[exim.git] / test / src / fakens.c

/*************************************************
*       fakens - A Fake Nameserver Program       *
*************************************************/

/* This program exists to support the testing of DNS handling code in Exim. It
avoids the need to install special zones in a real nameserver. When Exim is
running in its (new) test harness, DNS lookups are first passed to this program
instead of to the real resolver. (With a few exceptions - see the discussion in
the test suite's README file.) The program is also passed the name of the Exim
spool directory; it expects to find its "zone files" in dnszones relative to
exim config_main_directory. Note that there is little checking in this program. The fake
zone files are assumed to be syntactically valid.

The zones that are handled are found by scanning the dnszones directory. A file
whose name is of the form db.ip4.x is a zone file for .x.in-addr.arpa; a file
whose name is of the form db.ip6.x is a zone file for .x.ip6.arpa; a file of
the form db.anything.else is a zone file for .anything.else. A file of the form
qualify.x.y specifies the domain that is used to qualify single-component
names, except for the name "dontqualify".

The arguments to the program are:

  the name of the Exim spool directory
  the domain name that is being sought
  the DNS record type that is being sought

The output from the program is written to stdout. It is supposed to be in
exactly the same format as a traditional namserver response (see RFC 1035) so
that Exim can process it as normal. At present, no compression is used.
Error messages are written to stderr.

The return codes from the program are zero for success, and otherwise the
values that are set in h_errno after a failing call to the normal resolver:

  1 HOST_NOT_FOUND     host not found (authoritative)
  2 TRY_AGAIN          server failure
  3 NO_RECOVERY        non-recoverable error
  4 NO_DATA            valid name, no data of requested type

In a real nameserver, TRY_AGAIN is also used for a non-authoritative not found,
but it is not used for that here. There is also one extra return code:

  5 PASS_ON            requests Exim to call res_search()

This is used for zones that fakens does not recognize. It is also used if a
line in the zone file contains exactly this:

  PASS ON NOT FOUND

and the domain is not found. It converts the the result to PASS_ON instead of
HOST_NOT_FOUND.

Any DNS record line in a zone file can be prefixed with "DELAY=" and
a number of milliseconds (followed by whitespace).

Any DNS record line in a zone file can be prefixed with "DNSSEC" and
at least one space; if all the records found by a lookup are marked
as such then the response will have the "AD" bit set. */

#include <ctype.h>
#include <stdarg.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <netdb.h>
#include <errno.h>
#include <signal.h>
#include <arpa/nameser.h>
#include <sys/types.h>
#include <sys/time.h>
#include <dirent.h>

#define FALSE         0
#define TRUE          1
#define PASS_ON       5

typedef int BOOL;
typedef unsigned char uschar;

#define CS   (char *)
#define CCS  (const char *)
#define US   (unsigned char *)

#define Ustrcat(s,t)       strcat(CS(s),CCS(t))
#define Ustrchr(s,n)       US strchr(CCS(s),n)
#define Ustrcmp(s,t)       strcmp(CCS(s),CCS(t))
#define Ustrcpy(s,t)       strcpy(CS(s),CCS(t))
#define Ustrlen(s)         (int)strlen(CCS(s))
#define Ustrncmp(s,t,n)    strncmp(CCS(s),CCS(t),n)
#define Ustrncpy(s,t,n)    strncpy(CS(s),CCS(t),n)

typedef struct zoneitem {
  uschar *zone;
  uschar *zonefile;
} zoneitem;

typedef struct tlist {
  uschar *name;
  int value;
} tlist;

/* On some (older?) operating systems, the standard ns_t_xxx definitions are
not available, and only the older T_xxx ones exist in nameser.h. If ns_t_a is
not defined, assume we are in this state. A really old system might not even
know about AAAA and SRV at all. */

#ifndef ns_t_a
# define ns_t_a      T_A
# define ns_t_ns     T_NS
# define ns_t_cname  T_CNAME
# define ns_t_soa    T_SOA
# define ns_t_ptr    T_PTR
# define ns_t_mx     T_MX
# define ns_t_txt    T_TXT
# define ns_t_aaaa   T_AAAA
# define ns_t_srv    T_SRV
# define ns_t_tlsa   T_TLSA
# ifndef T_AAAA
#  define T_AAAA      28
# endif
# ifndef T_SRV
#  define T_SRV       33
# endif
# ifndef T_TLSA
#  define T_TLSA      52
# endif
#endif

static tlist type_list[] = {
  { US"A",       ns_t_a },
  { US"NS",      ns_t_ns },
  { US"CNAME",   ns_t_cname },
  { US"SOA",     ns_t_soa },
  { US"PTR",     ns_t_ptr },
  { US"MX",      ns_t_mx },
  { US"TXT",     ns_t_txt },
  { US"AAAA",    ns_t_aaaa },
  { US"SRV",     ns_t_srv },
  { US"TLSA",    ns_t_tlsa },
  { NULL,        0 }
};


/*************************************************
*           Get memory and sprintf into it       *
*************************************************/

/* This is used when building a table of zones and their files.

Arguments:
  format       a format string
  ...          arguments

Returns:       pointer to formatted string
*/

static uschar *
fcopystring(uschar *format, ...)
{
uschar *yield;
char buffer[256];
va_list ap;
va_start(ap, format);
vsprintf(buffer, CS format, ap);
va_end(ap);
yield = (uschar *)malloc(Ustrlen(buffer) + 1);
Ustrcpy(yield, buffer);
return yield;
}


/*************************************************
*             Pack name into memory              *
*************************************************/

/* This function packs a domain name into memory according to DNS rules. At
present, it doesn't do any compression.

Arguments:
  name         the name
  pk           where to put it

Returns:       the updated value of pk
*/

static uschar *
packname(uschar *name, uschar *pk)
{
while (*name != 0)
  {
  uschar *p = name;
  while (*p != 0 && *p != '.') p++;
  *pk++ = (p - name);
  memmove(pk, name, p - name);
  pk += p - name;
  name = (*p == 0)? p : p + 1;
  }
*pk++ = 0;
return pk;
}

uschar *
bytefield(uschar ** pp, uschar * pk)
{
unsigned value = 0;
uschar * p = *pp;

while (isdigit(*p)) value = value*10 + *p++ - '0';
while (isspace(*p)) p++;
*pp = p;
*pk++ = value & 255;
return pk;
}

uschar *
shortfield(uschar ** pp, uschar * pk)
{
unsigned value = 0;
uschar * p = *pp;

while (isdigit(*p)) value = value*10 + *p++ - '0';
while (isspace(*p)) p++;
*pp = p;
*pk++ = (value >> 8) & 255;
*pk++ = value & 255;
return pk;
}

uschar *
longfield(uschar ** pp, uschar * pk)
{
unsigned long value = 0;
uschar * p = *pp;

while (isdigit(*p)) value = value*10 + *p++ - '0';
while (isspace(*p)) p++;
*pp = p;
*pk++ = (value >> 24) & 255;
*pk++ = (value >> 16) & 255;
*pk++ = (value >> 8) & 255;
*pk++ = value & 255;
return pk;
}


/*************************************************/

static void
milliwait(struct itimerval *itval)
{
sigset_t sigmask;
sigset_t old_sigmask;

if (itval->it_value.tv_usec < 100 && itval->it_value.tv_sec == 0)
  return;
(void)sigemptyset(&sigmask);                           /* Empty mask */
(void)sigaddset(&sigmask, SIGALRM);                    /* Add SIGALRM */
(void)sigprocmask(SIG_BLOCK, &sigmask, &old_sigmask);  /* Block SIGALRM */
(void)setitimer(ITIMER_REAL, itval, NULL);             /* Start timer */
(void)sigfillset(&sigmask);                            /* All signals */
(void)sigdelset(&sigmask, SIGALRM);                    /* Remove SIGALRM */
(void)sigsuspend(&sigmask);                            /* Until SIGALRM */
(void)sigprocmask(SIG_SETMASK, &old_sigmask, NULL);    /* Restore mask */
}

static void
millisleep(int msec)
{
struct itimerval itval;
itval.it_interval.tv_sec = 0;
itval.it_interval.tv_usec = 0;
itval.it_value.tv_sec = msec/1000;
itval.it_value.tv_usec = (msec % 1000) * 1000;
milliwait(&itval);
}


/*************************************************
*              Scan file for RRs                 *
*************************************************/

/* This function scans an open "zone file" for appropriate records, and adds
any that are found to the output buffer.

Arguments:
  f           the input FILE
  zone        the current zone name
  domain      the domain we are looking for
  qtype       the type of RR we want
  qtypelen    the length of qtype
  pkptr       points to the output buffer pointer; this is updated
  countptr    points to the record count; this is updated

Returns:      0 on success, else HOST_NOT_FOUND or NO_DATA or NO_RECOVERY or
              PASS_ON - the latter if a "PASS ON NOT FOUND" line is seen
*/

static int
find_records(FILE *f, uschar *zone, uschar *domain, uschar *qtype,
  int qtypelen, uschar **pkptr, int *countptr, BOOL * dnssec)
{
int yield = HOST_NOT_FOUND;
int domainlen = Ustrlen(domain);
BOOL pass_on_not_found = FALSE;
tlist *typeptr;
uschar *pk = *pkptr;
uschar buffer[256];
uschar rrdomain[256];
uschar RRdomain[256];

/* Decode the required type */

for (typeptr = type_list; typeptr->name != NULL; typeptr++)
  { if (Ustrcmp(typeptr->name, qtype) == 0) break; }
if (typeptr->name == NULL)
  {
  fprintf(stderr, "fakens: unknown record type %s\n", qtype);
  return NO_RECOVERY;
  }

rrdomain[0] = 0;                 /* No previous domain */
(void)fseek(f, 0, SEEK_SET);     /* Start again at the beginning */

*dnssec = TRUE;			/* cancelled by first nonsecure rec found */ 

/* Scan for RRs */

while (fgets(CS buffer, sizeof(buffer), f) != NULL)
  {
  uschar *rdlptr;
  uschar *p, *ep, *pp;
  BOOL found_cname = FALSE;
  int i, value;
  int tvalue = typeptr->value;
  int qtlen = qtypelen;
  BOOL rr_sec = FALSE;
  int delay = 0;

  p = buffer;
  while (isspace(*p)) p++;
  if (*p == 0 || *p == ';') continue;

  if (Ustrncmp(p, US"PASS ON NOT FOUND", 17) == 0)
    {
    pass_on_not_found = TRUE;
    continue;
    }

  ep = buffer + Ustrlen(buffer);
  while (isspace(ep[-1])) ep--;
  *ep = 0;

  p = buffer;
  for (;;)
	{
	if (Ustrncmp(p, US"DNSSEC ", 7) == 0)	/* tagged as secure */
	  {
	  rr_sec = TRUE;
	  p += 7;
	  }
	else if (Ustrncmp(p, US"DELAY=", 6) == 0)	/* delay beforee response */
	  {
	  for (p += 6; *p >= '0' && *p <= '9'; p++)
		delay = delay*10 + *p - '0';
	  while (isspace(*p)) p++;
	  }
	else
	  break;
	}

  if (!isspace(*p))
    {
    uschar *pp = rrdomain;
    uschar *PP = RRdomain;
    while (!isspace(*p))
      {
      *pp++ = tolower(*p);
      *PP++ = *p++;
      }
    if (pp[-1] != '.')
      {
      Ustrcpy(pp, zone);
      Ustrcpy(PP, zone);
      }
    else
      {
      pp[-1] = 0;
      PP[-1] = 0;
      }
    }

  /* Compare domain names; first check for a wildcard */

  if (rrdomain[0] == '*')
    {
    int restlen = Ustrlen(rrdomain) - 1;
    if (domainlen > restlen &&
        Ustrcmp(domain + domainlen - restlen, rrdomain + 1) != 0) continue;
    }

  /* Not a wildcard RR */

  else if (Ustrcmp(domain, rrdomain) != 0) continue;

  /* The domain matches */

  if (yield == HOST_NOT_FOUND) yield = NO_DATA;

  /* Compare RR types; a CNAME record is always returned */

  while (isspace(*p)) p++;

  if (Ustrncmp(p, "CNAME", 5) == 0)
    {
    tvalue = ns_t_cname;
    qtlen = 5;
    found_cname = TRUE;
    }
  else if (Ustrncmp(p, qtype, qtypelen) != 0 || !isspace(p[qtypelen])) continue;

  /* Found a relevant record */

  if (delay)
    millisleep(delay);

  if (!rr_sec)
    *dnssec = FALSE;			/* cancel AD return */

  yield = 0;
  *countptr = *countptr + 1;

  p += qtlen;
  while (isspace(*p)) p++;

  /* For a wildcard record, use the search name; otherwise use the record's
  name in its original case because it might contain upper case letters. */

  pk = packname((rrdomain[0] == '*')? domain : RRdomain, pk);
  *pk++ = (tvalue >> 8) & 255;
  *pk++ = (tvalue) & 255;
  *pk++ = 0;
  *pk++ = 1;     /* class = IN */

  pk += 4;       /* TTL field; don't care */

  rdlptr = pk;   /* remember rdlength field */
  pk += 2;

  /* The rest of the data depends on the type */

  switch (tvalue)
    {
    case ns_t_soa:
      p = strtok(p, " ");
      ep = p + strlen(p);
      if (ep[-1] != '.') sprintf(CS ep, "%s.", zone);
      pk = packname(p, pk);			/* primary ns */
      p = strtok(NULL, " ");
      pk = packname(p , pk);			/* responsible mailbox */
      *(p += strlen(p)) = ' ';
      while (isspace(*p)) p++;
      pk = longfield(&p, pk);			/* serial */
      pk = longfield(&p, pk);			/* refresh */
      pk = longfield(&p, pk);			/* retry */
      pk = longfield(&p, pk);			/* expire */
      pk = longfield(&p, pk);			/* minimum */
      break;

    case ns_t_a:
      for (i = 0; i < 4; i++)
	{
	value = 0;
	while (isdigit(*p)) value = value*10 + *p++ - '0';
	*pk++ = value;
	p++;
	}
      break;

    /* The only occurrence of a double colon is for ::1 */
    case ns_t_aaaa:
      if (Ustrcmp(p, "::1") == 0)
	{
	memset(pk, 0, 15);
	pk += 15;
	*pk++ = 1;
	}
      else for (i = 0; i < 8; i++)
	{
	value = 0;
	while (isxdigit(*p))
	  {
	  value = value * 16 + toupper(*p) - (isdigit(*p)? '0' : '7');
	  p++;
	  }
	*pk++ = (value >> 8) & 255;
	*pk++ = value & 255;
	p++;
	}
      break;

    case ns_t_mx:
      pk = shortfield(&p, pk);
      if (ep[-1] != '.') sprintf(CS ep, "%s.", zone);
      pk = packname(p, pk);
      break;

    case ns_t_txt:
      pp = pk++;
      if (*p == '"') p++;   /* Should always be the case */
      while (*p != 0 && *p != '"') *pk++ = *p++;
      *pp = pk - pp - 1;
      break;

    case ns_t_tlsa:
      pk = bytefield(&p, pk);	/* usage */
      pk = bytefield(&p, pk);	/* selector */
      pk = bytefield(&p, pk);	/* match type */
      while (isxdigit(*p))
      {
      value = toupper(*p) - (isdigit(*p) ? '0' : '7') << 4;
      if (isxdigit(*++p))
	{
	value |= toupper(*p) - (isdigit(*p) ? '0' : '7');
	p++;
	}
      *pk++ = value & 255;
      }

      break;

    case ns_t_srv:
      for (i = 0; i < 3; i++)
	{
	value = 0;
	while (isdigit(*p)) value = value*10 + *p++ - '0';
	while (isspace(*p)) p++;
	*pk++ = (value >> 8) & 255;
	*pk++ = value & 255;
	}

    /* Fall through */

    case ns_t_cname:
    case ns_t_ns:
    case ns_t_ptr:
      if (ep[-1] != '.') sprintf(CS ep, "%s.", zone);
      pk = packname(p, pk);
      break;
    }

  /* Fill in the length, and we are done with this RR */

  rdlptr[0] = ((pk - rdlptr - 2) >> 8) & 255;
  rdlptr[1] = (pk -rdlptr - 2) & 255;
  }

*pkptr = pk;
return (yield == HOST_NOT_FOUND && pass_on_not_found)? PASS_ON : yield;
}


static  void
alarmfn(int sig)
{
}

/*************************************************
*           Entry point and main program         *
*************************************************/

int
main(int argc, char **argv)
{
FILE *f;
DIR *d;
int domlen, qtypelen;
int yield, count;
int i;
int zonecount = 0;
struct dirent *de;
zoneitem zones[32];
uschar *qualify = NULL;
uschar *p, *zone;
uschar *zonefile = NULL;
uschar domain[256];
uschar buffer[256];
uschar qtype[12];
uschar packet[512];
uschar *pk = packet;
BOOL dnssec;

signal(SIGALRM, alarmfn);

if (argc != 4)
  {
  fprintf(stderr, "fakens: expected 3 arguments, received %d\n", argc-1);
  return NO_RECOVERY;
  }

/* Find the zones */

(void)sprintf(CS buffer, "%s/dnszones", argv[1]);

d = opendir(CCS buffer);
if (d == NULL)
  {
  fprintf(stderr, "fakens: failed to opendir %s: %s\n", buffer,
    strerror(errno));
  return NO_RECOVERY;
  }

while ((de = readdir(d)) != NULL)
  {
  uschar *name = US de->d_name;
  if (Ustrncmp(name, "qualify.", 8) == 0)
    {
    qualify = fcopystring(US "%s", name + 7);
    continue;
    }
  if (Ustrncmp(name, "db.", 3) != 0) continue;
  if (Ustrncmp(name + 3, "ip4.", 4) == 0)
    zones[zonecount].zone = fcopystring(US "%s.in-addr.arpa", name + 6);
  else if (Ustrncmp(name + 3, "ip6.", 4) == 0)
    zones[zonecount].zone = fcopystring(US "%s.ip6.arpa", name + 6);
  else
    zones[zonecount].zone = fcopystring(US "%s", name + 2);
  zones[zonecount++].zonefile = fcopystring(US "%s", name);
  }
(void)closedir(d);

/* Get the RR type and upper case it, and check that we recognize it. */

Ustrncpy(qtype, argv[3], sizeof(qtype));
qtypelen = Ustrlen(qtype);
for (p = qtype; *p != 0; p++) *p = toupper(*p);

/* Find the domain, lower case it, check that it is in a zone that we handle,
and set up the zone file name. The zone names in the table all start with a
dot. */

domlen = Ustrlen(argv[2]);
if (argv[2][domlen-1] == '.') domlen--;
Ustrncpy(domain, argv[2], domlen);
domain[domlen] = 0;
for (i = 0; i < domlen; i++) domain[i] = tolower(domain[i]);

if (Ustrchr(domain, '.') == NULL && qualify != NULL &&
    Ustrcmp(domain, "dontqualify") != 0)
  {
  Ustrcat(domain, qualify);
  domlen += Ustrlen(qualify);
  }

for (i = 0; i < zonecount; i++)
  {
  int zlen;
  zone = zones[i].zone;
  zlen = Ustrlen(zone);
  if (Ustrcmp(domain, zone+1) == 0 || (domlen >= zlen &&
      Ustrcmp(domain + domlen - zlen, zone) == 0))
    {
    zonefile = zones[i].zonefile;
    break;
    }
  }

if (zonefile == NULL)
  {
  fprintf(stderr, "fakens: query not in faked zone: domain is: %s\n", domain);
  return PASS_ON;
  }

(void)sprintf(CS buffer, "%s/dnszones/%s", argv[1], zonefile);

/* Initialize the start of the response packet. We don't have to fake up
everything, because we know that Exim will look only at the answer and
additional section parts. */

memset(packet, 0, 12);
pk += 12;

/* Open the zone file. */

f = fopen(CS buffer, "r");
if (f == NULL)
  {
  fprintf(stderr, "fakens: failed to open %s: %s\n", buffer, strerror(errno));
  return NO_RECOVERY;
  }

/* Find the records we want, and add them to the result. */

count = 0;
yield = find_records(f, zone, domain, qtype, qtypelen, &pk, &count, &dnssec);
if (yield == NO_RECOVERY) goto END_OFF;

packet[6] = (count >> 8) & 255;
packet[7] = count & 255;

/* There is no need to return any additional records because Exim no longer
(from release 4.61) makes any use of them. */

packet[10] = 0;
packet[11] = 0;

if (dnssec)
  ((HEADER *)packet)->ad = 1;

/* Close the zone file, write the result, and return. */

END_OFF:
(void)fclose(f);
(void)fwrite(packet, 1, pk - packet, stdout);
return yield;
}

/* vi: aw ai sw=2
*/
/* End of fakens.c */
Commit	Line	Data
	1	/*************************************************
	2	* fakens - A Fake Nameserver Program *
	3	*************************************************/
	4
	5	/* This program exists to support the testing of DNS handling code in Exim. It
	6	avoids the need to install special zones in a real nameserver. When Exim is
	7	running in its (new) test harness, DNS lookups are first passed to this program
	8	instead of to the real resolver. (With a few exceptions - see the discussion in
	9	the test suite's README file.) The program is also passed the name of the Exim
	10	spool directory; it expects to find its "zone files" in dnszones relative to
	11	exim config_main_directory. Note that there is little checking in this program. The fake
	12	zone files are assumed to be syntactically valid.
	13
	14	The zones that are handled are found by scanning the dnszones directory. A file
	15	whose name is of the form db.ip4.x is a zone file for .x.in-addr.arpa; a file
	16	whose name is of the form db.ip6.x is a zone file for .x.ip6.arpa; a file of
	17	the form db.anything.else is a zone file for .anything.else. A file of the form
	18	qualify.x.y specifies the domain that is used to qualify single-component
	19	names, except for the name "dontqualify".
	20
	21	The arguments to the program are:
	22
	23	the name of the Exim spool directory
	24	the domain name that is being sought
	25	the DNS record type that is being sought
	26
	27	The output from the program is written to stdout. It is supposed to be in
	28	exactly the same format as a traditional namserver response (see RFC 1035) so
	29	that Exim can process it as normal. At present, no compression is used.
	30	Error messages are written to stderr.
	31
	32	The return codes from the program are zero for success, and otherwise the
	33	values that are set in h_errno after a failing call to the normal resolver:
	34
	35	1 HOST_NOT_FOUND host not found (authoritative)
	36	2 TRY_AGAIN server failure
	37	3 NO_RECOVERY non-recoverable error
	38	4 NO_DATA valid name, no data of requested type
	39
	40	In a real nameserver, TRY_AGAIN is also used for a non-authoritative not found,
	41	but it is not used for that here. There is also one extra return code:
	42
	43	5 PASS_ON requests Exim to call res_search()
	44
	45	This is used for zones that fakens does not recognize. It is also used if a
	46	line in the zone file contains exactly this:
	47
	48	PASS ON NOT FOUND
	49
	50	and the domain is not found. It converts the the result to PASS_ON instead of
	51	HOST_NOT_FOUND.
	52
	53	Any DNS record line in a zone file can be prefixed with "DELAY=" and
	54	a number of milliseconds (followed by whitespace).
	55
	56	Any DNS record line in a zone file can be prefixed with "DNSSEC" and
	57	at least one space; if all the records found by a lookup are marked
	58	as such then the response will have the "AD" bit set. */
	59
	60	#include <ctype.h>
	61	#include <stdarg.h>
	62	#include <stdio.h>
	63	#include <stdlib.h>
	64	#include <string.h>
	65	#include <netdb.h>
	66	#include <errno.h>
	67	#include <signal.h>
	68	#include <arpa/nameser.h>
	69	#include <sys/types.h>
	70	#include <sys/time.h>
	71	#include <dirent.h>
	72
	73	#define FALSE 0
	74	#define TRUE 1
	75	#define PASS_ON 5
	76
	77	typedef int BOOL;
	78	typedef unsigned char uschar;
	79
	80	#define CS (char *)
	81	#define CCS (const char *)
	82	#define US (unsigned char *)
	83
	84	#define Ustrcat(s,t) strcat(CS(s),CCS(t))
	85	#define Ustrchr(s,n) US strchr(CCS(s),n)
	86	#define Ustrcmp(s,t) strcmp(CCS(s),CCS(t))
	87	#define Ustrcpy(s,t) strcpy(CS(s),CCS(t))
	88	#define Ustrlen(s) (int)strlen(CCS(s))
	89	#define Ustrncmp(s,t,n) strncmp(CCS(s),CCS(t),n)
	90	#define Ustrncpy(s,t,n) strncpy(CS(s),CCS(t),n)
	91
	92	typedef struct zoneitem {
	93	uschar *zone;
	94	uschar *zonefile;
	95	} zoneitem;
	96
	97	typedef struct tlist {
	98	uschar *name;
	99	int value;
	100	} tlist;
	101
	102	/* On some (older?) operating systems, the standard ns_t_xxx definitions are
	103	not available, and only the older T_xxx ones exist in nameser.h. If ns_t_a is
	104	not defined, assume we are in this state. A really old system might not even
	105	know about AAAA and SRV at all. */
	106
	107	#ifndef ns_t_a
	108	# define ns_t_a T_A
	109	# define ns_t_ns T_NS
	110	# define ns_t_cname T_CNAME
	111	# define ns_t_soa T_SOA
	112	# define ns_t_ptr T_PTR
	113	# define ns_t_mx T_MX
	114	# define ns_t_txt T_TXT
	115	# define ns_t_aaaa T_AAAA
	116	# define ns_t_srv T_SRV
	117	# define ns_t_tlsa T_TLSA
	118	# ifndef T_AAAA
	119	# define T_AAAA 28
	120	# endif
	121	# ifndef T_SRV
	122	# define T_SRV 33
	123	# endif
	124	# ifndef T_TLSA
	125	# define T_TLSA 52
	126	# endif
	127	#endif
	128
	129	static tlist type_list[] = {
	130	{ US"A", ns_t_a },
	131	{ US"NS", ns_t_ns },
	132	{ US"CNAME", ns_t_cname },
	133	{ US"SOA", ns_t_soa },
	134	{ US"PTR", ns_t_ptr },
	135	{ US"MX", ns_t_mx },
	136	{ US"TXT", ns_t_txt },
	137	{ US"AAAA", ns_t_aaaa },
	138	{ US"SRV", ns_t_srv },
	139	{ US"TLSA", ns_t_tlsa },
	140	{ NULL, 0 }
	141	};
	142
	143
	144
	145	/*************************************************
	146	* Get memory and sprintf into it *
	147	*************************************************/
	148
	149	/* This is used when building a table of zones and their files.
	150
	151	Arguments:
	152	format a format string
	153	... arguments
	154
	155	Returns: pointer to formatted string
	156	*/
	157
	158	static uschar *
	159	fcopystring(uschar *format, ...)
	160	{
	161	uschar *yield;
	162	char buffer[256];
	163	va_list ap;
	164	va_start(ap, format);
	165	vsprintf(buffer, CS format, ap);
	166	va_end(ap);
	167	yield = (uschar *)malloc(Ustrlen(buffer) + 1);
	168	Ustrcpy(yield, buffer);
	169	return yield;
	170	}
	171
	172
	173	/*************************************************
	174	* Pack name into memory *
	175	*************************************************/
	176
	177	/* This function packs a domain name into memory according to DNS rules. At
	178	present, it doesn't do any compression.
	179
	180	Arguments:
	181	name the name
	182	pk where to put it
	183
	184	Returns: the updated value of pk
	185	*/
	186
	187	static uschar *
	188	packname(uschar name, uschar pk)
	189	{
	190	while (*name != 0)
	191	{
	192	uschar *p = name;
	193	while (p != 0 && p != '.') p++;
	194	*pk++ = (p - name);
	195	memmove(pk, name, p - name);
	196	pk += p - name;
	197	name = (*p == 0)? p : p + 1;
	198	}
	199	*pk++ = 0;
	200	return pk;
	201	}
	202
	203	uschar *
	204	bytefield(uschar ** pp, uschar * pk)
	205	{
	206	unsigned value = 0;
	207	uschar * p = *pp;
	208
	209	while (isdigit(p)) value = value10 + *p++ - '0';
	210	while (isspace(*p)) p++;
	211	*pp = p;
	212	*pk++ = value & 255;
	213	return pk;
	214	}
	215
	216	uschar *
	217	shortfield(uschar ** pp, uschar * pk)
	218	{
	219	unsigned value = 0;
	220	uschar * p = *pp;
	221
	222	while (isdigit(p)) value = value10 + *p++ - '0';
	223	while (isspace(*p)) p++;
	224	*pp = p;
	225	*pk++ = (value >> 8) & 255;
	226	*pk++ = value & 255;
	227	return pk;
	228	}
	229
	230	uschar *
	231	longfield(uschar ** pp, uschar * pk)
	232	{
	233	unsigned long value = 0;
	234	uschar * p = *pp;
	235
	236	while (isdigit(p)) value = value10 + *p++ - '0';
	237	while (isspace(*p)) p++;
	238	*pp = p;
	239	*pk++ = (value >> 24) & 255;
	240	*pk++ = (value >> 16) & 255;
	241	*pk++ = (value >> 8) & 255;
	242	*pk++ = value & 255;
	243	return pk;
	244	}
	245
	246
	247
	248	/*************************************************/
	249
	250	static void
	251	milliwait(struct itimerval *itval)
	252	{
	253	sigset_t sigmask;
	254	sigset_t old_sigmask;
	255
	256	if (itval->it_value.tv_usec < 100 && itval->it_value.tv_sec == 0)
	257	return;
	258	(void)sigemptyset(&sigmask); /* Empty mask */
	259	(void)sigaddset(&sigmask, SIGALRM); /* Add SIGALRM */
	260	(void)sigprocmask(SIG_BLOCK, &sigmask, &old_sigmask); /* Block SIGALRM */
	261	(void)setitimer(ITIMER_REAL, itval, NULL); /* Start timer */
	262	(void)sigfillset(&sigmask); /* All signals */
	263	(void)sigdelset(&sigmask, SIGALRM); /* Remove SIGALRM */
	264	(void)sigsuspend(&sigmask); /* Until SIGALRM */
	265	(void)sigprocmask(SIG_SETMASK, &old_sigmask, NULL); /* Restore mask */
	266	}
	267
	268	static void
	269	millisleep(int msec)
	270	{
	271	struct itimerval itval;
	272	itval.it_interval.tv_sec = 0;
	273	itval.it_interval.tv_usec = 0;
	274	itval.it_value.tv_sec = msec/1000;
	275	itval.it_value.tv_usec = (msec % 1000) * 1000;
	276	milliwait(&itval);
	277	}
	278
	279
	280	/*************************************************
	281	* Scan file for RRs *
	282	*************************************************/
	283
	284	/* This function scans an open "zone file" for appropriate records, and adds
	285	any that are found to the output buffer.
	286
	287	Arguments:
	288	f the input FILE
	289	zone the current zone name
	290	domain the domain we are looking for
	291	qtype the type of RR we want
	292	qtypelen the length of qtype
	293	pkptr points to the output buffer pointer; this is updated
	294	countptr points to the record count; this is updated
	295
	296	Returns: 0 on success, else HOST_NOT_FOUND or NO_DATA or NO_RECOVERY or
	297	PASS_ON - the latter if a "PASS ON NOT FOUND" line is seen
	298	*/
	299
	300	static int
	301	find_records(FILE f, uschar zone, uschar domain, uschar qtype,
	302	int qtypelen, uschar *pkptr, int countptr, BOOL * dnssec)
	303	{
	304	int yield = HOST_NOT_FOUND;
	305	int domainlen = Ustrlen(domain);
	306	BOOL pass_on_not_found = FALSE;
	307	tlist *typeptr;
	308	uschar pk = pkptr;
	309	uschar buffer[256];
	310	uschar rrdomain[256];
	311	uschar RRdomain[256];
	312
	313	/* Decode the required type */
	314
	315	for (typeptr = type_list; typeptr->name != NULL; typeptr++)
	316	{ if (Ustrcmp(typeptr->name, qtype) == 0) break; }
	317	if (typeptr->name == NULL)
	318	{
	319	fprintf(stderr, "fakens: unknown record type %s\n", qtype);
	320	return NO_RECOVERY;
	321	}
	322
	323	rrdomain[0] = 0; /* No previous domain */
	324	(void)fseek(f, 0, SEEK_SET); /* Start again at the beginning */
	325
	326	dnssec = TRUE; / cancelled by first nonsecure rec found */
	327
	328	/* Scan for RRs */
	329
	330	while (fgets(CS buffer, sizeof(buffer), f) != NULL)
	331	{
	332	uschar *rdlptr;
	333	uschar p, ep, *pp;
	334	BOOL found_cname = FALSE;
	335	int i, value;
	336	int tvalue = typeptr->value;
	337	int qtlen = qtypelen;
	338	BOOL rr_sec = FALSE;
	339	int delay = 0;
	340
	341	p = buffer;
	342	while (isspace(*p)) p++;
	343	if (p == 0 \|\| p == ';') continue;
	344
	345	if (Ustrncmp(p, US"PASS ON NOT FOUND", 17) == 0)
	346	{
	347	pass_on_not_found = TRUE;
	348	continue;
	349	}
	350
	351	ep = buffer + Ustrlen(buffer);
	352	while (isspace(ep[-1])) ep--;
	353	*ep = 0;
	354
	355	p = buffer;
	356	for (;;)
	357	{
	358	if (Ustrncmp(p, US"DNSSEC ", 7) == 0) /* tagged as secure */
	359	{
	360	rr_sec = TRUE;
	361	p += 7;
	362	}
	363	else if (Ustrncmp(p, US"DELAY=", 6) == 0) /* delay beforee response */
	364	{
	365	for (p += 6; p >= '0' && p <= '9'; p++)
	366	delay = delay10 + p - '0';
	367	while (isspace(*p)) p++;
	368	}
	369	else
	370	break;
	371	}
	372
	373	if (!isspace(*p))
	374	{
	375	uschar *pp = rrdomain;
	376	uschar *PP = RRdomain;
	377	while (!isspace(*p))
	378	{
	379	pp++ = tolower(p);
	380	PP++ = p++;
	381	}
	382	if (pp[-1] != '.')
	383	{
	384	Ustrcpy(pp, zone);
	385	Ustrcpy(PP, zone);
	386	}
	387	else
	388	{
	389	pp[-1] = 0;
	390	PP[-1] = 0;
	391	}
	392	}
	393
	394	/* Compare domain names; first check for a wildcard */
	395
	396	if (rrdomain[0] == '*')
	397	{
	398	int restlen = Ustrlen(rrdomain) - 1;
	399	if (domainlen > restlen &&
	400	Ustrcmp(domain + domainlen - restlen, rrdomain + 1) != 0) continue;
	401	}
	402
	403	/* Not a wildcard RR */
	404
	405	else if (Ustrcmp(domain, rrdomain) != 0) continue;
	406
	407	/* The domain matches */
	408
	409	if (yield == HOST_NOT_FOUND) yield = NO_DATA;
	410
	411	/* Compare RR types; a CNAME record is always returned */
	412
	413	while (isspace(*p)) p++;
	414
	415	if (Ustrncmp(p, "CNAME", 5) == 0)
	416	{
	417	tvalue = ns_t_cname;
	418	qtlen = 5;
	419	found_cname = TRUE;
	420	}
	421	else if (Ustrncmp(p, qtype, qtypelen) != 0 \|\| !isspace(p[qtypelen])) continue;
	422
	423	/* Found a relevant record */
	424
	425	if (delay)
	426	millisleep(delay);
	427
	428	if (!rr_sec)
	429	dnssec = FALSE; / cancel AD return */
	430
	431	yield = 0;
	432	countptr = countptr + 1;
	433
	434	p += qtlen;
	435	while (isspace(*p)) p++;
	436
	437	/* For a wildcard record, use the search name; otherwise use the record's
	438	name in its original case because it might contain upper case letters. */
	439
	440	pk = packname((rrdomain[0] == '*')? domain : RRdomain, pk);
	441	*pk++ = (tvalue >> 8) & 255;
	442	*pk++ = (tvalue) & 255;
	443	*pk++ = 0;
	444	pk++ = 1; / class = IN */
	445
	446	pk += 4; /* TTL field; don't care */
	447
	448	rdlptr = pk; /* remember rdlength field */
	449	pk += 2;
	450
	451	/* The rest of the data depends on the type */
	452
	453	switch (tvalue)
	454	{
	455	case ns_t_soa:
	456	p = strtok(p, " ");
	457	ep = p + strlen(p);
	458	if (ep[-1] != '.') sprintf(CS ep, "%s.", zone);
	459	pk = packname(p, pk); /* primary ns */
	460	p = strtok(NULL, " ");
	461	pk = packname(p , pk); /* responsible mailbox */
	462	*(p += strlen(p)) = ' ';
	463	while (isspace(*p)) p++;
	464	pk = longfield(&p, pk); /* serial */
	465	pk = longfield(&p, pk); /* refresh */
	466	pk = longfield(&p, pk); /* retry */
	467	pk = longfield(&p, pk); /* expire */
	468	pk = longfield(&p, pk); /* minimum */
	469	break;
	470
	471	case ns_t_a:
	472	for (i = 0; i < 4; i++)
	473	{
	474	value = 0;
	475	while (isdigit(p)) value = value10 + *p++ - '0';
	476	*pk++ = value;
	477	p++;
	478	}
	479	break;
	480
	481	/* The only occurrence of a double colon is for ::1 */
	482	case ns_t_aaaa:
	483	if (Ustrcmp(p, "::1") == 0)
	484	{
	485	memset(pk, 0, 15);
	486	pk += 15;
	487	*pk++ = 1;
	488	}
	489	else for (i = 0; i < 8; i++)
	490	{
	491	value = 0;
	492	while (isxdigit(*p))
	493	{
	494	value = value * 16 + toupper(p) - (isdigit(p)? '0' : '7');
	495	p++;
	496	}
	497	*pk++ = (value >> 8) & 255;
	498	*pk++ = value & 255;
	499	p++;
	500	}
	501	break;
	502
	503	case ns_t_mx:
	504	pk = shortfield(&p, pk);
	505	if (ep[-1] != '.') sprintf(CS ep, "%s.", zone);
	506	pk = packname(p, pk);
	507	break;
	508
	509	case ns_t_txt:
	510	pp = pk++;
	511	if (p == '"') p++; / Should always be the case */
	512	while (p != 0 && p != '"') pk++ = p++;
	513	*pp = pk - pp - 1;
	514	break;
	515
	516	case ns_t_tlsa:
	517	pk = bytefield(&p, pk); /* usage */
	518	pk = bytefield(&p, pk); /* selector */
	519	pk = bytefield(&p, pk); /* match type */
	520	while (isxdigit(*p))
	521	{
	522	value = toupper(p) - (isdigit(p) ? '0' : '7') << 4;
	523	if (isxdigit(*++p))
	524	{
	525	value \|= toupper(p) - (isdigit(p) ? '0' : '7');
	526	p++;
	527	}
	528	*pk++ = value & 255;
	529	}
	530
	531	break;
	532
	533	case ns_t_srv:
	534	for (i = 0; i < 3; i++)
	535	{
	536	value = 0;
	537	while (isdigit(p)) value = value10 + *p++ - '0';
	538	while (isspace(*p)) p++;
	539	*pk++ = (value >> 8) & 255;
	540	*pk++ = value & 255;
	541	}
	542
	543	/* Fall through */
	544
	545	case ns_t_cname:
	546	case ns_t_ns:
	547	case ns_t_ptr:
	548	if (ep[-1] != '.') sprintf(CS ep, "%s.", zone);
	549	pk = packname(p, pk);
	550	break;
	551	}
	552
	553	/* Fill in the length, and we are done with this RR */
	554
	555	rdlptr[0] = ((pk - rdlptr - 2) >> 8) & 255;
	556	rdlptr[1] = (pk -rdlptr - 2) & 255;
	557	}
	558
	559	*pkptr = pk;
	560	return (yield == HOST_NOT_FOUND && pass_on_not_found)? PASS_ON : yield;
	561	}
	562
	563
	564	static void
	565	alarmfn(int sig)
	566	{
	567	}
	568
	569	/*************************************************
	570	* Entry point and main program *
	571	*************************************************/
	572
	573	int
	574	main(int argc, char **argv)
	575	{
	576	FILE *f;
	577	DIR *d;
	578	int domlen, qtypelen;
	579	int yield, count;
	580	int i;
	581	int zonecount = 0;
	582	struct dirent *de;
	583	zoneitem zones[32];
	584	uschar *qualify = NULL;
	585	uschar p, zone;
	586	uschar *zonefile = NULL;
	587	uschar domain[256];
	588	uschar buffer[256];
	589	uschar qtype[12];
	590	uschar packet[512];
	591	uschar *pk = packet;
	592	BOOL dnssec;
	593
	594	signal(SIGALRM, alarmfn);
	595
	596	if (argc != 4)
	597	{
	598	fprintf(stderr, "fakens: expected 3 arguments, received %d\n", argc-1);
	599	return NO_RECOVERY;
	600	}
	601
	602	/* Find the zones */
	603
	604	(void)sprintf(CS buffer, "%s/dnszones", argv[1]);
	605
	606	d = opendir(CCS buffer);
	607	if (d == NULL)
	608	{
	609	fprintf(stderr, "fakens: failed to opendir %s: %s\n", buffer,
	610	strerror(errno));
	611	return NO_RECOVERY;
	612	}
	613
	614	while ((de = readdir(d)) != NULL)
	615	{
	616	uschar *name = US de->d_name;
	617	if (Ustrncmp(name, "qualify.", 8) == 0)
	618	{
	619	qualify = fcopystring(US "%s", name + 7);
	620	continue;
	621	}
	622	if (Ustrncmp(name, "db.", 3) != 0) continue;
	623	if (Ustrncmp(name + 3, "ip4.", 4) == 0)
	624	zones[zonecount].zone = fcopystring(US "%s.in-addr.arpa", name + 6);
	625	else if (Ustrncmp(name + 3, "ip6.", 4) == 0)
	626	zones[zonecount].zone = fcopystring(US "%s.ip6.arpa", name + 6);
	627	else
	628	zones[zonecount].zone = fcopystring(US "%s", name + 2);
	629	zones[zonecount++].zonefile = fcopystring(US "%s", name);
	630	}
	631	(void)closedir(d);
	632
	633	/* Get the RR type and upper case it, and check that we recognize it. */
	634
	635	Ustrncpy(qtype, argv[3], sizeof(qtype));
	636	qtypelen = Ustrlen(qtype);
	637	for (p = qtype; p != 0; p++) p = toupper(*p);
	638
	639	/* Find the domain, lower case it, check that it is in a zone that we handle,
	640	and set up the zone file name. The zone names in the table all start with a
	641	dot. */
	642
	643	domlen = Ustrlen(argv[2]);
	644	if (argv[2][domlen-1] == '.') domlen--;
	645	Ustrncpy(domain, argv[2], domlen);
	646	domain[domlen] = 0;
	647	for (i = 0; i < domlen; i++) domain[i] = tolower(domain[i]);
	648
	649	if (Ustrchr(domain, '.') == NULL && qualify != NULL &&
	650	Ustrcmp(domain, "dontqualify") != 0)
	651	{
	652	Ustrcat(domain, qualify);
	653	domlen += Ustrlen(qualify);
	654	}
	655
	656	for (i = 0; i < zonecount; i++)
	657	{
	658	int zlen;
	659	zone = zones[i].zone;
	660	zlen = Ustrlen(zone);
	661	if (Ustrcmp(domain, zone+1) == 0 \|\| (domlen >= zlen &&
	662	Ustrcmp(domain + domlen - zlen, zone) == 0))
	663	{
	664	zonefile = zones[i].zonefile;
	665	break;
	666	}
	667	}
	668
	669	if (zonefile == NULL)
	670	{
	671	fprintf(stderr, "fakens: query not in faked zone: domain is: %s\n", domain);
	672	return PASS_ON;
	673	}
	674
	675	(void)sprintf(CS buffer, "%s/dnszones/%s", argv[1], zonefile);
	676
	677	/* Initialize the start of the response packet. We don't have to fake up
	678	everything, because we know that Exim will look only at the answer and
	679	additional section parts. */
	680
	681	memset(packet, 0, 12);
	682	pk += 12;
	683
	684	/* Open the zone file. */
	685
	686	f = fopen(CS buffer, "r");
	687	if (f == NULL)
	688	{
	689	fprintf(stderr, "fakens: failed to open %s: %s\n", buffer, strerror(errno));
	690	return NO_RECOVERY;
	691	}
	692
	693	/* Find the records we want, and add them to the result. */
	694
	695	count = 0;
	696	yield = find_records(f, zone, domain, qtype, qtypelen, &pk, &count, &dnssec);
	697	if (yield == NO_RECOVERY) goto END_OFF;
	698
	699	packet[6] = (count >> 8) & 255;
	700	packet[7] = count & 255;
	701
	702	/* There is no need to return any additional records because Exim no longer
	703	(from release 4.61) makes any use of them. */
	704
	705	packet[10] = 0;
	706	packet[11] = 0;
	707
	708	if (dnssec)
	709	((HEADER *)packet)->ad = 1;
	710
	711	/* Close the zone file, write the result, and return. */
	712
	713	END_OFF:
	714	(void)fclose(f);
	715	(void)fwrite(packet, 1, pk - packet, stdout);
	716	return yield;
	717	}
	718
	719	/* vi: aw ai sw=2
	720	*/
	721	/* End of fakens.c */