA %d, tother %d", 757 lame?"LAME ":"", dlame?"NoDNSSEC ":"", 758 a->lame?"AddrWasParentSide ":"", 759 rlame?"NoAuthButRecursive ":"", rto, entry_ttl, 760 ri.srtt, ri.rttvar, rtt_notimeout(&ri), 761 tA, tAAAA, tother)) 762 return; 763 if(delay) 764 if(!ssl_printf(ssl, ", probedelay %d", delay)) 765 return; 766 if(infra_host(worker->env.infra_cache, &a->addr, a->addrlen, 767 dp->name, dp->namelen, *worker->env.now, &edns_vs, 768 &edns_lame_known, &to)) { 769 if(edns_vs == -1) { 770 if(!ssl_printf(ssl, ", noEDNS%s.", 771 edns_lame_known?" probed":" assumed")) 772 return; 773 } else { 774 if(!ssl_printf(ssl, ", EDNS %d%s.", edns_vs, 775 edns_lame_known?" probed":" assumed")) 776 return; 777 } 778 } 779 if(!ssl_printf(ssl, "\n")) 780 return; 781 } 782} 783 784/** print main dp info */ 785static void 786print_dp_main(SSL* ssl, struct delegpt* dp, struct dns_msg* msg) 787{ 788 size_t i, n_ns, n_miss, n_addr, n_res, n_avail; 789 790 /* print the dp */ 791 if(msg) 792 for(i=0; i<msg->rep->rrset_count; i++) { 793 struct ub_packed_rrset_key* k = msg->rep->rrsets[i]; 794 struct packed_rrset_data* d = 795 (struct packed_rrset_data*)k->entry.data; 796 if(d->security == sec_status_bogus) { 797 if(!ssl_printf(ssl, "Address is BOGUS:\n")) 798 return; 799 } 800 if(!dump_rrset(ssl, k, d, 0)) 801 return; 802 } 803 delegpt_count_ns(dp, &n_ns, &n_miss); 804 delegpt_count_addr(dp, &n_addr, &n_res, &n_avail); 805 /* since dp has not been used by iterator, all are available*/ 806 if(!ssl_printf(ssl, "Delegation with %d names, of which %d " 807 "can be examined to query further addresses.\n" 808 "%sIt provides %d IP addresses.\n", 809 (int)n_ns, (int)n_miss, (dp->bogus?"It is BOGUS. ":""), 810 (int)n_addr)) 811 return; 812} 813 814int print_deleg_lookup(SSL* ssl, struct worker* worker, uint8_t* nm, 815 size_t nmlen, int ATTR_UNUSED(nmlabs)) 816{ 817 /* deep links into the iterator module */ 818 struct delegpt* dp; 819 struct dns_msg* msg; 820 struct regional* region = worker->scratchpad; 821 char b[260]; 822 struct query_info qinfo; 823 struct iter_hints_stub* stub; 824 regional_free_all(region); 825 qinfo.qname = nm; 826 qinfo.qname_len = nmlen; 827 qinfo.qtype = LDNS_RR_TYPE_A; 828 qinfo.qclass = LDNS_RR_CLASS_IN; 829 830 dname_str(nm, b); 831 if(!ssl_printf(ssl, "The following name servers are used for lookup " 832 "of %s\n", b)) 833 return 0; 834 835 dp = forwards_lookup(worker->env.fwds, nm, qinfo.qclass); 836 if(dp) { 837 if(!ssl_printf(ssl, "forwarding request:\n")) 838 return 0; 839 print_dp_main(ssl, dp, NULL); 840 print_dp_details(ssl, worker, dp); 841 return 1; 842 } 843 844 while(1) { 845 dp = dns_cache_find_delegation(&worker->env, nm, nmlen, 846 qinfo.qtype, qinfo.qclass, region, &msg, 847 *worker->env.now); 848 if(!dp) { 849 return ssl_printf(ssl, "no delegation from " 850 "cache; goes to configured roots\n"); 851 } 852 /* go up? */ 853 if(iter_dp_is_useless(&qinfo, BIT_RD, dp)) { 854 print_dp_main(ssl, dp, msg); 855 print_dp_details(ssl, worker, dp); 856 if(!ssl_printf(ssl, "cache delegation was " 857 "useless (no IP addresses)\n")) 858 return 0; 859 if(dname_is_root(nm)) { 860 /* goes to root config */ 861 return ssl_printf(ssl, "no delegation from " 862 "cache; goes to configured roots\n"); 863 } else { 864 /* useless, goes up */ 865 nm = dp->name; 866 nmlen = dp->namelen; 867 dname_remove_label(&nm, &nmlen); 868 dname_str(nm, b); 869 if(!ssl_printf(ssl, "going up, lookup %s\n", b)) 870 return 0; 871 continue; 872 } 873 } 874 stub = hints_lookup_stub(worker->env.hints, nm, qinfo.qclass, 875 dp); 876 if(stub) { 877 if(stub->noprime) { 878 if(!ssl_printf(ssl, "The noprime stub servers " 879 "are used:\n")) 880 return 0; 881 } else { 882 if(!ssl_printf(ssl, "The stub is primed " 883 "with servers:\n")) 884 return 0; 885 } 886 print_dp_main(ssl, stub->dp, NULL); 887 print_dp_details(ssl, worker, stub->dp); 888 } else { 889 print_dp_main(ssl, dp, msg); 890 print_dp_details(ssl, worker, dp); 891 } 892 break; 893 } 894 895 return 1; 896} 897