contrib/unbound/daemon/cachedump.c

   1 /*
   2  * daemon/cachedump.c - dump the cache to text format.
   3  *
   4  * Copyright (c) 2008, NLnet Labs. All rights reserved.
   5  *
   6  * This software is open source.
   7  *
   8  * Redistribution and use in source and binary forms, with or without
   9  * modification, are permitted provided that the following conditions
  10  * are met:
  11  *
  12  * Redistributions of source code must retain the above copyright notice,
  13  * this list of conditions and the following disclaimer.
  14  *
  15  * Redistributions in binary form must reproduce the above copyright notice,
  16  * this list of conditions and the following disclaimer in the documentation
  17  * and/or other materials provided with the distribution.
  18  *
  19  * Neither the name of the NLNET LABS nor the names of its contributors may
  20  * be used to endorse or promote products derived from this software without
  21  * specific prior written permission.
  22  *
  23  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
  24  * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
  25  * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
  26  * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
  27  * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
  28  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
  29  * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
  30  * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
  31  * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
  32  * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
  33  * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  34  */
  35
  36 /**
  37  * \file
  38  *
  39  * This file contains functions to read and write the cache(s)
  40  * to text format.
  41  */
  42 #include "config.h"
  43 #include <openssl/ssl.h>
  44 #include "daemon/cachedump.h"
  45 #include "daemon/remote.h"
  46 #include "daemon/worker.h"
  47 #include "services/cache/rrset.h"
  48 #include "services/cache/dns.h"
  49 #include "services/cache/infra.h"
  50 #include "util/data/msgreply.h"
  51 #include "util/regional.h"
  52 #include "util/net_help.h"
  53 #include "util/data/dname.h"
  54 #include "iterator/iterator.h"
  55 #include "iterator/iter_delegpt.h"
  56 #include "iterator/iter_utils.h"
  57 #include "iterator/iter_fwd.h"
  58 #include "iterator/iter_hints.h"
  59 #include "sldns/sbuffer.h"
  60 #include "sldns/wire2str.h"
  61 #include "sldns/str2wire.h"
  62
  63 /** dump one rrset zonefile line */
  64 static int
  65 dump_rrset_line(SSL* ssl, struct ub_packed_rrset_key* k, time_t now, size_t i)
  66 {
  67         char s[65535];
  68         if(!packed_rr_to_string(k, i, now, s, sizeof(s))) {
  69                 return ssl_printf(ssl, "BADRR\n");
  70         }
  71         return ssl_printf(ssl, "%s", s);
  72 }
  73
  74 /** dump rrset key and data info */
  75 static int
  76 dump_rrset(SSL* ssl, struct ub_packed_rrset_key* k,
  77         struct packed_rrset_data* d, time_t now)
  78 {
  79         size_t i;
  80         /* rd lock held by caller */
  81         if(!k || !d) return 1;
  82         if(d->ttl < now) return 1; /* expired */
  83
  84         /* meta line */
  85         if(!ssl_printf(ssl, ";rrset%s " ARG_LL "d %u %u %d %d\n",
  86                 (k->rk.flags & PACKED_RRSET_NSEC_AT_APEX)?" nsec_apex":"",
  87                 (long long)(d->ttl - now),
  88                 (unsigned)d->count, (unsigned)d->rrsig_count,
  89                 (int)d->trust, (int)d->security
  90                 ))
  91                 return 0;
  92         for(i=0; i<d->count + d->rrsig_count; i++) {
  93                 if(!dump_rrset_line(ssl, k, now, i))
  94                         return 0;
  95         }
  96         return 1;
  97 }
  98
  99 /** dump lruhash rrset cache */
 100 static int
 101 dump_rrset_lruhash(SSL* ssl, struct lruhash* h, time_t now)
 102 {
 103         struct lruhash_entry* e;
 104         /* lruhash already locked by caller */
 105         /* walk in order of lru; best first */
 106         for(e=h->lru_start; e; e = e->lru_next) {
 107                 lock_rw_rdlock(&e->lock);
 108                 if(!dump_rrset(ssl, (struct ub_packed_rrset_key*)e->key,
 109                         (struct packed_rrset_data*)e->data, now)) {
 110                         lock_rw_unlock(&e->lock);
 111                         return 0;
 112                 }
 113                 lock_rw_unlock(&e->lock);
 114         }
 115         return 1;
 116 }
 117
 118 /** dump rrset cache */
 119 static int
 120 dump_rrset_cache(SSL* ssl, struct worker* worker)
 121 {
 122         struct rrset_cache* r = worker->env.rrset_cache;
 123         size_t slab;
 124         if(!ssl_printf(ssl, "START_RRSET_CACHE\n")) return 0;
 125         for(slab=0; slab<r->table.size; slab++) {
 126                 lock_quick_lock(&r->table.array[slab]->lock);
 127                 if(!dump_rrset_lruhash(ssl, r->table.array[slab],
 128                         *worker->env.now)) {
 129                         lock_quick_unlock(&r->table.array[slab]->lock);
 130                         return 0;
 131                 }
 132                 lock_quick_unlock(&r->table.array[slab]->lock);
 133         }
 134         return ssl_printf(ssl, "END_RRSET_CACHE\n");
 135 }
 136
 137 /** dump message to rrset reference */
 138 static int
 139 dump_msg_ref(SSL* ssl, struct ub_packed_rrset_key* k)
 140 {
 141         char* nm, *tp, *cl;
 142         nm = sldns_wire2str_dname(k->rk.dname, k->rk.dname_len);
 143         tp = sldns_wire2str_type(ntohs(k->rk.type));
 144         cl = sldns_wire2str_class(ntohs(k->rk.rrset_class));
 145         if(!nm || !cl || !tp) {
 146                 free(nm);
 147                 free(tp);
 148                 free(cl);
 149                 return ssl_printf(ssl, "BADREF\n");
 150         }
 151         if(!ssl_printf(ssl, "%s %s %s %d\n", nm, cl, tp, (int)k->rk.flags)) {
 152                 free(nm);
 153                 free(tp);
 154                 free(cl);
 155                 return 0;
 156         }
 157         free(nm);
 158         free(tp);
 159         free(cl);
 160
 161         return 1;
 162 }
 163
 164 /** dump message entry */
 165 static int
 166 dump_msg(SSL* ssl, struct query_info* k, struct reply_info* d,
 167         time_t now)
 168 {
 169         size_t i;
 170         char* nm, *tp, *cl;
 171         if(!k || !d) return 1;
 172         if(d->ttl < now) return 1; /* expired */
 173
 174         nm = sldns_wire2str_dname(k->qname, k->qname_len);
 175         tp = sldns_wire2str_type(k->qtype);
 176         cl = sldns_wire2str_class(k->qclass);
 177         if(!nm || !tp || !cl) {
 178                 free(nm);
 179                 free(tp);
 180                 free(cl);
 181                 return 1; /* skip this entry */
 182         }
 183         if(!rrset_array_lock(d->ref, d->rrset_count, now)) {
 184                 /* rrsets have timed out or do not exist */
 185                 free(nm);
 186                 free(tp);
 187                 free(cl);
 188                 return 1; /* skip this entry */
 189         }
 190
 191         /* meta line */
 192         if(!ssl_printf(ssl, "msg %s %s %s %d %d " ARG_LL "d %d %u %u %u\n",
 193                         nm, cl, tp,
 194                         (int)d->flags, (int)d->qdcount,
 195                         (long long)(d->ttl-now), (int)d->security,
 196                         (unsigned)d->an_numrrsets,
 197                         (unsigned)d->ns_numrrsets,
 198                         (unsigned)d->ar_numrrsets)) {
 199                 free(nm);
 200                 free(tp);
 201                 free(cl);
 202                 rrset_array_unlock(d->ref, d->rrset_count);
 203                 return 0;
 204         }
 205         free(nm);
 206         free(tp);
 207         free(cl);
 208
 209         for(i=0; i<d->rrset_count; i++) {
 210                 if(!dump_msg_ref(ssl, d->rrsets[i])) {
 211                         rrset_array_unlock(d->ref, d->rrset_count);
 212                         return 0;
 213                 }
 214         }
 215         rrset_array_unlock(d->ref, d->rrset_count);
 216
 217         return 1;
 218 }
 219
 220 /** copy msg to worker pad */
 221 static int
 222 copy_msg(struct regional* region, struct lruhash_entry* e,
 223         struct query_info** k, struct reply_info** d)
 224 {
 225         struct reply_info* rep = (struct reply_info*)e->data;
 226         if(rep->rrset_count > RR_COUNT_MAX)
 227                 return 0; /* to protect against integer overflow */
 228         *d = (struct reply_info*)regional_alloc_init(region, e->data,
 229                 sizeof(struct reply_info) +
 230                 sizeof(struct rrset_ref) * (rep->rrset_count-1) +
 231                 sizeof(struct ub_packed_rrset_key*) * rep->rrset_count);
 232         if(!*d)
 233                 return 0;
 234         (*d)->rrsets = (struct ub_packed_rrset_key**)(void *)(
 235                 (uint8_t*)(&((*d)->ref[0])) +
 236                 sizeof(struct rrset_ref) * rep->rrset_count);
 237         *k = (struct query_info*)regional_alloc_init(region,
 238                 e->key, sizeof(struct query_info));
 239         if(!*k)
 240                 return 0;
 241         (*k)->qname = regional_alloc_init(region,
 242                 (*k)->qname, (*k)->qname_len);
 243         return (*k)->qname != NULL;
 244 }
 245
 246 /** dump lruhash msg cache */
 247 static int
 248 dump_msg_lruhash(SSL* ssl, struct worker* worker, struct lruhash* h)
 249 {
 250         struct lruhash_entry* e;
 251         struct query_info* k;
 252         struct reply_info* d;
 253
 254         /* lruhash already locked by caller */
 255         /* walk in order of lru; best first */
 256         for(e=h->lru_start; e; e = e->lru_next) {
 257                 regional_free_all(worker->scratchpad);
 258                 lock_rw_rdlock(&e->lock);
 259                 /* make copy of rrset in worker buffer */
 260                 if(!copy_msg(worker->scratchpad, e, &k, &d)) {
 261                         lock_rw_unlock(&e->lock);
 262                         return 0;
 263                 }
 264                 lock_rw_unlock(&e->lock);
 265                 /* release lock so we can lookup the rrset references
 266                  * in the rrset cache */
 267                 if(!dump_msg(ssl, k, d, *worker->env.now)) {
 268                         return 0;
 269                 }
 270         }
 271         return 1;
 272 }
 273
 274 /** dump msg cache */
 275 static int
 276 dump_msg_cache(SSL* ssl, struct worker* worker)
 277 {
 278         struct slabhash* sh = worker->env.msg_cache;
 279         size_t slab;
 280         if(!ssl_printf(ssl, "START_MSG_CACHE\n")) return 0;
 281         for(slab=0; slab<sh->size; slab++) {
 282                 lock_quick_lock(&sh->array[slab]->lock);
 283                 if(!dump_msg_lruhash(ssl, worker, sh->array[slab])) {
 284                         lock_quick_unlock(&sh->array[slab]->lock);
 285                         return 0;
 286                 }
 287                 lock_quick_unlock(&sh->array[slab]->lock);
 288         }
 289         return ssl_printf(ssl, "END_MSG_CACHE\n");
 290 }
 291
 292 int
 293 dump_cache(SSL* ssl, struct worker* worker)
 294 {
 295         if(!dump_rrset_cache(ssl, worker))
 296                 return 0;
 297         if(!dump_msg_cache(ssl, worker))
 298                 return 0;
 299         return ssl_printf(ssl, "EOF\n");
 300 }
 301
 302 /** read a line from ssl into buffer */
 303 static int
 304 ssl_read_buf(SSL* ssl, sldns_buffer* buf)
 305 {
 306         return ssl_read_line(ssl, (char*)sldns_buffer_begin(buf),
 307                 sldns_buffer_capacity(buf));
 308 }
 309
 310 /** check fixed text on line */
 311 static int
 312 read_fixed(SSL* ssl, sldns_buffer* buf, const char* str)
 313 {
 314         if(!ssl_read_buf(ssl, buf)) return 0;
 315         return (strcmp((char*)sldns_buffer_begin(buf), str) == 0);
 316 }
 317
 318 /** load an RR into rrset */
 319 static int
 320 load_rr(SSL* ssl, sldns_buffer* buf, struct regional* region,
 321         struct ub_packed_rrset_key* rk, struct packed_rrset_data* d,
 322         unsigned int i, int is_rrsig, int* go_on, time_t now)
 323 {
 324         uint8_t rr[LDNS_RR_BUF_SIZE];
 325         size_t rr_len = sizeof(rr), dname_len = 0;
 326         int status;
 327
 328         /* read the line */
 329         if(!ssl_read_buf(ssl, buf))
 330                 return 0;
 331         if(strncmp((char*)sldns_buffer_begin(buf), "BADRR\n", 6) == 0) {
 332                 *go_on = 0;
 333                 return 1;
 334         }
 335         status = sldns_str2wire_rr_buf((char*)sldns_buffer_begin(buf), rr,
 336                 &rr_len, &dname_len, 3600, NULL, 0, NULL, 0);
 337         if(status != 0) {
 338                 log_warn("error cannot parse rr: %s: %s",
 339                         sldns_get_errorstr_parse(status),
 340                         (char*)sldns_buffer_begin(buf));
 341                 return 0;
 342         }
 343         if(is_rrsig && sldns_wirerr_get_type(rr, rr_len, dname_len)
 344                 != LDNS_RR_TYPE_RRSIG) {
 345                 log_warn("error expected rrsig but got %s",
 346                         (char*)sldns_buffer_begin(buf));
 347                 return 0;
 348         }
 349
 350         /* convert ldns rr into packed_rr */
 351         d->rr_ttl[i] = (time_t)sldns_wirerr_get_ttl(rr, rr_len, dname_len) + now;
 352         sldns_buffer_clear(buf);
 353         d->rr_len[i] = sldns_wirerr_get_rdatalen(rr, rr_len, dname_len)+2;
 354         d->rr_data[i] = (uint8_t*)regional_alloc_init(region,
 355                 sldns_wirerr_get_rdatawl(rr, rr_len, dname_len), d->rr_len[i]);
 356         if(!d->rr_data[i]) {
 357                 log_warn("error out of memory");
 358                 return 0;
 359         }
 360
 361         /* if first entry, fill the key structure */
 362         if(i==0) {
 363                 rk->rk.type = htons(sldns_wirerr_get_type(rr, rr_len, dname_len));
 364                 rk->rk.rrset_class = htons(sldns_wirerr_get_class(rr, rr_len, dname_len));
 365                 rk->rk.dname_len = dname_len;
 366                 rk->rk.dname = regional_alloc_init(region, rr, dname_len);
 367                 if(!rk->rk.dname) {
 368                         log_warn("error out of memory");
 369                         return 0;
 370                 }
 371         }
 372
 373         return 1;
 374 }
 375
 376 /** move entry into cache */
 377 static int
 378 move_into_cache(struct ub_packed_rrset_key* k,
 379         struct packed_rrset_data* d, struct worker* worker)
 380 {
 381         struct ub_packed_rrset_key* ak;
 382         struct packed_rrset_data* ad;
 383         size_t s, i, num = d->count + d->rrsig_count;
 384         struct rrset_ref ref;
 385         uint8_t* p;
 386
 387         ak = alloc_special_obtain(&worker->alloc);
 388         if(!ak) {
 389                 log_warn("error out of memory");
 390                 return 0;
 391         }
 392         ak->entry.data = NULL;
 393         ak->rk = k->rk;
 394         ak->entry.hash = rrset_key_hash(&k->rk);
 395         ak->rk.dname = (uint8_t*)memdup(k->rk.dname, k->rk.dname_len);
 396         if(!ak->rk.dname) {
 397                 log_warn("error out of memory");
 398                 ub_packed_rrset_parsedelete(ak, &worker->alloc);
 399                 return 0;
 400         }
 401         s = sizeof(*ad) + (sizeof(size_t) + sizeof(uint8_t*) +
 402                 sizeof(time_t))* num;
 403         for(i=0; i<num; i++)
 404                 s += d->rr_len[i];
 405         ad = (struct packed_rrset_data*)malloc(s);
 406         if(!ad) {
 407                 log_warn("error out of memory");
 408                 ub_packed_rrset_parsedelete(ak, &worker->alloc);
 409                 return 0;
 410         }
 411         p = (uint8_t*)ad;
 412         memmove(p, d, sizeof(*ad));
 413         p += sizeof(*ad);
 414         memmove(p, &d->rr_len[0], sizeof(size_t)*num);
 415         p += sizeof(size_t)*num;
 416         memmove(p, &d->rr_data[0], sizeof(uint8_t*)*num);
 417         p += sizeof(uint8_t*)*num;
 418         memmove(p, &d->rr_ttl[0], sizeof(time_t)*num);
 419         p += sizeof(time_t)*num;
 420         for(i=0; i<num; i++) {
 421                 memmove(p, d->rr_data[i], d->rr_len[i]);
 422                 p += d->rr_len[i];
 423         }
 424         packed_rrset_ptr_fixup(ad);
 425
 426         ak->entry.data = ad;
 427
 428         ref.key = ak;
 429         ref.id = ak->id;
 430         (void)rrset_cache_update(worker->env.rrset_cache, &ref,
 431                 &worker->alloc, *worker->env.now);
 432         return 1;
 433 }
 434
 435 /** load an rrset entry */
 436 static int
 437 load_rrset(SSL* ssl, sldns_buffer* buf, struct worker* worker)
 438 {
 439         char* s = (char*)sldns_buffer_begin(buf);
 440         struct regional* region = worker->scratchpad;
 441         struct ub_packed_rrset_key* rk;
 442         struct packed_rrset_data* d;
 443         unsigned int rr_count, rrsig_count, trust, security;
 444         long long ttl;
 445         unsigned int i;
 446         int go_on = 1;
 447         regional_free_all(region);
 448
 449         rk = (struct ub_packed_rrset_key*)regional_alloc_zero(region,
 450                 sizeof(*rk));
 451         d = (struct packed_rrset_data*)regional_alloc_zero(region, sizeof(*d));
 452         if(!rk || !d) {
 453                 log_warn("error out of memory");
 454                 return 0;
 455         }
 456
 457         if(strncmp(s, ";rrset", 6) != 0) {
 458                 log_warn("error expected ';rrset' but got %s", s);
 459                 return 0;
 460         }
 461         s += 6;
 462         if(strncmp(s, " nsec_apex", 10) == 0) {
 463                 s += 10;
 464                 rk->rk.flags |= PACKED_RRSET_NSEC_AT_APEX;
 465         }
 466         if(sscanf(s, " " ARG_LL "d %u %u %u %u", &ttl, &rr_count, &rrsig_count,
 467                 &trust, &security) != 5) {
 468                 log_warn("error bad rrset spec %s", s);
 469                 return 0;
 470         }
 471         if(rr_count == 0 && rrsig_count == 0) {
 472                 log_warn("bad rrset without contents");
 473                 return 0;
 474         }
 475         if(rr_count > RR_COUNT_MAX || rrsig_count > RR_COUNT_MAX) {
 476                 log_warn("bad rrset with too many rrs");
 477                 return 0;
 478         }
 479         d->count = (size_t)rr_count;
 480         d->rrsig_count = (size_t)rrsig_count;
 481         d->security = (enum sec_status)security;
 482         d->trust = (enum rrset_trust)trust;
 483         d->ttl = (time_t)ttl + *worker->env.now;
 484
 485         d->rr_len = regional_alloc_zero(region,
 486                 sizeof(size_t)*(d->count+d->rrsig_count));
 487         d->rr_ttl = regional_alloc_zero(region,
 488                 sizeof(time_t)*(d->count+d->rrsig_count));
 489         d->rr_data = regional_alloc_zero(region,
 490                 sizeof(uint8_t*)*(d->count+d->rrsig_count));
 491         if(!d->rr_len || !d->rr_ttl || !d->rr_data) {
 492                 log_warn("error out of memory");
 493                 return 0;
 494         }
 495
 496         /* read the rr's themselves */
 497         for(i=0; i<rr_count; i++) {
 498                 if(!load_rr(ssl, buf, region, rk, d, i, 0,
 499                         &go_on, *worker->env.now)) {
 500                         log_warn("could not read rr %u", i);
 501                         return 0;
 502                 }
 503         }
 504         for(i=0; i<rrsig_count; i++) {
 505                 if(!load_rr(ssl, buf, region, rk, d, i+rr_count, 1,
 506                         &go_on, *worker->env.now)) {
 507                         log_warn("could not read rrsig %u", i);
 508                         return 0;
 509                 }
 510         }
 511         if(!go_on) {
 512                 /* skip this entry */
 513                 return 1;
 514         }
 515
 516         return move_into_cache(rk, d, worker);
 517 }
 518
 519 /** load rrset cache */
 520 static int
 521 load_rrset_cache(SSL* ssl, struct worker* worker)
 522 {
 523         sldns_buffer* buf = worker->env.scratch_buffer;
 524         if(!read_fixed(ssl, buf, "START_RRSET_CACHE")) return 0;
 525         while(ssl_read_buf(ssl, buf) &&
 526                 strcmp((char*)sldns_buffer_begin(buf), "END_RRSET_CACHE")!=0) {
 527                 if(!load_rrset(ssl, buf, worker))
 528                         return 0;
 529         }
 530         return 1;
 531 }
 532
 533 /** read qinfo from next three words */
 534 static char*
 535 load_qinfo(char* str, struct query_info* qinfo, struct regional* region)
 536 {
 537         /* s is part of the buf */
 538         char* s = str;
 539         uint8_t rr[LDNS_RR_BUF_SIZE];
 540         size_t rr_len = sizeof(rr), dname_len = 0;
 541         int status;
 542
 543         /* skip three words */
 544         s = strchr(str, ' ');
 545         if(s) s = strchr(s+1, ' ');
 546         if(s) s = strchr(s+1, ' ');
 547         if(!s) {
 548                 log_warn("error line too short, %s", str);
 549                 return NULL;
 550         }
 551         s[0] = 0;
 552         s++;
 553
 554         /* parse them */
 555         status = sldns_str2wire_rr_question_buf(str, rr, &rr_len, &dname_len,
 556                 NULL, 0, NULL, 0);
 557         if(status != 0) {
 558                 log_warn("error cannot parse: %s %s",
 559                         sldns_get_errorstr_parse(status), str);
 560                 return NULL;
 561         }
 562         qinfo->qtype = sldns_wirerr_get_type(rr, rr_len, dname_len);
 563         qinfo->qclass = sldns_wirerr_get_class(rr, rr_len, dname_len);
 564         qinfo->qname_len = dname_len;
 565         qinfo->qname = (uint8_t*)regional_alloc_init(region, rr, dname_len);
 566         if(!qinfo->qname) {
 567                 log_warn("error out of memory");
 568                 return NULL;
 569         }
 570
 571         return s;
 572 }
 573
 574 /** load a msg rrset reference */
 575 static int
 576 load_ref(SSL* ssl, sldns_buffer* buf, struct worker* worker,
 577         struct regional *region, struct ub_packed_rrset_key** rrset,
 578         int* go_on)
 579 {
 580         char* s = (char*)sldns_buffer_begin(buf);
 581         struct query_info qinfo;
 582         unsigned int flags;
 583         struct ub_packed_rrset_key* k;
 584
 585         /* read line */
 586         if(!ssl_read_buf(ssl, buf))
 587                 return 0;
 588         if(strncmp(s, "BADREF", 6) == 0) {
 589                 *go_on = 0; /* its bad, skip it and skip message */
 590                 return 1;
 591         }
 592
 593         s = load_qinfo(s, &qinfo, region);
 594         if(!s) {
 595                 return 0;
 596         }
 597         if(sscanf(s, " %u", &flags) != 1) {
 598                 log_warn("error cannot parse flags: %s", s);
 599                 return 0;
 600         }
 601
 602         /* lookup in cache */
 603         k = rrset_cache_lookup(worker->env.rrset_cache, qinfo.qname,
 604                 qinfo.qname_len, qinfo.qtype, qinfo.qclass,
 605                 (uint32_t)flags, *worker->env.now, 0);
 606         if(!k) {
 607                 /* not found or expired */
 608                 *go_on = 0;
 609                 return 1;
 610         }
 611
 612         /* store in result */
 613         *rrset = packed_rrset_copy_region(k, region, *worker->env.now);
 614         lock_rw_unlock(&k->entry.lock);
 615
 616         return (*rrset != NULL);
 617 }
 618
 619 /** load a msg entry */
 620 static int
 621 load_msg(SSL* ssl, sldns_buffer* buf, struct worker* worker)
 622 {
 623         struct regional* region = worker->scratchpad;
 624         struct query_info qinf;
 625         struct reply_info rep;
 626         char* s = (char*)sldns_buffer_begin(buf);
 627         unsigned int flags, qdcount, security, an, ns, ar;
 628         long long ttl;
 629         size_t i;
 630         int go_on = 1;
 631
 632         regional_free_all(region);
 633
 634         if(strncmp(s, "msg ", 4) != 0) {
 635                 log_warn("error expected msg but got %s", s);
 636                 return 0;
 637         }
 638         s += 4;
 639         s = load_qinfo(s, &qinf, region);
 640         if(!s) {
 641                 return 0;
 642         }
 643
 644         /* read remainder of line */
 645         if(sscanf(s, " %u %u " ARG_LL "d %u %u %u %u", &flags, &qdcount, &ttl,
 646                 &security, &an, &ns, &ar) != 7) {
 647                 log_warn("error cannot parse numbers: %s", s);
 648                 return 0;
 649         }
 650         rep.flags = (uint16_t)flags;
 651         rep.qdcount = (uint16_t)qdcount;
 652         rep.ttl = (time_t)ttl;
 653         rep.prefetch_ttl = PREFETCH_TTL_CALC(rep.ttl);
 654         rep.security = (enum sec_status)security;
 655         if(an > RR_COUNT_MAX || ns > RR_COUNT_MAX || ar > RR_COUNT_MAX) {
 656                 log_warn("error too many rrsets");
 657                 return 0; /* protect against integer overflow in alloc */
 658         }
 659         rep.an_numrrsets = (size_t)an;
 660         rep.ns_numrrsets = (size_t)ns;
 661         rep.ar_numrrsets = (size_t)ar;
 662         rep.rrset_count = (size_t)an+(size_t)ns+(size_t)ar;
 663         rep.rrsets = (struct ub_packed_rrset_key**)regional_alloc_zero(
 664                 region, sizeof(struct ub_packed_rrset_key*)*rep.rrset_count);
 665
 666         /* fill repinfo with references */
 667         for(i=0; i<rep.rrset_count; i++) {
 668                 if(!load_ref(ssl, buf, worker, region, &rep.rrsets[i],
 669                         &go_on)) {
 670                         return 0;
 671                 }
 672         }
 673
 674         if(!go_on)
 675                 return 1; /* skip this one, not all references satisfied */
 676
 677         if(!dns_cache_store(&worker->env, &qinf, &rep, 0, 0, 0, NULL, flags)) {
 678                 log_warn("error out of memory");
 679                 return 0;
 680         }
 681         return 1;
 682 }
 683
 684 /** load msg cache */
 685 static int
 686 load_msg_cache(SSL* ssl, struct worker* worker)
 687 {
 688         sldns_buffer* buf = worker->env.scratch_buffer;
 689         if(!read_fixed(ssl, buf, "START_MSG_CACHE")) return 0;
 690         while(ssl_read_buf(ssl, buf) &&
 691                 strcmp((char*)sldns_buffer_begin(buf), "END_MSG_CACHE")!=0) {
 692                 if(!load_msg(ssl, buf, worker))
 693                         return 0;
 694         }
 695         return 1;
 696 }
 697
 698 int
 699 load_cache(SSL* ssl, struct worker* worker)
 700 {
 701         if(!load_rrset_cache(ssl, worker))
 702                 return 0;
 703         if(!load_msg_cache(ssl, worker))
 704                 return 0;
 705         return read_fixed(ssl, worker->env.scratch_buffer, "EOF");
 706 }
 707
 708 /** print details on a delegation point */
 709 static void
 710 print_dp_details(SSL* ssl, struct worker* worker, struct delegpt* dp)
 711 {
 712         char buf[257];
 713         struct delegpt_addr* a;
 714         int lame, dlame, rlame, rto, edns_vs, to, delay,
 715                 tA = 0, tAAAA = 0, tother = 0;
 716         long long entry_ttl;
 717         struct rtt_info ri;
 718         uint8_t edns_lame_known;
 719         for(a = dp->target_list; a; a = a->next_target) {
 720                 addr_to_str(&a->addr, a->addrlen, buf, sizeof(buf));
 721                 if(!ssl_printf(ssl, "%-16s\t", buf))
 722                         return;
 723                 if(a->bogus) {
 724                         if(!ssl_printf(ssl, "Address is BOGUS. "))
 725                                 return;
 726                 }
 727                 /* lookup in infra cache */
 728                 delay=0;
 729                 entry_ttl = infra_get_host_rto(worker->env.infra_cache,
 730                         &a->addr, a->addrlen, dp->name, dp->namelen,
 731                         &ri, &delay, *worker->env.now, &tA, &tAAAA, &tother);
 732                 if(entry_ttl == -2 && ri.rto >= USEFUL_SERVER_TOP_TIMEOUT) {
 733                         if(!ssl_printf(ssl, "expired, rto %d msec, tA %d "
 734                                 "tAAAA %d tother %d.\n", ri.rto, tA, tAAAA,
 735                                 tother))
 736                                 return;
 737                         continue;
 738                 }
 739                 if(entry_ttl == -1 || entry_ttl == -2) {
 740                         if(!ssl_printf(ssl, "not in infra cache.\n"))
 741                                 return;
 742                         continue; /* skip stuff not in infra cache */
 743                 }
 744
 745                 /* uses type_A because most often looked up, but other
 746                  * lameness won't be reported then */
 747                 if(!infra_get_lame_rtt(worker->env.infra_cache,
 748                         &a->addr, a->addrlen, dp->name, dp->namelen,
 749                         LDNS_RR_TYPE_A, &lame, &dlame, &rlame, &rto,
 750                         *worker->env.now)) {
 751                         if(!ssl_printf(ssl, "not in infra cache.\n"))
 752                                 return;
 753                         continue; /* skip stuff not in infra cache */
 754                 }
 755                 if(!ssl_printf(ssl, "%s%s%s%srto %d msec, ttl " ARG_LL "d, "
 756                         "ping %d var %d rtt %d, tA %d, tAAAA %d, tother %d",
 757                         lame?"LAME ":"", dlame?"NoDNSSEC ":"",
 758                         a->lame?"AddrWasParentSide ":"",
 759                         rlame?"NoAuthButRecursive ":"", rto, entry_ttl,
 760                         ri.srtt, ri.rttvar, rtt_notimeout(&ri),
 761                         tA, tAAAA, tother))
 762                         return;
 763                 if(delay)
 764                         if(!ssl_printf(ssl, ", probedelay %d", delay))
 765                                 return;
 766                 if(infra_host(worker->env.infra_cache, &a->addr, a->addrlen,
 767                         dp->name, dp->namelen, *worker->env.now, &edns_vs,
 768                         &edns_lame_known, &to)) {
 769                         if(edns_vs == -1) {
 770                                 if(!ssl_printf(ssl, ", noEDNS%s.",
 771                                         edns_lame_known?" probed":" assumed"))
 772                                         return;
 773                         } else {
 774                                 if(!ssl_printf(ssl, ", EDNS %d%s.", edns_vs,
 775                                         edns_lame_known?" probed":" assumed"))
 776                                         return;
 777                         }
 778                 }
 779                 if(!ssl_printf(ssl, "\n"))
 780                         return;
 781         }
 782 }
 783
 784 /** print main dp info */
 785 static void
 786 print_dp_main(SSL* ssl, struct delegpt* dp, struct dns_msg* msg)
 787 {
 788         size_t i, n_ns, n_miss, n_addr, n_res, n_avail;
 789
 790         /* print the dp */
 791         if(msg)
 792             for(i=0; i<msg->rep->rrset_count; i++) {
 793                 struct ub_packed_rrset_key* k = msg->rep->rrsets[i];
 794                 struct packed_rrset_data* d =
 795                         (struct packed_rrset_data*)k->entry.data;
 796                 if(d->security == sec_status_bogus) {
 797                         if(!ssl_printf(ssl, "Address is BOGUS:\n"))
 798                                 return;
 799                 }
 800                 if(!dump_rrset(ssl, k, d, 0))
 801                         return;
 802             }
 803         delegpt_count_ns(dp, &n_ns, &n_miss);
 804         delegpt_count_addr(dp, &n_addr, &n_res, &n_avail);
 805         /* since dp has not been used by iterator, all are available*/
 806         if(!ssl_printf(ssl, "Delegation with %d names, of which %d "
 807                 "can be examined to query further addresses.\n"
 808                 "%sIt provides %d IP addresses.\n",
 809                 (int)n_ns, (int)n_miss, (dp->bogus?"It is BOGUS. ":""),
 810                 (int)n_addr))
 811                 return;
 812 }
 813
 814 int print_deleg_lookup(SSL* ssl, struct worker* worker, uint8_t* nm,
 815         size_t nmlen, int ATTR_UNUSED(nmlabs))
 816 {
 817         /* deep links into the iterator module */
 818         struct delegpt* dp;
 819         struct dns_msg* msg;
 820         struct regional* region = worker->scratchpad;
 821         char b[260];
 822         struct query_info qinfo;
 823         struct iter_hints_stub* stub;
 824         regional_free_all(region);
 825         qinfo.qname = nm;
 826         qinfo.qname_len = nmlen;
 827         qinfo.qtype = LDNS_RR_TYPE_A;
 828         qinfo.qclass = LDNS_RR_CLASS_IN;
 829
 830         dname_str(nm, b);
 831         if(!ssl_printf(ssl, "The following name servers are used for lookup "
 832                 "of %s\n", b))
 833                 return 0;
 834
 835         dp = forwards_lookup(worker->env.fwds, nm, qinfo.qclass);
 836         if(dp) {
 837                 if(!ssl_printf(ssl, "forwarding request:\n"))
 838                         return 0;
 839                 print_dp_main(ssl, dp, NULL);
 840                 print_dp_details(ssl, worker, dp);
 841                 return 1;
 842         }
 843
 844         while(1) {
 845                 dp = dns_cache_find_delegation(&worker->env, nm, nmlen,
 846                         qinfo.qtype, qinfo.qclass, region, &msg,
 847                         *worker->env.now);
 848                 if(!dp) {
 849                         return ssl_printf(ssl, "no delegation from "
 850                                 "cache; goes to configured roots\n");
 851                 }
 852                 /* go up? */
 853                 if(iter_dp_is_useless(&qinfo, BIT_RD, dp)) {
 854                         print_dp_main(ssl, dp, msg);
 855                         print_dp_details(ssl, worker, dp);
 856                         if(!ssl_printf(ssl, "cache delegation was "
 857                                 "useless (no IP addresses)\n"))
 858                                 return 0;
 859                         if(dname_is_root(nm)) {
 860                                 /* goes to root config */
 861                                 return ssl_printf(ssl, "no delegation from "
 862                                         "cache; goes to configured roots\n");
 863                         } else {
 864                                 /* useless, goes up */
 865                                 nm = dp->name;
 866                                 nmlen = dp->namelen;
 867                                 dname_remove_label(&nm, &nmlen);
 868                                 dname_str(nm, b);
 869                                 if(!ssl_printf(ssl, "going up, lookup %s\n", b))
 870                                         return 0;
 871                                 continue;
 872                         }
 873                 }
 874                 stub = hints_lookup_stub(worker->env.hints, nm, qinfo.qclass,
 875                         dp);
 876                 if(stub) {
 877                         if(stub->noprime) {
 878                                 if(!ssl_printf(ssl, "The noprime stub servers "
 879                                         "are used:\n"))
 880                                         return 0;
 881                         } else {
 882                                 if(!ssl_printf(ssl, "The stub is primed "
 883                                                 "with servers:\n"))
 884                                         return 0;
 885                         }
 886                         print_dp_main(ssl, stub->dp, NULL);
 887                         print_dp_details(ssl, worker, stub->dp);
 888                 } else {
 889                         print_dp_main(ssl, dp, msg);
 890                         print_dp_details(ssl, worker, dp);
 891                 }
 892                 break;
 893         }
 894
 895         return 1;
 896 }