hosts file support in the built in dns resolver

[lcore.git] / dnscore.pas

{ Copyright (C) 2005 Bas Steendijk and Peter Green\r
  For conditions of distribution and use, see copyright notice in zlib_license.txt\r
  which is included in the package\r
  ----------------------------------------------------------------------------- }\r
\r
{\r
\r
  code wanting to use this dns system should act as follows (note: app\r
  developers will probably want to use dnsasync or dnssync or write a similar\r
  wrapper unit of their own).\r
\r
  for normal lookups call setstate_forward or setstate_reverse to set up the\r
  state, for more obscure lookups use setstate_request_init and fill in other\r
  relevant state manually.\r
\r
  call state_process which will do processing on the information in the state\r
  and return an action\r
  action_ignore means that dnscore wants the code that calls it to go\r
  back to waiting for packets\r
  action_sendpacket means that dnscore wants the code that calls it to send\r
  the packet in sendpacket/sendpacketlen and then start (or go back to) listening\r
  for\r
  action_done means the request has completed (either succeeded or failed)\r
\r
  callers should resend the last packet they tried to send if they have not\r
  been asked to send a new packet for more than some timeout value they choose.\r
\r
  when a packet is received the application should put the packet in\r
  recvbuf/recvbuflen , set state.parsepacket and call state_process again\r
\r
  once the app gets action_done it can determine success or failure in the\r
  following ways.\r
\r
  on failure state.resultstr will be an empty string and state.resultbin will\r
  be zeroed out (easily detected by the fact that it will have a family of 0)\r
\r
  on success for a A or AAAA lookup state.resultstr will be an empty string\r
  and state.resultbin will contain the result (note: AAAA lookups require IPv6\r
  enabled).\r
\r
  if an A lookup fails and the code is built with IPv6 enabled then the code\r
  will return any AAAA records with the same name. The reverse does not apply\r
  so if an application prefers IPv6 but wants IPv4 results as well it must\r
  check them separately.\r
\r
  on success for any other type of lookup state.resultstr will be an empty\r
\r
  note the state contains ansistrings, setstate_init with a null name parameter\r
  can be used to clean these up if required.\r
\r
  callers may use setstate_failure to mark the state as failed themselves\r
  before passing it on to other code, for example this may be done in the event\r
  of a timeout.\r
\r
\r
  hosts file support:\r
\r
  code is here to do hosts file lookups. this is not done automatically by\r
  dnscore, the caller (this is dnssync and dnsasync) has to call the hosts file\r
  functions if it wants hosts file lookups.\r
\r
  the current implementation will automatically periodically reload the file into\r
  a fast lookup cache if the file changed.\r
\r
  both forward and reverse lookups are supported.\r
\r
  a single IP having multiple hostnames, so "192.0.2.1 foo bar" is supported.\r
\r
  local hostnames under the locally configured domain (so domain "example.org",\r
  a "192.0.2.1 foo" entry causing "foo.example.org" to resolve) is not supported.\r
}\r
unit dnscore;\r
\r
{$ifdef fpc}{$mode delphi}{$endif}\r
\r
{$include lcoreconfig.inc}\r
\r
interface\r
\r
uses binipstuff,classes,pgtypes,lcorernd;\r
\r
var usewindns : boolean = {$ifdef mswindows}true{$else}false{$endif};\r
{hint to users of this unit that they should use windows dns instead.\r
May be disabled by applications if desired. (e.g. if setting a custom\r
dnsserverlist).\r
\r
note: this unit will not be able to self populate it's dns server list on\r
older versions of windows.}\r
\r
const\r
  useaf_default=0;\r
  useaf_preferv4=1;\r
  useaf_preferv6=2;\r
  useaf_v4=3;\r
  useaf_v6=4;\r
{\r
hint to users of this unit to how to deal with connecting to hostnames regarding ipv4 or ipv6 usage\r
can be set by apps as desired\r
}\r
var useaf:integer = useaf_default;\r
\r
{\r
(temporarily) use a different nameserver, regardless of the dnsserverlist\r
}\r
var overridednsserver:ansistring;\r
\r
const\r
  maxnamelength=127;\r
  maxnamefieldlen=63;\r
  //note: when using action_ignore the dnscore code *must* preserve the contents of state.sendpacket to allow for retries\r
  //note: action_ignore must not be used in response to the original request but there is no valid reason for doing this anyway\r
  action_ignore=0;\r
  action_done=1;\r
  action_sendquery=2;\r
  querytype_a=1;\r
  querytype_cname=5;\r
  querytype_aaaa=28;\r
  querytype_a6=38;\r
  querytype_ptr=12;\r
  querytype_ns=2;\r
  querytype_soa=6;\r
  querytype_mx=15;\r
  querytype_txt=16;\r
  querytype_spf=99;\r
  maxrecursion=50;\r
  maxrrofakind=32;\r
  {the maximum number of RR of a kind of purely an extra sanity check and could be omitted.\r
  before, i set it to 20, but valid replies can have more. dnscore only does udp requests,\r
  and ordinary DNS, so up to 512 bytes. the maximum number of A records that fits seems to be 29}\r
\r
  retryafter=300000; //microseconds must be less than one second;\r
  timeoutlag=1000000000; // penalty value to be treated as lag in the event of a timeout (microseconds)\r
type\r
  dvar=array[0..0] of byte;\r
  pdvar=^dvar;\r
  tdnspacket=packed record\r
    id:word;\r
    flags:word;\r
    rrcount:array[0..3] of word;\r
    payload:array[0..511-12] of byte;\r
  end;\r
\r
\r
\r
  tdnsstate=record\r
    id:word;\r
    recursioncount:integer;\r
    queryname:ansistring;\r
    requesttype:word;\r
    parsepacket:boolean;\r
    resultstr:ansistring;\r
    resultbin:tbinip;\r
    resultlist:tbiniplist;\r
    resultaction:integer;\r
    numrr1:array[0..3] of integer;\r
    numrr2:integer;\r
    rrdata:ansistring;\r
    sendpacketlen:integer;\r
    sendpacket:tdnspacket;\r
    recvpacketlen:integer;\r
    recvpacket:tdnspacket;\r
    forwardfamily:integer;\r
  end;\r
\r
  trr=packed record\r
    requesttypehi:byte;\r
    requesttype:byte;\r
    clas:word;\r
    ttl:integer;\r
    datalen:word;\r
    data:array[0..511] of byte;\r
  end;\r
\r
  trrpointer=packed record\r
    p:pointer;\r
    ofs:integer;\r
    len:integer;\r
    namelen:integer;\r
  end;\r
\r
//commenting out functions from interface that do not have documented semantics\r
//and probably should not be called from outside this unit, reenable them\r
//if you must but please document them at the same time --plugwash\r
\r
//function buildrequest(const name:string;var packet:tdnspacket;requesttype:word):integer;\r
\r
//returns the DNS name used to reverse look up an IP, such as 4.3.2.1.in-addr.arpa for 1.2.3.4\r
function makereversename(const binip:tbinip):ansistring;\r
\r
procedure setstate_request_init(const name:ansistring;var state:tdnsstate);\r
\r
//set up state for a forward lookup. A family value of AF_INET6 will give only\r
//ipv6 results. Any other value will give only ipv4 results\r
procedure setstate_forward(const name:ansistring;var state:tdnsstate;family:integer);\r
\r
procedure setstate_reverse(const binip:tbinip;var state:tdnsstate);\r
procedure setstate_failure(var state:tdnsstate);\r
//procedure setstate_return(const rrp:trrpointer;len:integer;var state:tdnsstate);\r
\r
//for custom raw lookups such as TXT, as desired by the user\r
procedure setstate_custom(const name:ansistring; requesttype:integer; var state:tdnsstate);\r
\r
procedure state_process(var state:tdnsstate);\r
\r
//function decodename(const packet:tdnspacket;len,start,recursion:integer;var numread:integer):string;\r
\r
procedure populatednsserverlist;\r
procedure cleardnsservercache;\r
\r
var\r
  dnsserverlist : tbiniplist;\r
  dnsserverlag:tlist;\r
//  currentdnsserverno : integer;\r
\r
\r
//getcurrentsystemnameserver returns the nameserver the app should use and sets\r
//id to the id of that nameserver. id should later be used to report how laggy\r
//the servers response was and if it was timed out.\r
function getcurrentsystemnameserver(var id:integer) :ansistring;\r
function getcurrentsystemnameserverbin(var id:integer) :tbinip;\r
procedure reportlag(id:integer;lag:integer); //lag should be in microseconds and should be -1 to report a timeout\r
\r
//var\r
//  unixnameservercache:string;\r
{ $endif}\r
\r
\r
{$ifdef ipv6}\r
procedure initpreferredmode;\r
\r
var\r
  preferredmodeinited:boolean;\r
\r
{$endif}\r
\r
var\r
  failurereason:ansistring;\r
\r
function getquerytype(s:ansistring):integer;\r
\r
//optionally do any time consuming initing in advance, in case one wants the first dns lookup to be as fast as possible\r
procedure dnscore_preinit(alsoreverse:boolean);\r
\r
var\r
  hostsfile_inited:boolean;\r
  hostsfile_reverseinited:boolean;\r
  hostsfile_filename:ansistring;  //the app can change this, to use a custom hosts file\r
  hostsfile_entries:tstringlist;\r
  hostsfile_lastfileage:longint;  //fileage is longint on freepascal, integer on delphi\r
  hostsfile_lastcheckts:integer;\r
  hostsfile_reverseentries:tstringlist;\r
\r
  //parameter settings\r
  hostsfile_disabled:boolean;  //the app can set this to disable all hosts file lookup functionality, including localhost\r
  hostsfile_onlylocalhost:boolean;  //the app can set this to disable the hosts file but keep localhost\r
  hostsfile_alsocustomserver:boolean;  //the app can set this to use hosts file functionality even when a custom nameserver is set\r
  hostsfile_manualreload:boolean;           //don't check if the hosts file changed and auto reload it, the app can call hostsfile_reload to reload\r
\r
procedure hostsfile_init;\r
procedure hostsfile_initreverse;\r
procedure hostsfile_reload;\r
procedure hostsfile_reloadifneeded;\r
procedure hostsfile_add(const name:ansistring;const ip:tbinip);\r
function hostsfile_forwardlookuplist(const name:ansistring):tbiniplist;\r
function hostsfile_reverselookup(ip:tbinip):ansistring;\r
function gethostsfilename:ansistring;\r
\r
implementation\r
\r
uses\r
  {$ifdef mswindows}windows,{$endif}\r
  {$ifdef unix}unix,{$endif}  \r
  lcorelocalips,\r
  readtxt2,\r
  ltimevalstuff,\r
  sysutils;\r
\r
type\r
  pbiniplist=^tbiniplist;\r
  thostsfile_entry=record\r
    l:tbiniplist;\r
  end;\r
  phostsfile_entry=^thostsfile_entry;\r
\r
  thostsfile_reverseentry=record\r
    name:ansistring;\r
  end;\r
  phostsfile_reverseentry=^thostsfile_reverseentry;\r
\r
\r
function hostsfile_findbyname(const name:ansistring):integer;\r
begin\r
  if not hostsfile_entries.Find(name,result) then begin\r
    if (copy(name,length(name),1) = '.') then begin\r
      //if the name has a trailing dot, try to find without it\r
      if not hostsfile_entries.Find(copy(name,1,length(name)-1),result) then result := -1;\r
    end else begin\r
      //if the name has no trailing dot, try to find with it\r
      if not hostsfile_entries.Find(name + '.',result) then result := -1;\r
    end;\r
  end;\r
end;\r
\r
\r
function hostsfile_forwardlookuplist(const name:ansistring):tbiniplist;\r
var\r
  index:integer;\r
  l:tbiniplist;\r
begin\r
  hostsfile_init;\r
  index := hostsfile_findbyname(name);\r
\r
  result := biniplist_new;\r
\r
  if (index >= 0) then begin\r
    l := phostsfile_entry(hostsfile_entries.objects[index]).l;\r
\r
    {$ifdef ipv6}\r
    if (useaf <> useaf_v6) and (useaf <> useaf_preferv6) then\r
    {$endif}\r
    begin\r
      addipsoffamily(result,l,af_inet);\r
    end;\r
    {$ifdef ipv6}\r
    if (useaf <> useaf_v4) then begin\r
      addipsoffamily(result,l,af_inet6);\r
      if (useaf = useaf_preferv6) then begin\r
        addipsoffamily(result,l,af_inet);\r
      end;\r
    end;\r
    {$endif}\r
  end;\r
end;\r
\r
procedure hostsfile_clearreverse;\r
var\r
  index:integer;\r
begin\r
  for index := hostsfile_reverseentries.count-1 downto 0 do begin\r
    phostsfile_reverseentry(hostsfile_reverseentries.objects[index]).name := '';\r
    dispose(phostsfile_reverseentry(hostsfile_reverseentries.objects[index]));\r
  end;\r
  hostsfile_reverseentries.clear;\r
end;\r
\r
\r
procedure hostsfile_initreverse;\r
var\r
  index,index2:integer;\r
  l:tbiniplist;\r
  a,countbefore:integer;\r
  ip:tbinip;\r
  s:ansistring;\r
  he:phostsfile_reverseentry;\r
begin\r
  hostsfile_init;\r
  if hostsfile_reverseinited then exit;\r
  hostsfile_reverseinited := true;\r
\r
  hostsfile_clearreverse;\r
\r
  //build fast search table for reverse lookups\r
  for index := hostsfile_entries.count-1 downto 0 do begin\r
    l := phostsfile_entry(hostsfile_entries.objects[index]).l;\r
    for a := biniplist_getcount(l)-1 downto 0 do begin\r
      ip := biniplist_get(l,a);\r
      s := ipbintostr(ip);\r
\r
      countbefore := hostsfile_reverseentries.count;\r
      index2 := hostsfile_reverseentries.Add(s);\r
      if (hostsfile_reverseentries.count > countbefore) then begin\r
        new(he);\r
        hostsfile_reverseentries.objects[index2] := tobject(he);\r
        he.name := hostsfile_entries[index];\r
      end;\r
\r
    end;\r
  end;\r
end;\r
\r
function hostsfile_reverselookup(ip:tbinip):ansistring;\r
var\r
  index:integer;\r
  s:ansistring;\r
begin\r
  hostsfile_initreverse;\r
  result := '';\r
  s := ipbintostr(ip);\r
\r
  if hostsfile_reverseentries.find(s,index) then begin\r
    result := phostsfile_reverseentry(hostsfile_reverseentries.objects[index]).name;\r
  end;\r
end;\r
\r
procedure hostsfile_clear;\r
var\r
  index:integer;\r
begin\r
  for index := hostsfile_entries.count-1 downto 0 do begin\r
    biniplist_free(phostsfile_entry(hostsfile_entries.objects[index]).l);\r
    dispose(phostsfile_entry(hostsfile_entries.objects[index]));\r
  end;\r
  hostsfile_entries.clear;\r
\r
  hostsfile_clearreverse;\r
\r
  hostsfile_lastfileage := 0;\r
  hostsfile_lastcheckts := 0;\r
end;\r
\r
procedure hostsfile_add(const name:ansistring;const ip:tbinip);\r
var\r
\r
  a,index,countbefore:integer;\r
\r
  ip2:tbinip;\r
  he:phostsfile_entry;\r
  l:tbiniplist;\r
begin\r
\r
  countbefore := hostsfile_entries.count;\r
  //add, with dupignore, will add it if it's not in the list. if it is in the list, it returns the index\r
  //to know if it was added, see if the count went up. this saves on duplicate searches in the list, for speed\r
  index := hostsfile_entries.add(name);\r
\r
  if (hostsfile_entries.count > countbefore) then begin\r
   // writeln('name newly added ',name,' ',ipbintostr(ip),' ',index);\r
\r
    new(he);\r
    hostsfile_entries.objects[index] := tobject(he);\r
    he.l := biniplist_new;\r
    //he.name := name;\r
  end else begin\r
   // writeln('name found ',name,' ',ipbintostr(ip),' ',index);\r
    //search for IP match\r
\r
    he := phostsfile_entry(hostsfile_entries.objects[index]);\r
    l := he.l;\r
    for a := biniplist_getcount(l)-1 downto 0 do begin\r
      ip2 := biniplist_get(l,a);\r
      if comparebinip(ip,ip2) then begin\r
      //  writeln('duplicate ip ',name,' ',ipbintostr(ip));\r
        exit; //duplicate\r
      end;\r
    end;\r
  end;\r
  //add it\r
  biniplist_add(he.l,ip);\r
end;\r
\r
\r
function getts:integer;\r
{$ifdef mswindows}\r
begin\r
  result := GetTickCount;\r
{$else}\r
var\r
  temp:ttimeval;\r
begin\r
  gettimemonotonic(temp);\r
  result := ((temp.tv_usec div 1000) + (temp.tv_sec * 1000));\r
{$endif}\r
end;\r
\r
\r
function gethostsfilename:ansistring;\r
var\r
{$ifdef mswindows}\r
  windir:array [0..255] of ansichar;\r
\r
  GetSystemWindowsDirectoryA:function(buffer:pansichar;size:integer):integer; stdcall;\r
  dllhandle:thandle;\r
  OsVersion                  : TOSVersionInfo;\r
{$endif}\r
  filenamesuffix:ansistring;\r
begin\r
    {$ifdef mswindows}\r
\r
    ZeroMemory(@OsVersion, SizeOf(OsVersion));\r
    OsVersion.dwOSVersionInfoSize := SizeOf(TOSVERSIONINFO);\r
\r
    if ((GetVersionEx(OsVersion)) and (OsVersion.dwPlatformId = VER_PLATFORM_WIN32_NT)) then begin\r
      filenamesuffix := '\system32\drivers\etc\hosts';\r
    end else begin\r
      filenamesuffix := '\hosts';\r
    end;\r
\r
    //first try "user" windows directory. on a multiuser this may not be c:\windows\r
    GetWindowsDirectoryA(windir,255);\r
    result := windir;\r
    if (copy(result,length(result),1) = '\') then result := copy(result,1,length(result)-1);\r
    result := result + filenamesuffix;\r
\r
    if not fileexists(result) then begin\r
      //then try "system" windows directory which is typically c:\windows on a multiuser system\r
      dllhandle := loadlibrary('kernel32.dll');\r
      if (dllhandle <> 0) then begin\r
        GetSystemWindowsDirectoryA := getprocaddress(dllhandle,'GetSystemWindowsDirectoryA');\r
        if assigned(GetSystemWindowsDirectoryA) then begin\r
          GetSystemWindowsDirectoryA(windir,255);\r
          freelibrary(dllhandle);\r
          result := windir;\r
          if (copy(result,length(result),1) = '\') then result := copy(result,1,length(result)-1);\r
          result := result + filenamesuffix;\r
        end;\r
      end;\r
    end;\r
\r
    {$else}\r
    result := '/etc/hosts';\r
    {$endif}\r
end;\r
\r
procedure hostsfile_reload;\r
label lineend;\r
var\r
  t:treadtxt;\r
\r
  validchar:array[0..255] of boolean;\r
  ipv4char:array[0..255] of boolean;\r
  s:ansistring;\r
  ch:ansichar;\r
  a,len,field,startindex,labellen:integer;\r
  lastwasspace,onlyipv4chars:boolean;\r
  ipstring,hostname:ansistring;\r
  biniptemp:tbinip;\r
begin\r
  hostsfile_clear;\r
\r
  if hostsfile_disabled then exit;\r
  hostsfile_reverseinited := false;\r
\r
  //add builtin entries\r
  hostsfile_add('localhost',ipstrtobinf('127.0.0.1'));\r
  {$ifdef ipv6}\r
  hostsfile_add('localhost',ipstrtobinf('::1'));\r
  {$endif}\r
\r
  if hostsfile_onlylocalhost then exit;\r
\r
  if (hostsfile_filename = '') then hostsfile_filename := gethostsfilename;\r
\r
  //DNS names can only contain lower and uppercase, digits, dash, and dot\r
  fillchar(validchar,sizeof(validchar),0);\r
  validchar[ord('.')] := true;\r
  validchar[ord('-')] := true;\r
  fillchar(validchar[48],10,1);\r
  fillchar(validchar[65],26,1);\r
  fillchar(validchar[97],26,1);\r
\r
  //chars that can be in an ipv4 address: digits and dot\r
  fillchar(ipv4char,sizeof(ipv4char),0);\r
  ipv4char[ord('.')] := true;\r
  fillchar(ipv4char[48],10,1);\r
\r
  hostsfile_lastfileage := fileage(hostsfile_filename);\r
  hostsfile_lastcheckts := getts;\r
  //writeln('------ reloading ',hostsfile_lastfileage);\r
  try\r
    t := treadtxt.createf(hostsfile_filename);\r
  except\r
    exit;\r
  end;\r
  if not assigned(t) then exit;\r
\r
  while not t.eof do begin\r
    s := t.readline;\r
\r
    len := length(s);\r
    if (len > 512) then goto lineend; //sanity check\r
    field := -1;\r
    lastwasspace := true;\r
\r
    onlyipv4chars := true;\r
\r
    //one extra loop iteration at the end with a "pretend space" for easy parsing\r
    inc(len);\r
    ipstring := '';\r
    hostname := '';\r
    a := 0;\r
    while (a <= len) do begin\r
      inc(a);\r
      if (a >= len) then ch := ' ' else ch := s[a];\r
\r
      if (ch = '#') then begin\r
        //pretend the start of a comment is a space and the end of the line\r
        ch := ' ';\r
        len := a;\r
      end;\r
\r
      if (ch = #9) or (ch = ' ') then begin\r
        if not (lastwasspace) then begin\r
          if (field = 0) then begin\r
            ipstring := copy(s,startindex,a - startindex);\r
          end else if (field >= 1) then begin\r
            //maximum length of hostname\r
            if (a - startindex) > 253 then goto lineend;\r
\r
            //remove a trailing dot\r
            //if (labellen = 0) then dec(a);\r
\r
            //hostname must not be an empty string\r
            if (a - startindex) < 1 then goto lineend;\r
\r
            hostname := copy(s,startindex,a - startindex);\r
\r
            //reject a hosts entry with a name that is a valid ipv4 address.\r
            //we don't need to check for ipv6 addresses because they have a colon and so aren't valid hostsnames\r
            //the windows resolver does allow it, but i think it has potential security issues\r
            if onlyipv4chars then if ipstrtobin(hostname,biniptemp) then goto lineend;\r
\r
            if ipstrtobin(ipstring,biniptemp) then begin\r
              //writeln('!!!hosts file adding ip=',ipstring,'@host=',hostname,'@');\r
\r
              hostsfile_add(hostname,biniptemp);\r
            end;\r
\r
            //break scan loop\r
            //a := len;\r
          end;\r
\r
        end;\r
\r
        lastwasspace := true;\r
      end else begin\r
        if lastwasspace then begin\r
          inc(field);\r
          startindex := a;\r
          lastwasspace := false;\r
          labellen := 0;\r
        end;\r
        //enforce valid characters in hostname\r
        if (field = 1) then begin\r
          if not validchar[ord(ch)] then goto lineend;\r
          onlyipv4chars := onlyipv4chars and ipv4char[ord(ch)];\r
          if (ch = '.') then begin\r
            if (labellen = 0) then goto lineend;\r
            labellen := 0;\r
          end else begin\r
            inc(labellen);\r
            if (labellen > 63) then goto lineend;\r
          end;\r
        end;\r
      end;\r
    end;\r
lineend:\r
  end;\r
  t.destroy;\r
\r
end;\r
\r
\r
procedure hostsfile_reloadifneeded;\r
var\r
  ts:integer;\r
begin\r
  if (hostsfile_disabled or hostsfile_onlylocalhost or hostsfile_manualreload) then exit;\r
  if hostsfile_filename = '' then exit;\r
\r
  ts := getts;\r
  //writeln('reloadifneeded ts=',ts,' oldts=',hostsfile_lastcheckts);\r
  if not ((ts > hostsfile_lastcheckts + 10000) or (ts < hostsfile_lastcheckts)) then exit;\r
\r
  hostsfile_lastcheckts := ts;\r
\r
  //writeln('reloadifneeded new=',fileage(hostsfile_filename),' old=',hostsfile_lastfileage);\r
  if fileage(hostsfile_filename) = hostsfile_lastfileage then exit;\r
  hostsfile_reload;\r
end;\r
\r
procedure hostsfile_init;\r
begin\r
  //writeln('init ',hostsfile_inited);\r
  if hostsfile_inited then begin\r
    hostsfile_reloadifneeded;\r
    exit;\r
  end;\r
  hostsfile_inited := true;\r
  hostsfile_entries := tstringlist.create;\r
  hostsfile_entries.casesensitive := false;\r
  hostsfile_entries.sorted := true;\r
  hostsfile_entries.duplicates := dupignore;\r
\r
  hostsfile_reverseentries := tstringlist.create;\r
  hostsfile_reverseentries.casesensitive := true;\r
  hostsfile_reverseentries.sorted := true;\r
  hostsfile_reverseentries.duplicates := dupignore;\r
\r
  hostsfile_reload;\r
end;\r
\r
procedure dnscore_preinit(alsoreverse:boolean);\r
begin\r
  {$ifdef ipv6}\r
  initpreferredmode;\r
  {$endif}\r
  hostsfile_init;\r
  populatednsserverlist;\r
  randomdword;\r
  if alsoreverse then hostsfile_initreverse;\r
end;\r
\r
\r
function getquerytype(s:ansistring):integer;\r
begin\r
  s := uppercase(s);\r
  result := 0;\r
  if (s = 'A') then result := querytype_a else\r
  if (s = 'CNAME') then result := querytype_cname else\r
  if (s = 'AAAA') then result := querytype_aaaa else\r
  if (s = 'PTR') then result := querytype_ptr else\r
  if (s = 'NS') then result := querytype_ns else\r
  if (s = 'MX') then result := querytype_mx else\r
  if (s = 'A6') then result := querytype_a6 else\r
  if (s = 'TXT') then result := querytype_txt else\r
  if (s = 'SOA') then result := querytype_soa else\r
  if (s = 'SPF') then result := querytype_spf;\r
end;\r
\r
function buildrequest(const name:ansistring;var packet:tdnspacket;requesttype:word):integer;\r
var\r
  a,b:integer;\r
  s:ansistring;\r
  arr:array[0..sizeof(packet)-1] of byte absolute packet;\r
begin\r
 { writeln('buildrequest: name: ',name);}\r
  result := 0;\r
  fillchar(packet,sizeof(packet),0);\r
  packet.id := randominteger($10000);\r
\r
  packet.flags := htons($0100);\r
  packet.rrcount[0] := htons($0001);\r
\r
\r
  s := copy(name,1,maxnamelength);\r
  if s = '' then exit;\r
  if s[length(s)] <> '.' then s := s + '.';\r
  b := 0;\r
  {encode name}\r
  if (s = '.') then begin\r
    packet.payload[0] := 0;\r
    result := 12+5;\r
  end else begin\r
    for a := 1 to length(s) do begin\r
      if s[a] = '.' then begin\r
        if b > maxnamefieldlen then exit;\r
        if (b = 0) then exit;\r
        packet.payload[a-b-1] := b;\r
        b := 0;\r
      end else begin\r
        packet.payload[a] := byte(s[a]);\r
        inc(b);\r
      end;\r
    end;\r
    if b > maxnamefieldlen then exit;\r
    packet.payload[length(s)-b] := b;\r
    result := length(s) + 12+5;\r
  end;\r
\r
  arr[result-1] := 1;\r
  arr[result-3] := requesttype and $ff;\r
  arr[result-4] := requesttype shr 8;\r
end;\r
\r
function makereversename(const binip:tbinip):ansistring;\r
var\r
  name:ansistring;\r
  a,b:integer;\r
begin\r
  name := '';\r
  if binip.family = AF_INET then begin\r
    b := htonl(binip.ip);\r
    for a := 0 to 3 do begin\r
      name := name + inttostr(b shr (a shl 3) and $ff)+'.';\r
    end;\r
    name := name + 'in-addr.arpa';\r
  end else\r
  {$ifdef ipv6}\r
  if binip.family = AF_INET6 then begin\r
    for a := 15 downto 0 do begin\r
      b := binip.ip6.u6_addr8[a];\r
      name := name + hexchars[b and $f]+'.'+hexchars[b shr 4]+'.';\r
    end;\r
    name := name + 'ip6.arpa';\r
  end else\r
  {$endif}\r
  begin\r
    {empty name}\r
  end;\r
  result := name;\r
end;\r
\r
{\r
decodes DNS format name to a string. does not includes the root dot.\r
doesnt read beyond len.\r
empty result + non null failurereason: failure\r
empty result + null failurereason: internal use\r
}\r
function decodename(const packet:tdnspacket;len,start,recursion:integer;var numread:integer):ansistring;\r
var\r
  arr:array[0..sizeof(packet)-1] of byte absolute packet;\r
  s:ansistring;\r
  a,b:integer;\r
begin\r
  numread := 0;\r
  repeat\r
    if (start+numread < 0) or (start+numread >= len) then begin\r
      result := '';\r
      failurereason := 'decoding name: got out of range1';\r
      exit;\r
    end;\r
    b := arr[start+numread];\r
    if b >= $c0 then begin\r
      {recursive sub call}\r
      if recursion > 10 then begin\r
        result := '';\r
        failurereason := 'decoding name: max recursion';\r
        exit;\r
      end;\r
      if ((start+numread+1) >= len) then begin\r
        result := '';\r
        failurereason := 'decoding name: got out of range3';\r
        exit;\r
      end;\r
      a := ((b shl 8) or arr[start+numread+1]) and $3fff;\r
      s := decodename(packet,len,a,recursion+1,a);\r
      if (s = '') and (failurereason <> '') then begin\r
        result := '';\r
        exit;\r
      end;\r
      if result <> '' then result := result + '.';\r
      result := result + s;\r
      inc(numread,2);\r
      exit;\r
    end else if b < 64 then begin\r
      if (numread <> 0) and (b <> 0) then result := result + '.';\r
      for a := start+numread+1 to start+numread+b do begin\r
        if (a >= len) then begin\r
          result := '';\r
          failurereason := 'decoding name: got out of range2';\r
          exit;\r
        end;\r
        result := result + ansichar(arr[a]);\r
      end;\r
      inc(numread,b+1);\r
\r
      if b = 0 then begin\r
        if (result = '') and (recursion = 0) then result := '.';\r
        exit; {reached end of name}\r
      end;\r
    end else begin\r
      failurereason := 'decoding name: read invalid char';\r
      result := '';\r
      exit; {invalid}\r
    end;\r
  until false;\r
end;\r
\r
{==============================================================================}\r
\r
function getrawfromrr(const rrp:trrpointer;len:integer):ansistring;\r
begin\r
  setlength(result,htons(trr(rrp.p^).datalen));\r
  uniquestring(result);\r
  move(trr(rrp.p^).data,result[1],length(result));\r
end;\r
\r
\r
function getipfromrr(const rrp:trrpointer;len:integer):tbinip;\r
begin\r
  fillchar(result,sizeof(result),0);\r
  case trr(rrp.p^).requesttype of\r
    querytype_a: begin\r
      if htons(trr(rrp.p^).datalen) <> 4 then exit;\r
      move(trr(rrp.p^).data,result.ip,4);\r
      result.family :=AF_INET;\r
    end;\r
    {$ifdef ipv6}\r
    querytype_aaaa: begin\r
      if htons(trr(rrp.p^).datalen) <> 16 then exit;\r
      result.family := AF_INET6;\r
      move(trr(rrp.p^).data,result.ip6,16);\r
    end;\r
    {$endif}\r
  else\r
    {}\r
  end;\r
end;\r
\r
procedure setstate_return(const rrp:trrpointer;len:integer;var state:tdnsstate);\r
var\r
  a:integer;\r
begin\r
  state.resultaction := action_done;\r
  state.resultstr := '';\r
  case trr(rrp.p^).requesttype of\r
    querytype_a{$ifdef ipv6},querytype_aaaa{$endif}: begin\r
      state.resultbin := getipfromrr(rrp,len);\r
    end;\r
    querytype_txt:begin\r
      {TXT returns a raw string}\r
      state.resultstr := copy(getrawfromrr(rrp,len),2,9999);\r
      fillchar(state.resultbin,sizeof(state.resultbin),0);\r
    end;\r
    querytype_mx:begin\r
      {MX is a name after a 16 bits word}\r
      state.resultstr := decodename(state.recvpacket,state.recvpacketlen,taddrint(rrp.p)-taddrint(@state.recvpacket)+12,0,a);\r
      fillchar(state.resultbin,sizeof(state.resultbin),0);\r
    end;\r
  else\r
    {other reply types (PTR, MX) return a hostname}\r
    state.resultstr := decodename(state.recvpacket,state.recvpacketlen,taddrint(rrp.p)-taddrint(@state.recvpacket)+10,0,a);\r
    fillchar(state.resultbin,sizeof(state.resultbin),0);\r
  end;\r
end;\r
\r
procedure setstate_request_init(const name:ansistring;var state:tdnsstate);\r
begin\r
  {destroy things properly}\r
  state.resultstr := '';\r
  state.queryname := '';\r
  state.rrdata := '';\r
  fillchar(state,sizeof(state),0);\r
  state.queryname := name;\r
  state.parsepacket := false;\r
end;\r
\r
procedure setstate_forward(const name:ansistring;var state:tdnsstate;family:integer);\r
begin\r
  setstate_request_init(name,state);\r
  state.forwardfamily := family;\r
  {$ifdef ipv6}\r
  if family = AF_INET6 then state.requesttype := querytype_aaaa else\r
  {$endif}\r
  state.requesttype := querytype_a;\r
end;\r
\r
procedure setstate_reverse(const binip:tbinip;var state:tdnsstate);\r
begin\r
  setstate_request_init(makereversename(binip),state);\r
  state.requesttype := querytype_ptr;\r
end;\r
\r
procedure setstate_custom(const name:ansistring; requesttype:integer; var state:tdnsstate);\r
begin\r
  setstate_request_init(name,state);\r
  state.requesttype := requesttype;\r
end;\r
\r
\r
procedure setstate_failure(var state:tdnsstate);\r
begin\r
  state.resultstr := '';\r
  fillchar(state.resultbin,sizeof(state.resultbin),0);\r
  state.resultaction := action_done;\r
end;\r
\r
procedure state_process(var state:tdnsstate);\r
label recursed;\r
label failure;\r
var\r
  a,b,ofs:integer;\r
  rrtemp:^trr;\r
  rrptemp:^trrpointer;\r
begin\r
  if state.parsepacket then begin\r
    if state.recvpacketlen < 12 then begin\r
      failurereason := 'Undersized packet';\r
      state.resultaction := action_ignore;\r
      exit;\r
    end;\r
    if state.id <> state.recvpacket.id then begin\r
      failurereason := 'ID mismatch';\r
      state.resultaction := action_ignore;\r
      exit;\r
    end;\r
    state.numrr2 := 0;\r
    for a := 0 to 3 do begin\r
      state.numrr1[a] := htons(state.recvpacket.rrcount[a]);\r
      if state.numrr1[a] > maxrrofakind then begin\r
        failurereason := 'exceeded maximum RR of a kind';\r
        goto failure;\r
      end;\r
      inc(state.numrr2,state.numrr1[a]);\r
    end;\r
\r
    setlength(state.rrdata,state.numrr2*sizeof(trrpointer));\r
\r
    {- put all replies into a list}\r
\r
    ofs := 12;\r
    {get all queries}\r
    for a := 0 to state.numrr1[0]-1 do begin\r
      if (ofs < 12) or (ofs > state.recvpacketlen-4) then goto failure;\r
      rrptemp := @state.rrdata[1+a*sizeof(trrpointer)];\r
      rrptemp.p := @state.recvpacket.payload[ofs-12];\r
      rrptemp.ofs := ofs;\r
      decodename(state.recvpacket,state.recvpacketlen,ofs,0,b);\r
      rrptemp.len := b + 4;\r
      inc(ofs,rrptemp.len);\r
    end;\r
\r
    for a := state.numrr1[0] to state.numrr2-1 do begin\r
      if (ofs < 12) or (ofs > state.recvpacketlen-12) then goto failure;\r
      rrptemp := @state.rrdata[1+a*sizeof(trrpointer)];\r
      if decodename(state.recvpacket,state.recvpacketlen,ofs,0,b) = '' then goto failure;\r
      rrtemp := @state.recvpacket.payload[ofs-12+b]; {rrtemp points to values and result, after initial name}\r
      rrptemp.p := rrtemp;\r
      rrptemp.ofs := ofs; {ofs is start of RR before initial name from start of packet}\r
      rrptemp.namelen := b;\r
      b := htons(rrtemp.datalen);\r
      rrptemp.len := b + 10 + rrptemp.namelen;\r
      inc(ofs,rrptemp.len);\r
    end;\r
    if (ofs <> state.recvpacketlen) then begin\r
      failurereason := 'ofs <> state.packetlen';\r
      goto failure;\r
    end;\r
\r
    {if we requested A or AAAA build a list of all replies}\r
    if (state.requesttype = querytype_a) or (state.requesttype = querytype_aaaa) then begin\r
      state.resultlist := biniplist_new;\r
      for a := state.numrr1[0] to (state.numrr1[0]+state.numrr1[1]-1) do begin\r
        rrptemp := @state.rrdata[1+a*sizeof(trrpointer)];\r
        rrtemp := rrptemp.p;\r
        b := rrptemp.len;\r
        if rrtemp.requesttype = state.requesttype then begin\r
          biniplist_add(state.resultlist,getipfromrr(rrptemp^,b));\r
        end;\r
      end;\r
    end;\r
\r
    {- check for items of the requested type in answer section, if so return success first}\r
    for a := state.numrr1[0] to (state.numrr1[0]+state.numrr1[1]-1) do begin\r
      rrptemp := @state.rrdata[1+a*sizeof(trrpointer)];\r
      rrtemp := rrptemp.p;\r
      b := rrptemp.len;\r
      if rrtemp.requesttype = state.requesttype then begin\r
        setstate_return(rrptemp^,b,state);\r
        exit;\r
      end;\r
    end;\r
\r
    {if no items of correct type found, follow first cname in answer section}\r
    for a := state.numrr1[0] to (state.numrr1[0]+state.numrr1[1]-1) do begin\r
      rrptemp := @state.rrdata[1+a*sizeof(trrpointer)];\r
      rrtemp := rrptemp.p;\r
      b := rrptemp.len;\r
      if rrtemp.requesttype = querytype_cname then begin\r
        state.queryname := decodename(state.recvpacket,state.recvpacketlen,rrptemp.ofs+12,0,b);\r
        goto recursed;\r
      end;\r
    end;\r
\r
    {no cnames found, no items of correct type found}\r
    if state.forwardfamily <> 0 then goto failure;\r
\r
    goto failure;\r
recursed:\r
    {here it needs recursed lookup}\r
    {if needing to follow a cname, change state to do so}\r
    inc(state.recursioncount);\r
    if state.recursioncount > maxrecursion then goto failure;\r
  end;\r
\r
  {here, a name needs to be resolved}\r
  if state.queryname = '' then begin\r
    failurereason := 'empty query name';\r
    goto failure;\r
  end;\r
\r
  state.sendpacketlen := buildrequest(state.queryname,state.sendpacket,state.requesttype);\r
  if state.sendpacketlen = 0 then begin\r
    failurereason := 'building request packet failed';\r
    goto failure;\r
  end;\r
  state.id := state.sendpacket.id;\r
  state.resultaction := action_sendquery;\r
\r
  exit;\r
failure:\r
  setstate_failure(state);\r
end;\r
\r
\r
procedure populatednsserverlist;\r
var\r
  a:integer;\r
begin\r
  if assigned(dnsserverlag) then begin\r
    dnsserverlag.clear;\r
  end else begin\r
    dnsserverlag := tlist.Create;\r
  end;\r
\r
  dnsserverlist := getsystemdnsservers;\r
  for a := biniplist_getcount(dnsserverlist)-1 downto 0 do dnsserverlag.Add(nil);\r
end;\r
\r
procedure cleardnsservercache;\r
begin\r
  if assigned(dnsserverlag) then begin\r
    dnsserverlag.destroy;\r
    dnsserverlag := nil;\r
    dnsserverlist := '';\r
  end;\r
end;\r
\r
function getcurrentsystemnameserverbin(var id:integer):tbinip;\r
var\r
  counter : integer;\r
begin\r
  {override the name server choice here, instead of overriding it wherever it's called\r
  setting ID to -1 causes it to be ignored in reportlag}\r
  if (overridednsserver <> '') then begin\r
    result := ipstrtobinf(overridednsserver);\r
    if result.family <> 0 then begin\r
      id := -1;\r
      exit;\r
    end;\r
  end;\r
\r
  if not assigned(dnsserverlag) then populatednsserverlist;\r
  if dnsserverlag.count=0 then raise exception.create('no dns servers available');\r
  id := 0;\r
  if dnsserverlag.count >1 then begin\r
    for counter := dnsserverlag.count-1 downto 1 do begin\r
      if taddrint(dnsserverlag[counter]) < taddrint(dnsserverlag[id]) then id := counter;\r
    end;\r
  end;\r
  result := biniplist_get(dnsserverlist,id);\r
end;\r
\r
function getcurrentsystemnameserver(var id:integer):ansistring;\r
begin\r
  result := ipbintostr(getcurrentsystemnameserverbin(id));\r
end;\r
\r
procedure reportlag(id:integer;lag:integer); //lag should be in microseconds and should be -1 to report a timeout\r
var\r
  counter : integer;\r
  temp : integer;\r
begin\r
  if (id < 0) or (id >= dnsserverlag.count) then exit;\r
  if lag = -1 then lag := timeoutlag;\r
  for counter := 0 to dnsserverlag.count-1 do begin\r
    temp := taddrint(dnsserverlag[counter]) *15;\r
    if counter=id then temp := temp + lag;\r
    dnsserverlag[counter] := tobject(temp div 16);\r
  end;\r
\r
end;\r
\r
\r
{$ifdef ipv6}\r
\r
procedure initpreferredmode;\r
begin\r
  if preferredmodeinited then exit;\r
  if useaf <> useaf_default then exit;\r
\r
  if (have_ipv6_connectivity) then\r
    useaf := useaf_preferv6\r
  else\r
    useaf := useaf_preferv4;\r
\r
  preferredmodeinited := true;\r
end;\r
\r
{$endif}\r
\r
\r
{  quick and dirty description of dns packet structure to aid writing and\r
   understanding of parser code, refer to appropriate RFCs for proper specs\r
- all words are network order\r
\r
www.google.com A request:\r
\r
0, 2: random transaction ID\r
2, 2: flags: only the "recursion desired" bit set. (bit 8 of word)\r
4, 2: questions: 1\r
6, 2: answer RR's: 0.\r
8, 2: authority RR's: 0.\r
10, 2: additional RR's: 0.\r
12, n: payload:\r
  query:\r
    #03 "www" #06 "google" #03 "com" #00\r
    size-4, 2: type: host address (1)\r
    size-2, 2: class: inet (1)\r
\r
reply:\r
\r
0,2: random transaction ID\r
2,2: flags: set: response (bit 15), recursion desired (8), recursion available (7)\r
4,4: questions: 1\r
6,4: answer RR's: 2\r
8,4: authority RR's: 9\r
10,4: additional RR's: 9\r
12: payload:\r
  query:\r
    ....\r
  answer: CNAME\r
    0,2 "c0 0c" "name: www.google.com"\r
    2,2 "00 05" "type: cname for an alias"\r
    4,2 "00 01" "class: inet"\r
    6,4: TTL\r
    10,2: data length "00 17" (23)\r
    12: the cname name (www.google.akadns.net)\r
  answer: A\r
    0,2 ..\r
    2,2 "00 01" host address\r
    4,2 ...\r
    6,4 ...\r
    10,2: data length (4)\r
    12,4: binary IP\r
  authority - 9 records\r
  additional - 9 records\r
\r
\r
  ipv6 AAAA reply:\r
    0,2: ...\r
    2,2: type: 001c\r
    4,2: class: inet (0001)\r
    6,2: TTL\r
    10,2: data size (16)\r
    12,16: binary IP\r
\r
  ptr request: query type 000c\r
\r
name compression: word "cxxx" in the name, xxx points to offset in the packet}\r
\r
end.\r