-/* $Cambridge: exim/test/src/fakens.c,v 1.2 2006/02/16 10:05:34 ph10 Exp $ */
-
/*************************************************
* fakens - A Fake Nameserver Program *
*************************************************/
running in its (new) test harness, DNS lookups are first passed to this program
instead of to the real resolver. (With a few exceptions - see the discussion in
the test suite's README file.) The program is also passed the name of the Exim
-spool directory; it expects to find its "zone files" in ../dnszones relative to
-that directory. Note that there is little checking in this program. The fake
+spool directory; it expects to find its "zone files" in dnszones relative to
+exim config_main_directory. Note that there is little checking in this program. The fake
zone files are assumed to be syntactically valid.
The zones that are handled are found by scanning the dnszones directory. A file
PASS ON NOT FOUND
and the domain is not found. It converts the the result to PASS_ON instead of
-HOST_NOT_FOUND. */
+HOST_NOT_FOUND.
+
+Any DNS record line in a zone file can be prefixed with "DELAY=" and
+a number of milliseconds (followed by one space).
+
+Any DNS record line in a zone file can be prefixed with "DNSSEC ";
+if all the records found by a lookup are marked
+as such then the response will have the "AD" bit set.
+
+Any DNS record line in a zone file can be prefixed with "AA "
+if all the records found by a lookup are marked
+as such then the response will have the "AA" bit set.
+
+*/
#include <ctype.h>
#include <stdarg.h>
#include <stdio.h>
+#include <stdlib.h>
#include <string.h>
#include <netdb.h>
#include <errno.h>
+#include <signal.h>
#include <arpa/nameser.h>
#include <sys/types.h>
+#include <sys/time.h>
#include <dirent.h>
#define FALSE 0
know about AAAA and SRV at all. */
#ifndef ns_t_a
-#define ns_t_a T_A
-#define ns_t_ns T_NS
-#define ns_t_cname T_CNAME
-#define ns_t_soa T_SOA
-#define ns_t_ptr T_PTR
-#define ns_t_mx T_MX
-#define ns_t_txt T_TXT
-#define ns_t_aaaa T_AAAA
-#define ns_t_srv T_SRV
-#ifndef T_AAAA
-#define T_AAAA 28
-#endif
-#ifndef T_SRV
-#define T_SRV 33
-#endif
+# define ns_t_a T_A
+# define ns_t_ns T_NS
+# define ns_t_cname T_CNAME
+# define ns_t_soa T_SOA
+# define ns_t_ptr T_PTR
+# define ns_t_mx T_MX
+# define ns_t_txt T_TXT
+# define ns_t_aaaa T_AAAA
+# define ns_t_srv T_SRV
+# define ns_t_tlsa T_TLSA
+# ifndef T_AAAA
+# define T_AAAA 28
+# endif
+# ifndef T_SRV
+# define T_SRV 33
+# endif
+# ifndef T_TLSA
+# define T_TLSA 52
+# endif
#endif
static tlist type_list[] = {
{ US"A", ns_t_a },
{ US"NS", ns_t_ns },
{ US"CNAME", ns_t_cname },
-/* { US"SOA", ns_t_soa }, Not currently in use */
+ { US"SOA", ns_t_soa },
{ US"PTR", ns_t_ptr },
{ US"MX", ns_t_mx },
{ US"TXT", ns_t_txt },
{ US"AAAA", ns_t_aaaa },
{ US"SRV", ns_t_srv },
+ { US"TLSA", ns_t_tlsa },
{ NULL, 0 }
};
char buffer[256];
va_list ap;
va_start(ap, format);
-vsprintf(buffer, format, ap);
+vsprintf(buffer, CS format, ap);
va_end(ap);
yield = (uschar *)malloc(Ustrlen(buffer) + 1);
Ustrcpy(yield, buffer);
return pk;
}
+uschar *
+bytefield(uschar ** pp, uschar * pk)
+{
+unsigned value = 0;
+uschar * p = *pp;
+
+while (isdigit(*p)) value = value*10 + *p++ - '0';
+while (isspace(*p)) p++;
+*pp = p;
+*pk++ = value & 255;
+return pk;
+}
+
+uschar *
+shortfield(uschar ** pp, uschar * pk)
+{
+unsigned value = 0;
+uschar * p = *pp;
+
+while (isdigit(*p)) value = value*10 + *p++ - '0';
+while (isspace(*p)) p++;
+*pp = p;
+*pk++ = (value >> 8) & 255;
+*pk++ = value & 255;
+return pk;
+}
+
+uschar *
+longfield(uschar ** pp, uschar * pk)
+{
+unsigned long value = 0;
+uschar * p = *pp;
+
+while (isdigit(*p)) value = value*10 + *p++ - '0';
+while (isspace(*p)) p++;
+*pp = p;
+*pk++ = (value >> 24) & 255;
+*pk++ = (value >> 16) & 255;
+*pk++ = (value >> 8) & 255;
+*pk++ = value & 255;
+return pk;
+}
+
+
+
+/*************************************************/
+
+static void
+milliwait(struct itimerval *itval)
+{
+sigset_t sigmask;
+sigset_t old_sigmask;
+
+if (itval->it_value.tv_usec < 100 && itval->it_value.tv_sec == 0)
+ return;
+(void)sigemptyset(&sigmask); /* Empty mask */
+(void)sigaddset(&sigmask, SIGALRM); /* Add SIGALRM */
+(void)sigprocmask(SIG_BLOCK, &sigmask, &old_sigmask); /* Block SIGALRM */
+(void)setitimer(ITIMER_REAL, itval, NULL); /* Start timer */
+(void)sigfillset(&sigmask); /* All signals */
+(void)sigdelset(&sigmask, SIGALRM); /* Remove SIGALRM */
+(void)sigsuspend(&sigmask); /* Until SIGALRM */
+(void)sigprocmask(SIG_SETMASK, &old_sigmask, NULL); /* Restore mask */
+}
+
+static void
+millisleep(int msec)
+{
+struct itimerval itval;
+itval.it_interval.tv_sec = 0;
+itval.it_interval.tv_usec = 0;
+itval.it_value.tv_sec = msec/1000;
+itval.it_value.tv_usec = (msec % 1000) * 1000;
+milliwait(&itval);
+}
/*************************************************
qtypelen the length of qtype
pkptr points to the output buffer pointer; this is updated
countptr points to the record count; this is updated
+ dnssec points to the AD flag indicator; this updated
+ aa points to the AA flag indicator; this updated
Returns: 0 on success, else HOST_NOT_FOUND or NO_DATA or NO_RECOVERY or
PASS_ON - the latter if a "PASS ON NOT FOUND" line is seen
static int
find_records(FILE *f, uschar *zone, uschar *domain, uschar *qtype,
- int qtypelen, uschar **pkptr, int *countptr)
+ int qtypelen, uschar **pkptr, int *countptr, BOOL * dnssec, BOOL * aa)
{
int yield = HOST_NOT_FOUND;
int domainlen = Ustrlen(domain);
rrdomain[0] = 0; /* No previous domain */
(void)fseek(f, 0, SEEK_SET); /* Start again at the beginning */
+*dnssec = TRUE; /* cancelled by first nonsecure rec found */
+*aa = TRUE; /* cancelled by first non-authoritive record */
+
/* Scan for RRs */
while (fgets(CS buffer, sizeof(buffer), f) != NULL)
uschar *rdlptr;
uschar *p, *ep, *pp;
BOOL found_cname = FALSE;
- int i, plen, value;
+ int i, value;
int tvalue = typeptr->value;
int qtlen = qtypelen;
+ BOOL rr_sec = FALSE;
+ BOOL rr_aa = FALSE;
+ int delay = 0;
p = buffer;
while (isspace(*p)) p++;
if (*p == 0 || *p == ';') continue;
- if (Ustrncmp(p, "PASS ON NOT FOUND", 17) == 0)
+ if (Ustrncmp(p, US"PASS ON NOT FOUND", 17) == 0)
{
pass_on_not_found = TRUE;
continue;
*ep = 0;
p = buffer;
- if (!isspace(*p))
+ for (;;)
+ {
+ if (Ustrncmp(p, US"DNSSEC ", 7) == 0) /* tagged as secure */
+ {
+ rr_sec = TRUE;
+ p += 7;
+ }
+ else if (Ustrncmp(p, US"AA ", 3) == 0) /* tagged as authoritive */
+ {
+ rr_aa = TRUE;
+ p += 3;
+ }
+ else if (Ustrncmp(p, US"DELAY=", 6) == 0) /* delay before response */
+ {
+ for (p += 6; *p >= '0' && *p <= '9'; p++) delay = delay*10 + *p - '0';
+ if (isspace(*p)) p++;
+ }
+ else
+ break;
+ }
+
+ if (!isspace(*p)) /* new domain name */
{
uschar *pp = rrdomain;
uschar *PP = RRdomain;
pp[-1] = 0;
PP[-1] = 0;
}
- }
+ } /* else use previous line's domain name */
/* Compare domain names; first check for a wildcard */
/* Found a relevant record */
+ if (delay)
+ millisleep(delay);
+
+ if (!rr_sec)
+ *dnssec = FALSE; /* cancel AD return */
+
+ if (!rr_aa)
+ *aa = FALSE; /* cancel AA return */
+
yield = 0;
*countptr = *countptr + 1;
switch (tvalue)
{
- case ns_t_soa: /* Not currently used */
- break;
+ case ns_t_soa:
+ p = strtok(p, " ");
+ ep = p + strlen(p);
+ if (ep[-1] != '.') sprintf(CS ep, "%s.", zone);
+ pk = packname(p, pk); /* primary ns */
+ p = strtok(NULL, " ");
+ pk = packname(p , pk); /* responsible mailbox */
+ *(p += strlen(p)) = ' ';
+ while (isspace(*p)) p++;
+ pk = longfield(&p, pk); /* serial */
+ pk = longfield(&p, pk); /* refresh */
+ pk = longfield(&p, pk); /* retry */
+ pk = longfield(&p, pk); /* expire */
+ pk = longfield(&p, pk); /* minimum */
+ break;
case ns_t_a:
- for (i = 0; i < 4; i++)
- {
- value = 0;
- while (isdigit(*p)) value = value*10 + *p++ - '0';
- *pk++ = value;
- p++;
- }
- break;
+ for (i = 0; i < 4; i++)
+ {
+ value = 0;
+ while (isdigit(*p)) value = value*10 + *p++ - '0';
+ *pk++ = value;
+ p++;
+ }
+ break;
/* The only occurrence of a double colon is for ::1 */
case ns_t_aaaa:
- if (Ustrcmp(p, "::1") == 0)
- {
- memset(pk, 0, 15);
- pk += 15;
- *pk++ = 1;
- }
- else for (i = 0; i < 8; i++)
- {
- value = 0;
- while (isxdigit(*p))
- {
- value = value * 16 + toupper(*p) - (isdigit(*p)? '0' : '7');
- p++;
- }
- *pk++ = (value >> 8) & 255;
- *pk++ = value & 255;
- p++;
- }
- break;
+ if (Ustrcmp(p, "::1") == 0)
+ {
+ memset(pk, 0, 15);
+ pk += 15;
+ *pk++ = 1;
+ }
+ else for (i = 0; i < 8; i++)
+ {
+ value = 0;
+ while (isxdigit(*p))
+ {
+ value = value * 16 + toupper(*p) - (isdigit(*p)? '0' : '7');
+ p++;
+ }
+ *pk++ = (value >> 8) & 255;
+ *pk++ = value & 255;
+ p++;
+ }
+ break;
case ns_t_mx:
- value = 0;
- while (isdigit(*p)) value = value*10 + *p++ - '0';
- while (isspace(*p)) p++;
- *pk++ = (value >> 8) & 255;
- *pk++ = value & 255;
- if (ep[-1] != '.') sprintf(ep, "%s.", zone);
- pk = packname(p, pk);
- plen = Ustrlen(p);
- break;
+ pk = shortfield(&p, pk);
+ if (ep[-1] != '.') sprintf(CS ep, "%s.", zone);
+ pk = packname(p, pk);
+ break;
case ns_t_txt:
- pp = pk++;
- if (*p == '"') p++; /* Should always be the case */
- while (*p != 0 && *p != '"') *pk++ = *p++;
- *pp = pk - pp - 1;
- break;
-
- case ns_t_srv:
- for (i = 0; i < 3; i++)
+ pp = pk++;
+ if (*p == '"') p++; /* Should always be the case */
+ while (*p != 0 && *p != '"') *pk++ = *p++;
+ *pp = pk - pp - 1;
+ break;
+
+ case ns_t_tlsa:
+ pk = bytefield(&p, pk); /* usage */
+ pk = bytefield(&p, pk); /* selector */
+ pk = bytefield(&p, pk); /* match type */
+ while (isxdigit(*p))
{
- value = 0;
- while (isdigit(*p)) value = value*10 + *p++ - '0';
- while (isspace(*p)) p++;
- *pk++ = (value >> 8) & 255;
+ value = toupper(*p) - (isdigit(*p) ? '0' : '7') << 4;
+ if (isxdigit(*++p))
+ {
+ value |= toupper(*p) - (isdigit(*p) ? '0' : '7');
+ p++;
+ }
*pk++ = value & 255;
}
+ break;
+
+ case ns_t_srv:
+ for (i = 0; i < 3; i++)
+ {
+ value = 0;
+ while (isdigit(*p)) value = value*10 + *p++ - '0';
+ while (isspace(*p)) p++;
+ *pk++ = (value >> 8) & 255;
+ *pk++ = value & 255;
+ }
+
/* Fall through */
case ns_t_cname:
case ns_t_ns:
case ns_t_ptr:
- if (ep[-1] != '.') sprintf(ep, "%s.", zone);
- pk = packname(p, pk);
- plen = Ustrlen(p);
- break;
+ if (ep[-1] != '.') sprintf(CS ep, "%s.", zone);
+ pk = packname(p, pk);
+ break;
}
/* Fill in the length, and we are done with this RR */
rdlptr[0] = ((pk - rdlptr - 2) >> 8) & 255;
rdlptr[1] = (pk -rdlptr - 2) & 255;
-
- /* If we have just yielded a CNAME, we must change the domain name to the
- new domain, and re-start the scan from the beginning. */
-
- if (found_cname)
- {
- domain = fcopystring("%s", p);
- domainlen = Ustrlen(domain);
- domain[domainlen - 1] = 0; /* Removed trailing dot */
- rrdomain[0] = 0; /* No previous domain */
- (void)fseek(f, 0, SEEK_SET); /* Start again at the beginning */
- }
}
*pkptr = pk;
}
+static void
+alarmfn(int sig)
+{
+}
+
+
+/*************************************************
+* Special-purpose domains *
+*************************************************/
+
+static int
+special_manyhome(uschar * packet, uschar * domain)
+{
+uschar *pk = packet + 12;
+uschar *rdlptr;
+int i, j;
+
+memset(packet, 0, 12);
+
+for (i = 104; i <= 111; i++) for (j = 0; j <= 255; j++)
+ {
+ pk = packname(domain, pk);
+ *pk++ = (ns_t_a >> 8) & 255;
+ *pk++ = (ns_t_a) & 255;
+ *pk++ = 0;
+ *pk++ = 1; /* class = IN */
+ pk += 4; /* TTL field; don't care */
+ rdlptr = pk; /* remember rdlength field */
+ pk += 2;
+
+ *pk++ = 10; *pk++ = 250; *pk++ = i; *pk++ = j;
+
+ rdlptr[0] = ((pk - rdlptr - 2) >> 8) & 255;
+ rdlptr[1] = (pk - rdlptr - 2) & 255;
+ }
+
+packet[6] = (2048 >> 8) & 255;
+packet[7] = 2048 & 255;
+packet[10] = 0;
+packet[11] = 0;
+
+(void)fwrite(packet, 1, pk - packet, stdout);
+return 0;
+}
+
+static int
+special_again(uschar * packet, uschar * domain)
+{
+int delay = atoi(CCS domain); /* digits at the start of the name */
+if (delay > 0) sleep(delay);
+return TRY_AGAIN;
+}
+
/*************************************************
* Entry point and main program *
uschar domain[256];
uschar buffer[256];
uschar qtype[12];
-uschar packet[512];
+uschar packet[2048 * 32 + 32];
uschar *pk = packet;
+BOOL dnssec;
+BOOL aa;
+
+signal(SIGALRM, alarmfn);
if (argc != 4)
{
/* Find the zones */
-(void)sprintf(buffer, "%s/../dnszones", argv[1]);
+(void)sprintf(CS buffer, "%s/dnszones", argv[1]);
d = opendir(CCS buffer);
if (d == NULL)
while ((de = readdir(d)) != NULL)
{
- uschar *name = de->d_name;
+ uschar *name = US de->d_name;
if (Ustrncmp(name, "qualify.", 8) == 0)
{
- qualify = fcopystring("%s", name + 7);
+ qualify = fcopystring(US "%s", name + 7);
continue;
}
if (Ustrncmp(name, "db.", 3) != 0) continue;
if (Ustrncmp(name + 3, "ip4.", 4) == 0)
- zones[zonecount].zone = fcopystring("%s.in-addr.arpa", name + 6);
+ zones[zonecount].zone = fcopystring(US "%s.in-addr.arpa", name + 6);
else if (Ustrncmp(name + 3, "ip6.", 4) == 0)
- zones[zonecount].zone = fcopystring("%s.ip6.arpa", name + 6);
+ zones[zonecount].zone = fcopystring(US "%s.ip6.arpa", name + 6);
else
- zones[zonecount].zone = fcopystring("%s", name + 2);
- zones[zonecount++].zonefile = fcopystring("%s", name);
+ zones[zonecount].zone = fcopystring(US "%s", name + 2);
+ zones[zonecount++].zonefile = fcopystring(US "%s", name);
}
(void)closedir(d);
qtypelen = Ustrlen(qtype);
for (p = qtype; *p != 0; p++) *p = toupper(*p);
-/* Find the domain, lower case it, check that it is in a zone that we handle,
+/* Find the domain, lower case it, deal with any specials,
+check that it is in a zone that we handle,
and set up the zone file name. The zone names in the table all start with a
dot. */
domain[domlen] = 0;
for (i = 0; i < domlen; i++) domain[i] = tolower(domain[i]);
+if (Ustrcmp(domain, "manyhome.test.ex") == 0 && Ustrcmp(qtype, "A") == 0)
+ return special_manyhome(packet, domain);
+else if (domlen >= 14 && Ustrcmp(domain + domlen - 14, "test.again.dns") == 0)
+ return special_again(packet, domain);
+else if (domlen >= 13 && Ustrcmp(domain + domlen - 13, "test.fail.dns") == 0)
+ return NO_RECOVERY;
+
+
if (Ustrchr(domain, '.') == NULL && qualify != NULL &&
Ustrcmp(domain, "dontqualify") != 0)
{
return PASS_ON;
}
-(void)sprintf(buffer, "%s/../dnszones/%s", argv[1], zonefile);
+(void)sprintf(CS buffer, "%s/dnszones/%s", argv[1], zonefile);
/* Initialize the start of the response packet. We don't have to fake up
everything, because we know that Exim will look only at the answer and
/* Open the zone file. */
-f = fopen(buffer, "r");
+f = fopen(CS buffer, "r");
if (f == NULL)
{
fprintf(stderr, "fakens: failed to open %s: %s\n", buffer, strerror(errno));
/* Find the records we want, and add them to the result. */
count = 0;
-yield = find_records(f, zone, domain, qtype, qtypelen, &pk, &count);
+yield = find_records(f, zone, domain, qtype, qtypelen, &pk, &count, &dnssec, &aa);
if (yield == NO_RECOVERY) goto END_OFF;
packet[6] = (count >> 8) & 255;
packet[10] = 0;
packet[11] = 0;
+if (dnssec)
+ ((HEADER *)packet)->ad = 1;
+
+if (aa)
+ ((HEADER *)packet)->aa = 1;
+
/* Close the zone file, write the result, and return. */
END_OFF:
return yield;
}
+/* vi: aw ai sw=2 sts=2 ts=8 et
+*/
/* End of fakens.c */