1242 lines
33 KiB
Go
1242 lines
33 KiB
Go
// DNS packet assembly, see RFC 1035. Converting from - Unpack() -
|
|
// and to - Pack() - wire format.
|
|
// All the packers and unpackers take a (msg []byte, off int)
|
|
// and return (off1 int, ok bool). If they return ok==false, they
|
|
// also return off1==len(msg), so that the next unpacker will
|
|
// also fail. This lets us avoid checks of ok until the end of a
|
|
// packing sequence.
|
|
|
|
package dns
|
|
|
|
//go:generate go run msg_generate.go
|
|
|
|
import (
|
|
crand "crypto/rand"
|
|
"encoding/binary"
|
|
"fmt"
|
|
"math/big"
|
|
"math/rand"
|
|
"strconv"
|
|
"strings"
|
|
"sync"
|
|
)
|
|
|
|
const (
|
|
maxCompressionOffset = 2 << 13 // We have 14 bits for the compression pointer
|
|
maxDomainNameWireOctets = 255 // See RFC 1035 section 2.3.4
|
|
|
|
// This is the maximum number of compression pointers that should occur in a
|
|
// semantically valid message. Each label in a domain name must be at least one
|
|
// octet and is separated by a period. The root label won't be represented by a
|
|
// compression pointer to a compression pointer, hence the -2 to exclude the
|
|
// smallest valid root label.
|
|
//
|
|
// It is possible to construct a valid message that has more compression pointers
|
|
// than this, and still doesn't loop, by pointing to a previous pointer. This is
|
|
// not something a well written implementation should ever do, so we leave them
|
|
// to trip the maximum compression pointer check.
|
|
maxCompressionPointers = (maxDomainNameWireOctets+1)/2 - 2
|
|
|
|
// This is the maximum length of a domain name in presentation format. The
|
|
// maximum wire length of a domain name is 255 octets (see above), with the
|
|
// maximum label length being 63. The wire format requires one extra byte over
|
|
// the presentation format, reducing the number of octets by 1. Each label in
|
|
// the name will be separated by a single period, with each octet in the label
|
|
// expanding to at most 4 bytes (\DDD). If all other labels are of the maximum
|
|
// length, then the final label can only be 61 octets long to not exceed the
|
|
// maximum allowed wire length.
|
|
maxDomainNamePresentationLength = 61*4 + 1 + 63*4 + 1 + 63*4 + 1 + 63*4 + 1
|
|
)
|
|
|
|
// Errors defined in this package.
|
|
var (
|
|
ErrAlg error = &Error{err: "bad algorithm"} // ErrAlg indicates an error with the (DNSSEC) algorithm.
|
|
ErrAuth error = &Error{err: "bad authentication"} // ErrAuth indicates an error in the TSIG authentication.
|
|
ErrBuf error = &Error{err: "buffer size too small"} // ErrBuf indicates that the buffer used is too small for the message.
|
|
ErrConnEmpty error = &Error{err: "conn has no connection"} // ErrConnEmpty indicates a connection is being used before it is initialized.
|
|
ErrExtendedRcode error = &Error{err: "bad extended rcode"} // ErrExtendedRcode ...
|
|
ErrFqdn error = &Error{err: "domain must be fully qualified"} // ErrFqdn indicates that a domain name does not have a closing dot.
|
|
ErrId error = &Error{err: "id mismatch"} // ErrId indicates there is a mismatch with the message's ID.
|
|
ErrKeyAlg error = &Error{err: "bad key algorithm"} // ErrKeyAlg indicates that the algorithm in the key is not valid.
|
|
ErrKey error = &Error{err: "bad key"}
|
|
ErrKeySize error = &Error{err: "bad key size"}
|
|
ErrLongDomain error = &Error{err: fmt.Sprintf("domain name exceeded %d wire-format octets", maxDomainNameWireOctets)}
|
|
ErrNoSig error = &Error{err: "no signature found"}
|
|
ErrPrivKey error = &Error{err: "bad private key"}
|
|
ErrRcode error = &Error{err: "bad rcode"}
|
|
ErrRdata error = &Error{err: "bad rdata"}
|
|
ErrRRset error = &Error{err: "bad rrset"}
|
|
ErrSecret error = &Error{err: "no secrets defined"}
|
|
ErrShortRead error = &Error{err: "short read"}
|
|
ErrSig error = &Error{err: "bad signature"} // ErrSig indicates that a signature can not be cryptographically validated.
|
|
ErrSoa error = &Error{err: "no SOA"} // ErrSOA indicates that no SOA RR was seen when doing zone transfers.
|
|
ErrTime error = &Error{err: "bad time"} // ErrTime indicates a timing error in TSIG authentication.
|
|
)
|
|
|
|
// Id by default, returns a 16 bits random number to be used as a
|
|
// message id. The random provided should be good enough. This being a
|
|
// variable the function can be reassigned to a custom function.
|
|
// For instance, to make it return a static value:
|
|
//
|
|
// dns.Id = func() uint16 { return 3 }
|
|
var Id = id
|
|
|
|
var (
|
|
idLock sync.Mutex
|
|
idRand *rand.Rand
|
|
)
|
|
|
|
// id returns a 16 bits random number to be used as a
|
|
// message id. The random provided should be good enough.
|
|
func id() uint16 {
|
|
idLock.Lock()
|
|
|
|
if idRand == nil {
|
|
// This (partially) works around
|
|
// https://github.com/golang/go/issues/11833 by only
|
|
// seeding idRand upon the first call to id.
|
|
|
|
var seed int64
|
|
var buf [8]byte
|
|
|
|
if _, err := crand.Read(buf[:]); err == nil {
|
|
seed = int64(binary.LittleEndian.Uint64(buf[:]))
|
|
} else {
|
|
seed = rand.Int63()
|
|
}
|
|
|
|
idRand = rand.New(rand.NewSource(seed))
|
|
}
|
|
|
|
// The call to idRand.Uint32 must be within the
|
|
// mutex lock because *rand.Rand is not safe for
|
|
// concurrent use.
|
|
//
|
|
// There is no added performance overhead to calling
|
|
// idRand.Uint32 inside a mutex lock over just
|
|
// calling rand.Uint32 as the global math/rand rng
|
|
// is internally protected by a sync.Mutex.
|
|
id := uint16(idRand.Uint32())
|
|
|
|
idLock.Unlock()
|
|
return id
|
|
}
|
|
|
|
// MsgHdr is a a manually-unpacked version of (id, bits).
|
|
type MsgHdr struct {
|
|
Id uint16
|
|
Response bool
|
|
Opcode int
|
|
Authoritative bool
|
|
Truncated bool
|
|
RecursionDesired bool
|
|
RecursionAvailable bool
|
|
Zero bool
|
|
AuthenticatedData bool
|
|
CheckingDisabled bool
|
|
Rcode int
|
|
}
|
|
|
|
// Msg contains the layout of a DNS message.
|
|
type Msg struct {
|
|
MsgHdr
|
|
Compress bool `json:"-"` // If true, the message will be compressed when converted to wire format.
|
|
Question []Question // Holds the RR(s) of the question section.
|
|
Answer []RR // Holds the RR(s) of the answer section.
|
|
Ns []RR // Holds the RR(s) of the authority section.
|
|
Extra []RR // Holds the RR(s) of the additional section.
|
|
}
|
|
|
|
// ClassToString is a maps Classes to strings for each CLASS wire type.
|
|
var ClassToString = map[uint16]string{
|
|
ClassINET: "IN",
|
|
ClassCSNET: "CS",
|
|
ClassCHAOS: "CH",
|
|
ClassHESIOD: "HS",
|
|
ClassNONE: "NONE",
|
|
ClassANY: "ANY",
|
|
}
|
|
|
|
// OpcodeToString maps Opcodes to strings.
|
|
var OpcodeToString = map[int]string{
|
|
OpcodeQuery: "QUERY",
|
|
OpcodeIQuery: "IQUERY",
|
|
OpcodeStatus: "STATUS",
|
|
OpcodeNotify: "NOTIFY",
|
|
OpcodeUpdate: "UPDATE",
|
|
}
|
|
|
|
// RcodeToString maps Rcodes to strings.
|
|
var RcodeToString = map[int]string{
|
|
RcodeSuccess: "NOERROR",
|
|
RcodeFormatError: "FORMERR",
|
|
RcodeServerFailure: "SERVFAIL",
|
|
RcodeNameError: "NXDOMAIN",
|
|
RcodeNotImplemented: "NOTIMP",
|
|
RcodeRefused: "REFUSED",
|
|
RcodeYXDomain: "YXDOMAIN", // See RFC 2136
|
|
RcodeYXRrset: "YXRRSET",
|
|
RcodeNXRrset: "NXRRSET",
|
|
RcodeNotAuth: "NOTAUTH",
|
|
RcodeNotZone: "NOTZONE",
|
|
RcodeBadSig: "BADSIG", // Also known as RcodeBadVers, see RFC 6891
|
|
// RcodeBadVers: "BADVERS",
|
|
RcodeBadKey: "BADKEY",
|
|
RcodeBadTime: "BADTIME",
|
|
RcodeBadMode: "BADMODE",
|
|
RcodeBadName: "BADNAME",
|
|
RcodeBadAlg: "BADALG",
|
|
RcodeBadTrunc: "BADTRUNC",
|
|
RcodeBadCookie: "BADCOOKIE",
|
|
}
|
|
|
|
// compressionMap is used to allow a more efficient compression map
|
|
// to be used for internal packDomainName calls without changing the
|
|
// signature or functionality of public API.
|
|
//
|
|
// In particular, map[string]uint16 uses 25% less per-entry memory
|
|
// than does map[string]int.
|
|
type compressionMap struct {
|
|
ext map[string]int // external callers
|
|
int map[string]uint16 // internal callers
|
|
}
|
|
|
|
func (m compressionMap) valid() bool {
|
|
return m.int != nil || m.ext != nil
|
|
}
|
|
|
|
func (m compressionMap) insert(s string, pos int) {
|
|
if m.ext != nil {
|
|
m.ext[s] = pos
|
|
} else {
|
|
m.int[s] = uint16(pos)
|
|
}
|
|
}
|
|
|
|
func (m compressionMap) find(s string) (int, bool) {
|
|
if m.ext != nil {
|
|
pos, ok := m.ext[s]
|
|
return pos, ok
|
|
}
|
|
|
|
pos, ok := m.int[s]
|
|
return int(pos), ok
|
|
}
|
|
|
|
// Domain names are a sequence of counted strings
|
|
// split at the dots. They end with a zero-length string.
|
|
|
|
// PackDomainName packs a domain name s into msg[off:].
|
|
// If compression is wanted compress must be true and the compression
|
|
// map needs to hold a mapping between domain names and offsets
|
|
// pointing into msg.
|
|
func PackDomainName(s string, msg []byte, off int, compression map[string]int, compress bool) (off1 int, err error) {
|
|
return packDomainName(s, msg, off, compressionMap{ext: compression}, compress)
|
|
}
|
|
|
|
func packDomainName(s string, msg []byte, off int, compression compressionMap, compress bool) (off1 int, err error) {
|
|
// XXX: A logical copy of this function exists in IsDomainName and
|
|
// should be kept in sync with this function.
|
|
|
|
ls := len(s)
|
|
if ls == 0 { // Ok, for instance when dealing with update RR without any rdata.
|
|
return off, nil
|
|
}
|
|
|
|
// If not fully qualified, error out.
|
|
if !IsFqdn(s) {
|
|
return len(msg), ErrFqdn
|
|
}
|
|
|
|
// Each dot ends a segment of the name.
|
|
// We trade each dot byte for a length byte.
|
|
// Except for escaped dots (\.), which are normal dots.
|
|
// There is also a trailing zero.
|
|
|
|
// Compression
|
|
pointer := -1
|
|
|
|
// Emit sequence of counted strings, chopping at dots.
|
|
var (
|
|
begin int
|
|
compBegin int
|
|
compOff int
|
|
bs []byte
|
|
wasDot bool
|
|
)
|
|
loop:
|
|
for i := 0; i < ls; i++ {
|
|
var c byte
|
|
if bs == nil {
|
|
c = s[i]
|
|
} else {
|
|
c = bs[i]
|
|
}
|
|
|
|
switch c {
|
|
case '\\':
|
|
if off+1 > len(msg) {
|
|
return len(msg), ErrBuf
|
|
}
|
|
|
|
if bs == nil {
|
|
bs = []byte(s)
|
|
}
|
|
|
|
// check for \DDD
|
|
if i+3 < ls && isDigit(bs[i+1]) && isDigit(bs[i+2]) && isDigit(bs[i+3]) {
|
|
bs[i] = dddToByte(bs[i+1:])
|
|
copy(bs[i+1:ls-3], bs[i+4:])
|
|
ls -= 3
|
|
compOff += 3
|
|
} else {
|
|
copy(bs[i:ls-1], bs[i+1:])
|
|
ls--
|
|
compOff++
|
|
}
|
|
|
|
wasDot = false
|
|
case '.':
|
|
if wasDot {
|
|
// two dots back to back is not legal
|
|
return len(msg), ErrRdata
|
|
}
|
|
wasDot = true
|
|
|
|
labelLen := i - begin
|
|
if labelLen >= 1<<6 { // top two bits of length must be clear
|
|
return len(msg), ErrRdata
|
|
}
|
|
|
|
// off can already (we're in a loop) be bigger than len(msg)
|
|
// this happens when a name isn't fully qualified
|
|
if off+1+labelLen > len(msg) {
|
|
return len(msg), ErrBuf
|
|
}
|
|
|
|
// Don't try to compress '.'
|
|
// We should only compress when compress is true, but we should also still pick
|
|
// up names that can be used for *future* compression(s).
|
|
if compression.valid() && !isRootLabel(s, bs, begin, ls) {
|
|
if p, ok := compression.find(s[compBegin:]); ok {
|
|
// The first hit is the longest matching dname
|
|
// keep the pointer offset we get back and store
|
|
// the offset of the current name, because that's
|
|
// where we need to insert the pointer later
|
|
|
|
// If compress is true, we're allowed to compress this dname
|
|
if compress {
|
|
pointer = p // Where to point to
|
|
break loop
|
|
}
|
|
} else if off < maxCompressionOffset {
|
|
// Only offsets smaller than maxCompressionOffset can be used.
|
|
compression.insert(s[compBegin:], off)
|
|
}
|
|
}
|
|
|
|
// The following is covered by the length check above.
|
|
msg[off] = byte(labelLen)
|
|
|
|
if bs == nil {
|
|
copy(msg[off+1:], s[begin:i])
|
|
} else {
|
|
copy(msg[off+1:], bs[begin:i])
|
|
}
|
|
off += 1 + labelLen
|
|
|
|
begin = i + 1
|
|
compBegin = begin + compOff
|
|
default:
|
|
wasDot = false
|
|
}
|
|
}
|
|
|
|
// Root label is special
|
|
if isRootLabel(s, bs, 0, ls) {
|
|
return off, nil
|
|
}
|
|
|
|
// If we did compression and we find something add the pointer here
|
|
if pointer != -1 {
|
|
// We have two bytes (14 bits) to put the pointer in
|
|
binary.BigEndian.PutUint16(msg[off:], uint16(pointer^0xC000))
|
|
return off + 2, nil
|
|
}
|
|
|
|
if off < len(msg) {
|
|
msg[off] = 0
|
|
}
|
|
|
|
return off + 1, nil
|
|
}
|
|
|
|
// isRootLabel returns whether s or bs, from off to end, is the root
|
|
// label ".".
|
|
//
|
|
// If bs is nil, s will be checked, otherwise bs will be checked.
|
|
func isRootLabel(s string, bs []byte, off, end int) bool {
|
|
if bs == nil {
|
|
return s[off:end] == "."
|
|
}
|
|
|
|
return end-off == 1 && bs[off] == '.'
|
|
}
|
|
|
|
// Unpack a domain name.
|
|
// In addition to the simple sequences of counted strings above,
|
|
// domain names are allowed to refer to strings elsewhere in the
|
|
// packet, to avoid repeating common suffixes when returning
|
|
// many entries in a single domain. The pointers are marked
|
|
// by a length byte with the top two bits set. Ignoring those
|
|
// two bits, that byte and the next give a 14 bit offset from msg[0]
|
|
// where we should pick up the trail.
|
|
// Note that if we jump elsewhere in the packet,
|
|
// we return off1 == the offset after the first pointer we found,
|
|
// which is where the next record will start.
|
|
// In theory, the pointers are only allowed to jump backward.
|
|
// We let them jump anywhere and stop jumping after a while.
|
|
|
|
// UnpackDomainName unpacks a domain name into a string. It returns
|
|
// the name, the new offset into msg and any error that occurred.
|
|
//
|
|
// When an error is encountered, the unpacked name will be discarded
|
|
// and len(msg) will be returned as the offset.
|
|
func UnpackDomainName(msg []byte, off int) (string, int, error) {
|
|
s := make([]byte, 0, maxDomainNamePresentationLength)
|
|
off1 := 0
|
|
lenmsg := len(msg)
|
|
budget := maxDomainNameWireOctets
|
|
ptr := 0 // number of pointers followed
|
|
Loop:
|
|
for {
|
|
if off >= lenmsg {
|
|
return "", lenmsg, ErrBuf
|
|
}
|
|
c := int(msg[off])
|
|
off++
|
|
switch c & 0xC0 {
|
|
case 0x00:
|
|
if c == 0x00 {
|
|
// end of name
|
|
break Loop
|
|
}
|
|
// literal string
|
|
if off+c > lenmsg {
|
|
return "", lenmsg, ErrBuf
|
|
}
|
|
budget -= c + 1 // +1 for the label separator
|
|
if budget <= 0 {
|
|
return "", lenmsg, ErrLongDomain
|
|
}
|
|
for j := off; j < off+c; j++ {
|
|
switch b := msg[j]; b {
|
|
case '.', '(', ')', ';', ' ', '@':
|
|
fallthrough
|
|
case '"', '\\':
|
|
s = append(s, '\\', b)
|
|
default:
|
|
if b < ' ' || b > '~' { // unprintable, use \DDD
|
|
s = append(s, escapeByte(b)...)
|
|
} else {
|
|
s = append(s, b)
|
|
}
|
|
}
|
|
}
|
|
s = append(s, '.')
|
|
off += c
|
|
case 0xC0:
|
|
// pointer to somewhere else in msg.
|
|
// remember location after first ptr,
|
|
// since that's how many bytes we consumed.
|
|
// also, don't follow too many pointers --
|
|
// maybe there's a loop.
|
|
if off >= lenmsg {
|
|
return "", lenmsg, ErrBuf
|
|
}
|
|
c1 := msg[off]
|
|
off++
|
|
if ptr == 0 {
|
|
off1 = off
|
|
}
|
|
if ptr++; ptr > maxCompressionPointers {
|
|
return "", lenmsg, &Error{err: "too many compression pointers"}
|
|
}
|
|
// pointer should guarantee that it advances and points forwards at least
|
|
// but the condition on previous three lines guarantees that it's
|
|
// at least loop-free
|
|
off = (c^0xC0)<<8 | int(c1)
|
|
default:
|
|
// 0x80 and 0x40 are reserved
|
|
return "", lenmsg, ErrRdata
|
|
}
|
|
}
|
|
if ptr == 0 {
|
|
off1 = off
|
|
}
|
|
if len(s) == 0 {
|
|
return ".", off1, nil
|
|
}
|
|
return string(s), off1, nil
|
|
}
|
|
|
|
func packTxt(txt []string, msg []byte, offset int, tmp []byte) (int, error) {
|
|
if len(txt) == 0 {
|
|
if offset >= len(msg) {
|
|
return offset, ErrBuf
|
|
}
|
|
msg[offset] = 0
|
|
return offset, nil
|
|
}
|
|
var err error
|
|
for i := range txt {
|
|
if len(txt[i]) > len(tmp) {
|
|
return offset, ErrBuf
|
|
}
|
|
offset, err = packTxtString(txt[i], msg, offset, tmp)
|
|
if err != nil {
|
|
return offset, err
|
|
}
|
|
}
|
|
return offset, nil
|
|
}
|
|
|
|
func packTxtString(s string, msg []byte, offset int, tmp []byte) (int, error) {
|
|
lenByteOffset := offset
|
|
if offset >= len(msg) || len(s) > len(tmp) {
|
|
return offset, ErrBuf
|
|
}
|
|
offset++
|
|
bs := tmp[:len(s)]
|
|
copy(bs, s)
|
|
for i := 0; i < len(bs); i++ {
|
|
if len(msg) <= offset {
|
|
return offset, ErrBuf
|
|
}
|
|
if bs[i] == '\\' {
|
|
i++
|
|
if i == len(bs) {
|
|
break
|
|
}
|
|
// check for \DDD
|
|
if i+2 < len(bs) && isDigit(bs[i]) && isDigit(bs[i+1]) && isDigit(bs[i+2]) {
|
|
msg[offset] = dddToByte(bs[i:])
|
|
i += 2
|
|
} else {
|
|
msg[offset] = bs[i]
|
|
}
|
|
} else {
|
|
msg[offset] = bs[i]
|
|
}
|
|
offset++
|
|
}
|
|
l := offset - lenByteOffset - 1
|
|
if l > 255 {
|
|
return offset, &Error{err: "string exceeded 255 bytes in txt"}
|
|
}
|
|
msg[lenByteOffset] = byte(l)
|
|
return offset, nil
|
|
}
|
|
|
|
func packOctetString(s string, msg []byte, offset int, tmp []byte) (int, error) {
|
|
if offset >= len(msg) || len(s) > len(tmp) {
|
|
return offset, ErrBuf
|
|
}
|
|
bs := tmp[:len(s)]
|
|
copy(bs, s)
|
|
for i := 0; i < len(bs); i++ {
|
|
if len(msg) <= offset {
|
|
return offset, ErrBuf
|
|
}
|
|
if bs[i] == '\\' {
|
|
i++
|
|
if i == len(bs) {
|
|
break
|
|
}
|
|
// check for \DDD
|
|
if i+2 < len(bs) && isDigit(bs[i]) && isDigit(bs[i+1]) && isDigit(bs[i+2]) {
|
|
msg[offset] = dddToByte(bs[i:])
|
|
i += 2
|
|
} else {
|
|
msg[offset] = bs[i]
|
|
}
|
|
} else {
|
|
msg[offset] = bs[i]
|
|
}
|
|
offset++
|
|
}
|
|
return offset, nil
|
|
}
|
|
|
|
func unpackTxt(msg []byte, off0 int) (ss []string, off int, err error) {
|
|
off = off0
|
|
var s string
|
|
for off < len(msg) && err == nil {
|
|
s, off, err = unpackString(msg, off)
|
|
if err == nil {
|
|
ss = append(ss, s)
|
|
}
|
|
}
|
|
return
|
|
}
|
|
|
|
// Helpers for dealing with escaped bytes
|
|
func isDigit(b byte) bool { return b >= '0' && b <= '9' }
|
|
|
|
func dddToByte(s []byte) byte {
|
|
_ = s[2] // bounds check hint to compiler; see golang.org/issue/14808
|
|
return byte((s[0]-'0')*100 + (s[1]-'0')*10 + (s[2] - '0'))
|
|
}
|
|
|
|
func dddStringToByte(s string) byte {
|
|
_ = s[2] // bounds check hint to compiler; see golang.org/issue/14808
|
|
return byte((s[0]-'0')*100 + (s[1]-'0')*10 + (s[2] - '0'))
|
|
}
|
|
|
|
// Helper function for packing and unpacking
|
|
func intToBytes(i *big.Int, length int) []byte {
|
|
buf := i.Bytes()
|
|
if len(buf) < length {
|
|
b := make([]byte, length)
|
|
copy(b[length-len(buf):], buf)
|
|
return b
|
|
}
|
|
return buf
|
|
}
|
|
|
|
// PackRR packs a resource record rr into msg[off:].
|
|
// See PackDomainName for documentation about the compression.
|
|
func PackRR(rr RR, msg []byte, off int, compression map[string]int, compress bool) (off1 int, err error) {
|
|
headerEnd, off1, err := packRR(rr, msg, off, compressionMap{ext: compression}, compress)
|
|
if err == nil {
|
|
// packRR no longer sets the Rdlength field on the rr, but
|
|
// callers might be expecting it so we set it here.
|
|
rr.Header().Rdlength = uint16(off1 - headerEnd)
|
|
}
|
|
return off1, err
|
|
}
|
|
|
|
func packRR(rr RR, msg []byte, off int, compression compressionMap, compress bool) (headerEnd int, off1 int, err error) {
|
|
if rr == nil {
|
|
return len(msg), len(msg), &Error{err: "nil rr"}
|
|
}
|
|
|
|
headerEnd, err = rr.Header().packHeader(msg, off, compression, compress)
|
|
if err != nil {
|
|
return headerEnd, len(msg), err
|
|
}
|
|
|
|
off1, err = rr.pack(msg, headerEnd, compression, compress)
|
|
if err != nil {
|
|
return headerEnd, len(msg), err
|
|
}
|
|
|
|
rdlength := off1 - headerEnd
|
|
if int(uint16(rdlength)) != rdlength { // overflow
|
|
return headerEnd, len(msg), ErrRdata
|
|
}
|
|
|
|
// The RDLENGTH field is the last field in the header and we set it here.
|
|
binary.BigEndian.PutUint16(msg[headerEnd-2:], uint16(rdlength))
|
|
return headerEnd, off1, nil
|
|
}
|
|
|
|
// UnpackRR unpacks msg[off:] into an RR.
|
|
func UnpackRR(msg []byte, off int) (rr RR, off1 int, err error) {
|
|
h, off, msg, err := unpackHeader(msg, off)
|
|
if err != nil {
|
|
return nil, len(msg), err
|
|
}
|
|
|
|
return UnpackRRWithHeader(h, msg, off)
|
|
}
|
|
|
|
// UnpackRRWithHeader unpacks the record type specific payload given an existing
|
|
// RR_Header.
|
|
func UnpackRRWithHeader(h RR_Header, msg []byte, off int) (rr RR, off1 int, err error) {
|
|
if newFn, ok := TypeToRR[h.Rrtype]; ok {
|
|
rr = newFn()
|
|
*rr.Header() = h
|
|
} else {
|
|
rr = &RFC3597{Hdr: h}
|
|
}
|
|
|
|
if noRdata(h) {
|
|
return rr, off, nil
|
|
}
|
|
|
|
end := off + int(h.Rdlength)
|
|
|
|
off, err = rr.unpack(msg, off)
|
|
if err != nil {
|
|
return nil, end, err
|
|
}
|
|
if off != end {
|
|
return &h, end, &Error{err: "bad rdlength"}
|
|
}
|
|
|
|
return rr, off, nil
|
|
}
|
|
|
|
// unpackRRslice unpacks msg[off:] into an []RR.
|
|
// If we cannot unpack the whole array, then it will return nil
|
|
func unpackRRslice(l int, msg []byte, off int) (dst1 []RR, off1 int, err error) {
|
|
var r RR
|
|
// Don't pre-allocate, l may be under attacker control
|
|
var dst []RR
|
|
for i := 0; i < l; i++ {
|
|
off1 := off
|
|
r, off, err = UnpackRR(msg, off)
|
|
if err != nil {
|
|
off = len(msg)
|
|
break
|
|
}
|
|
// If offset does not increase anymore, l is a lie
|
|
if off1 == off {
|
|
l = i
|
|
break
|
|
}
|
|
dst = append(dst, r)
|
|
}
|
|
if err != nil && off == len(msg) {
|
|
dst = nil
|
|
}
|
|
return dst, off, err
|
|
}
|
|
|
|
// Convert a MsgHdr to a string, with dig-like headers:
|
|
//
|
|
//;; opcode: QUERY, status: NOERROR, id: 48404
|
|
//
|
|
//;; flags: qr aa rd ra;
|
|
func (h *MsgHdr) String() string {
|
|
if h == nil {
|
|
return "<nil> MsgHdr"
|
|
}
|
|
|
|
s := ";; opcode: " + OpcodeToString[h.Opcode]
|
|
s += ", status: " + RcodeToString[h.Rcode]
|
|
s += ", id: " + strconv.Itoa(int(h.Id)) + "\n"
|
|
|
|
s += ";; flags:"
|
|
if h.Response {
|
|
s += " qr"
|
|
}
|
|
if h.Authoritative {
|
|
s += " aa"
|
|
}
|
|
if h.Truncated {
|
|
s += " tc"
|
|
}
|
|
if h.RecursionDesired {
|
|
s += " rd"
|
|
}
|
|
if h.RecursionAvailable {
|
|
s += " ra"
|
|
}
|
|
if h.Zero { // Hmm
|
|
s += " z"
|
|
}
|
|
if h.AuthenticatedData {
|
|
s += " ad"
|
|
}
|
|
if h.CheckingDisabled {
|
|
s += " cd"
|
|
}
|
|
|
|
s += ";"
|
|
return s
|
|
}
|
|
|
|
// Pack packs a Msg: it is converted to to wire format.
|
|
// If the dns.Compress is true the message will be in compressed wire format.
|
|
func (dns *Msg) Pack() (msg []byte, err error) {
|
|
return dns.PackBuffer(nil)
|
|
}
|
|
|
|
// PackBuffer packs a Msg, using the given buffer buf. If buf is too small a new buffer is allocated.
|
|
func (dns *Msg) PackBuffer(buf []byte) (msg []byte, err error) {
|
|
// If this message can't be compressed, avoid filling the
|
|
// compression map and creating garbage.
|
|
if dns.Compress && dns.isCompressible() {
|
|
compression := make(map[string]uint16) // Compression pointer mappings.
|
|
return dns.packBufferWithCompressionMap(buf, compressionMap{int: compression}, true)
|
|
}
|
|
|
|
return dns.packBufferWithCompressionMap(buf, compressionMap{}, false)
|
|
}
|
|
|
|
// packBufferWithCompressionMap packs a Msg, using the given buffer buf.
|
|
func (dns *Msg) packBufferWithCompressionMap(buf []byte, compression compressionMap, compress bool) (msg []byte, err error) {
|
|
if dns.Rcode < 0 || dns.Rcode > 0xFFF {
|
|
return nil, ErrRcode
|
|
}
|
|
|
|
// Set extended rcode unconditionally if we have an opt, this will allow
|
|
// reseting the extended rcode bits if they need to.
|
|
if opt := dns.IsEdns0(); opt != nil {
|
|
opt.SetExtendedRcode(uint16(dns.Rcode))
|
|
} else if dns.Rcode > 0xF {
|
|
// If Rcode is an extended one and opt is nil, error out.
|
|
return nil, ErrExtendedRcode
|
|
}
|
|
|
|
// Convert convenient Msg into wire-like Header.
|
|
var dh Header
|
|
dh.Id = dns.Id
|
|
dh.Bits = uint16(dns.Opcode)<<11 | uint16(dns.Rcode&0xF)
|
|
if dns.Response {
|
|
dh.Bits |= _QR
|
|
}
|
|
if dns.Authoritative {
|
|
dh.Bits |= _AA
|
|
}
|
|
if dns.Truncated {
|
|
dh.Bits |= _TC
|
|
}
|
|
if dns.RecursionDesired {
|
|
dh.Bits |= _RD
|
|
}
|
|
if dns.RecursionAvailable {
|
|
dh.Bits |= _RA
|
|
}
|
|
if dns.Zero {
|
|
dh.Bits |= _Z
|
|
}
|
|
if dns.AuthenticatedData {
|
|
dh.Bits |= _AD
|
|
}
|
|
if dns.CheckingDisabled {
|
|
dh.Bits |= _CD
|
|
}
|
|
|
|
dh.Qdcount = uint16(len(dns.Question))
|
|
dh.Ancount = uint16(len(dns.Answer))
|
|
dh.Nscount = uint16(len(dns.Ns))
|
|
dh.Arcount = uint16(len(dns.Extra))
|
|
|
|
// We need the uncompressed length here, because we first pack it and then compress it.
|
|
msg = buf
|
|
uncompressedLen := msgLenWithCompressionMap(dns, nil)
|
|
if packLen := uncompressedLen + 1; len(msg) < packLen {
|
|
msg = make([]byte, packLen)
|
|
}
|
|
|
|
// Pack it in: header and then the pieces.
|
|
off := 0
|
|
off, err = dh.pack(msg, off, compression, compress)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
for _, r := range dns.Question {
|
|
off, err = r.pack(msg, off, compression, compress)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
}
|
|
for _, r := range dns.Answer {
|
|
_, off, err = packRR(r, msg, off, compression, compress)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
}
|
|
for _, r := range dns.Ns {
|
|
_, off, err = packRR(r, msg, off, compression, compress)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
}
|
|
for _, r := range dns.Extra {
|
|
_, off, err = packRR(r, msg, off, compression, compress)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
}
|
|
return msg[:off], nil
|
|
}
|
|
|
|
func (dns *Msg) unpack(dh Header, msg []byte, off int) (err error) {
|
|
// If we are at the end of the message we should return *just* the
|
|
// header. This can still be useful to the caller. 9.9.9.9 sends these
|
|
// when responding with REFUSED for instance.
|
|
if off == len(msg) {
|
|
// reset sections before returning
|
|
dns.Question, dns.Answer, dns.Ns, dns.Extra = nil, nil, nil, nil
|
|
return nil
|
|
}
|
|
|
|
// Qdcount, Ancount, Nscount, Arcount can't be trusted, as they are
|
|
// attacker controlled. This means we can't use them to pre-allocate
|
|
// slices.
|
|
dns.Question = nil
|
|
for i := 0; i < int(dh.Qdcount); i++ {
|
|
off1 := off
|
|
var q Question
|
|
q, off, err = unpackQuestion(msg, off)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
if off1 == off { // Offset does not increase anymore, dh.Qdcount is a lie!
|
|
dh.Qdcount = uint16(i)
|
|
break
|
|
}
|
|
dns.Question = append(dns.Question, q)
|
|
}
|
|
|
|
dns.Answer, off, err = unpackRRslice(int(dh.Ancount), msg, off)
|
|
// The header counts might have been wrong so we need to update it
|
|
dh.Ancount = uint16(len(dns.Answer))
|
|
if err == nil {
|
|
dns.Ns, off, err = unpackRRslice(int(dh.Nscount), msg, off)
|
|
}
|
|
// The header counts might have been wrong so we need to update it
|
|
dh.Nscount = uint16(len(dns.Ns))
|
|
if err == nil {
|
|
dns.Extra, off, err = unpackRRslice(int(dh.Arcount), msg, off)
|
|
}
|
|
// The header counts might have been wrong so we need to update it
|
|
dh.Arcount = uint16(len(dns.Extra))
|
|
|
|
// Set extended Rcode
|
|
if opt := dns.IsEdns0(); opt != nil {
|
|
dns.Rcode |= opt.ExtendedRcode()
|
|
}
|
|
|
|
if off != len(msg) {
|
|
// TODO(miek) make this an error?
|
|
// use PackOpt to let people tell how detailed the error reporting should be?
|
|
// println("dns: extra bytes in dns packet", off, "<", len(msg))
|
|
}
|
|
return err
|
|
|
|
}
|
|
|
|
// Unpack unpacks a binary message to a Msg structure.
|
|
func (dns *Msg) Unpack(msg []byte) (err error) {
|
|
dh, off, err := unpackMsgHdr(msg, 0)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
dns.setHdr(dh)
|
|
return dns.unpack(dh, msg, off)
|
|
}
|
|
|
|
// Convert a complete message to a string with dig-like output.
|
|
func (dns *Msg) String() string {
|
|
if dns == nil {
|
|
return "<nil> MsgHdr"
|
|
}
|
|
s := dns.MsgHdr.String() + " "
|
|
s += "QUERY: " + strconv.Itoa(len(dns.Question)) + ", "
|
|
s += "ANSWER: " + strconv.Itoa(len(dns.Answer)) + ", "
|
|
s += "AUTHORITY: " + strconv.Itoa(len(dns.Ns)) + ", "
|
|
s += "ADDITIONAL: " + strconv.Itoa(len(dns.Extra)) + "\n"
|
|
if len(dns.Question) > 0 {
|
|
s += "\n;; QUESTION SECTION:\n"
|
|
for i := 0; i < len(dns.Question); i++ {
|
|
s += dns.Question[i].String() + "\n"
|
|
}
|
|
}
|
|
if len(dns.Answer) > 0 {
|
|
s += "\n;; ANSWER SECTION:\n"
|
|
for i := 0; i < len(dns.Answer); i++ {
|
|
if dns.Answer[i] != nil {
|
|
s += dns.Answer[i].String() + "\n"
|
|
}
|
|
}
|
|
}
|
|
if len(dns.Ns) > 0 {
|
|
s += "\n;; AUTHORITY SECTION:\n"
|
|
for i := 0; i < len(dns.Ns); i++ {
|
|
if dns.Ns[i] != nil {
|
|
s += dns.Ns[i].String() + "\n"
|
|
}
|
|
}
|
|
}
|
|
if len(dns.Extra) > 0 {
|
|
s += "\n;; ADDITIONAL SECTION:\n"
|
|
for i := 0; i < len(dns.Extra); i++ {
|
|
if dns.Extra[i] != nil {
|
|
s += dns.Extra[i].String() + "\n"
|
|
}
|
|
}
|
|
}
|
|
return s
|
|
}
|
|
|
|
// isCompressible returns whether the msg may be compressible.
|
|
func (dns *Msg) isCompressible() bool {
|
|
// If we only have one question, there is nothing we can ever compress.
|
|
return len(dns.Question) > 1 || len(dns.Answer) > 0 ||
|
|
len(dns.Ns) > 0 || len(dns.Extra) > 0
|
|
}
|
|
|
|
// Len returns the message length when in (un)compressed wire format.
|
|
// If dns.Compress is true compression it is taken into account. Len()
|
|
// is provided to be a faster way to get the size of the resulting packet,
|
|
// than packing it, measuring the size and discarding the buffer.
|
|
func (dns *Msg) Len() int {
|
|
// If this message can't be compressed, avoid filling the
|
|
// compression map and creating garbage.
|
|
if dns.Compress && dns.isCompressible() {
|
|
compression := make(map[string]struct{})
|
|
return msgLenWithCompressionMap(dns, compression)
|
|
}
|
|
|
|
return msgLenWithCompressionMap(dns, nil)
|
|
}
|
|
|
|
func msgLenWithCompressionMap(dns *Msg, compression map[string]struct{}) int {
|
|
l := headerSize
|
|
|
|
for _, r := range dns.Question {
|
|
l += r.len(l, compression)
|
|
}
|
|
for _, r := range dns.Answer {
|
|
if r != nil {
|
|
l += r.len(l, compression)
|
|
}
|
|
}
|
|
for _, r := range dns.Ns {
|
|
if r != nil {
|
|
l += r.len(l, compression)
|
|
}
|
|
}
|
|
for _, r := range dns.Extra {
|
|
if r != nil {
|
|
l += r.len(l, compression)
|
|
}
|
|
}
|
|
|
|
return l
|
|
}
|
|
|
|
func domainNameLen(s string, off int, compression map[string]struct{}, compress bool) int {
|
|
if s == "" || s == "." {
|
|
return 1
|
|
}
|
|
|
|
escaped := strings.Contains(s, "\\")
|
|
|
|
if compression != nil && (compress || off < maxCompressionOffset) {
|
|
// compressionLenSearch will insert the entry into the compression
|
|
// map if it doesn't contain it.
|
|
if l, ok := compressionLenSearch(compression, s, off); ok && compress {
|
|
if escaped {
|
|
return escapedNameLen(s[:l]) + 2
|
|
}
|
|
|
|
return l + 2
|
|
}
|
|
}
|
|
|
|
if escaped {
|
|
return escapedNameLen(s) + 1
|
|
}
|
|
|
|
return len(s) + 1
|
|
}
|
|
|
|
func escapedNameLen(s string) int {
|
|
nameLen := len(s)
|
|
for i := 0; i < len(s); i++ {
|
|
if s[i] != '\\' {
|
|
continue
|
|
}
|
|
|
|
if i+3 < len(s) && isDigit(s[i+1]) && isDigit(s[i+2]) && isDigit(s[i+3]) {
|
|
nameLen -= 3
|
|
i += 3
|
|
} else {
|
|
nameLen--
|
|
i++
|
|
}
|
|
}
|
|
|
|
return nameLen
|
|
}
|
|
|
|
func compressionLenSearch(c map[string]struct{}, s string, msgOff int) (int, bool) {
|
|
for off, end := 0, false; !end; off, end = NextLabel(s, off) {
|
|
if _, ok := c[s[off:]]; ok {
|
|
return off, true
|
|
}
|
|
|
|
if msgOff+off < maxCompressionOffset {
|
|
c[s[off:]] = struct{}{}
|
|
}
|
|
}
|
|
|
|
return 0, false
|
|
}
|
|
|
|
// Copy returns a new RR which is a deep-copy of r.
|
|
func Copy(r RR) RR { return r.copy() }
|
|
|
|
// Len returns the length (in octets) of the uncompressed RR in wire format.
|
|
func Len(r RR) int { return r.len(0, nil) }
|
|
|
|
// Copy returns a new *Msg which is a deep-copy of dns.
|
|
func (dns *Msg) Copy() *Msg { return dns.CopyTo(new(Msg)) }
|
|
|
|
// CopyTo copies the contents to the provided message using a deep-copy and returns the copy.
|
|
func (dns *Msg) CopyTo(r1 *Msg) *Msg {
|
|
r1.MsgHdr = dns.MsgHdr
|
|
r1.Compress = dns.Compress
|
|
|
|
if len(dns.Question) > 0 {
|
|
r1.Question = make([]Question, len(dns.Question))
|
|
copy(r1.Question, dns.Question) // TODO(miek): Question is an immutable value, ok to do a shallow-copy
|
|
}
|
|
|
|
rrArr := make([]RR, len(dns.Answer)+len(dns.Ns)+len(dns.Extra))
|
|
var rri int
|
|
|
|
if len(dns.Answer) > 0 {
|
|
rrbegin := rri
|
|
for i := 0; i < len(dns.Answer); i++ {
|
|
rrArr[rri] = dns.Answer[i].copy()
|
|
rri++
|
|
}
|
|
r1.Answer = rrArr[rrbegin:rri:rri]
|
|
}
|
|
|
|
if len(dns.Ns) > 0 {
|
|
rrbegin := rri
|
|
for i := 0; i < len(dns.Ns); i++ {
|
|
rrArr[rri] = dns.Ns[i].copy()
|
|
rri++
|
|
}
|
|
r1.Ns = rrArr[rrbegin:rri:rri]
|
|
}
|
|
|
|
if len(dns.Extra) > 0 {
|
|
rrbegin := rri
|
|
for i := 0; i < len(dns.Extra); i++ {
|
|
rrArr[rri] = dns.Extra[i].copy()
|
|
rri++
|
|
}
|
|
r1.Extra = rrArr[rrbegin:rri:rri]
|
|
}
|
|
|
|
return r1
|
|
}
|
|
|
|
func (q *Question) pack(msg []byte, off int, compression compressionMap, compress bool) (int, error) {
|
|
off, err := packDomainName(q.Name, msg, off, compression, compress)
|
|
if err != nil {
|
|
return off, err
|
|
}
|
|
off, err = packUint16(q.Qtype, msg, off)
|
|
if err != nil {
|
|
return off, err
|
|
}
|
|
off, err = packUint16(q.Qclass, msg, off)
|
|
if err != nil {
|
|
return off, err
|
|
}
|
|
return off, nil
|
|
}
|
|
|
|
func unpackQuestion(msg []byte, off int) (Question, int, error) {
|
|
var (
|
|
q Question
|
|
err error
|
|
)
|
|
q.Name, off, err = UnpackDomainName(msg, off)
|
|
if err != nil {
|
|
return q, off, err
|
|
}
|
|
if off == len(msg) {
|
|
return q, off, nil
|
|
}
|
|
q.Qtype, off, err = unpackUint16(msg, off)
|
|
if err != nil {
|
|
return q, off, err
|
|
}
|
|
if off == len(msg) {
|
|
return q, off, nil
|
|
}
|
|
q.Qclass, off, err = unpackUint16(msg, off)
|
|
if off == len(msg) {
|
|
return q, off, nil
|
|
}
|
|
return q, off, err
|
|
}
|
|
|
|
func (dh *Header) pack(msg []byte, off int, compression compressionMap, compress bool) (int, error) {
|
|
off, err := packUint16(dh.Id, msg, off)
|
|
if err != nil {
|
|
return off, err
|
|
}
|
|
off, err = packUint16(dh.Bits, msg, off)
|
|
if err != nil {
|
|
return off, err
|
|
}
|
|
off, err = packUint16(dh.Qdcount, msg, off)
|
|
if err != nil {
|
|
return off, err
|
|
}
|
|
off, err = packUint16(dh.Ancount, msg, off)
|
|
if err != nil {
|
|
return off, err
|
|
}
|
|
off, err = packUint16(dh.Nscount, msg, off)
|
|
if err != nil {
|
|
return off, err
|
|
}
|
|
off, err = packUint16(dh.Arcount, msg, off)
|
|
if err != nil {
|
|
return off, err
|
|
}
|
|
return off, nil
|
|
}
|
|
|
|
func unpackMsgHdr(msg []byte, off int) (Header, int, error) {
|
|
var (
|
|
dh Header
|
|
err error
|
|
)
|
|
dh.Id, off, err = unpackUint16(msg, off)
|
|
if err != nil {
|
|
return dh, off, err
|
|
}
|
|
dh.Bits, off, err = unpackUint16(msg, off)
|
|
if err != nil {
|
|
return dh, off, err
|
|
}
|
|
dh.Qdcount, off, err = unpackUint16(msg, off)
|
|
if err != nil {
|
|
return dh, off, err
|
|
}
|
|
dh.Ancount, off, err = unpackUint16(msg, off)
|
|
if err != nil {
|
|
return dh, off, err
|
|
}
|
|
dh.Nscount, off, err = unpackUint16(msg, off)
|
|
if err != nil {
|
|
return dh, off, err
|
|
}
|
|
dh.Arcount, off, err = unpackUint16(msg, off)
|
|
if err != nil {
|
|
return dh, off, err
|
|
}
|
|
return dh, off, nil
|
|
}
|
|
|
|
// setHdr set the header in the dns using the binary data in dh.
|
|
func (dns *Msg) setHdr(dh Header) {
|
|
dns.Id = dh.Id
|
|
dns.Response = dh.Bits&_QR != 0
|
|
dns.Opcode = int(dh.Bits>>11) & 0xF
|
|
dns.Authoritative = dh.Bits&_AA != 0
|
|
dns.Truncated = dh.Bits&_TC != 0
|
|
dns.RecursionDesired = dh.Bits&_RD != 0
|
|
dns.RecursionAvailable = dh.Bits&_RA != 0
|
|
dns.Zero = dh.Bits&_Z != 0 // _Z covers the zero bit, which should be zero; not sure why we set it to the opposite.
|
|
dns.AuthenticatedData = dh.Bits&_AD != 0
|
|
dns.CheckingDisabled = dh.Bits&_CD != 0
|
|
dns.Rcode = int(dh.Bits & 0xF)
|
|
}
|