1 /*************************************************
2 * fakens - A Fake Nameserver Program *
3 *************************************************/
5 /* This program exists to support the testing of DNS handling code in Exim. It
6 avoids the need to install special zones in a real nameserver. When Exim is
7 running in its (new) test harness, DNS lookups are first passed to this program
8 instead of to the real resolver. (With a few exceptions - see the discussion in
9 the test suite's README file.) The program is also passed the name of the Exim
10 spool directory; it expects to find its "zone files" in ../dnszones relative to
11 that directory. Note that there is little checking in this program. The fake
12 zone files are assumed to be syntactically valid.
14 The zones that are handled are found by scanning the dnszones directory. A file
15 whose name is of the form db.ip4.x is a zone file for .x.in-addr.arpa; a file
16 whose name is of the form db.ip6.x is a zone file for .x.ip6.arpa; a file of
17 the form db.anything.else is a zone file for .anything.else. A file of the form
18 qualify.x.y specifies the domain that is used to qualify single-component
19 names, except for the name "dontqualify".
21 The arguments to the program are:
23 the name of the Exim spool directory
24 the domain name that is being sought
25 the DNS record type that is being sought
27 The output from the program is written to stdout. It is supposed to be in
28 exactly the same format as a traditional namserver response (see RFC 1035) so
29 that Exim can process it as normal. At present, no compression is used.
30 Error messages are written to stderr.
32 The return codes from the program are zero for success, and otherwise the
33 values that are set in h_errno after a failing call to the normal resolver:
35 1 HOST_NOT_FOUND host not found (authoritative)
36 2 TRY_AGAIN server failure
37 3 NO_RECOVERY non-recoverable error
38 4 NO_DATA valid name, no data of requested type
40 In a real nameserver, TRY_AGAIN is also used for a non-authoritative not found,
41 but it is not used for that here. There is also one extra return code:
43 5 PASS_ON requests Exim to call res_search()
45 This is used for zones that fakens does not recognize. It is also used if a
46 line in the zone file contains exactly this:
50 and the domain is not found. It converts the the result to PASS_ON instead of
53 Any DNS record line in a zone file can be prefixed with "DELAY=" and
54 a number of milliseconds (followed by whitespace).
56 Any DNS record line in a zone file can be prefixed with "DNSSEC" and
57 at least one space; if all the records found by a lookup are marked
58 as such then the response will have the "AD" bit set. */
68 #include <arpa/nameser.h>
69 #include <sys/types.h>
78 typedef unsigned char uschar;
81 #define CCS (const char *)
82 #define US (unsigned char *)
84 #define Ustrcat(s,t) strcat(CS(s),CCS(t))
85 #define Ustrchr(s,n) US strchr(CCS(s),n)
86 #define Ustrcmp(s,t) strcmp(CCS(s),CCS(t))
87 #define Ustrcpy(s,t) strcpy(CS(s),CCS(t))
88 #define Ustrlen(s) (int)strlen(CCS(s))
89 #define Ustrncmp(s,t,n) strncmp(CCS(s),CCS(t),n)
90 #define Ustrncpy(s,t,n) strncpy(CS(s),CCS(t),n)
92 typedef struct zoneitem {
97 typedef struct tlist {
102 /* On some (older?) operating systems, the standard ns_t_xxx definitions are
103 not available, and only the older T_xxx ones exist in nameser.h. If ns_t_a is
104 not defined, assume we are in this state. A really old system might not even
105 know about AAAA and SRV at all. */
109 # define ns_t_ns T_NS
110 # define ns_t_cname T_CNAME
111 # define ns_t_soa T_SOA
112 # define ns_t_ptr T_PTR
113 # define ns_t_mx T_MX
114 # define ns_t_txt T_TXT
115 # define ns_t_aaaa T_AAAA
116 # define ns_t_srv T_SRV
117 # define ns_t_tlsa T_TLSA
129 static tlist type_list[] = {
132 { US"CNAME", ns_t_cname },
133 /* { US"SOA", ns_t_soa }, Not currently in use */
134 { US"PTR", ns_t_ptr },
136 { US"TXT", ns_t_txt },
137 { US"AAAA", ns_t_aaaa },
138 { US"SRV", ns_t_srv },
139 { US"TLSA", ns_t_tlsa },
145 /*************************************************
146 * Get memory and sprintf into it *
147 *************************************************/
149 /* This is used when building a table of zones and their files.
152 format a format string
155 Returns: pointer to formatted string
159 fcopystring(uschar *format, ...)
164 va_start(ap, format);
165 vsprintf(buffer, CS format, ap);
167 yield = (uschar *)malloc(Ustrlen(buffer) + 1);
168 Ustrcpy(yield, buffer);
173 /*************************************************
174 * Pack name into memory *
175 *************************************************/
177 /* This function packs a domain name into memory according to DNS rules. At
178 present, it doesn't do any compression.
184 Returns: the updated value of pk
188 packname(uschar *name, uschar *pk)
193 while (*p != 0 && *p != '.') p++;
195 memmove(pk, name, p - name);
197 name = (*p == 0)? p : p + 1;
204 bytefield(uschar ** pp, uschar * pk)
209 while (isdigit(*p)) value = value*10 + *p++ - '0';
210 while (isspace(*p)) p++;
217 shortfield(uschar ** pp, uschar * pk)
222 while (isdigit(*p)) value = value*10 + *p++ - '0';
223 while (isspace(*p)) p++;
225 *pk++ = (value >> 8) & 255;
232 /*************************************************/
235 milliwait(struct itimerval *itval)
238 sigset_t old_sigmask;
240 if (itval->it_value.tv_usec < 100 && itval->it_value.tv_sec == 0)
242 (void)sigemptyset(&sigmask); /* Empty mask */
243 (void)sigaddset(&sigmask, SIGALRM); /* Add SIGALRM */
244 (void)sigprocmask(SIG_BLOCK, &sigmask, &old_sigmask); /* Block SIGALRM */
245 (void)setitimer(ITIMER_REAL, itval, NULL); /* Start timer */
246 (void)sigfillset(&sigmask); /* All signals */
247 (void)sigdelset(&sigmask, SIGALRM); /* Remove SIGALRM */
248 (void)sigsuspend(&sigmask); /* Until SIGALRM */
249 (void)sigprocmask(SIG_SETMASK, &old_sigmask, NULL); /* Restore mask */
255 struct itimerval itval;
256 itval.it_interval.tv_sec = 0;
257 itval.it_interval.tv_usec = 0;
258 itval.it_value.tv_sec = msec/1000;
259 itval.it_value.tv_usec = (msec % 1000) * 1000;
264 /*************************************************
265 * Scan file for RRs *
266 *************************************************/
268 /* This function scans an open "zone file" for appropriate records, and adds
269 any that are found to the output buffer.
273 zone the current zone name
274 domain the domain we are looking for
275 qtype the type of RR we want
276 qtypelen the length of qtype
277 pkptr points to the output buffer pointer; this is updated
278 countptr points to the record count; this is updated
280 Returns: 0 on success, else HOST_NOT_FOUND or NO_DATA or NO_RECOVERY or
281 PASS_ON - the latter if a "PASS ON NOT FOUND" line is seen
285 find_records(FILE *f, uschar *zone, uschar *domain, uschar *qtype,
286 int qtypelen, uschar **pkptr, int *countptr, BOOL * dnssec)
288 int yield = HOST_NOT_FOUND;
289 int domainlen = Ustrlen(domain);
290 BOOL pass_on_not_found = FALSE;
294 uschar rrdomain[256];
295 uschar RRdomain[256];
297 /* Decode the required type */
299 for (typeptr = type_list; typeptr->name != NULL; typeptr++)
300 { if (Ustrcmp(typeptr->name, qtype) == 0) break; }
301 if (typeptr->name == NULL)
303 fprintf(stderr, "fakens: unknown record type %s\n", qtype);
307 rrdomain[0] = 0; /* No previous domain */
308 (void)fseek(f, 0, SEEK_SET); /* Start again at the beginning */
310 *dnssec = TRUE; /* cancelled by first nonsecure rec found */
314 while (fgets(CS buffer, sizeof(buffer), f) != NULL)
318 BOOL found_cname = FALSE;
320 int tvalue = typeptr->value;
321 int qtlen = qtypelen;
326 while (isspace(*p)) p++;
327 if (*p == 0 || *p == ';') continue;
329 if (Ustrncmp(p, US"PASS ON NOT FOUND", 17) == 0)
331 pass_on_not_found = TRUE;
335 ep = buffer + Ustrlen(buffer);
336 while (isspace(ep[-1])) ep--;
342 if (Ustrncmp(p, US"DNSSEC ", 7) == 0) /* tagged as secure */
347 else if (Ustrncmp(p, US"DELAY=", 6) == 0) /* delay beforee response */
349 for (p += 6; *p >= '0' && *p <= '9'; p++)
350 delay = delay*10 + *p - '0';
351 while (isspace(*p)) p++;
359 uschar *pp = rrdomain;
360 uschar *PP = RRdomain;
378 /* Compare domain names; first check for a wildcard */
380 if (rrdomain[0] == '*')
382 int restlen = Ustrlen(rrdomain) - 1;
383 if (domainlen > restlen &&
384 Ustrcmp(domain + domainlen - restlen, rrdomain + 1) != 0) continue;
387 /* Not a wildcard RR */
389 else if (Ustrcmp(domain, rrdomain) != 0) continue;
391 /* The domain matches */
393 if (yield == HOST_NOT_FOUND) yield = NO_DATA;
395 /* Compare RR types; a CNAME record is always returned */
397 while (isspace(*p)) p++;
399 if (Ustrncmp(p, "CNAME", 5) == 0)
405 else if (Ustrncmp(p, qtype, qtypelen) != 0 || !isspace(p[qtypelen])) continue;
407 /* Found a relevant record */
413 *dnssec = FALSE; /* cancel AD return */
416 *countptr = *countptr + 1;
419 while (isspace(*p)) p++;
421 /* For a wildcard record, use the search name; otherwise use the record's
422 name in its original case because it might contain upper case letters. */
424 pk = packname((rrdomain[0] == '*')? domain : RRdomain, pk);
425 *pk++ = (tvalue >> 8) & 255;
426 *pk++ = (tvalue) & 255;
428 *pk++ = 1; /* class = IN */
430 pk += 4; /* TTL field; don't care */
432 rdlptr = pk; /* remember rdlength field */
435 /* The rest of the data depends on the type */
439 case ns_t_soa: /* Not currently used */
443 for (i = 0; i < 4; i++)
446 while (isdigit(*p)) value = value*10 + *p++ - '0';
452 /* The only occurrence of a double colon is for ::1 */
454 if (Ustrcmp(p, "::1") == 0)
460 else for (i = 0; i < 8; i++)
465 value = value * 16 + toupper(*p) - (isdigit(*p)? '0' : '7');
468 *pk++ = (value >> 8) & 255;
475 pk = shortfield(&p, pk);
476 if (ep[-1] != '.') sprintf(CS ep, "%s.", zone);
477 pk = packname(p, pk);
483 if (*p == '"') p++; /* Should always be the case */
484 while (*p != 0 && *p != '"') *pk++ = *p++;
489 pk = bytefield(&p, pk); /* usage */
490 pk = bytefield(&p, pk); /* selector */
491 pk = bytefield(&p, pk); /* match type */
494 value = toupper(*p) - (isdigit(*p) ? '0' : '7') << 4;
497 value |= toupper(*p) - (isdigit(*p) ? '0' : '7');
506 for (i = 0; i < 3; i++)
509 while (isdigit(*p)) value = value*10 + *p++ - '0';
510 while (isspace(*p)) p++;
511 *pk++ = (value >> 8) & 255;
520 if (ep[-1] != '.') sprintf(CS ep, "%s.", zone);
521 pk = packname(p, pk);
526 /* Fill in the length, and we are done with this RR */
528 rdlptr[0] = ((pk - rdlptr - 2) >> 8) & 255;
529 rdlptr[1] = (pk -rdlptr - 2) & 255;
533 return (yield == HOST_NOT_FOUND && pass_on_not_found)? PASS_ON : yield;
542 /*************************************************
543 * Entry point and main program *
544 *************************************************/
547 main(int argc, char **argv)
551 int domlen, qtypelen;
557 uschar *qualify = NULL;
559 uschar *zonefile = NULL;
567 signal(SIGALRM, alarmfn);
571 fprintf(stderr, "fakens: expected 3 arguments, received %d\n", argc-1);
577 (void)sprintf(CS buffer, "%s/../dnszones", argv[1]);
579 d = opendir(CCS buffer);
582 fprintf(stderr, "fakens: failed to opendir %s: %s\n", buffer,
587 while ((de = readdir(d)) != NULL)
589 uschar *name = US de->d_name;
590 if (Ustrncmp(name, "qualify.", 8) == 0)
592 qualify = fcopystring(US "%s", name + 7);
595 if (Ustrncmp(name, "db.", 3) != 0) continue;
596 if (Ustrncmp(name + 3, "ip4.", 4) == 0)
597 zones[zonecount].zone = fcopystring(US "%s.in-addr.arpa", name + 6);
598 else if (Ustrncmp(name + 3, "ip6.", 4) == 0)
599 zones[zonecount].zone = fcopystring(US "%s.ip6.arpa", name + 6);
601 zones[zonecount].zone = fcopystring(US "%s", name + 2);
602 zones[zonecount++].zonefile = fcopystring(US "%s", name);
606 /* Get the RR type and upper case it, and check that we recognize it. */
608 Ustrncpy(qtype, argv[3], sizeof(qtype));
609 qtypelen = Ustrlen(qtype);
610 for (p = qtype; *p != 0; p++) *p = toupper(*p);
612 /* Find the domain, lower case it, check that it is in a zone that we handle,
613 and set up the zone file name. The zone names in the table all start with a
616 domlen = Ustrlen(argv[2]);
617 if (argv[2][domlen-1] == '.') domlen--;
618 Ustrncpy(domain, argv[2], domlen);
620 for (i = 0; i < domlen; i++) domain[i] = tolower(domain[i]);
622 if (Ustrchr(domain, '.') == NULL && qualify != NULL &&
623 Ustrcmp(domain, "dontqualify") != 0)
625 Ustrcat(domain, qualify);
626 domlen += Ustrlen(qualify);
629 for (i = 0; i < zonecount; i++)
632 zone = zones[i].zone;
633 zlen = Ustrlen(zone);
634 if (Ustrcmp(domain, zone+1) == 0 || (domlen >= zlen &&
635 Ustrcmp(domain + domlen - zlen, zone) == 0))
637 zonefile = zones[i].zonefile;
642 if (zonefile == NULL)
644 fprintf(stderr, "fakens: query not in faked zone: domain is: %s\n", domain);
648 (void)sprintf(CS buffer, "%s/../dnszones/%s", argv[1], zonefile);
650 /* Initialize the start of the response packet. We don't have to fake up
651 everything, because we know that Exim will look only at the answer and
652 additional section parts. */
654 memset(packet, 0, 12);
657 /* Open the zone file. */
659 f = fopen(CS buffer, "r");
662 fprintf(stderr, "fakens: failed to open %s: %s\n", buffer, strerror(errno));
666 /* Find the records we want, and add them to the result. */
669 yield = find_records(f, zone, domain, qtype, qtypelen, &pk, &count, &dnssec);
670 if (yield == NO_RECOVERY) goto END_OFF;
672 packet[6] = (count >> 8) & 255;
673 packet[7] = count & 255;
675 /* There is no need to return any additional records because Exim no longer
676 (from release 4.61) makes any use of them. */
682 ((HEADER *)packet)->ad = 1;
684 /* Close the zone file, write the result, and return. */
688 (void)fwrite(packet, 1, pk - packet, stdout);
694 /* End of fakens.c */