Gitiles
Code Review Sign In
gerrit.nordix.org / thekelleys / dnsmasq / b49644f39fe5b77d085f9c6b21e73b8cb50a5c70 / . / src / rfc1035.c
blob: 170168f10a166a78446cd4ca6aeb19bb47bf9b1b [file] [log] [blame]
Simon Kelley9e4abcb2004-01-22 19:47:41 +0000[diff] [blame]1/* dnsmasq is Copyright (c) 2000 Simon Kelley
2
3 This program is free software; you can redistribute it and/or modify
4 it under the terms of the GNU General Public License as published by
5 the Free Software Foundation; version 2 dated June, 1991.
6
7 This program is distributed in the hope that it will be useful,
8 but WITHOUT ANY WARRANTY; without even the implied warranty of
9 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
10 GNU General Public License for more details.
11*/
12
13#include "dnsmasq.h"
14
15static int extract_name(HEADER *header, unsigned int plen, unsigned char **pp,
16 unsigned char *name, int isExtract)
17{
18 unsigned char *cp = name, *p = *pp, *p1 = NULL;
19 unsigned int j, l, hops = 0;
20 int retvalue = 1;
21
22 while ((l = *p++))
23 {
24 unsigned int label_type = l & 0xc0;
25 if (label_type == 0xc0) /* pointer */
26 {
27 if (p - (unsigned char *)header + 1u >= plen)
28 return 0;
29
30 /* get offset */
31 l = (l&0x3f) << 8;
32 l |= *p++;
33 if (l >= (unsigned int)plen)
34 return 0;
35
36 if (!p1) /* first jump, save location to go back to */
37 p1 = p;
38
39 hops++; /* break malicious infinite loops */
40 if (hops > 255)
41 return 0;
42
43 p = l + (unsigned char *)header;
44 }
45 else if (label_type == 0x80)
46 return 0; /* reserved */
47 else if (label_type == 0x40)
48 { /* ELT */
49 unsigned int count, digs;
50
51 if ((l & 0x3f) != 1)
52 return 0; /* we only understand bitstrings */
53
54 if (!isExtract)
55 return 0; /* Cannot compare bitsrings */
56
57 count = *p++;
58 if (count == 0)
59 count = 256;
60 digs = ((count-1)>>2)+1;
61
62 /* output is \[x<hex>/siz]. which is digs+9 chars */
63 if (cp - name + digs + 9 >= MAXDNAME)
64 return 0;
65 if (p - (unsigned char *)header + ((count-1)>>3) + 1u >= plen)
66 return 0;
67
68 *cp++ = '\\';
69 *cp++ = '[';
70 *cp++ = 'x';
71 for (j=0; j<digs; j++)
72 {
73 unsigned int dig;
74 if (j%2 == 0)
75 dig = *p >> 4;
76 else
77 dig = *p++ & 0x0f;
78
79 *cp++ = dig < 10 ? dig + '0' : dig + 'A' - 10;
80 }
81 cp += sprintf(cp, "/%d]", count);
82 /* do this here to overwrite the zero char from sprintf */
83 *cp++ = '.';
84 }
85 else
86 { /* label_type = 0 -> label. */
87 if (cp - name + l + 1 >= MAXDNAME)
88 return 0;
89 if (p - (unsigned char *)header + 1u >= plen)
90 return 0;
91 for(j=0; j<l; j++, p++)
92 if (isExtract)
93 {
94 if (legal_char(*p))
95 *cp++ = *p;
96 else
97 return 0;
98 }
99 else
100 {
101 unsigned char c1 = *cp, c2 = *p;
102
103 if (c1 == 0)
104 retvalue = 2;
105 else
106 {
107 cp++;
108 if (c1 >= 'A' && c1 <= 'Z')
109 c1 += 'a' - 'A';
110 if (c2 >= 'A' && c2 <= 'Z')
111 c2 += 'a' - 'A';
112
113 if (c1 != c2)
114 retvalue = 2;
115 }
116 }
117
118 if (isExtract)
119 *cp++ = '.';
120 else
121 if (*cp != 0 && *cp++ != '.')
122 retvalue = 2;
123 }
124
125 if ((unsigned int)(p - (unsigned char *)header) >= plen)
126 return 0;
127 }
128
129 if (isExtract)
130 *--cp = 0; /* terminate: lose final period */
131
132 if (p1) /* we jumped via compression */
133 *pp = p1;
134 else
135 *pp = p;
136
137 return retvalue;
138}
139
140/* Max size of input string (for IPv6) is 75 chars.) */
141#define MAXARPANAME 75
142static int in_arpa_name_2_addr(char *namein, struct all_addr *addrp)
143{
144 int j;
145 char name[MAXARPANAME+1], *cp1;
146 unsigned char *addr = (unsigned char *)addrp;
147 char *lastchunk = NULL, *penchunk = NULL;
148
149 if (strlen(namein) > MAXARPANAME)
150 return 0;
151
152 memset(addrp, 0, sizeof(struct all_addr));
153
154 /* turn name into a series of asciiz strings */
155 /* j counts no of labels */
156 for(j = 1,cp1 = name; *namein; cp1++, namein++)
157 if (*namein == '.')
158 {
159 penchunk = lastchunk;
160 lastchunk = cp1 + 1;
161 *cp1 = 0;
162 j++;
163 }
164 else
165 *cp1 = *namein;
166
167 *cp1 = 0;
168
169 if (j<3)
170 return 0;
171
172 if (hostname_isequal(lastchunk, "arpa") && hostname_isequal(penchunk, "in-addr"))
173 {
174 /* IP v4 */
175 /* address arives as a name of the form
176 www.xxx.yyy.zzz.in-addr.arpa
177 some of the low order address octets might be missing
178 and should be set to zero. */
179 for (cp1 = name; cp1 != penchunk; cp1 += strlen(cp1)+1)
180 {
181 /* check for digits only (weeds out things like
182 50.0/24.67.28.64.in-addr.arpa which are used
183 as CNAME targets according to RFC 2317 */
184 char *cp;
185 for (cp = cp1; *cp; cp++)
186 if (!isdigit((int)*cp))
187 return 0;
188
189 addr[3] = addr[2];
190 addr[2] = addr[1];
191 addr[1] = addr[0];
192 addr[0] = atoi(cp1);
193 }
194
195 return F_IPV4;
196 }
197#ifdef HAVE_IPV6
198 else if (hostname_isequal(penchunk, "ip6") &&
199 (hostname_isequal(lastchunk, "int") || hostname_isequal(lastchunk, "arpa")))
200 {
201 /* IP v6:
202 Address arrives as 0.1.2.3.4.5.6.7.8.9.a.b.c.d.e.f.ip6.[int|arpa]
203 or \[xfedcba9876543210fedcba9876543210/128].ip6.[int|arpa]
204
205 Note that most of these the various reprentations are obsolete and
206 left-over from the many DNS-for-IPv6 wars. We support all the formats
207 that we can since there is no reason not to.
208 */
209
210 if (*name == '\\' && *(name+1) == '[' &&
211 (*(name+2) == 'x' || *(name+2) == 'X'))
212 {
213 for (j = 0, cp1 = name+3; *cp1 && isxdigit(*cp1) && j < 32; cp1++, j++)
214 {
215 char xdig[2];
216 xdig[0] = *cp1;
217 xdig[1] = 0;
218 if (j%2)
219 addr[j/2] |= strtol(xdig, NULL, 16);
220 else
221 addr[j/2] = strtol(xdig, NULL, 16) << 4;
222 }
223
224 if (*cp1 == '/' && j == 32)
225 return F_IPV6;
226 }
227 else
228 {
229 for (cp1 = name; cp1 != penchunk; cp1 += strlen(cp1)+1)
230 {
231 if (*(cp1+1) || !isxdigit((int)*cp1))
232 return 0;
233
234 for (j = sizeof(struct all_addr)-1; j>0; j--)
235 addr[j] = (addr[j] >> 4) | (addr[j-1] << 4);
236 addr[0] = (addr[0] >> 4) | (strtol(cp1, NULL, 16) << 4);
237 }
238
239 return F_IPV6;
240 }
241 }
242#endif
243
244 return 0;
245}
246
247static unsigned char *skip_questions(HEADER *header, unsigned int plen)
248{
249 int q, qdcount = ntohs(header->qdcount);
250 unsigned char *ansp = (unsigned char *)(header+1);
251
252 for (q=0; q<qdcount; q++)
253 {
254 while (1)
255 {
256 unsigned int label_type = (*ansp) & 0xc0;
257
258 if ((unsigned int)(ansp - (unsigned char *)header) >= plen)
259 return NULL;
260
261 if (label_type == 0xc0)
262 {
263 /* pointer for compression. */
264 ansp += 2;
265 break;
266 }
267 else if (label_type == 0x80)
268 return NULL; /* reserved */
269 else if (label_type == 0x40)
270 {
271 /* Extended label type */
272 unsigned int count;
273
274 if (((*ansp++) & 0x3f) != 1)
275 return NULL; /* we only understand bitstrings */
276
277 count = *(ansp++); /* Bits in bitstring */
278
279 if (count == 0) /* count == 0 means 256 bits */
280 ansp += 32;
281 else
282 ansp += ((count-1)>>3)+1;
283 }
284 else
285 { /* label type == 0 Bottom six bits is length */
286 unsigned int len = (*ansp++) & 0x3f;
287 if (len == 0)
288 break; /* zero length label marks the end. */
289
290 ansp += len;
291 }
292 }
293 ansp += 4; /* class and type */
294 }
295 if ((unsigned int)(ansp - (unsigned char *)header) > plen)
296 return NULL;
297
298 return ansp;
299}
300
301/* is addr in the non-globally-routed IP space? */
302static int private_net(struct all_addr *addrp)
303{
304 struct in_addr addr = *(struct in_addr *)addrp;
305 if (inet_netof(addr) == 0xA ||
306 (inet_netof(addr) >= 0xAC10 && inet_netof(addr) < 0xAC20) ||
307 (inet_netof(addr) >> 8) == 0xC0A8)
308 return 1;
309 else
310 return 0;
311}
312
313static unsigned char *add_text_record(unsigned int nameoffset, unsigned char *p,
314 unsigned long ttl, unsigned short pref,
315 unsigned short type, char *name)
316{
317 unsigned char *sav, *cp;
318 int j;
319
320 PUTSHORT(nameoffset | 0xc000, p);
321 PUTSHORT(type, p);
322 PUTSHORT(C_IN, p);
323 PUTLONG(ttl, p); /* TTL */
324
325 sav = p;
326 PUTSHORT(0, p); /* dummy RDLENGTH */
327
328 if (pref)
329 PUTSHORT(pref, p);
330
331 while (*name)
332 {
333 cp = p++;
334 for (j=0; *name && (*name != '.'); name++, j++)
335 *p++ = *name;
336 *cp = j;
337 if (*name)
338 name++;
339 }
340 *p++ = 0;
341 j = p - sav - 2;
342 PUTSHORT(j, sav); /* Real RDLENGTH */
343
344 return p;
345}
346
347/* On receiving an NXDOMAIN or NODATA reply, determine which names are known
348 not to exist for negative caching. name if a working buffer passed in. */
349void extract_neg_addrs(HEADER *header, unsigned int qlen, char *name, time_t now)
350{
351 unsigned char *p;
352 int i, found_soa = 0;
353 int qtype, qclass, rdlen;
354 unsigned long ttl, minttl = 0;
355 unsigned short flags = F_NEG;
356
357 if (header->rcode == NXDOMAIN)
358 flags |= F_NXDOMAIN;
359
360 /* there may be more than one question with some questions
361 answered. We don't generate negative entries from those. */
362 if (ntohs(header->ancount) != 0)
363 return;
364
365 if (!(p = skip_questions(header, qlen)))
366 return; /* bad packet */
367
368 /* we first need to find SOA records, to get min TTL, then we
369 add a NEG cache entry for each question. */
370
371 for (i=0; i<ntohs(header->nscount); i++)
372 {
373 if (!extract_name(header, qlen, &p, name, 1))
374 return; /* bad packet */
375
376 GETSHORT(qtype, p);
377 GETSHORT(qclass, p);
378 GETLONG(ttl, p);
379 GETSHORT(rdlen, p);
380
381 if ((qclass == C_IN) && (qtype == T_SOA))
382 {
383 int dummy;
384 /* MNAME */
385 if (!extract_name(header, qlen, &p, name, 1))
386 return;
387 /* RNAME */
388 if (!extract_name(header, qlen, &p, name, 1))
389 return;
390 GETLONG(dummy, p); /* SERIAL */
391 GETLONG(dummy, p); /* REFRESH */
392 GETLONG(dummy, p); /* RETRY */
393 GETLONG(dummy, p); /* EXPIRE */
394 if (!found_soa)
395 {
396 found_soa = 1;
397 minttl = ttl;
398 }
399 else if (ttl < minttl)
400 minttl = ttl;
401 GETLONG(ttl, p); /* minTTL */
402 if (ttl < minttl)
403 minttl = ttl;
404 }
405 else
406 p += rdlen;
407
408 if ((unsigned int)(p - (unsigned char *)header) > qlen)
409 return; /* bad packet */
410 }
411
412 if (!found_soa)
413 return; /* failed to find SOA */
414
415 cache_start_insert();
416
417 p = (unsigned char *)(header+1);
418
419 for (i=0; i<ntohs(header->qdcount); i++)
420 {
421 struct all_addr addr;
422 int is_arpa;
423
424 if (!extract_name(header, qlen, &p, name, 1))
425 return; /* bad packet */
426
427 GETSHORT(qtype, p);
428 GETSHORT(qclass, p);
429
430 if (qclass == C_IN && qtype == T_PTR && (is_arpa = in_arpa_name_2_addr(name, &addr)))
431 cache_insert(name, &addr, now, minttl , is_arpa | F_REVERSE | flags);
432 else if (qclass == C_IN && qtype == T_A)
433 cache_insert(name, NULL, now, minttl, F_IPV4 | F_FORWARD | flags);
434#ifdef HAVE_IPV6
435 else if (qclass == C_IN && qtype == T_AAAA)
436 cache_insert(name, NULL, now, minttl, F_IPV6 | F_FORWARD | flags);
437#endif
438 }
439
440 cache_end_insert();
441}
442
443void extract_addresses(HEADER *header, unsigned int qlen, char *name, time_t now)
444{
445 unsigned char *p, *psave, *endrr;
446 int qtype, qclass, rdlen;
447 unsigned long ttl;
448 int i;
449
450 /* skip over questions */
451 if (!(p = skip_questions(header, qlen)))
452 return; /* bad packet */
453
454 cache_start_insert();
455
456 psave = p;
457
458 for (i=0; i<ntohs(header->ancount); i++)
459 {
460 unsigned char *origname = p;
461 if (!extract_name(header, qlen, &p, name, 1))
462 return; /* bad packet */
463
464 GETSHORT(qtype, p);
465 GETSHORT(qclass, p);
466 GETLONG(ttl, p);
467 GETSHORT(rdlen, p);
468
469 endrr = p + rdlen;
470 if ((unsigned int)(endrr - (unsigned char *)header) > qlen)
471 return; /* bad packet */
472
473 if (qclass != C_IN)
474 {
475 p = endrr;
476 continue;
477 }
478
479 if (qtype == T_A) /* A record. */
480 cache_insert(name, (struct all_addr *)p, now,
481 ttl, F_IPV4 | F_FORWARD);
482#ifdef HAVE_IPV6
483 else if (qtype == T_AAAA) /* IPV6 address record. */
484 cache_insert(name, (struct all_addr *)p, now,
485 ttl, F_IPV6 | F_FORWARD);
486#endif
487 else if (qtype == T_PTR)
488 {
489 /* PTR record */
490 struct all_addr addr;
491 int name_encoding = in_arpa_name_2_addr(name, &addr);
492 if (name_encoding)
493 {
494 if (!extract_name(header, qlen, &p, name, 1))
495 return; /* bad packet */
496 cache_insert(name, &addr, now,
497 ttl, name_encoding | F_REVERSE);
498 }
499 }
500 else if (qtype == T_CNAME)
501 {
502 /* CNAME, search whole answer section again */
503 unsigned char *endrr1;
504 unsigned long cttl;
505 int j;
506 unsigned char *targp = p;
507
508 p = psave; /* rewind p */
509 for (j=0; j<ntohs(header->ancount); j++)
510 {
511 int res;
512 unsigned char *tmp = targp;
513 /* copy since it gets altered by extract_name */
514 /* get CNAME target each time round */
515 if (!extract_name(header, qlen, &tmp, name, 1))
516 return; /* bad packet */
517 /* compare this name with target of CNAME in name buffer */
518 if (!(res = extract_name(header, qlen, &p, name, 0)))
519 return; /* bad packet */
520
521 GETSHORT(qtype, p);
522 GETSHORT(qclass, p);
523 GETLONG(cttl, p);
524 GETSHORT(rdlen, p);
525
526 endrr1 = p+rdlen;
527 if ((unsigned int)(endrr1 - (unsigned char *)header) > qlen)
528 return; /* bad packet */
529
530 /* is this RR name same as target of CNAME */
531 if ((qclass != C_IN) || (res == 2))
532 {
533 p = endrr1;
534 continue;
535 }
536
537 /* match, use name of CNAME, data from this RR
538 use min TTL of two */
539
540 if (ttl < cttl)
541 cttl = ttl;
542
543 /* get orig. name back again */
544 tmp = origname;
545 if (!extract_name(header, qlen, &tmp, name, 1))
546 return;
547
548 if (qtype == T_A) /* A record. */
549 cache_insert(name, (struct all_addr *)p, now,
550 cttl, F_IPV4 | F_FORWARD);
551#ifdef HAVE_IPV6
552 else if (qtype == T_AAAA) /* IPV6 address record. */
553 cache_insert(name, (struct all_addr *)p, now,
554 cttl, F_IPV6 | F_FORWARD);
555#endif
556 else if (qtype == T_PTR)
557 {
558 /* PTR record extract address from CNAME name */
559 struct all_addr addr;
560 int name_encoding = in_arpa_name_2_addr(name, &addr);
561 if (name_encoding)
562 {
563 if (!extract_name(header, qlen, &p, name, 1))
564 return; /* bad packet */
565 cache_insert(name, &addr, now, cttl,
566 name_encoding | F_REVERSE);
567 }
568 }
569 p = endrr1;
570 }
571 }
572 p = endrr;
573 }
574
575 cache_end_insert();
576}
577
578/* If the packet holds exactly one query
579 return 1 and leave the name from the query in name. */
580
581unsigned short extract_request(HEADER *header,unsigned int qlen, char *name)
582{
583 unsigned char *p = (unsigned char *)(header+1);
584 int qtype, qclass;
585
586 if (ntohs(header->qdcount) != 1 || header->opcode != QUERY)
587 return 0; /* must be exactly one query. */
588
589 if (!extract_name(header, qlen, &p, name, 1))
590 return 0; /* bad packet */
591
592 GETSHORT(qtype, p);
593 GETSHORT(qclass, p);
594
595 if (qclass == C_IN)
596 {
597 if (qtype == T_A)
598 return F_IPV4;
599 if (qtype == T_AAAA)
600 return F_IPV6;
601 if (qtype == T_ANY)
602 return F_IPV4 | F_IPV6;
603 }
604
605 return F_QUERY;
606}
607
608
609int setup_reply(HEADER *header, unsigned int qlen,
610 struct all_addr *addrp, unsigned short flags, unsigned long ttl)
611{
612 unsigned char *p = skip_questions(header, qlen);
613
614 header->qr = 1; /* response */
615 header->aa = 0; /* authoritive */
616 header->ra = 1; /* recursion if available */
617 header->tc = 0; /* not truncated */
618 header->nscount = htons(0);
619 header->arcount = htons(0);
620 header->ancount = htons(0); /* no answers unless changed below*/
621 if (flags == F_NEG)
622 header->rcode = SERVFAIL; /* couldn't get memory */
623 else if (flags == F_NOERR)
624 header->rcode = NOERROR; /* empty domain */
625 else if (flags == F_NXDOMAIN)
626 header->rcode = NXDOMAIN;
627 else if (p && flags == F_IPV4)
628 { /* we know the address */
629 header->rcode = NOERROR;
630 header->ancount = htons(1);
631 header->aa = 1;
632 PUTSHORT (sizeof(HEADER) | 0xc000, p);
633 PUTSHORT(T_A, p);
634 PUTSHORT(C_IN, p);
635 PUTLONG(ttl, p); /* TTL */
636 PUTSHORT(INADDRSZ, p);
637 memcpy(p, addrp, INADDRSZ);
638 p += INADDRSZ;
639 }
640#ifdef HAVE_IPV6
641 else if (p && flags == F_IPV6)
642 {
643 header->rcode = NOERROR;
644 header->ancount = htons(1);
645 header->aa = 1;
646 PUTSHORT (sizeof(HEADER) | 0xc000, p);
647 PUTSHORT(T_AAAA, p);
648 PUTSHORT(C_IN, p);
649 PUTLONG(ttl, p); /* TTL */
650 PUTSHORT(IN6ADDRSZ, p);
651 memcpy(p, addrp, IN6ADDRSZ);
652 p += IN6ADDRSZ;
653 }
654#endif
655 else /* nowhere to forward to */
656 header->rcode = REFUSED;
657
658 return p - (unsigned char *)header;
659}
660
661
662/* Is the packet a reply with the answer address equal to addr?
663 If so mung is into an NXDOMAIN reply and also put that information
664 in the cache. */
665int check_for_bogus_wildcard(HEADER *header, unsigned int qlen, char *name,
666 struct bogus_addr *baddr, time_t now)
667{
668 unsigned char *p;
669 int i, qtype, qclass, rdlen;
670 unsigned long ttl;
671 struct bogus_addr *baddrp;
672
673 /* skip over questions */
674 if (!(p = skip_questions(header, qlen)))
675 return 0; /* bad packet */
676
677 for (i=0; i<ntohs(header->ancount); i++)
678 {
679 if (!extract_name(header, qlen, &p, name, 1))
680 return 0; /* bad packet */
681
682 GETSHORT(qtype, p);
683 GETSHORT(qclass, p);
684 GETLONG(ttl, p);
685 GETSHORT(rdlen, p);
686
687 if (qclass == C_IN && qtype == T_A)
688 for (baddrp = baddr; baddrp; baddrp = baddrp->next)
689 if (memcmp(&baddrp->addr, p, INADDRSZ) == 0)
690 {
691 /* Found a bogus address. Mangle the packet into an NXDOMAIN reply */
692 header->aa = 0;
693 header->ra = 1; /* recursion if available */
694 header->nscount = htons(0);
695 header->arcount = htons(0);
696 header->ancount = htons(0);
697 header->rcode = NXDOMAIN;
698
699 cache_start_insert();
700 cache_insert(name, NULL, now, ttl, F_IPV4 | F_FORWARD | F_NEG | F_NXDOMAIN | F_CONFIG);
701 cache_end_insert();
702
703 return 1;
704 }
705
706 p += rdlen;
707 }
708
709 return 0;
710}
711
712/* return zero if we can't answer from cache, or packet size if we can */
713int answer_request(HEADER *header, char *limit, unsigned int qlen, char *mxname,
714 char *mxtarget, unsigned int options, time_t now,
715 unsigned long local_ttl, char *name)
716{
717 unsigned char *p, *ansp;
718 int qtype, qclass, is_arpa;
719 struct all_addr addr;
720 unsigned int nameoffset;
721 int q, qdcount = ntohs(header->qdcount);
722 int ans, anscount = 0;
723 struct crec *crecp;
724 int nxdomain = 0, auth = 1;
725
726 if (!qdcount || header->opcode != QUERY )
727 return 0;
728
729 /* determine end of question section (we put answers there) */
730 if (!(ansp = skip_questions(header, qlen)))
731 return 0; /* bad packet */
732
733 /* now process each question, answers go in RRs after the question */
734 p = (unsigned char *)(header+1);
735
736 for (q=0; q<qdcount; q++)
737 {
738 /* save pointer to name for copying into answers */
739 nameoffset = p - (unsigned char *)header;
740
741 /* now extract name as .-concatenated string into name */
742 if (!extract_name(header, qlen, &p, name, 1))
743 return 0; /* bad packet */
744
745 /* see if it's w.z.y.z.in-addr.arpa format */
746
747 is_arpa = in_arpa_name_2_addr(name, &addr);
748
749 GETSHORT(qtype, p);
750 GETSHORT(qclass, p);
751
752 ans = 0; /* have we answered this question */
753
754 if (qclass == C_CHAOS)
755 /* special query to get version. */
756 {
757 if (qtype == T_TXT)
758 {
759 int len;
760 if (hostname_isequal(name, "version.bind"))
761 sprintf(name, "dnsmasq-%s", VERSION);
762 else if (hostname_isequal(name, "authors.bind"))
763 sprintf(name, "Simon Kelley");
764 else
765 *name = 0;
766 len = strlen(name);
767 PUTSHORT(nameoffset | 0xc000, ansp);
768 PUTSHORT(T_TXT, ansp);
769 PUTSHORT(C_CHAOS, ansp);
770 PUTLONG(0, ansp);
771 PUTSHORT(len+1, ansp);
772 *ansp++ = len;
773 memcpy(ansp, name, len);
774 ansp += len;
775 ans = 1;
776 anscount++;
777
778 if (((unsigned char *)limit - ansp) < 0)
779 return 0;
780 }
781 else
782 return 0;
783 }
784 else if (qclass != C_IN)
785 return 0; /* we can't answer non-inet queries */
786 else
787 {
788
789 if ((options & OPT_FILTER) && (qtype == T_SOA || qtype == T_SRV))
790 ans = 1;
791
792 if (qtype == T_PTR || qtype == T_ANY)
793 {
794 crecp = NULL;
795 while ((crecp = cache_find_by_addr(crecp, &addr, now, is_arpa)))
796 {
797 unsigned long ttl;
798 /* Return 0 ttl for DHCP entries, which might change
799 before the lease expires. */
800 if (crecp->flags & (F_IMMORTAL | F_DHCP))
801 ttl = local_ttl;
802 else
803 ttl = crecp->ttd - now;
804
805 /* don't answer wildcard queries with data not from /etc/hosts
806 or dhcp leases */
807 if (qtype == T_ANY && !(crecp->flags & (F_HOSTS | F_DHCP)))
808 return 0;
809
810 ans = 1;
811 if (crecp->flags & F_NEG)
812 {
813 log_query(crecp->flags & ~F_FORWARD, name, &addr);
814 auth = 0;
815 if (crecp->flags & F_NXDOMAIN)
816 nxdomain = 1;
817 }
818 else
819 {
820 if (!(crecp->flags & (F_HOSTS | F_DHCP)))
821 auth = 0;
822 ansp = add_text_record(nameoffset, ansp, ttl, 0, T_PTR,
823 cache_get_name(crecp));
824
825 log_query(crecp->flags & ~F_FORWARD, cache_get_name(crecp), &addr);
826 anscount++;
827
828 /* if last answer exceeded packet size, give up */
829 if (((unsigned char *)limit - ansp) < 0)
830 return 0;
831 }
832 }
833
834 /* if not in cache, enabled and private IPV4 address, fake up answer */
835 if (ans == 0 && is_arpa == F_IPV4 &&
836 (options & OPT_BOGUSPRIV) &&
837 private_net(&addr))
838 {
839 struct in_addr addr4 = *((struct in_addr *)&addr);
840 ansp = add_text_record(nameoffset, ansp, local_ttl, 0, T_PTR, inet_ntoa(addr4));
841 log_query(F_CONFIG | F_REVERSE | F_IPV4, inet_ntoa(addr4), &addr);
842 anscount++;
843 ans = 1;
844
845 if (((unsigned char *)limit - ansp) < 0)
846 return 0;
847 }
848 }
849
850 if (qtype == T_A || qtype == T_ANY)
851 {
852 /* T_ANY queries for hostnames with underscores are spam
853 from win2k - don't forward them. */
854 if ((options & OPT_FILTER) &&
855 qtype == T_ANY &&
856 (strchr(name, '_') != NULL))
857 ans = 1;
858 else
859 {
860 crecp = NULL;
861 while ((crecp = cache_find_by_name(crecp, name, now, F_IPV4)))
862 {
863 unsigned long ttl;
864 if (crecp->flags & (F_IMMORTAL | F_DHCP))
865 ttl = local_ttl;
866 else
867 ttl = crecp->ttd - now;
868
869 /* don't answer wildcard queries with data not from /etc/hosts
870 or DHCP leases */
871 if (qtype == T_ANY && !(crecp->flags & (F_HOSTS | F_DHCP)))
872 return 0;
873
874 /* If we have negative cache entry, it's OK
875 to return no answer. */
876 ans = 1;
877
878 if (crecp->flags & F_NEG)
879 {
880 log_query(crecp->flags, name, NULL);
881 auth = 0;
882 if (crecp->flags & F_NXDOMAIN)
883 nxdomain = 1;
884 }
885 else
886 {
887 if (!(crecp->flags & (F_HOSTS | F_DHCP)))
888 auth = 0;
889 log_query(crecp->flags & ~F_REVERSE, name, &crecp->addr);
890
891 /* copy question as first part of answer (use compression) */
892 PUTSHORT(nameoffset | 0xc000, ansp);
893 PUTSHORT(T_A, ansp);
894 PUTSHORT(C_IN, ansp);
895 PUTLONG(ttl, ansp); /* TTL */
896
897 PUTSHORT(INADDRSZ, ansp);
898 memcpy(ansp, &crecp->addr, INADDRSZ);
899 ansp += INADDRSZ;
900 anscount++;
901
902 if (((unsigned char *)limit - ansp) < 0)
903 return 0;
904 }
905
906 }
907 }
908 }
909
910#ifdef HAVE_IPV6
911 if (qtype == T_AAAA || qtype == T_ANY)
912 {
913 /* T_ANY queries for hostnames with underscores are spam
914 from win2k - don't forward them. */
915 if ((options & OPT_FILTER) &&
916 qtype == T_ANY
917 && (strchr(name, '_') != NULL))
918 ans = 1;
919 else
920 {
921 crecp = NULL;
922 while ((crecp = cache_find_by_name(crecp, name, now, F_IPV6)))
923 {
924 unsigned long ttl;
925 if (crecp->flags & (F_IMMORTAL | F_DHCP))
926 ttl = local_ttl;
927 else
928 ttl = crecp->ttd - now;
929
930 /* don't answer wildcard queries with data not from /etc/hosts
931 or DHCP leases */
932 if (qtype == T_ANY && !(crecp->flags & (F_HOSTS | F_DHCP)))
933 return 0;
934
935 /* If we have negative cache entry, it's OK
936 to return no answer. */
937 ans = 1;
938
939 if (crecp->flags & F_NEG)
940 {
941 log_query(crecp->flags, name, NULL);
942 auth = 0;
943 if (crecp->flags & F_NXDOMAIN)
944 nxdomain = 1;
945 }
946 else
947 {
948 if (!(crecp->flags & (F_HOSTS | F_DHCP)))
949 auth = 0;
950 log_query(crecp->flags & ~F_REVERSE, name, &crecp->addr);
951
952 /* copy question as first part of answer (use compression) */
953 PUTSHORT(nameoffset | 0xc000, ansp);
954 PUTSHORT(T_AAAA, ansp);
955 PUTSHORT(C_IN, ansp);
956 PUTLONG(ttl, ansp); /* TTL */
957
958 PUTSHORT(IN6ADDRSZ, ansp);
959 memcpy(ansp, &crecp->addr, IN6ADDRSZ);
960 ansp += IN6ADDRSZ;
961 anscount++;
962
963 if (((unsigned char *)limit - ansp) < 0)
964 return 0;
965 }
966 }
967 }
968 }
969#endif
970
971 if (qtype == T_MX || qtype == T_ANY)
972 {
973 if (mxname && hostname_isequal(name, mxname))
974 {
975 ansp = add_text_record(nameoffset, ansp, local_ttl, 1, T_MX, mxtarget);
976 anscount++;
977 ans = 1;
978 }
979 else if ((options & (OPT_SELFMX | OPT_LOCALMX)) &&
980 cache_find_by_name(NULL, name, now, F_HOSTS | F_DHCP))
981 {
982 ansp = add_text_record(nameoffset, ansp, local_ttl, 1, T_MX,
983 (options & OPT_SELFMX) ? name : mxtarget);
984 anscount++;
985 ans = 1;
986 }
987 if (((unsigned char *)limit - ansp) < 0)
988 return 0;
989 }
990
991 if (qtype == T_MAILB)
992 ans = 1, nxdomain = 1;
993
994 }
995
996 if (!ans)
997 return 0; /* failed to answer a question */
998
999 }
1000
1001 /* done all questions, set up header and return length of result */
1002 header->qr = 1; /* response */
1003 header->aa = auth; /* authoritive - only hosts and DHCP derived names. */
1004 header->ra = 1; /* recursion if available */
1005 header->tc = 0; /* truncation */
1006 if (anscount == 0 && nxdomain)
1007 header->rcode = NXDOMAIN;
1008 else
1009 header->rcode = NOERROR; /* no error */
1010 header->ancount = htons(anscount);
1011 header->nscount = htons(0);
1012 header->arcount = htons(0);
1013 return ansp - (unsigned char *)header;
1014}
1015
1016
1017
1018
1019