| OLD | NEW |
|---|
| (Empty) |
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | |
| 2 // Use of this source code is governed by a BSD-style license that can be | |
| 3 // found in the LICENSE file. | |
| 4 | |
| 5 #include "net/dns/dns_response.h" | |
| 6 | |
| 7 #include "base/big_endian.h" | |
| 8 #include "base/strings/string_util.h" | |
| 9 #include "base/sys_byteorder.h" | |
| 10 #include "net/base/address_list.h" | |
| 11 #include "net/base/dns_util.h" | |
| 12 #include "net/base/io_buffer.h" | |
| 13 #include "net/base/net_errors.h" | |
| 14 #include "net/dns/dns_protocol.h" | |
| 15 #include "net/dns/dns_query.h" | |
| 16 | |
| 17 namespace net { | |
| 18 | |
| 19 DnsResourceRecord::DnsResourceRecord() { | |
| 20 } | |
| 21 | |
| 22 DnsResourceRecord::~DnsResourceRecord() { | |
| 23 } | |
| 24 | |
| 25 DnsRecordParser::DnsRecordParser() : packet_(NULL), length_(0), cur_(0) { | |
| 26 } | |
| 27 | |
| 28 DnsRecordParser::DnsRecordParser(const void* packet, | |
| 29 size_t length, | |
| 30 size_t offset) | |
| 31 : packet_(reinterpret_cast<const char*>(packet)), | |
| 32 length_(length), | |
| 33 cur_(packet_ + offset) { | |
| 34 DCHECK_LE(offset, length); | |
| 35 } | |
| 36 | |
| 37 unsigned DnsRecordParser::ReadName(const void* const vpos, | |
| 38 std::string* out) const { | |
| 39 const char* const pos = reinterpret_cast<const char*>(vpos); | |
| 40 DCHECK(packet_); | |
| 41 DCHECK_LE(packet_, pos); | |
| 42 DCHECK_LE(pos, packet_ + length_); | |
| 43 | |
| 44 const char* p = pos; | |
| 45 const char* end = packet_ + length_; | |
| 46 // Count number of seen bytes to detect loops. | |
| 47 unsigned seen = 0; | |
| 48 // Remember how many bytes were consumed before first jump. | |
| 49 unsigned consumed = 0; | |
| 50 | |
| 51 if (pos >= end) | |
| 52 return 0; | |
| 53 | |
| 54 if (out) { | |
| 55 out->clear(); | |
| 56 out->reserve(dns_protocol::kMaxNameLength); | |
| 57 } | |
| 58 | |
| 59 for (;;) { | |
| 60 // The first two bits of the length give the type of the length. It's | |
| 61 // either a direct length or a pointer to the remainder of the name. | |
| 62 switch (*p & dns_protocol::kLabelMask) { | |
| 63 case dns_protocol::kLabelPointer: { | |
| 64 if (p + sizeof(uint16) > end) | |
| 65 return 0; | |
| 66 if (consumed == 0) { | |
| 67 consumed = p - pos + sizeof(uint16); | |
| 68 if (!out) | |
| 69 return consumed; // If name is not stored, that's all we need. | |
| 70 } | |
| 71 seen += sizeof(uint16); | |
| 72 // If seen the whole packet, then we must be in a loop. | |
| 73 if (seen > length_) | |
| 74 return 0; | |
| 75 uint16 offset; | |
| 76 base::ReadBigEndian<uint16>(p, &offset); | |
| 77 offset &= dns_protocol::kOffsetMask; | |
| 78 p = packet_ + offset; | |
| 79 if (p >= end) | |
| 80 return 0; | |
| 81 break; | |
| 82 } | |
| 83 case dns_protocol::kLabelDirect: { | |
| 84 uint8 label_len = *p; | |
| 85 ++p; | |
| 86 // Note: root domain (".") is NOT included. | |
| 87 if (label_len == 0) { | |
| 88 if (consumed == 0) { | |
| 89 consumed = p - pos; | |
| 90 } // else we set |consumed| before first jump | |
| 91 return consumed; | |
| 92 } | |
| 93 if (p + label_len >= end) | |
| 94 return 0; // Truncated or missing label. | |
| 95 if (out) { | |
| 96 if (!out->empty()) | |
| 97 out->append("."); | |
| 98 out->append(p, label_len); | |
| 99 } | |
| 100 p += label_len; | |
| 101 seen += 1 + label_len; | |
| 102 break; | |
| 103 } | |
| 104 default: | |
| 105 // unhandled label type | |
| 106 return 0; | |
| 107 } | |
| 108 } | |
| 109 } | |
| 110 | |
| 111 bool DnsRecordParser::ReadRecord(DnsResourceRecord* out) { | |
| 112 DCHECK(packet_); | |
| 113 size_t consumed = ReadName(cur_, &out->name); | |
| 114 if (!consumed) | |
| 115 return false; | |
| 116 base::BigEndianReader reader(cur_ + consumed, | |
| 117 packet_ + length_ - (cur_ + consumed)); | |
| 118 uint16 rdlen; | |
| 119 if (reader.ReadU16(&out->type) && | |
| 120 reader.ReadU16(&out->klass) && | |
| 121 reader.ReadU32(&out->ttl) && | |
| 122 reader.ReadU16(&rdlen) && | |
| 123 reader.ReadPiece(&out->rdata, rdlen)) { | |
| 124 cur_ = reader.ptr(); | |
| 125 return true; | |
| 126 } | |
| 127 return false; | |
| 128 } | |
| 129 | |
| 130 bool DnsRecordParser::SkipQuestion() { | |
| 131 size_t consumed = ReadName(cur_, NULL); | |
| 132 if (!consumed) | |
| 133 return false; | |
| 134 | |
| 135 const char* next = cur_ + consumed + 2 * sizeof(uint16); // QTYPE + QCLASS | |
| 136 if (next > packet_ + length_) | |
| 137 return false; | |
| 138 | |
| 139 cur_ = next; | |
| 140 | |
| 141 return true; | |
| 142 } | |
| 143 | |
| 144 DnsResponse::DnsResponse() | |
| 145 : io_buffer_(new IOBufferWithSize(dns_protocol::kMaxUDPSize + 1)) { | |
| 146 } | |
| 147 | |
| 148 DnsResponse::DnsResponse(size_t length) | |
| 149 : io_buffer_(new IOBufferWithSize(length)) { | |
| 150 } | |
| 151 | |
| 152 DnsResponse::DnsResponse(const void* data, | |
| 153 size_t length, | |
| 154 size_t answer_offset) | |
| 155 : io_buffer_(new IOBufferWithSize(length)), | |
| 156 parser_(io_buffer_->data(), length, answer_offset) { | |
| 157 DCHECK(data); | |
| 158 memcpy(io_buffer_->data(), data, length); | |
| 159 } | |
| 160 | |
| 161 DnsResponse::~DnsResponse() { | |
| 162 } | |
| 163 | |
| 164 bool DnsResponse::InitParse(int nbytes, const DnsQuery& query) { | |
| 165 DCHECK_GE(nbytes, 0); | |
| 166 // Response includes query, it should be at least that size. | |
| 167 if (nbytes < query.io_buffer()->size() || nbytes >= io_buffer_->size()) | |
| 168 return false; | |
| 169 | |
| 170 // Match the query id. | |
| 171 if (base::NetToHost16(header()->id) != query.id()) | |
| 172 return false; | |
| 173 | |
| 174 // Match question count. | |
| 175 if (base::NetToHost16(header()->qdcount) != 1) | |
| 176 return false; | |
| 177 | |
| 178 // Match the question section. | |
| 179 const size_t hdr_size = sizeof(dns_protocol::Header); | |
| 180 const base::StringPiece question = query.question(); | |
| 181 if (question != base::StringPiece(io_buffer_->data() + hdr_size, | |
| 182 question.size())) { | |
| 183 return false; | |
| 184 } | |
| 185 | |
| 186 // Construct the parser. | |
| 187 parser_ = DnsRecordParser(io_buffer_->data(), | |
| 188 nbytes, | |
| 189 hdr_size + question.size()); | |
| 190 return true; | |
| 191 } | |
| 192 | |
| 193 bool DnsResponse::InitParseWithoutQuery(int nbytes) { | |
| 194 DCHECK_GE(nbytes, 0); | |
| 195 | |
| 196 size_t hdr_size = sizeof(dns_protocol::Header); | |
| 197 | |
| 198 if (nbytes < static_cast<int>(hdr_size) || nbytes >= io_buffer_->size()) | |
| 199 return false; | |
| 200 | |
| 201 parser_ = DnsRecordParser( | |
| 202 io_buffer_->data(), nbytes, hdr_size); | |
| 203 | |
| 204 unsigned qdcount = base::NetToHost16(header()->qdcount); | |
| 205 for (unsigned i = 0; i < qdcount; ++i) { | |
| 206 if (!parser_.SkipQuestion()) { | |
| 207 parser_ = DnsRecordParser(); // Make parser invalid again. | |
| 208 return false; | |
| 209 } | |
| 210 } | |
| 211 | |
| 212 return true; | |
| 213 } | |
| 214 | |
| 215 bool DnsResponse::IsValid() const { | |
| 216 return parser_.IsValid(); | |
| 217 } | |
| 218 | |
| 219 uint16 DnsResponse::flags() const { | |
| 220 DCHECK(parser_.IsValid()); | |
| 221 return base::NetToHost16(header()->flags) & ~(dns_protocol::kRcodeMask); | |
| 222 } | |
| 223 | |
| 224 uint8 DnsResponse::rcode() const { | |
| 225 DCHECK(parser_.IsValid()); | |
| 226 return base::NetToHost16(header()->flags) & dns_protocol::kRcodeMask; | |
| 227 } | |
| 228 | |
| 229 unsigned DnsResponse::answer_count() const { | |
| 230 DCHECK(parser_.IsValid()); | |
| 231 return base::NetToHost16(header()->ancount); | |
| 232 } | |
| 233 | |
| 234 unsigned DnsResponse::additional_answer_count() const { | |
| 235 DCHECK(parser_.IsValid()); | |
| 236 return base::NetToHost16(header()->arcount); | |
| 237 } | |
| 238 | |
| 239 base::StringPiece DnsResponse::qname() const { | |
| 240 DCHECK(parser_.IsValid()); | |
| 241 // The response is HEADER QNAME QTYPE QCLASS ANSWER. | |
| 242 // |parser_| is positioned at the beginning of ANSWER, so the end of QNAME is | |
| 243 // two uint16s before it. | |
| 244 const size_t hdr_size = sizeof(dns_protocol::Header); | |
| 245 const size_t qname_size = parser_.GetOffset() - 2 * sizeof(uint16) - hdr_size; | |
| 246 return base::StringPiece(io_buffer_->data() + hdr_size, qname_size); | |
| 247 } | |
| 248 | |
| 249 uint16 DnsResponse::qtype() const { | |
| 250 DCHECK(parser_.IsValid()); | |
| 251 // QTYPE starts where QNAME ends. | |
| 252 const size_t type_offset = parser_.GetOffset() - 2 * sizeof(uint16); | |
| 253 uint16 type; | |
| 254 base::ReadBigEndian<uint16>(io_buffer_->data() + type_offset, &type); | |
| 255 return type; | |
| 256 } | |
| 257 | |
| 258 std::string DnsResponse::GetDottedName() const { | |
| 259 return DNSDomainToString(qname()); | |
| 260 } | |
| 261 | |
| 262 DnsRecordParser DnsResponse::Parser() const { | |
| 263 DCHECK(parser_.IsValid()); | |
| 264 // Return a copy of the parser. | |
| 265 return parser_; | |
| 266 } | |
| 267 | |
| 268 const dns_protocol::Header* DnsResponse::header() const { | |
| 269 return reinterpret_cast<const dns_protocol::Header*>(io_buffer_->data()); | |
| 270 } | |
| 271 | |
| 272 DnsResponse::Result DnsResponse::ParseToAddressList( | |
| 273 AddressList* addr_list, | |
| 274 base::TimeDelta* ttl) const { | |
| 275 DCHECK(IsValid()); | |
| 276 // DnsTransaction already verified that |response| matches the issued query. | |
| 277 // We still need to determine if there is a valid chain of CNAMEs from the | |
| 278 // query name to the RR owner name. | |
| 279 // We err on the side of caution with the assumption that if we are too picky, | |
| 280 // we can always fall back to the system getaddrinfo. | |
| 281 | |
| 282 // Expected owner of record. No trailing dot. | |
| 283 std::string expected_name = GetDottedName(); | |
| 284 | |
| 285 uint16 expected_type = qtype(); | |
| 286 DCHECK(expected_type == dns_protocol::kTypeA || | |
| 287 expected_type == dns_protocol::kTypeAAAA); | |
| 288 | |
| 289 size_t expected_size = (expected_type == dns_protocol::kTypeAAAA) | |
| 290 ? kIPv6AddressSize : kIPv4AddressSize; | |
| 291 | |
| 292 uint32 ttl_sec = kuint32max; | |
| 293 IPAddressList ip_addresses; | |
| 294 DnsRecordParser parser = Parser(); | |
| 295 DnsResourceRecord record; | |
| 296 unsigned ancount = answer_count(); | |
| 297 for (unsigned i = 0; i < ancount; ++i) { | |
| 298 if (!parser.ReadRecord(&record)) | |
| 299 return DNS_MALFORMED_RESPONSE; | |
| 300 | |
| 301 if (record.type == dns_protocol::kTypeCNAME) { | |
| 302 // Following the CNAME chain, only if no addresses seen. | |
| 303 if (!ip_addresses.empty()) | |
| 304 return DNS_CNAME_AFTER_ADDRESS; | |
| 305 | |
| 306 if (base::strcasecmp(record.name.c_str(), expected_name.c_str()) != 0) | |
| 307 return DNS_NAME_MISMATCH; | |
| 308 | |
| 309 if (record.rdata.size() != | |
| 310 parser.ReadName(record.rdata.begin(), &expected_name)) | |
| 311 return DNS_MALFORMED_CNAME; | |
| 312 | |
| 313 ttl_sec = std::min(ttl_sec, record.ttl); | |
| 314 } else if (record.type == expected_type) { | |
| 315 if (record.rdata.size() != expected_size) | |
| 316 return DNS_SIZE_MISMATCH; | |
| 317 | |
| 318 if (base::strcasecmp(record.name.c_str(), expected_name.c_str()) != 0) | |
| 319 return DNS_NAME_MISMATCH; | |
| 320 | |
| 321 ttl_sec = std::min(ttl_sec, record.ttl); | |
| 322 ip_addresses.push_back(IPAddressNumber(record.rdata.begin(), | |
| 323 record.rdata.end())); | |
| 324 } | |
| 325 } | |
| 326 | |
| 327 // TODO(szym): Extract TTL for NODATA results. http://crbug.com/115051 | |
| 328 | |
| 329 // getcanonname in eglibc returns the first owner name of an A or AAAA RR. | |
| 330 // If the response passed all the checks so far, then |expected_name| is it. | |
| 331 *addr_list = AddressList::CreateFromIPAddressList(ip_addresses, | |
| 332 expected_name); | |
| 333 *ttl = base::TimeDelta::FromSeconds(ttl_sec); | |
| 334 return DNS_PARSE_OK; | |
| 335 } | |
| 336 | |
| 337 } // namespace net | |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 992733002:
Remove //net (except for Android test stuff) and sdch (Closed)
Base URL: git@github.com:domokit/mojo.git@master