/*

 * Copyright (C) 2004-2008  Internet Systems Consortium, Inc. ("ISC")

 * Copyright (C) 2000-2003  Internet Software Consortium.

 *

 * Permission to use, copy, modify, and/or distribute this software for any

 * purpose with or without fee is hereby granted, provided that the above

 * copyright notice and this permission notice appear in all copies.

 *

 * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH

 * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY

 * AND FITNESS.  IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,

 * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM

 * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE

 * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR

 * PERFORMANCE OF THIS SOFTWARE.

 */

/* $ISC: dighost.c,v 1.259.18.43.10.3 2008/07/23 23:16:43 marka Exp $ */

/*! \file

 *  \note

 * Notice to programmers:  Do not use this code as an example of how to

 * use the ISC library to perform DNS lookups.  Dig and Host both operate

 * on the request level, since they allow fine-tuning of output and are

 * intended as debugging tools.  As a result, they perform many of the

 * functions which could be better handled using the dns_resolver

 * functions in most applications.

 */

#include <arpa/nameser.h>

#include <config.h>

#include <stdlib.h>

#include <unistd.h>

#include <string.h>

#include <limits.h>

#ifdef HAVE_LOCALE_H

#include <locale.h>

#endif

#ifdef WITH_IDN

#include <idn/result.h>

#include <idn/log.h>

#include <idn/resconf.h>

#include <idn/api.h>

#endif

#include <dns/byaddr.h>

#ifdef DIG_SIGCHASE

#include <dns/dnssec.h>

#include <dns/ds.h>

#include <dns/nsec.h>

#include <isc/random.h>

#include <ctype.h>

#endif

#include <dns/fixedname.h>

#include <dns/message.h>

#include <dns/name.h>

#include <dns/rdata.h>

#include <dns/rdataclass.h>

#include <dns/rdatalist.h>

#include <dns/rdataset.h>

#include <dns/rdatastruct.h>

#include <dns/rdatatype.h>

#include <dns/result.h>

#include <dns/tsig.h>

#include <dst/dst.h>

#include <isc/app.h>

#include <isc/base64.h>

#include <isc/entropy.h>

#include <isc/file.h>

#include <isc/lang.h>

#include <isc/netaddr.h>

#ifdef DIG_SIGCHASE

#include <isc/netdb.h>

#endif

#include <isc/print.h>

#include <isc/random.h>

#include <isc/result.h>

#include <isc/string.h>

#include <isc/task.h>

#include <isc/timer.h>

#include <isc/types.h>

#include <isc/util.h>

#include <lwres/lwres.h>

#include <lwres/net.h>

#include <bind9/getaddresses.h>

#include <dig/dig.h>

#if ! defined(NS_INADDRSZ)

#define NS_INADDRSZ	 4

#endif

#if ! defined(NS_IN6ADDRSZ)

#define NS_IN6ADDRSZ	16

#endif

static lwres_context_t *lwctx = NULL;

static lwres_conf_t *lwconf;

dig_lookuplist_t lookup_list;

dig_serverlist_t server_list;

dig_searchlistlist_t search_list;

isc_boolean_t

	check_ra = ISC_FALSE,

	have_ipv4 = ISC_FALSE,

	have_ipv6 = ISC_FALSE,

	specified_source = ISC_FALSE,

	free_now = ISC_FALSE,

	cancel_now = ISC_FALSE,

	usesearch = ISC_FALSE,

	showsearch = ISC_FALSE,

	qr = ISC_FALSE,

	is_dst_up = ISC_FALSE;

in_port_t port = 0;

unsigned int timeout = 0;

unsigned int extrabytes;

isc_mem_t *mctx = NULL;

isc_taskmgr_t *taskmgr = NULL;

isc_task_t *global_task = NULL;

isc_timermgr_t *timermgr = NULL;

isc_socketmgr_t *socketmgr = NULL;

isc_sockaddr_t bind_address;

isc_sockaddr_t bind_any;

int sendcount = 0;

int recvcount = 0;

int sockcount = 0;

int ndots = -1;

int tries = 3;

int lookup_counter = 0;

#ifdef WITH_IDN

static void		initialize_idn(void);

static isc_result_t	output_filter(isc_buffer_t *buffer,

				      unsigned int used_org,

				      isc_boolean_t absolute);

static idn_result_t	append_textname(char *name, const char *origin,

					size_t namesize);

static void		idn_check_result(idn_result_t r, const char *msg);

#define MAXDLEN		256

int  idnoptions	= 0;

#endif

/*%

 * Exit Codes:

 *

 *\li	0   Everything went well, including things like NXDOMAIN

 *\li	1   Usage error

 *\li	7   Got too many RR's or Names

 *\li	8   Couldn't open batch file

 *\li	9   No reply from server

 *\li	10  Internal error

 */

int exitcode = 0;

int fatalexit = 0;

char keynametext[MXNAME];

char keyfile[MXNAME] = "";

char keysecret[MXNAME] = "";

dns_name_t *hmacname = NULL;

unsigned int digestbits = 0;

isc_buffer_t *namebuf = NULL;

dns_tsigkey_t *key = NULL;

isc_boolean_t validated = ISC_TRUE;

isc_entropy_t *entp = NULL;

isc_mempool_t *commctx = NULL;

isc_boolean_t debugging = ISC_FALSE;

isc_boolean_t memdebugging = ISC_FALSE;

char *progname = NULL;

isc_mutex_t lookup_lock;

dig_lookup_t *current_lookup = NULL;

#ifdef DIG_SIGCHASE

isc_result_t	  get_trusted_key(isc_mem_t *mctx);

dns_rdataset_t *  sigchase_scanname(dns_rdatatype_t type,

				    dns_rdatatype_t covers,

				    isc_boolean_t *lookedup,

				    dns_name_t *rdata_name);

dns_rdataset_t *  chase_scanname_section(dns_message_t *msg,

					 dns_name_t *name,

					 dns_rdatatype_t type,

					 dns_rdatatype_t covers,

					 int section);

isc_result_t	  advanced_rrsearch(dns_rdataset_t **rdataset,

				    dns_name_t *name,

				    dns_rdatatype_t type,

				    dns_rdatatype_t covers,

				    isc_boolean_t *lookedup);

isc_result_t	  sigchase_verify_sig_key(dns_name_t *name,

					  dns_rdataset_t *rdataset,

					  dst_key_t* dnsseckey,

					  dns_rdataset_t *sigrdataset,

					  isc_mem_t *mctx);

isc_result_t	  sigchase_verify_sig(dns_name_t *name,

				      dns_rdataset_t *rdataset,

				      dns_rdataset_t *keyrdataset,

				      dns_rdataset_t *sigrdataset,

				      isc_mem_t *mctx);

isc_result_t	  sigchase_verify_ds(dns_name_t *name,

				     dns_rdataset_t *keyrdataset,

				     dns_rdataset_t *dsrdataset,

				     isc_mem_t *mctx);

void		  sigchase(dns_message_t *msg);

void		  print_rdata(dns_rdata_t *rdata, isc_mem_t *mctx);

void		  print_rdataset(dns_name_t *name,

				 dns_rdataset_t *rdataset, isc_mem_t *mctx);

void		  dup_name(dns_name_t *source, dns_name_t* target,

			   isc_mem_t *mctx);

void		  free_name(dns_name_t *name, isc_mem_t *mctx);

void		  dump_database(void);

void		  dump_database_section(dns_message_t *msg, int section);

dns_rdataset_t *  search_type(dns_name_t *name, dns_rdatatype_t type,

			      dns_rdatatype_t covers);

isc_result_t	  contains_trusted_key(dns_name_t *name,

				       dns_rdataset_t *rdataset,

				       dns_rdataset_t *sigrdataset,

				       isc_mem_t *mctx);

void		  print_type(dns_rdatatype_t type);

isc_result_t	  prove_nx_domain(dns_message_t * msg,

				  dns_name_t * name,

				  dns_name_t * rdata_name,

				  dns_rdataset_t ** rdataset,

				  dns_rdataset_t ** sigrdataset);

isc_result_t	  prove_nx_type(dns_message_t * msg, dns_name_t *name,

				dns_rdataset_t *nsec,

				dns_rdataclass_t class,

				dns_rdatatype_t type,

				dns_name_t * rdata_name,

				dns_rdataset_t ** rdataset,

				dns_rdataset_t ** sigrdataset);

isc_result_t	  prove_nx(dns_message_t * msg, dns_name_t * name,

			   dns_rdataclass_t class,

			   dns_rdatatype_t type,

			   dns_name_t * rdata_name,

			   dns_rdataset_t ** rdataset,

			   dns_rdataset_t ** sigrdataset);

static void	  nameFromString(const char *str, dns_name_t *p_ret);

int		  inf_name(dns_name_t * name1, dns_name_t * name2);

isc_result_t	  opentmpkey(isc_mem_t *mctx, const char *file,

			     char **tempp, FILE **fp);

isc_result_t	  removetmpkey(isc_mem_t *mctx, const char *file);

void		  clean_trustedkey(void);

void		  insert_trustedkey(dst_key_t  * key);

#if DIG_SIGCHASE_BU

isc_result_t	  getneededrr(dns_message_t *msg);

void		  sigchase_bottom_up(dns_message_t *msg);

void		  sigchase_bu(dns_message_t *msg);

#endif

#if DIG_SIGCHASE_TD

isc_result_t	  initialization(dns_name_t *name);

isc_result_t	  prepare_lookup(dns_name_t *name);

isc_result_t	  grandfather_pb_test(dns_name_t * zone_name,

				      dns_rdataset_t *sigrdataset);

isc_result_t	  child_of_zone(dns_name_t *name,

				dns_name_t *zone_name,

				dns_name_t *child_name);

void		  sigchase_td(dns_message_t *msg);

#endif

char trustedkey[MXNAME] = "";

dns_rdataset_t *chase_rdataset = NULL;

dns_rdataset_t *chase_sigrdataset = NULL;

dns_rdataset_t *chase_dsrdataset = NULL;

dns_rdataset_t *chase_sigdsrdataset = NULL;

dns_rdataset_t *chase_keyrdataset = NULL;

dns_rdataset_t *chase_sigkeyrdataset = NULL;

dns_rdataset_t *chase_nsrdataset = NULL;

dns_name_t chase_name; /* the query name */

#if DIG_SIGCHASE_TD

/*

 * the current name is the parent name when we follow delegation

 */

dns_name_t chase_current_name;

/*

 * the child name is used for delegation (NS DS responses in AUTHORITY section)

 */

dns_name_t chase_authority_name;

#endif

#if DIG_SIGCHASE_BU

dns_name_t chase_signame;

#endif

isc_boolean_t chase_siglookedup = ISC_FALSE;

isc_boolean_t chase_keylookedup = ISC_FALSE;

isc_boolean_t chase_sigkeylookedup = ISC_FALSE;

isc_boolean_t chase_dslookedup = ISC_FALSE;

isc_boolean_t chase_sigdslookedup = ISC_FALSE;

#if DIG_SIGCHASE_TD

isc_boolean_t chase_nslookedup = ISC_FALSE;

isc_boolean_t chase_lookedup = ISC_FALSE;

isc_boolean_t delegation_follow = ISC_FALSE;

isc_boolean_t grandfather_pb = ISC_FALSE;

isc_boolean_t have_response = ISC_FALSE;

isc_boolean_t have_delegation_ns = ISC_FALSE;

dns_message_t * error_message = NULL;

#endif

isc_boolean_t dsvalidating = ISC_FALSE;

isc_boolean_t chase_name_dup = ISC_FALSE;

ISC_LIST(dig_message_t) chase_message_list;

ISC_LIST(dig_message_t) chase_message_list2;

#define MAX_TRUSTED_KEY 5

typedef struct struct_trusted_key_list {

	dst_key_t * key[MAX_TRUSTED_KEY];

	int nb_tk;

} struct_tk_list;

struct_tk_list tk_list = { {NULL, NULL, NULL, NULL, NULL}, 0};

#endif

#define DIG_MAX_ADDRESSES 20

/*%

 * Apply and clear locks at the event level in global task.

 * Can I get rid of these using shutdown events?  XXX

 */

#define LOCK_LOOKUP {\

	debug("lock_lookup %s:%d", __FILE__, __LINE__);\

	check_result(isc_mutex_lock((&lookup_lock)), "isc_mutex_lock");\

	debug("success");\

}

#define UNLOCK_LOOKUP {\

	debug("unlock_lookup %s:%d", __FILE__, __LINE__);\

	check_result(isc_mutex_unlock((&lookup_lock)),\

		     "isc_mutex_unlock");\

}

static void

cancel_lookup(dig_lookup_t *lookup);

static void

recv_done(isc_task_t *task, isc_event_t *event);

static void

send_udp(dig_query_t *query);

static void

connect_timeout(isc_task_t *task, isc_event_t *event);

static void

launch_next_query(dig_query_t *query, isc_boolean_t include_question);

static void *

}

static void

}

char *

	char *res;

	do {

}

static int

	char *s;

	}

}

static void

	unsigned int len;

	isc_region_t r;

	}

}

/*%

 * Append 'len' bytes of 'text' at '*p', failing with

 * ISC_R_NOSPACE if that would advance p past 'end'.

 */

static isc_result_t

}

static isc_result_t

	int len;

		isc_result_t result;

	} else {

	}

}

isc_result_t

get_reverse(char *reverse, size_t len, char *value, isc_boolean_t ip6_int,

	    isc_boolean_t strict)

{

	int r;

	isc_result_t result;

	isc_netaddr_t addr;

		/* This is a valid IPv6 address. */

		dns_fixedname_t fname;

		dns_name_t *name;

	} else {

		/*

		 * Not a valid IPv6 address.  Assume IPv4.

		 * If 'strict' is not set, construct the

		 * in-addr.arpa name by blindly reversing

		 * octets whether or not they look like integers,

		 * so that this can be used for RFC2317 names

		 * and such.

		 */

		/* Append .in-addr.arpa. and a terminating NUL. */

	}

}

void

	va_list args;

}

void

	va_list args;

	}

}

void

	}

}

/*%

 * Create a server structure, which is part of the lookup structure.

 * This is little more than a linked list of servers to query in hopes

 * of finding the answer the user is looking for

 */

dig_server_t *

	dig_server_t *srv;

		      __FILE__, __LINE__);

}

static int

addr2af(int lwresaddrtype)

{

	case LWRES_ADDRTYPE_V4:

	case LWRES_ADDRTYPE_V6:

		break;

	}

}

/*%

 * Create a copy of the server list from the lwres configuration structure.

 * The dest list must have already had ISC_LIST_INIT applied.

 */

static void

	dig_server_t *newsrv;

	char tmp[sizeof("ffff:ffff:ffff:ffff:ffff:ffff:255.255.255.255")];

	int af;

	int i;

				   tmp, sizeof(tmp));

	}

}

void

	dig_server_t *s, *ps;

	}

}

void

	isc_result_t result;

	isc_sockaddr_t sockaddrs[DIG_MAX_ADDRESSES];

	isc_netaddr_t netaddr;

	int count, i;

	dig_server_t *srv;

	char tmp[ISC_NETADDR_FORMATSIZE];

				    DIG_MAX_ADDRESSES, &count);

		      opt, isc_result_totext(result));

	}

}

static isc_result_t

	case AF_INET:

	case AF_INET6:

	default:

	}

	}

}

/*%

 * Produce a cloned server list.  The dest list must have already had

 * ISC_LIST_INIT applied.

 */

void

	dig_server_t *srv, *newsrv;

			    srv->userarg);

	}

}

/*%

 * Create an empty lookup structure, which holds all the information needed

 * to get an answer to a user's question.  This structure contains two

 * linked lists: the server list (servers to query) and the query list

 * (outstanding queries which have been made to the listed servers).

 */

dig_lookup_t *

	dig_lookup_t *looknew;

		       __FILE__, __LINE__);

#ifdef DIG_SIGCHASE

	looknew->sigchase = ISC_FALSE;

#if DIG_SIGCHASE_TD

	looknew->do_topdown = ISC_FALSE;

	looknew->trace_root_sigchase = ISC_FALSE;

	looknew->rdtype_sigchaseset = ISC_FALSE;

	looknew->rdtype_sigchase = dns_rdatatype_any;

	looknew->qrdtype_sigchase = dns_rdatatype_any;

	looknew->rdclass_sigchase = dns_rdataclass_in;

	looknew->rdclass_sigchaseset = ISC_FALSE;

#endif

#endif

}

/*%

 * Clone a lookup, perhaps copying the server list.  This does not clone

 * the query list, since it will be regenerated by the setup_lookup()

 * function, nor does it queue up the new lookup for processing.

 * Caution: If you don't clone the servers, you MUST clone the server

 * list seperately from somewhere else, or construct it by hand.

 */

dig_lookup_t *

	dig_lookup_t *looknew;

#if DIG_SIGCHASE_TD

	strlcpy(looknew->textnamesigchase, lookold->textnamesigchase, MXNAME);

#endif

#ifdef DIG_SIGCHASE

	looknew->sigchase = lookold->sigchase;

#if DIG_SIGCHASE_TD

	looknew->do_topdown = lookold->do_topdown;

	looknew->trace_root_sigchase = lookold->trace_root_sigchase;

	looknew->rdtype_sigchaseset = lookold->rdtype_sigchaseset;

	looknew->rdtype_sigchase = lookold->rdtype_sigchase;

	looknew->qrdtype_sigchase = lookold->qrdtype_sigchase;

	looknew->rdclass_sigchase = lookold->rdclass_sigchase;

	looknew->rdclass_sigchaseset = lookold->rdclass_sigchaseset;

#endif

#endif

				  &looknew->my_server_list);

}

/*%

 * Requeue a lookup for further processing, perhaps copying the server

 * list.  The new lookup structure is returned to the caller, and is

 * queued for processing.  If servers are not cloned in the requeue, they

 * must be added before allowing the current event to complete, since the

 * completion of the event may result in the next entry on the lookup

 * queue getting run.

 */

dig_lookup_t *

	dig_lookup_t *looknew;

	      lookold, lookold->link.next, looknew, looknew->link.next);

	      lookold, looknew, looknew->link.next);

}

static void

	isc_result_t result;

	dns_name_t keyname;

	isc_buffer_t secretbuf;

	int secretsize;

	unsigned char *secretstore;

		      __FILE__, __LINE__);

				   dns_rootname, ISC_FALSE,

				   namebuf);

				    secretsize, ISC_FALSE, NULL, 0, 0, mctx,

				    NULL, &key);

		       keynametext, isc_result_totext(result));

	else

}

static void

	isc_result_t result;

				       mctx, &dstkey);

			keyfile, isc_result_totext(result));

	}

	case DST_ALG_HMACMD5:

	case DST_ALG_HMACSHA1:

	case DST_ALG_HMACSHA224:

	case DST_ALG_HMACSHA256:

	case DST_ALG_HMACSHA384:

	case DST_ALG_HMACSHA512:

	default:

		       keynametext);

	}

					   dstkey, ISC_FALSE, NULL, 0, 0,

					   mctx, NULL, &key);

		       keynametext, isc_result_totext(result));

	}

}

static dig_searchlist_t *

	dig_searchlist_t *search;

		      __FILE__, __LINE__);

}

static void

	int i;

	dig_searchlist_t *search;

	}

}