1 /*************************************************
2 * fakens - A Fake Nameserver Program *
3 *************************************************/
5 /* This program exists to support the testing of DNS handling code in Exim. It
6 avoids the need to install special zones in a real nameserver. When Exim is
7 running in its (new) test harness, DNS lookups are first passed to this program
8 instead of to the real resolver. (With a few exceptions - see the discussion in
9 the test suite's README file.) The program is also passed the name of the Exim
10 spool directory; it expects to find its "zone files" in ../dnszones relative to
11 that directory. Note that there is little checking in this program. The fake
12 zone files are assumed to be syntactically valid.
14 The zones that are handled are found by scanning the dnszones directory. A file
15 whose name is of the form db.ip4.x is a zone file for .x.in-addr.arpa; a file
16 whose name is of the form db.ip6.x is a zone file for .x.ip6.arpa; a file of
17 the form db.anything.else is a zone file for .anything.else. A file of the form
18 qualify.x.y specifies the domain that is used to qualify single-component
19 names, except for the name "dontqualify".
21 The arguments to the program are:
23 the name of the Exim spool directory
24 the domain name that is being sought
25 the DNS record type that is being sought
27 The output from the program is written to stdout. It is supposed to be in
28 exactly the same format as a traditional namserver response (see RFC 1035) so
29 that Exim can process it as normal. At present, no compression is used.
30 Error messages are written to stderr.
32 The return codes from the program are zero for success, and otherwise the
33 values that are set in h_errno after a failing call to the normal resolver:
35 1 HOST_NOT_FOUND host not found (authoritative)
36 2 TRY_AGAIN server failure
37 3 NO_RECOVERY non-recoverable error
38 4 NO_DATA valid name, no data of requested type
40 In a real nameserver, TRY_AGAIN is also used for a non-authoritative not found,
41 but it is not used for that here. There is also one extra return code:
43 5 PASS_ON requests Exim to call res_search()
45 This is used for zones that fakens does not recognize. It is also used if a
46 line in the zone file contains exactly this:
50 and the domain is not found. It converts the the result to PASS_ON instead of
53 Any DNS record line in a zone file can be prefixed with "DELAY=" and
54 a number of milliseconds (followed by whitespace).
56 Any DNS record line in a zone file can be prefixed with "DNSSEC" and
57 at least one space; if all the records found by a lookup are marked
58 as such then the response will have the "AD" bit set. */
67 #include <arpa/nameser.h>
68 #include <sys/types.h>
77 typedef unsigned char uschar;
80 #define CCS (const char *)
81 #define US (unsigned char *)
83 #define Ustrcat(s,t) strcat(CS(s),CCS(t))
84 #define Ustrchr(s,n) US strchr(CCS(s),n)
85 #define Ustrcmp(s,t) strcmp(CCS(s),CCS(t))
86 #define Ustrcpy(s,t) strcpy(CS(s),CCS(t))
87 #define Ustrlen(s) (int)strlen(CCS(s))
88 #define Ustrncmp(s,t,n) strncmp(CCS(s),CCS(t),n)
89 #define Ustrncpy(s,t,n) strncpy(CS(s),CCS(t),n)
91 typedef struct zoneitem {
96 typedef struct tlist {
101 /* On some (older?) operating systems, the standard ns_t_xxx definitions are
102 not available, and only the older T_xxx ones exist in nameser.h. If ns_t_a is
103 not defined, assume we are in this state. A really old system might not even
104 know about AAAA and SRV at all. */
108 # define ns_t_ns T_NS
109 # define ns_t_cname T_CNAME
110 # define ns_t_soa T_SOA
111 # define ns_t_ptr T_PTR
112 # define ns_t_mx T_MX
113 # define ns_t_txt T_TXT
114 # define ns_t_aaaa T_AAAA
115 # define ns_t_srv T_SRV
116 # define ns_t_tlsa T_TLSA
128 static tlist type_list[] = {
131 { US"CNAME", ns_t_cname },
132 /* { US"SOA", ns_t_soa }, Not currently in use */
133 { US"PTR", ns_t_ptr },
135 { US"TXT", ns_t_txt },
136 { US"AAAA", ns_t_aaaa },
137 { US"SRV", ns_t_srv },
138 { US"TLSA", ns_t_tlsa },
144 /*************************************************
145 * Get memory and sprintf into it *
146 *************************************************/
148 /* This is used when building a table of zones and their files.
151 format a format string
154 Returns: pointer to formatted string
158 fcopystring(uschar *format, ...)
163 va_start(ap, format);
164 vsprintf(buffer, CS format, ap);
166 yield = (uschar *)malloc(Ustrlen(buffer) + 1);
167 Ustrcpy(yield, buffer);
172 /*************************************************
173 * Pack name into memory *
174 *************************************************/
176 /* This function packs a domain name into memory according to DNS rules. At
177 present, it doesn't do any compression.
183 Returns: the updated value of pk
187 packname(uschar *name, uschar *pk)
192 while (*p != 0 && *p != '.') p++;
194 memmove(pk, name, p - name);
196 name = (*p == 0)? p : p + 1;
203 bytefield(uschar ** pp, uschar * pk)
208 while (isdigit(*p)) value = value*10 + *p++ - '0';
209 while (isspace(*p)) p++;
216 shortfield(uschar ** pp, uschar * pk)
221 while (isdigit(*p)) value = value*10 + *p++ - '0';
222 while (isspace(*p)) p++;
224 *pk++ = (value >> 8) & 255;
231 /*************************************************/
234 milliwait(struct itimerval *itval)
237 sigset_t old_sigmask;
239 if (itval->it_value.tv_usec < 100 && itval->it_value.tv_sec == 0)
241 (void)sigemptyset(&sigmask); /* Empty mask */
242 (void)sigaddset(&sigmask, SIGALRM); /* Add SIGALRM */
243 (void)sigprocmask(SIG_BLOCK, &sigmask, &old_sigmask); /* Block SIGALRM */
244 (void)setitimer(ITIMER_REAL, itval, NULL); /* Start timer */
245 (void)sigfillset(&sigmask); /* All signals */
246 (void)sigdelset(&sigmask, SIGALRM); /* Remove SIGALRM */
247 (void)sigsuspend(&sigmask); /* Until SIGALRM */
248 (void)sigprocmask(SIG_SETMASK, &old_sigmask, NULL); /* Restore mask */
254 struct itimerval itval;
255 itval.it_interval.tv_sec = 0;
256 itval.it_interval.tv_usec = 0;
257 itval.it_value.tv_sec = msec/1000;
258 itval.it_value.tv_usec = (msec % 1000) * 1000;
263 /*************************************************
264 * Scan file for RRs *
265 *************************************************/
267 /* This function scans an open "zone file" for appropriate records, and adds
268 any that are found to the output buffer.
272 zone the current zone name
273 domain the domain we are looking for
274 qtype the type of RR we want
275 qtypelen the length of qtype
276 pkptr points to the output buffer pointer; this is updated
277 countptr points to the record count; this is updated
279 Returns: 0 on success, else HOST_NOT_FOUND or NO_DATA or NO_RECOVERY or
280 PASS_ON - the latter if a "PASS ON NOT FOUND" line is seen
284 find_records(FILE *f, uschar *zone, uschar *domain, uschar *qtype,
285 int qtypelen, uschar **pkptr, int *countptr, BOOL * dnssec)
287 int yield = HOST_NOT_FOUND;
288 int domainlen = Ustrlen(domain);
289 BOOL pass_on_not_found = FALSE;
293 uschar rrdomain[256];
294 uschar RRdomain[256];
296 /* Decode the required type */
298 for (typeptr = type_list; typeptr->name != NULL; typeptr++)
299 { if (Ustrcmp(typeptr->name, qtype) == 0) break; }
300 if (typeptr->name == NULL)
302 fprintf(stderr, "fakens: unknown record type %s\n", qtype);
306 rrdomain[0] = 0; /* No previous domain */
307 (void)fseek(f, 0, SEEK_SET); /* Start again at the beginning */
309 *dnssec = TRUE; /* cancelled by first nonsecure rec found */
313 while (fgets(CS buffer, sizeof(buffer), f) != NULL)
317 BOOL found_cname = FALSE;
319 int tvalue = typeptr->value;
320 int qtlen = qtypelen;
325 while (isspace(*p)) p++;
326 if (*p == 0 || *p == ';') continue;
328 if (Ustrncmp(p, US"PASS ON NOT FOUND", 17) == 0)
330 pass_on_not_found = TRUE;
334 ep = buffer + Ustrlen(buffer);
335 while (isspace(ep[-1])) ep--;
341 if (Ustrncmp(p, US"DNSSEC ", 7) == 0) /* tagged as secure */
346 else if (Ustrncmp(p, US"DELAY=", 6) == 0) /* delay beforee response */
348 for (p += 6; *p >= '0' && *p <= '9'; p++)
349 delay = delay*10 + *p - '0';
350 while (isspace(*p)) p++;
358 uschar *pp = rrdomain;
359 uschar *PP = RRdomain;
377 /* Compare domain names; first check for a wildcard */
379 if (rrdomain[0] == '*')
381 int restlen = Ustrlen(rrdomain) - 1;
382 if (domainlen > restlen &&
383 Ustrcmp(domain + domainlen - restlen, rrdomain + 1) != 0) continue;
386 /* Not a wildcard RR */
388 else if (Ustrcmp(domain, rrdomain) != 0) continue;
390 /* The domain matches */
392 if (yield == HOST_NOT_FOUND) yield = NO_DATA;
394 /* Compare RR types; a CNAME record is always returned */
396 while (isspace(*p)) p++;
398 if (Ustrncmp(p, "CNAME", 5) == 0)
404 else if (Ustrncmp(p, qtype, qtypelen) != 0 || !isspace(p[qtypelen])) continue;
406 /* Found a relevant record */
412 *dnssec = FALSE; /* cancel AD return */
415 *countptr = *countptr + 1;
418 while (isspace(*p)) p++;
420 /* For a wildcard record, use the search name; otherwise use the record's
421 name in its original case because it might contain upper case letters. */
423 pk = packname((rrdomain[0] == '*')? domain : RRdomain, pk);
424 *pk++ = (tvalue >> 8) & 255;
425 *pk++ = (tvalue) & 255;
427 *pk++ = 1; /* class = IN */
429 pk += 4; /* TTL field; don't care */
431 rdlptr = pk; /* remember rdlength field */
434 /* The rest of the data depends on the type */
438 case ns_t_soa: /* Not currently used */
442 for (i = 0; i < 4; i++)
445 while (isdigit(*p)) value = value*10 + *p++ - '0';
451 /* The only occurrence of a double colon is for ::1 */
453 if (Ustrcmp(p, "::1") == 0)
459 else for (i = 0; i < 8; i++)
464 value = value * 16 + toupper(*p) - (isdigit(*p)? '0' : '7');
467 *pk++ = (value >> 8) & 255;
474 pk = shortfield(&p, pk);
475 if (ep[-1] != '.') sprintf(CS ep, "%s.", zone);
476 pk = packname(p, pk);
482 if (*p == '"') p++; /* Should always be the case */
483 while (*p != 0 && *p != '"') *pk++ = *p++;
488 pk = bytefield(&p, pk); /* usage */
489 pk = bytefield(&p, pk); /* selector */
490 pk = bytefield(&p, pk); /* match type */
493 value = toupper(*p) - (isdigit(*p) ? '0' : '7') << 4;
496 value |= toupper(*p) - (isdigit(*p) ? '0' : '7');
505 for (i = 0; i < 3; i++)
508 while (isdigit(*p)) value = value*10 + *p++ - '0';
509 while (isspace(*p)) p++;
510 *pk++ = (value >> 8) & 255;
519 if (ep[-1] != '.') sprintf(CS ep, "%s.", zone);
520 pk = packname(p, pk);
525 /* Fill in the length, and we are done with this RR */
527 rdlptr[0] = ((pk - rdlptr - 2) >> 8) & 255;
528 rdlptr[1] = (pk -rdlptr - 2) & 255;
532 return (yield == HOST_NOT_FOUND && pass_on_not_found)? PASS_ON : yield;
541 /*************************************************
542 * Entry point and main program *
543 *************************************************/
546 main(int argc, char **argv)
550 int domlen, qtypelen;
556 uschar *qualify = NULL;
558 uschar *zonefile = NULL;
566 signal(SIGALRM, alarmfn);
570 fprintf(stderr, "fakens: expected 3 arguments, received %d\n", argc-1);
576 (void)sprintf(CS buffer, "%s/../dnszones", argv[1]);
578 d = opendir(CCS buffer);
581 fprintf(stderr, "fakens: failed to opendir %s: %s\n", buffer,
586 while ((de = readdir(d)) != NULL)
588 uschar *name = US de->d_name;
589 if (Ustrncmp(name, "qualify.", 8) == 0)
591 qualify = fcopystring(US "%s", name + 7);
594 if (Ustrncmp(name, "db.", 3) != 0) continue;
595 if (Ustrncmp(name + 3, "ip4.", 4) == 0)
596 zones[zonecount].zone = fcopystring(US "%s.in-addr.arpa", name + 6);
597 else if (Ustrncmp(name + 3, "ip6.", 4) == 0)
598 zones[zonecount].zone = fcopystring(US "%s.ip6.arpa", name + 6);
600 zones[zonecount].zone = fcopystring(US "%s", name + 2);
601 zones[zonecount++].zonefile = fcopystring(US "%s", name);
605 /* Get the RR type and upper case it, and check that we recognize it. */
607 Ustrncpy(qtype, argv[3], sizeof(qtype));
608 qtypelen = Ustrlen(qtype);
609 for (p = qtype; *p != 0; p++) *p = toupper(*p);
611 /* Find the domain, lower case it, check that it is in a zone that we handle,
612 and set up the zone file name. The zone names in the table all start with a
615 domlen = Ustrlen(argv[2]);
616 if (argv[2][domlen-1] == '.') domlen--;
617 Ustrncpy(domain, argv[2], domlen);
619 for (i = 0; i < domlen; i++) domain[i] = tolower(domain[i]);
621 if (Ustrchr(domain, '.') == NULL && qualify != NULL &&
622 Ustrcmp(domain, "dontqualify") != 0)
624 Ustrcat(domain, qualify);
625 domlen += Ustrlen(qualify);
628 for (i = 0; i < zonecount; i++)
631 zone = zones[i].zone;
632 zlen = Ustrlen(zone);
633 if (Ustrcmp(domain, zone+1) == 0 || (domlen >= zlen &&
634 Ustrcmp(domain + domlen - zlen, zone) == 0))
636 zonefile = zones[i].zonefile;
641 if (zonefile == NULL)
643 fprintf(stderr, "fakens: query not in faked zone: domain is: %s\n", domain);
647 (void)sprintf(CS buffer, "%s/../dnszones/%s", argv[1], zonefile);
649 /* Initialize the start of the response packet. We don't have to fake up
650 everything, because we know that Exim will look only at the answer and
651 additional section parts. */
653 memset(packet, 0, 12);
656 /* Open the zone file. */
658 f = fopen(CS buffer, "r");
661 fprintf(stderr, "fakens: failed to open %s: %s\n", buffer, strerror(errno));
665 /* Find the records we want, and add them to the result. */
668 yield = find_records(f, zone, domain, qtype, qtypelen, &pk, &count, &dnssec);
669 if (yield == NO_RECOVERY) goto END_OFF;
671 packet[6] = (count >> 8) & 255;
672 packet[7] = count & 255;
674 /* There is no need to return any additional records because Exim no longer
675 (from release 4.61) makes any use of them. */
681 ((HEADER *)packet)->ad = 1;
683 /* Close the zone file, write the result, and return. */
687 (void)fwrite(packet, 1, pk - packet, stdout);
693 /* End of fakens.c */