Subversion Repositories planix.SVN

/*

 * domain name resolvers, see rfcs 1035 and 1123

 */

#include <u.h>

#include <libc.h>

#include <ip.h>

#include <bio.h>

#include <ndb.h>

#include "dns.h"

typedef struct Dest Dest;

typedef struct Ipaddr Ipaddr;

typedef struct Query Query;

enum

{

	Udp, Tcp,

	Answerr=	-1,

	Answnone,

	Maxdest=	24,	/* maximum destinations for a request message */

	Maxoutstanding=	15,	/* max. outstanding queries per domain name */

	Remntretry=	15,	/* min. sec.s between /net.alt remount tries */

	/*

	 * these are the old values; we're trying longer timeouts now

	 * primarily for the benefit of remote nameservers querying us

	 * during times of bad connectivity.

	 */

//	Maxtrans=	3,	/* maximum transmissions to a server */

//	Maxretries=	3, /* cname+actual resends: was 32; have pity on user */

//	Maxwaitms=	1000,	/* wait no longer for a remote dns query */

//	Minwaitms=	100,	/* willing to wait for a remote dns query */

	Maxtrans=	5,	/* maximum transmissions to a server */

	Maxretries=	5, /* cname+actual resends: was 32; have pity on user */

	Maxwaitms=	5000,	/* wait no longer for a remote dns query */

	Minwaitms=	500,	/* willing to wait for a remote dns query */

	Destmagic=	0xcafebabe,

	Querymagic=	0xdeadbeef,

};

enum { Hurry, Patient, };

enum { Outns, Inns, };

struct Ipaddr {

	Ipaddr *next;

	uchar	ip[IPaddrlen];

};

struct Dest

{

	uchar	a[IPaddrlen];	/* ip address */

	DN	*s;		/* name server */

	int	nx;		/* number of transmissions */

	int	code;		/* response code; used to clear dp->respcode */

	ulong	magic;

};

/*

 * Query has a QLock in it, thus it can't be an automatic

 * variable, since each process would see a separate copy

 * of the lock on its stack.

 */

struct Query {

	DN	*dp;		/* domain */

	ushort	type;		/* and type to look up */

	Request *req;

	RR	*nsrp;		/* name servers to consult */

	/* dest must not be on the stack due to forking in slave() */

	Dest	*dest;		/* array of destinations */

	Dest	*curdest;	/* pointer to next to fill */

	int	ndest;		/* transmit to this many on this round */

	int	udpfd;

	QLock	tcplock;	/* only one tcp call at a time per query */

	int	tcpset;

	int	tcpfd;		/* if Tcp, read replies from here */

	int	tcpctlfd;

	uchar	tcpip[IPaddrlen];

	ulong	magic;

};

/* estimated % probability of such a record existing at all */

int likely[] = {

	[Ta]		95,

	[Taaaa]		10,

	[Tcname]	15,

	[Tmx]		60,

	[Tns]		90,

	[Tnull]		5,

	[Tptr]		35,

	[Tsoa]		90,

	[Tsrv]		60,

	[Ttxt]		15,

	[Tall]		95,

};

static RR*	dnresolve1(char*, int, int, Request*, int, int);

static int	netquery(Query *, int);

/*

 * reading /proc/pid/args yields either "name args" or "name [display args]",

 * so return only display args, if any.

 */

static char *

procgetname(void)

{

	int fd, n;

	char *lp, *rp;

	char buf[256];

	snprint(buf, sizeof buf, "#p/%d/args", getpid());

	if((fd = open(buf, OREAD)) < 0)

		return strdup("");

	*buf = '\0';

	n = read(fd, buf, sizeof buf-1);

	close(fd);

	if (n >= 0)

		buf[n] = '\0';

	if ((lp = strchr(buf, '[')) == nil ||

	    (rp = strrchr(buf, ']')) == nil)

		return strdup("");

	*rp = '\0';

	return strdup(lp+1);

}

void

rrfreelistptr(RR **rpp)

{

	RR *rp;

	if (rpp == nil || *rpp == nil)

		return;

	rp = *rpp;

	*rpp = nil;	/* update pointer in memory before freeing list */

	rrfreelist(rp);

}

/*

 *  lookup 'type' info for domain name 'name'.  If it doesn't exist, try

 *  looking it up as a canonical name.

 *

 *  this process can be quite slow if time-outs are set too high when querying

 *  nameservers that just don't respond to certain query types.  in that case,

 *  there will be multiple udp retries, multiple nameservers will be queried,

 *  and this will be repeated for a cname query.  the whole thing will be

 *  retried several times until we get an answer or a time-out.

 */

RR*

dnresolve(char *name, int class, int type, Request *req, RR **cn, int depth,

	int recurse, int rooted, int *status)

{

	RR *rp, *nrp, *drp;

	DN *dp;

	int loops;

	char *procname;

	char nname[Domlen];

	if(status)

		*status = 0;

	if(depth > 12)			/* in a recursive loop? */

		return nil;

	procname = procgetname();

	/*

	 *  hack for systems that don't have resolve search

	 *  lists.  Just look up the simple name in the database.

	 */

	if(!rooted && strchr(name, '.') == nil){

		rp = nil;

		drp = domainlist(class);

		for(nrp = drp; rp == nil && nrp != nil; nrp = nrp->next){

			snprint(nname, sizeof nname, "%s.%s", name,

				nrp->ptr->name);

			rp = dnresolve(nname, class, type, req, cn, depth+1,

				recurse, rooted, status);

			lock(&dnlock);

			rrfreelist(rrremneg(&rp));

			unlock(&dnlock);

		}

		if(drp != nil)

			rrfreelist(drp);

		procsetname(procname);

		free(procname);

		return rp;

	}

	/*

	 *  try the name directly

	 */

	rp = dnresolve1(name, class, type, req, depth, recurse);

	if(rp == nil) {

		/*

		 * try it as a canonical name if we weren't told

		 * that the name didn't exist

		 */

		dp = dnlookup(name, class, 0);

		if(type != Tptr && dp->respcode != Rname)

			for(loops = 0; rp == nil && loops < Maxretries; loops++){

				/* retry cname, then the actual type */

				rp = dnresolve1(name, class, Tcname, req,

					depth, recurse);

				if(rp == nil)

					break;

				/* rp->host == nil shouldn't happen, but does */

				if(rp->negative || rp->host == nil){

					rrfreelist(rp);

					rp = nil;

					break;

				}

				name = rp->host->name;

				lock(&dnlock);

				if(cn)

					rrcat(cn, rp);

				else

					rrfreelist(rp);

				unlock(&dnlock);

				rp = dnresolve1(name, class, type, req,

					depth, recurse);

			}

		/* distinction between not found and not good */

		if(rp == nil && status != nil && dp->respcode != Rok)

			*status = dp->respcode;

	}

	procsetname(procname);

	free(procname);

	return randomize(rp);

}

static void

queryinit(Query *qp, DN *dp, int type, Request *req)

{

	memset(qp, 0, sizeof *qp);

	qp->udpfd = qp->tcpfd = qp->tcpctlfd = -1;

	qp->dp = dp;

	qp->type = type;

	if (qp->type != type)

		dnslog("queryinit: bogus type %d", type);

	qp->req = req;

	qp->nsrp = nil;

	qp->dest = qp->curdest = nil;

	qp->magic = Querymagic;

}

static void

queryck(Query *qp)

{

	assert(qp);

	assert(qp->magic == Querymagic);

}

static void

querydestroy(Query *qp)

{

	queryck(qp);

	/* leave udpfd open */

	if (qp->tcpfd > 0)

		close(qp->tcpfd);

	if (qp->tcpctlfd > 0) {

		hangup(qp->tcpctlfd);

		close(qp->tcpctlfd);

	}

	free(qp->dest);

	memset(qp, 0, sizeof *qp);	/* prevent accidents */

	qp->udpfd = qp->tcpfd = qp->tcpctlfd = -1;

}

static void

destinit(Dest *p)

{

	memset(p, 0, sizeof *p);

	p->magic = Destmagic;

}

static void

destck(Dest *p)

{

	assert(p);

	assert(p->magic == Destmagic);

}

/*

 * if the response to a query hasn't arrived within 100 ms.,

 * it's unlikely to arrive at all.  after 1 s., it's really unlikely.

 * queries for missing RRs are likely to produce time-outs rather than

 * negative responses, so cname and aaaa queries are likely to time out,

 * thus we don't wait very long for them.

 */

static void

notestats(vlong start, int tmout, int type)

{

	qlock(&stats);

	if (tmout) {

		stats.tmout++;

		if (type == Taaaa)

			stats.tmoutv6++;

		else if (type == Tcname)

			stats.tmoutcname++;

	} else {

		long wait10ths = NS2MS(nsec() - start) / 100;

		if (wait10ths <= 0)

			stats.under10ths[0]++;

		else if (wait10ths >= nelem(stats.under10ths))

			stats.under10ths[nelem(stats.under10ths) - 1]++;

		else

			stats.under10ths[wait10ths]++;

	}

	qunlock(&stats);

}

static void

noteinmem(void)

{

	qlock(&stats);

	stats.answinmem++;

	qunlock(&stats);

}

/* netquery with given name servers, free ns rrs when done */

static int

netqueryns(Query *qp, int depth, RR *nsrp)

{

	int rv;

	qp->nsrp = nsrp;

	rv = netquery(qp, depth);

	lock(&dnlock);

	rrfreelist(nsrp);

	unlock(&dnlock);

	return rv;

}

static RR*

issuequery(Query *qp, char *name, int class, int depth, int recurse)

{

	char *cp;

	DN *nsdp;

	RR *rp, *nsrp, *dbnsrp;

	/*

	 *  if we're running as just a resolver, query our

	 *  designated name servers

	 */

	if(cfg.resolver){

		nsrp = randomize(getdnsservers(class));

		if(nsrp != nil)

			if(netqueryns(qp, depth+1, nsrp) > Answnone)

				return rrlookup(qp->dp, qp->type, OKneg);

	}

	/*

 	 *  walk up the domain name looking for

	 *  a name server for the domain.

	 */

	for(cp = name; cp; cp = walkup(cp)){

		/*

		 *  if this is a local (served by us) domain,

		 *  return answer

		 */

		dbnsrp = randomize(dblookup(cp, class, Tns, 0, 0));

		if(dbnsrp && dbnsrp->local){

			rp = dblookup(name, class, qp->type, 1, dbnsrp->ttl);

			lock(&dnlock);

			rrfreelist(dbnsrp);

			unlock(&dnlock);

			return rp;

		}

		/*

		 *  if recursion isn't set, just accept local

		 *  entries

		 */

		if(recurse == Dontrecurse){

			if(dbnsrp) {

				lock(&dnlock);

				rrfreelist(dbnsrp);

				unlock(&dnlock);

			}

			continue;

		}

		/* look for ns in cache */

		nsdp = dnlookup(cp, class, 0);

		nsrp = nil;

		if(nsdp)

			nsrp = randomize(rrlookup(nsdp, Tns, NOneg));

		/* if the entry timed out, ignore it */

		if(nsrp && nsrp->ttl < now){

			lock(&dnlock);

			rrfreelistptr(&nsrp);

			unlock(&dnlock);

		}

		if(nsrp){

			lock(&dnlock);

			rrfreelistptr(&dbnsrp);

			unlock(&dnlock);

			/* query the name servers found in cache */

			if(netqueryns(qp, depth+1, nsrp) > Answnone)

				return rrlookup(qp->dp, qp->type, OKneg);

		} else if(dbnsrp)

			/* try the name servers found in db */

			if(netqueryns(qp, depth+1, dbnsrp) > Answnone)

				return rrlookup(qp->dp, qp->type, NOneg);

	}

	return nil;

}

static RR*

dnresolve1(char *name, int class, int type, Request *req, int depth,

	int recurse)

{

	Area *area;

	DN *dp;

	RR *rp;

	Query *qp;

	if(debug)

		dnslog("[%d] dnresolve1 %s %d %d", getpid(), name, type, class);

	/* only class Cin implemented so far */

	if(class != Cin)

		return nil;

	dp = dnlookup(name, class, 1);

	/*

	 *  Try the cache first

	 */

	rp = rrlookup(dp, type, OKneg);

	if(rp)

		if(rp->db){

			/* unauthoritative db entries are hints */

			if(rp->auth) {

				noteinmem();

				if(debug)

					dnslog("[%d] dnresolve1 %s %d %d: auth rr in db",

						getpid(), name, type, class);

				return rp;

			}

		} else

			/* cached entry must still be valid */

			if(rp->ttl > now)

				/* but Tall entries are special */

				if(type != Tall || rp->query == Tall) {

					noteinmem();

					if(debug)

						dnslog("[%d] dnresolve1 %s %d %d: rr not in db",

							getpid(), name, type, class);

					return rp;

				}

	lock(&dnlock);

	rrfreelist(rp);

	unlock(&dnlock);

	rp = nil;		/* accident prevention */

	USED(rp);

	/*

	 * try the cache for a canonical name. if found punt

	 * since we'll find it during the canonical name search

	 * in dnresolve().

	 */

	if(type != Tcname){

		rp = rrlookup(dp, Tcname, NOneg);

		lock(&dnlock);

		rrfreelist(rp);

		unlock(&dnlock);

		if(rp){

			if(debug)

				dnslog("[%d] dnresolve1 %s %d %d: rr from rrlookup for non-cname",

					getpid(), name, type, class);

			return nil;

		}

	}

	/*

	 * if the domain name is within an area of ours,

	 * we should have found its data in memory by now.

	 */

	area = inmyarea(dp->name);

	if (area || strncmp(dp->name, "local#", 6) == 0) {

//		char buf[32];

//		dnslog("%s %s: no data in area %s", dp->name,

//			rrname(type, buf, sizeof buf), area->soarr->owner->name);

		return nil;

	}

	qp = emalloc(sizeof *qp);

	queryinit(qp, dp, type, req);

	rp = issuequery(qp, name, class, depth, recurse);

	querydestroy(qp);

	free(qp);

	if(rp){

		if(debug)

			dnslog("[%d] dnresolve1 %s %d %d: rr from query",

				getpid(), name, type, class);

		return rp;

	}

	/* settle for a non-authoritative answer */

	rp = rrlookup(dp, type, OKneg);

	if(rp){

		if(debug)

			dnslog("[%d] dnresolve1 %s %d %d: rr from rrlookup",

				getpid(), name, type, class);

		return rp;

	}

	/* noone answered.  try the database, we might have a chance. */

	rp = dblookup(name, class, type, 0, 0);

	if (rp) {

		if(debug)

			dnslog("[%d] dnresolve1 %s %d %d: rr from dblookup",

				getpid(), name, type, class);

	}else{

		if(debug)

			dnslog("[%d] dnresolve1 %s %d %d: no rr from dblookup; crapped out",

				getpid(), name, type, class);

	}

	return rp;

}

/*

 *  walk a domain name one element to the right.

 *  return a pointer to that element.

 *  in other words, return a pointer to the parent domain name.

 */

char*

walkup(char *name)

{

	char *cp;

	cp = strchr(name, '.');

	if(cp)

		return cp+1;

	else if(*name)

		return "";

	else

		return 0;

}

/*

 *  Get a udp port for sending requests and reading replies.  Put the port

 *  into "headers" mode.

 */

static char *hmsg = "headers";

int

udpport(char *mtpt)

{

	int fd, ctl;

	char ds[64], adir[64];

	/* get a udp port */

	snprint(ds, sizeof ds, "%s/udp!*!0", (mtpt? mtpt: "/net"));

	ctl = announce(ds, adir);

	if(ctl < 0){

		/* warning("can't get udp port"); */

		return -1;

	}

	/* turn on header style interface */

	if(write(ctl, hmsg, strlen(hmsg)) != strlen(hmsg)){

		close(ctl);

		warning(hmsg);

		return -1;

	}

	/* grab the data file */

	snprint(ds, sizeof ds, "%s/data", adir);

	fd = open(ds, ORDWR);

	close(ctl);

	if(fd < 0)

		warning("can't open udp port %s: %r", ds);

	return fd;

}

void

initdnsmsg(DNSmsg *mp, RR *rp, int flags, ushort reqno)

{

	mp->flags = flags;

	mp->id = reqno;

	mp->qd = rp;

	if(rp != nil)

		mp->qdcount = 1;

}

DNSmsg *

newdnsmsg(RR *rp, int flags, ushort reqno)

{

	DNSmsg *mp;

	mp = emalloc(sizeof *mp);

	initdnsmsg(mp, rp, flags, reqno);

	return mp;

}

/* generate a DNS UDP query packet */

int

mkreq(DN *dp, int type, uchar *buf, int flags, ushort reqno)

{

	DNSmsg m;

	int len;

	Udphdr *uh = (Udphdr*)buf;

	RR *rp;

	/* stuff port number into output buffer */

	memset(uh, 0, sizeof *uh);

	hnputs(uh->rport, Dnsport);

	/* make request and convert it to output format */

	memset(&m, 0, sizeof m);

	rp = rralloc(type);

	rp->owner = dp;

	initdnsmsg(&m, rp, flags, reqno);

	len = convDNS2M(&m, &buf[Udphdrsize], Maxdnspayload);

	rrfreelistptr(&m.qd);

	memset(&m, 0, sizeof m);		/* cause trouble */

	return len;

}

void

freeanswers(DNSmsg *mp)

{

	lock(&dnlock);

	rrfreelistptr(&mp->qd);

	rrfreelistptr(&mp->an);

	rrfreelistptr(&mp->ns);

	rrfreelistptr(&mp->ar);

	unlock(&dnlock);

	mp->qdcount = mp->ancount = mp->nscount = mp->arcount = 0;

}

/* timed read of reply.  sets srcip.  ibuf must be 64K to handle tcp answers. */

static int

readnet(Query *qp, int medium, uchar *ibuf, uvlong endms, uchar **replyp,

	uchar *srcip)

{

	int len, fd;

	long ms;

	vlong startns = nsec();

	uchar *reply;

	uchar lenbuf[2];

	len = -1;			/* pessimism */

	ms = endms - NS2MS(startns);

	if (ms <= 0)

		return -1;		/* taking too long */

	reply = ibuf;

	memset(srcip, 0, IPaddrlen);

	alarm(ms);

	if (medium == Udp)

		if (qp->udpfd <= 0)

			dnslog("readnet: qp->udpfd closed");

		else {

			len = read(qp->udpfd, ibuf, Udphdrsize+Maxpayload);

			alarm(0);

			notestats(startns, len < 0, qp->type);

			if (len >= IPaddrlen)

				memmove(srcip, ibuf, IPaddrlen);

			if (len >= Udphdrsize) {

				len   -= Udphdrsize;

				reply += Udphdrsize;

			}

		}

	else {

		if (!qp->tcpset)

			dnslog("readnet: tcp params not set");

		fd = qp->tcpfd;

		if (fd <= 0)

			dnslog("readnet: %s: tcp fd unset for dest %I",

				qp->dp->name, qp->tcpip);

		else if (readn(fd, lenbuf, 2) != 2) {

			dnslog("readnet: short read of 2-byte tcp msg size from %I",

				qp->tcpip);

			/* probably a time-out */

			notestats(startns, 1, qp->type);

		} else {

			len = lenbuf[0]<<8 | lenbuf[1];

			if (readn(fd, ibuf, len) != len) {

				dnslog("readnet: short read of tcp data from %I",

					qp->tcpip);

				/* probably a time-out */

				notestats(startns, 1, qp->type);

				len = -1;

			}

		}

		memmove(srcip, qp->tcpip, IPaddrlen);

	}

	alarm(0);

	*replyp = reply;

	return len;

}

/*

 *  read replies to a request and remember the rrs in the answer(s).

 *  ignore any of the wrong type.

 *  wait at most until endms.

 */

static int

readreply(Query *qp, int medium, ushort req, uchar *ibuf, DNSmsg *mp,

	uvlong endms)

{

	int len;

	char *err;

	char tbuf[32];

	uchar *reply;

	uchar srcip[IPaddrlen];

	RR *rp;

	queryck(qp);

	memset(mp, 0, sizeof *mp);

	memset(srcip, 0, sizeof srcip);

	if (0)

		len = -1;

	for (; timems() < endms &&

	    (len = readnet(qp, medium, ibuf, endms, &reply, srcip)) >= 0;

	    freeanswers(mp)){

		/* convert into internal format  */

		memset(mp, 0, sizeof *mp);

		err = convM2DNS(reply, len, mp, nil);

		if (mp->flags & Ftrunc) {

			free(err);

			freeanswers(mp);

			/* notify our caller to retry the query via tcp. */

			return -1;

		} else if(err){

			dnslog("readreply: %s: input err, len %d: %s: %I",

				qp->dp->name, len, err, srcip);

			free(err);

			continue;

		}

		if(debug)

			logreply(qp->req->id, srcip, mp);

		/* answering the right question? */

		if(mp->id != req)

			dnslog("%d: id %d instead of %d: %I", qp->req->id,

				mp->id, req, srcip);

		else if(mp->qd == 0)

			dnslog("%d: no question RR: %I", qp->req->id, srcip);

		else if(mp->qd->owner != qp->dp)

			dnslog("%d: owner %s instead of %s: %I", qp->req->id,

				mp->qd->owner->name, qp->dp->name, srcip);

		else if(mp->qd->type != qp->type)

			dnslog("%d: qp->type %d instead of %d: %I",

				qp->req->id, mp->qd->type, qp->type, srcip);

		else {

			/* remember what request this is in answer to */

			for(rp = mp->an; rp; rp = rp->next)

				rp->query = qp->type;

			return 0;

		}

	}

	if (timems() >= endms) {

		;				/* query expired */

	} else if (0) {

		/* this happens routinely when a read times out */

		dnslog("readreply: %s type %s: ns %I read error or eof "

			"(returned %d): %r", qp->dp->name, rrname(qp->type,

			tbuf, sizeof tbuf), srcip, len);

		if (medium == Udp)

			for (rp = qp->nsrp; rp != nil; rp = rp->next)

				if (rp->type == Tns)

					dnslog("readreply: %s: query sent to "

						"ns %s", qp->dp->name,

						rp->host->name);

	}

	return -1;

}

/*

 *	return non-0 if first list includes second list

 */

int

contains(RR *rp1, RR *rp2)

{

	RR *trp1, *trp2;

	for(trp2 = rp2; trp2; trp2 = trp2->next){

		for(trp1 = rp1; trp1; trp1 = trp1->next)

			if(trp1->type == trp2->type)

			if(trp1->host == trp2->host)

			if(trp1->owner == trp2->owner)

				break;

		if(trp1 == nil)

			return 0;

	}

	return 1;

}

/*

 *  return multicast version if any

 */

int

ipisbm(uchar *ip)

{

	if(isv4(ip)){

		if (ip[IPv4off] >= 0xe0 && ip[IPv4off] < 0xf0 ||

		    ipcmp(ip, IPv4bcast) == 0)

			return 4;

	} else

		if(ip[0] == 0xff)

			return 6;

	return 0;

}

/*

 *  Get next server address(es) into qp->dest[nd] and beyond

 */

static int

serveraddrs(Query *qp, int nd, int depth)

{

	RR *rp, *arp, *trp;

	Dest *cur;

	if(nd >= Maxdest)		/* dest array is full? */

		return Maxdest - 1;

	/*

	 *  look for a server whose address we already know.

	 *  if we find one, mark it so we ignore this on

	 *  subsequent passes.

	 */

	arp = 0;

	for(rp = qp->nsrp; rp; rp = rp->next){

		assert(rp->magic == RRmagic);

		if(rp->marker)

			continue;

		arp = rrlookup(rp->host, Ta, NOneg);

		if(arp == nil)

			arp = rrlookup(rp->host, Taaaa, NOneg);

		if(arp){

			rp->marker = 1;

			break;

		}

		arp = dblookup(rp->host->name, Cin, Ta, 0, 0);

		if(arp == nil)

			arp = dblookup(rp->host->name, Cin, Taaaa, 0, 0);

		if(arp){

			rp->marker = 1;

			break;

		}