/* SPDX-License-Identifier: LGPL-2.1+ */

#if HAVE_GCRYPT

#include <gcrypt.h>

#endif

#include "alloc-util.h"

#include "dns-domain.h"

#include "memory-util.h"

#include "resolved-dns-packet.h"

#include "set.h"

#include "string-table.h"

#include "strv.h"

#include "unaligned.h"

#include "utf8.h"

#include "util.h"

#define EDNS0_OPT_DO (1<<15)

assert_cc(DNS_PACKET_SIZE_START > DNS_PACKET_HEADER_SIZE)

typedef struct DnsPacketRewinder {

        DnsPacket *packet;

        size_t saved_rindex;

} DnsPacketRewinder;

static void rewind_dns_packet(DnsPacketRewinder *rewinder) {

        if (rewinder->packet)

                dns_packet_rewind(rewinder->packet, rewinder->saved_rindex);

}

#define INIT_REWINDER(rewinder, p) do { rewinder.packet = p; rewinder.saved_rindex = p->rindex; } while (0)

#define CANCEL_REWINDER(rewinder) do { rewinder.packet = NULL; } while (0)

int dns_packet_new(

                DnsPacket **ret,

                DnsProtocol protocol,

                size_t min_alloc_dsize,

                size_t max_size) {

        DnsPacket *p;

        size_t a;

        assert(ret);

        assert(max_size >= DNS_PACKET_HEADER_SIZE);

        if (max_size > DNS_PACKET_SIZE_MAX)

                max_size = DNS_PACKET_SIZE_MAX;

        /* The caller may not check what is going to be truly allocated, so do not allow to

         * allocate a DNS packet bigger than DNS_PACKET_SIZE_MAX.

         */

        if (min_alloc_dsize > DNS_PACKET_SIZE_MAX)

                return log_error_errno(SYNTHETIC_ERRNO(EFBIG),

                                       "Requested packet data size too big: %zu",

                                       min_alloc_dsize);

        /* When dns_packet_new() is called with min_alloc_dsize == 0, allocate more than the

         * absolute minimum (which is the dns packet header size), to avoid

         * resizing immediately again after appending the first data to the packet.

         */

        if (min_alloc_dsize < DNS_PACKET_HEADER_SIZE)

                a = DNS_PACKET_SIZE_START;

        else

                a = min_alloc_dsize;

        /* round up to next page size */

        a = PAGE_ALIGN(ALIGN(sizeof(DnsPacket)) + a) - ALIGN(sizeof(DnsPacket));

        /* make sure we never allocate more than useful */

        if (a > max_size)

                a = max_size;

        p = malloc0(ALIGN(sizeof(DnsPacket)) + a);

        if (!p)

                return -ENOMEM;

        p->size = p->rindex = DNS_PACKET_HEADER_SIZE;

        p->allocated = a;

        p->max_size = max_size;

        p->protocol = protocol;

        p->opt_start = p->opt_size = (size_t) -1;

        p->n_ref = 1;

        *ret = p;

        return 0;

}

void dns_packet_set_flags(DnsPacket *p, bool dnssec_checking_disabled, bool truncated) {

        DnsPacketHeader *h;

        assert(p);

        h = DNS_PACKET_HEADER(p);

        switch(p->protocol) {

        case DNS_PROTOCOL_LLMNR:

                assert(!truncated);

                h->flags = htobe16(DNS_PACKET_MAKE_FLAGS(0 /* qr */,

                                                         0 /* opcode */,

                                                         0 /* c */,

                                                         0 /* tc */,

                                                         0 /* t */,

                                                         0 /* ra */,

                                                         0 /* ad */,

                                                         0 /* cd */,

                                                         0 /* rcode */));

                break;

        case DNS_PROTOCOL_MDNS:

                h->flags = htobe16(DNS_PACKET_MAKE_FLAGS(0         /* qr */,

                                                         0         /* opcode */,

                                                         0         /* aa */,

                                                         truncated /* tc */,

                                                         0         /* rd (ask for recursion) */,

                                                         0         /* ra */,

                                                         0         /* ad */,

                                                         0         /* cd */,

                                                         0         /* rcode */));

                break;

        default:

                assert(!truncated);

                h->flags = htobe16(DNS_PACKET_MAKE_FLAGS(0 /* qr */,

                                                         0 /* opcode */,

                                                         0 /* aa */,

                                                         0 /* tc */,

                                                         1 /* rd (ask for recursion) */,

                                                         0 /* ra */,

                                                         0 /* ad */,

                                                         dnssec_checking_disabled /* cd */,

                                                         0 /* rcode */));

        }

}

int dns_packet_new_query(DnsPacket **ret, DnsProtocol protocol, size_t min_alloc_dsize, bool dnssec_checking_disabled) {

        DnsPacket *p;

        int r;

        assert(ret);

        r = dns_packet_new(&p, protocol, min_alloc_dsize, DNS_PACKET_SIZE_MAX);

        if (r < 0)

                return r;

        /* Always set the TC bit to 0 initially.

         * If there are multiple packets later, we'll update the bit shortly before sending.

         */

        dns_packet_set_flags(p, dnssec_checking_disabled, false);

        *ret = p;

        return 0;

}

DnsPacket *dns_packet_ref(DnsPacket *p) {

        if (!p)

                return NULL;

        assert(!p->on_stack);

        assert(p->n_ref > 0);

        p->n_ref++;

        return p;

}

static void dns_packet_free(DnsPacket *p) {

        char *s;

        assert(p);

        dns_question_unref(p->question);

        dns_answer_unref(p->answer);

        dns_resource_record_unref(p->opt);

        while ((s = hashmap_steal_first_key(p->names)))

                free(s);

        hashmap_free(p->names);

        free(p->_data);

        if (!p->on_stack)

                free(p);

}

DnsPacket *dns_packet_unref(DnsPacket *p) {

        if (!p)

                return NULL;

        assert(p->n_ref > 0);

        dns_packet_unref(p->more);

        if (p->n_ref == 1)

                dns_packet_free(p);

        else

                p->n_ref--;

        return NULL;

}

int dns_packet_validate(DnsPacket *p) {

        assert(p);

        if (p->size < DNS_PACKET_HEADER_SIZE)

                return -EBADMSG;

        if (p->size > DNS_PACKET_SIZE_MAX)

                return -EBADMSG;

        return 1;

}

int dns_packet_validate_reply(DnsPacket *p) {

        int r;

        assert(p);

        r = dns_packet_validate(p);

        if (r < 0)

                return r;

        if (DNS_PACKET_QR(p) != 1)

                return 0;

        if (DNS_PACKET_OPCODE(p) != 0)

                return -EBADMSG;

        switch (p->protocol) {

        case DNS_PROTOCOL_LLMNR:

                /* RFC 4795, Section 2.1.1. says to discard all replies with QDCOUNT != 1 */

                if (DNS_PACKET_QDCOUNT(p) != 1)

                        return -EBADMSG;

                break;

        case DNS_PROTOCOL_MDNS:

                /* RFC 6762, Section 18 */

                if (DNS_PACKET_RCODE(p) != 0)

                        return -EBADMSG;

                break;

        default:

                break;

        }

        return 1;

}

int dns_packet_validate_query(DnsPacket *p) {

        int r;

        assert(p);

        r = dns_packet_validate(p);

        if (r < 0)

                return r;

        if (DNS_PACKET_QR(p) != 0)

                return 0;

        if (DNS_PACKET_OPCODE(p) != 0)

                return -EBADMSG;

        if (DNS_PACKET_TC(p))

                return -EBADMSG;

        switch (p->protocol) {

        case DNS_PROTOCOL_LLMNR:

        case DNS_PROTOCOL_DNS:

                /* RFC 4795, Section 2.1.1. says to discard all queries with QDCOUNT != 1 */

                if (DNS_PACKET_QDCOUNT(p) != 1)

                        return -EBADMSG;

                /* RFC 4795, Section 2.1.1. says to discard all queries with ANCOUNT != 0 */

                if (DNS_PACKET_ANCOUNT(p) > 0)

                        return -EBADMSG;

                /* RFC 4795, Section 2.1.1. says to discard all queries with NSCOUNT != 0 */

                if (DNS_PACKET_NSCOUNT(p) > 0)

                        return -EBADMSG;

                break;

        case DNS_PROTOCOL_MDNS:

                /* RFC 6762, Section 18 */

                if (DNS_PACKET_AA(p)    != 0 ||

                    DNS_PACKET_RD(p)    != 0 ||

                    DNS_PACKET_RA(p)    != 0 ||

                    DNS_PACKET_AD(p)    != 0 ||

                    DNS_PACKET_CD(p)    != 0 ||

                    DNS_PACKET_RCODE(p) != 0)

                        return -EBADMSG;

                break;

        default:

                break;

        }

        return 1;

}

static int dns_packet_extend(DnsPacket *p, size_t add, void **ret, size_t *start) {

        assert(p);

        if (p->size + add > p->allocated) {

                size_t a, ms;

                a = PAGE_ALIGN((p->size + add) * 2);

                ms = dns_packet_size_max(p);

                if (a > ms)

                        a = ms;

                if (p->size + add > a)

                        return -EMSGSIZE;

                if (p->_data) {

                        void *d;

                        d = realloc(p->_data, a);

                        if (!d)

                                return -ENOMEM;

                        p->_data = d;

                } else {

                        p->_data = malloc(a);

                        if (!p->_data)

                                return -ENOMEM;

                        memcpy(p->_data, (uint8_t*) p + ALIGN(sizeof(DnsPacket)), p->size);

                        memzero((uint8_t*) p->_data + p->size, a - p->size);

                }

                p->allocated = a;

        }

        if (start)

                *start = p->size;

        if (ret)

                *ret = (uint8_t*) DNS_PACKET_DATA(p) + p->size;

        p->size += add;

        return 0;

}

void dns_packet_truncate(DnsPacket *p, size_t sz) {

        Iterator i;

        char *s;

        void *n;

        assert(p);

        if (p->size <= sz)

                return;

        HASHMAP_FOREACH_KEY(n, s, p->names, i) {

                if (PTR_TO_SIZE(n) < sz)

                        continue;

                hashmap_remove(p->names, s);

                free(s);

        }

        p->size = sz;

}

int dns_packet_append_blob(DnsPacket *p, const void *d, size_t l, size_t *start) {

        void *q;

        int r;

        assert(p);

        r = dns_packet_extend(p, l, &q, start);

        if (r < 0)

                return r;

        memcpy_safe(q, d, l);

        return 0;

}

int dns_packet_append_uint8(DnsPacket *p, uint8_t v, size_t *start) {

        void *d;

        int r;

        assert(p);

        r = dns_packet_extend(p, sizeof(uint8_t), &d, start);

        if (r < 0)

                return r;

        ((uint8_t*) d)[0] = v;

        return 0;

}

int dns_packet_append_uint16(DnsPacket *p, uint16_t v, size_t *start) {

        void *d;

        int r;

        assert(p);

        r = dns_packet_extend(p, sizeof(uint16_t), &d, start);

        if (r < 0)

                return r;

        unaligned_write_be16(d, v);

        return 0;

}

int dns_packet_append_uint32(DnsPacket *p, uint32_t v, size_t *start) {

        void *d;

        int r;

        assert(p);

        r = dns_packet_extend(p, sizeof(uint32_t), &d, start);

        if (r < 0)

                return r;

        unaligned_write_be32(d, v);

        return 0;

}

int dns_packet_append_string(DnsPacket *p, const char *s, size_t *start) {

        assert(p);

        assert(s);

        return dns_packet_append_raw_string(p, s, strlen(s), start);

}

int dns_packet_append_raw_string(DnsPacket *p, const void *s, size_t size, size_t *start) {

        void *d;

        int r;

        assert(p);

        assert(s || size == 0);

        if (size > 255)

                return -E2BIG;

        r = dns_packet_extend(p, 1 + size, &d, start);

        if (r < 0)

                return r;

        ((uint8_t*) d)[0] = (uint8_t) size;

        memcpy_safe(((uint8_t*) d) + 1, s, size);

        return 0;

}

int dns_packet_append_label(DnsPacket *p, const char *d, size_t l, bool canonical_candidate, size_t *start) {

        uint8_t *w;

        int r;

        /* Append a label to a packet. Optionally, does this in DNSSEC

         * canonical form, if this label is marked as a candidate for

         * it, and the canonical form logic is enabled for the

         * packet */

        assert(p);

        assert(d);

        if (l > DNS_LABEL_MAX)

                return -E2BIG;

        r = dns_packet_extend(p, 1 + l, (void**) &w, start);

        if (r < 0)

                return r;

        *(w++) = (uint8_t) l;

        if (p->canonical_form && canonical_candidate) {

                size_t i;

                /* Generate in canonical form, as defined by DNSSEC

                 * RFC 4034, Section 6.2, i.e. all lower-case. */

                for (i = 0; i < l; i++)

                        w[i] = (uint8_t) ascii_tolower(d[i]);

        } else

                /* Otherwise, just copy the string unaltered. This is

                 * essential for DNS-SD, where the casing of labels

                 * matters and needs to be retained. */

                memcpy(w, d, l);

        return 0;

}

int dns_packet_append_name(

                DnsPacket *p,

                const char *name,

                bool allow_compression,

                bool canonical_candidate,

                size_t *start) {

        size_t saved_size;

        int r;

        assert(p);

        assert(name);

        if (p->refuse_compression)

                allow_compression = false;

        saved_size = p->size;

        while (!dns_name_is_root(name)) {

                const char *z = name;

                char label[DNS_LABEL_MAX];

                size_t n = 0;

                if (allow_compression)

                        n = PTR_TO_SIZE(hashmap_get(p->names, name));

                if (n > 0) {

                        assert(n < p->size);

                        if (n < 0x4000) {

                                r = dns_packet_append_uint16(p, 0xC000 | n, NULL);

                                if (r < 0)

                                        goto fail;

                                goto done;

                        }

                }

                r = dns_label_unescape(&name, label, sizeof label, 0);

                if (r < 0)

                        goto fail;

                r = dns_packet_append_label(p, label, r, canonical_candidate, &n);

                if (r < 0)

                        goto fail;

                if (allow_compression) {

                        _cleanup_free_ char *s = NULL;

                        s = strdup(z);

                        if (!s) {

                                r = -ENOMEM;

                                goto fail;

                        }

                        r = hashmap_ensure_allocated(&p->names, &dns_name_hash_ops);

                        if (r < 0)

                                goto fail;

                        r = hashmap_put(p->names, s, SIZE_TO_PTR(n));

                        if (r < 0)

                                goto fail;

                        s = NULL;

                }

        }

        r = dns_packet_append_uint8(p, 0, NULL);

        if (r < 0)

                return r;

done:

        if (start)

                *start = saved_size;

        return 0;

fail:

        dns_packet_truncate(p, saved_size);

        return r;

}

int dns_packet_append_key(DnsPacket *p, const DnsResourceKey *k, const DnsAnswerFlags flags, size_t *start) {

        size_t saved_size;

        uint16_t class;

        int r;

        assert(p);

        assert(k);

        saved_size = p->size;

        r = dns_packet_append_name(p, dns_resource_key_name(k), true, true, NULL);

        if (r < 0)

                goto fail;

        r = dns_packet_append_uint16(p, k->type, NULL);

        if (r < 0)

                goto fail;

        class = flags & DNS_ANSWER_CACHE_FLUSH ? k->class | MDNS_RR_CACHE_FLUSH : k->class;

        r = dns_packet_append_uint16(p, class, NULL);

        if (r < 0)

                goto fail;

        if (start)

                *start = saved_size;

        return 0;

fail:

        dns_packet_truncate(p, saved_size);

        return r;

}

static int dns_packet_append_type_window(DnsPacket *p, uint8_t window, uint8_t length, const uint8_t *types, size_t *start) {

        size_t saved_size;

        int r;

        assert(p);

        assert(types);

        assert(length > 0);

        saved_size = p->size;

        r = dns_packet_append_uint8(p, window, NULL);

        if (r < 0)

                goto fail;

        r = dns_packet_append_uint8(p, length, NULL);

        if (r < 0)

                goto fail;

        r = dns_packet_append_blob(p, types, length, NULL);

        if (r < 0)

                goto fail;

        if (start)

                *start = saved_size;

        return 0;

fail:

        dns_packet_truncate(p, saved_size);

        return r;

}

static int dns_packet_append_types(DnsPacket *p, Bitmap *types, size_t *start) {

        Iterator i;

        uint8_t window = 0;

        uint8_t entry = 0;

        uint8_t bitmaps[32] = {};

        unsigned n;

        size_t saved_size;

        int r;

        assert(p);

        saved_size = p->size;

        BITMAP_FOREACH(n, types, i) {

                assert(n <= 0xffff);

                if ((n >> 8) != window && bitmaps[entry / 8] != 0) {

                        r = dns_packet_append_type_window(p, window, entry / 8 + 1, bitmaps, NULL);

                        if (r < 0)

                                goto fail;

                        zero(bitmaps);

                }

                window = n >> 8;

                entry = n & 255;

                bitmaps[entry / 8] |= 1 << (7 - (entry % 8));

        }

        if (bitmaps[entry / 8] != 0) {

                r = dns_packet_append_type_window(p, window, entry / 8 + 1, bitmaps, NULL);

                if (r < 0)

                        goto fail;

        }

        if (start)

                *start = saved_size;

        return 0;

fail:

        dns_packet_truncate(p, saved_size);

        return r;

}

/* Append the OPT pseudo-RR described in RFC6891 */

int dns_packet_append_opt(DnsPacket *p, uint16_t max_udp_size, bool edns0_do, int rcode, size_t *start) {

        size_t saved_size;

        int r;

        assert(p);

        /* we must never advertise supported packet size smaller than the legacy max */

        assert(max_udp_size >= DNS_PACKET_UNICAST_SIZE_MAX);

        assert(rcode >= 0);

        assert(rcode <= _DNS_RCODE_MAX);

        if (p->opt_start != (size_t) -1)

                return -EBUSY;

        assert(p->opt_size == (size_t) -1);

        saved_size = p->size;

        /* empty name */

        r = dns_packet_append_uint8(p, 0, NULL);

        if (r < 0)

                return r;

        /* type */

        r = dns_packet_append_uint16(p, DNS_TYPE_OPT, NULL);

        if (r < 0)

                goto fail;

        /* class: maximum udp packet that can be received */

        r = dns_packet_append_uint16(p, max_udp_size, NULL);

        if (r < 0)

                goto fail;

        /* extended RCODE and VERSION */

        r = dns_packet_append_uint16(p, ((uint16_t) rcode & 0x0FF0) << 4, NULL);

        if (r < 0)

                goto fail;

        /* flags: DNSSEC OK (DO), see RFC3225 */

        r = dns_packet_append_uint16(p, edns0_do ? EDNS0_OPT_DO : 0, NULL);

        if (r < 0)

                goto fail;

        /* RDLENGTH */

        if (edns0_do && !DNS_PACKET_QR(p)) {

                /* If DO is on and this is not a reply, also append RFC6975 Algorithm data */

                static const uint8_t rfc6975[] = {

                        0, 5, /* OPTION_CODE: DAU */

#if HAVE_GCRYPT && GCRYPT_VERSION_NUMBER >= 0x010600

                        0, 7, /* LIST_LENGTH */

#else

                        0, 6, /* LIST_LENGTH */

#endif

                        DNSSEC_ALGORITHM_RSASHA1,

                        DNSSEC_ALGORITHM_RSASHA1_NSEC3_SHA1,

                        DNSSEC_ALGORITHM_RSASHA256,

                        DNSSEC_ALGORITHM_RSASHA512,

                        DNSSEC_ALGORITHM_ECDSAP256SHA256,

                        DNSSEC_ALGORITHM_ECDSAP384SHA384,

#if HAVE_GCRYPT && GCRYPT_VERSION_NUMBER >= 0x010600

                        DNSSEC_ALGORITHM_ED25519,

#endif

                        0, 6, /* OPTION_CODE: DHU */

                        0, 3, /* LIST_LENGTH */

                        DNSSEC_DIGEST_SHA1,

                        DNSSEC_DIGEST_SHA256,

                        DNSSEC_DIGEST_SHA384,

                        0, 7, /* OPTION_CODE: N3U */

                        0, 1, /* LIST_LENGTH */

                        NSEC3_ALGORITHM_SHA1,

                };

                r = dns_packet_append_uint16(p, sizeof(rfc6975), NULL);

                if (r < 0)

                        goto fail;

                r = dns_packet_append_blob(p, rfc6975, sizeof(rfc6975), NULL);

        } else

                r = dns_packet_append_uint16(p, 0, NULL);

        if (r < 0)

                goto fail;

        DNS_PACKET_HEADER(p)->arcount = htobe16(DNS_PACKET_ARCOUNT(p) + 1);

        p->opt_start = saved_size;

        p->opt_size = p->size - saved_size;

        if (start)

                *start = saved_size;

        return 0;

fail:

        dns_packet_truncate(p, saved_size);

        return r;

}

int dns_packet_truncate_opt(DnsPacket *p) {

        assert(p);

        if (p->opt_start == (size_t) -1) {

                assert(p->opt_size == (size_t) -1);

                return 0;

        }

        assert(p->opt_size != (size_t) -1);

        assert(DNS_PACKET_ARCOUNT(p) > 0);

        if (p->opt_start + p->opt_size != p->size)

                return -EBUSY;

        dns_packet_truncate(p, p->opt_start);

        DNS_PACKET_HEADER(p)->arcount = htobe16(DNS_PACKET_ARCOUNT(p) - 1);

        p->opt_start = p->opt_size = (size_t) -1;

        return 1;

}

int dns_packet_append_rr(DnsPacket *p, const DnsResourceRecord *rr, const DnsAnswerFlags flags, size_t *start, size_t *rdata_start) {

        size_t saved_size, rdlength_offset, end, rdlength, rds;

        uint32_t ttl;

        int r;

        assert(p);

        assert(rr);

        saved_size = p->size;

        r = dns_packet_append_key(p, rr->key, flags, NULL);

        if (r < 0)

                goto fail;

        ttl = flags & DNS_ANSWER_GOODBYE ? 0 : rr->ttl;

        r = dns_packet_append_uint32(p, ttl, NULL);

        if (r < 0)

                goto fail;

        /* Initially we write 0 here */

        r = dns_packet_append_uint16(p, 0, &rdlength_offset);

        if (r < 0)

                goto fail;

        rds = p->size - saved_size;

        switch (rr->unparseable ? _DNS_TYPE_INVALID : rr->key->type) {

        case DNS_TYPE_SRV:

                r = dns_packet_append_uint16(p, rr->srv.priority, NULL);

                if (r < 0)

                        goto fail;

                r = dns_packet_append_uint16(p, rr->srv.weight, NULL);

                if (r < 0)

                        goto fail;

                r = dns_packet_append_uint16(p, rr->srv.port, NULL);

                if (r < 0)

                        goto fail;

                /* RFC 2782 states "Unless and until permitted by future standards

                 * action, name compression is not to be used for this field." */

                r = dns_packet_append_name(p, rr->srv.name, false, false, NULL);

                break;

        case DNS_TYPE_PTR:

        case DNS_TYPE_NS:

        case DNS_TYPE_CNAME:

        case DNS_TYPE_DNAME:

                r = dns_packet_append_name(p, rr->ptr.name, true, false, NULL);

                break;