DNS (No support for Auth-Name + Add-Name for simplicity): C++/STL parsing library

This page hosts a formal specification of DNS (No support for Auth-Name + Add-Name for simplicity) using Kaitai Struct. This specification can be automatically translated into a variety of programming languages to get a parsing library.

Usage

Using Kaitai Struct in C++/STL usually consists of 3 steps.

  1. We need to create an STL input stream (std::istream).
    • One can open a stream for reading from a local file:
      #include <fstream>
      
      std::ifstream is("path/to/local/file.dns_packet", std::ifstream::binary);
    • Or one can prepare a stream for reading from existing std::string str:
      #include <sstream>
      
      std::istringstream is(str);
    • Or one can parse arbitrary char* buffer in memory, given that we know its size:
      #include <sstream>
      
      const char buf[] = { ... };
      std::string str(buf, sizeof buf);
      std::istringstream is(str);
  2. We need to wrap our input stream into Kaitai stream:
    #include <kaitai/kaitaistream.h>
    
    kaitai::kstream ks(&is);
  3. And finally, we can invoke the parsing:
    dns_packet_t data(&ks);

After that, one can get various attributes from the structure by invoking getter methods like:

data.transaction_id() // => ID to keep track of request/responces

C++/STL source code to parse DNS (No support for Auth-Name + Add-Name for simplicity)

dns_packet.h

#ifndef DNS_PACKET_H_
#define DNS_PACKET_H_

// This is a generated file! Please edit source .ksy file and use kaitai-struct-compiler to rebuild

#include "kaitai/kaitaistruct.h"

#include <stdint.h>
#include <vector>

#if KAITAI_STRUCT_VERSION < 7000L
#error "Incompatible Kaitai Struct C++/STL API: version 0.7 or later is required"
#endif

class dns_packet_t : public kaitai::kstruct {

public:
    class pointer_struct_t;
    class label_t;
    class query_t;
    class domain_name_t;
    class address_t;
    class answer_t;
    class packet_flags_t;

    enum class_type_t {
        CLASS_TYPE_IN_CLASS = 1,
        CLASS_TYPE_CS = 2,
        CLASS_TYPE_CH = 3,
        CLASS_TYPE_HS = 4
    };

    enum type_type_t {
        TYPE_TYPE_A = 1,
        TYPE_TYPE_NS = 2,
        TYPE_TYPE_MD = 3,
        TYPE_TYPE_MF = 4,
        TYPE_TYPE_CNAME = 5,
        TYPE_TYPE_SOE = 6,
        TYPE_TYPE_MB = 7,
        TYPE_TYPE_MG = 8,
        TYPE_TYPE_MR = 9,
        TYPE_TYPE_NULL = 10,
        TYPE_TYPE_WKS = 11,
        TYPE_TYPE_PTR = 12,
        TYPE_TYPE_HINFO = 13,
        TYPE_TYPE_MINFO = 14,
        TYPE_TYPE_MX = 15,
        TYPE_TYPE_TXT = 16
    };

    dns_packet_t(kaitai::kstream* p__io, kaitai::kstruct* p__parent = 0, dns_packet_t* p__root = 0);

private:
    void _read();

public:
    ~dns_packet_t();

    class pointer_struct_t : public kaitai::kstruct {

    public:

        pointer_struct_t(kaitai::kstream* p__io, dns_packet_t::label_t* p__parent = 0, dns_packet_t* p__root = 0);

    private:
        void _read();

    public:
        ~pointer_struct_t();

    private:
        bool f_contents;
        domain_name_t* m_contents;

    public:
        domain_name_t* contents();

    private:
        uint8_t m_value;
        dns_packet_t* m__root;
        dns_packet_t::label_t* m__parent;

    public:

        /**
         * Read one byte, then offset to that position, read one domain-name and return
         */
        uint8_t value() const { return m_value; }
        dns_packet_t* _root() const { return m__root; }
        dns_packet_t::label_t* _parent() const { return m__parent; }
    };

    class label_t : public kaitai::kstruct {

    public:

        label_t(kaitai::kstream* p__io, dns_packet_t::domain_name_t* p__parent = 0, dns_packet_t* p__root = 0);

    private:
        void _read();

    public:
        ~label_t();

    private:
        bool f_is_pointer;
        bool m_is_pointer;

    public:
        bool is_pointer();

    private:
        uint8_t m_length;
        pointer_struct_t* m_pointer;
        bool n_pointer;

    public:
        bool _is_null_pointer() { pointer(); return n_pointer; };

    private:
        std::string m_name;
        bool n_name;

    public:
        bool _is_null_name() { name(); return n_name; };

    private:
        dns_packet_t* m__root;
        dns_packet_t::domain_name_t* m__parent;

    public:

        /**
         * RFC1035 4.1.4: If the first two bits are raised it's a pointer-offset to a previously defined name
         */
        uint8_t length() const { return m_length; }
        pointer_struct_t* pointer() const { return m_pointer; }

        /**
         * Otherwise its a string the length of the length value
         */
        std::string name() const { return m_name; }
        dns_packet_t* _root() const { return m__root; }
        dns_packet_t::domain_name_t* _parent() const { return m__parent; }
    };

    class query_t : public kaitai::kstruct {

    public:

        query_t(kaitai::kstream* p__io, dns_packet_t* p__parent = 0, dns_packet_t* p__root = 0);

    private:
        void _read();

    public:
        ~query_t();

    private:
        domain_name_t* m_name;
        type_type_t m_type;
        class_type_t m_query_class;
        dns_packet_t* m__root;
        dns_packet_t* m__parent;

    public:
        domain_name_t* name() const { return m_name; }
        type_type_t type() const { return m_type; }
        class_type_t query_class() const { return m_query_class; }
        dns_packet_t* _root() const { return m__root; }
        dns_packet_t* _parent() const { return m__parent; }
    };

    class domain_name_t : public kaitai::kstruct {

    public:

        domain_name_t(kaitai::kstream* p__io, kaitai::kstruct* p__parent = 0, dns_packet_t* p__root = 0);

    private:
        void _read();

    public:
        ~domain_name_t();

    private:
        std::vector<label_t*>* m_name;
        dns_packet_t* m__root;
        kaitai::kstruct* m__parent;

    public:

        /**
         * Repeat until the length is 0 or it is a pointer (bit-hack to get around lack of OR operator)
         */
        std::vector<label_t*>* name() const { return m_name; }
        dns_packet_t* _root() const { return m__root; }
        kaitai::kstruct* _parent() const { return m__parent; }
    };

    class address_t : public kaitai::kstruct {

    public:

        address_t(kaitai::kstream* p__io, dns_packet_t::answer_t* p__parent = 0, dns_packet_t* p__root = 0);

    private:
        void _read();

    public:
        ~address_t();

    private:
        std::vector<uint8_t>* m_ip;
        dns_packet_t* m__root;
        dns_packet_t::answer_t* m__parent;

    public:
        std::vector<uint8_t>* ip() const { return m_ip; }
        dns_packet_t* _root() const { return m__root; }
        dns_packet_t::answer_t* _parent() const { return m__parent; }
    };

    class answer_t : public kaitai::kstruct {

    public:

        answer_t(kaitai::kstream* p__io, dns_packet_t* p__parent = 0, dns_packet_t* p__root = 0);

    private:
        void _read();

    public:
        ~answer_t();

    private:
        domain_name_t* m_name;
        type_type_t m_type;
        class_type_t m_answer_class;
        int32_t m_ttl;
        uint16_t m_rdlength;
        domain_name_t* m_ptrdname;
        bool n_ptrdname;

    public:
        bool _is_null_ptrdname() { ptrdname(); return n_ptrdname; };

    private:
        address_t* m_address;
        bool n_address;

    public:
        bool _is_null_address() { address(); return n_address; };

    private:
        dns_packet_t* m__root;
        dns_packet_t* m__parent;

    public:
        domain_name_t* name() const { return m_name; }
        type_type_t type() const { return m_type; }
        class_type_t answer_class() const { return m_answer_class; }

        /**
         * Time to live (in seconds)
         */
        int32_t ttl() const { return m_ttl; }

        /**
         * Length in octets of the following payload
         */
        uint16_t rdlength() const { return m_rdlength; }
        domain_name_t* ptrdname() const { return m_ptrdname; }
        address_t* address() const { return m_address; }
        dns_packet_t* _root() const { return m__root; }
        dns_packet_t* _parent() const { return m__parent; }
    };

    class packet_flags_t : public kaitai::kstruct {

    public:

        packet_flags_t(kaitai::kstream* p__io, dns_packet_t* p__parent = 0, dns_packet_t* p__root = 0);

    private:
        void _read();

    public:
        ~packet_flags_t();

    private:
        bool f_qr;
        int32_t m_qr;

    public:
        int32_t qr();

    private:
        bool f_ra;
        int32_t m_ra;

    public:
        int32_t ra();

    private:
        bool f_tc;
        int32_t m_tc;

    public:
        int32_t tc();

    private:
        bool f_rcode;
        int32_t m_rcode;

    public:
        int32_t rcode();

    private:
        bool f_opcode;
        int32_t m_opcode;

    public:
        int32_t opcode();

    private:
        bool f_aa;
        int32_t m_aa;

    public:
        int32_t aa();

    private:
        bool f_z;
        int32_t m_z;

    public:
        int32_t z();

    private:
        bool f_rd;
        int32_t m_rd;

    public:
        int32_t rd();

    private:
        bool f_cd;
        int32_t m_cd;

    public:
        int32_t cd();

    private:
        bool f_ad;
        int32_t m_ad;

    public:
        int32_t ad();

    private:
        uint16_t m_flag;
        dns_packet_t* m__root;
        dns_packet_t* m__parent;

    public:
        uint16_t flag() const { return m_flag; }
        dns_packet_t* _root() const { return m__root; }
        dns_packet_t* _parent() const { return m__parent; }
    };

private:
    uint16_t m_transaction_id;
    packet_flags_t* m_flags;
    uint16_t m_qdcount;
    uint16_t m_ancount;
    uint16_t m_nscount;
    uint16_t m_arcount;
    std::vector<query_t*>* m_queries;
    std::vector<answer_t*>* m_answers;
    dns_packet_t* m__root;
    kaitai::kstruct* m__parent;

public:

    /**
     * ID to keep track of request/responces
     */
    uint16_t transaction_id() const { return m_transaction_id; }
    packet_flags_t* flags() const { return m_flags; }

    /**
     * How many questions are there
     */
    uint16_t qdcount() const { return m_qdcount; }

    /**
     * Number of resource records answering the question
     */
    uint16_t ancount() const { return m_ancount; }

    /**
     * Number of resource records pointing toward an authority
     */
    uint16_t nscount() const { return m_nscount; }

    /**
     * Number of resource records holding additional information
     */
    uint16_t arcount() const { return m_arcount; }
    std::vector<query_t*>* queries() const { return m_queries; }
    std::vector<answer_t*>* answers() const { return m_answers; }
    dns_packet_t* _root() const { return m__root; }
    kaitai::kstruct* _parent() const { return m__parent; }
};

#endif  // DNS_PACKET_H_

dns_packet.cpp

// This is a generated file! Please edit source .ksy file and use kaitai-struct-compiler to rebuild

#include "dns_packet.h"



dns_packet_t::dns_packet_t(kaitai::kstream* p__io, kaitai::kstruct* p__parent, dns_packet_t* p__root) : kaitai::kstruct(p__io) {
    m__parent = p__parent;
    m__root = this;
    _read();
}

void dns_packet_t::_read() {
    m_transaction_id = m__io->read_u2be();
    m_flags = new packet_flags_t(m__io, this, m__root);
    m_qdcount = m__io->read_u2be();
    m_ancount = m__io->read_u2be();
    m_nscount = m__io->read_u2be();
    m_arcount = m__io->read_u2be();
    int l_queries = qdcount();
    m_queries = new std::vector<query_t*>();
    m_queries->reserve(l_queries);
    for (int i = 0; i < l_queries; i++) {
        m_queries->push_back(new query_t(m__io, this, m__root));
    }
    int l_answers = ancount();
    m_answers = new std::vector<answer_t*>();
    m_answers->reserve(l_answers);
    for (int i = 0; i < l_answers; i++) {
        m_answers->push_back(new answer_t(m__io, this, m__root));
    }
}

dns_packet_t::~dns_packet_t() {
    delete m_flags;
    for (std::vector<query_t*>::iterator it = m_queries->begin(); it != m_queries->end(); ++it) {
        delete *it;
    }
    delete m_queries;
    for (std::vector<answer_t*>::iterator it = m_answers->begin(); it != m_answers->end(); ++it) {
        delete *it;
    }
    delete m_answers;
}

dns_packet_t::pointer_struct_t::pointer_struct_t(kaitai::kstream* p__io, dns_packet_t::label_t* p__parent, dns_packet_t* p__root) : kaitai::kstruct(p__io) {
    m__parent = p__parent;
    m__root = p__root;
    f_contents = false;
    _read();
}

void dns_packet_t::pointer_struct_t::_read() {
    m_value = m__io->read_u1();
}

dns_packet_t::pointer_struct_t::~pointer_struct_t() {
    if (f_contents) {
        delete m_contents;
    }
}

dns_packet_t::domain_name_t* dns_packet_t::pointer_struct_t::contents() {
    if (f_contents)
        return m_contents;
    kaitai::kstream *io = _root()->_io();
    std::streampos _pos = io->pos();
    io->seek(value());
    m_contents = new domain_name_t(io, this, m__root);
    io->seek(_pos);
    f_contents = true;
    return m_contents;
}

dns_packet_t::label_t::label_t(kaitai::kstream* p__io, dns_packet_t::domain_name_t* p__parent, dns_packet_t* p__root) : kaitai::kstruct(p__io) {
    m__parent = p__parent;
    m__root = p__root;
    f_is_pointer = false;
    _read();
}

void dns_packet_t::label_t::_read() {
    m_length = m__io->read_u1();
    n_pointer = true;
    if (is_pointer()) {
        n_pointer = false;
        m_pointer = new pointer_struct_t(m__io, this, m__root);
    }
    n_name = true;
    if (!(is_pointer())) {
        n_name = false;
        m_name = kaitai::kstream::bytes_to_str(m__io->read_bytes(length()), std::string("ASCII"));
    }
}

dns_packet_t::label_t::~label_t() {
    if (!n_pointer) {
        delete m_pointer;
    }
    if (!n_name) {
    }
}

bool dns_packet_t::label_t::is_pointer() {
    if (f_is_pointer)
        return m_is_pointer;
    m_is_pointer = length() == 192;
    f_is_pointer = true;
    return m_is_pointer;
}

dns_packet_t::query_t::query_t(kaitai::kstream* p__io, dns_packet_t* p__parent, dns_packet_t* p__root) : kaitai::kstruct(p__io) {
    m__parent = p__parent;
    m__root = p__root;
    _read();
}

void dns_packet_t::query_t::_read() {
    m_name = new domain_name_t(m__io, this, m__root);
    m_type = static_cast<dns_packet_t::type_type_t>(m__io->read_u2be());
    m_query_class = static_cast<dns_packet_t::class_type_t>(m__io->read_u2be());
}

dns_packet_t::query_t::~query_t() {
    delete m_name;
}

dns_packet_t::domain_name_t::domain_name_t(kaitai::kstream* p__io, kaitai::kstruct* p__parent, dns_packet_t* p__root) : kaitai::kstruct(p__io) {
    m__parent = p__parent;
    m__root = p__root;
    _read();
}

void dns_packet_t::domain_name_t::_read() {
    m_name = new std::vector<label_t*>();
    {
        int i = 0;
        label_t* _;
        do {
            _ = new label_t(m__io, this, m__root);
            m_name->push_back(_);
            i++;
        } while (!( ((_->length() == 0) || (_->length() == 192)) ));
    }
}

dns_packet_t::domain_name_t::~domain_name_t() {
    for (std::vector<label_t*>::iterator it = m_name->begin(); it != m_name->end(); ++it) {
        delete *it;
    }
    delete m_name;
}

dns_packet_t::address_t::address_t(kaitai::kstream* p__io, dns_packet_t::answer_t* p__parent, dns_packet_t* p__root) : kaitai::kstruct(p__io) {
    m__parent = p__parent;
    m__root = p__root;
    _read();
}

void dns_packet_t::address_t::_read() {
    int l_ip = 4;
    m_ip = new std::vector<uint8_t>();
    m_ip->reserve(l_ip);
    for (int i = 0; i < l_ip; i++) {
        m_ip->push_back(m__io->read_u1());
    }
}

dns_packet_t::address_t::~address_t() {
    delete m_ip;
}

dns_packet_t::answer_t::answer_t(kaitai::kstream* p__io, dns_packet_t* p__parent, dns_packet_t* p__root) : kaitai::kstruct(p__io) {
    m__parent = p__parent;
    m__root = p__root;
    _read();
}

void dns_packet_t::answer_t::_read() {
    m_name = new domain_name_t(m__io, this, m__root);
    m_type = static_cast<dns_packet_t::type_type_t>(m__io->read_u2be());
    m_answer_class = static_cast<dns_packet_t::class_type_t>(m__io->read_u2be());
    m_ttl = m__io->read_s4be();
    m_rdlength = m__io->read_u2be();
    n_ptrdname = true;
    if (type() == TYPE_TYPE_PTR) {
        n_ptrdname = false;
        m_ptrdname = new domain_name_t(m__io, this, m__root);
    }
    n_address = true;
    if (type() == TYPE_TYPE_A) {
        n_address = false;
        m_address = new address_t(m__io, this, m__root);
    }
}

dns_packet_t::answer_t::~answer_t() {
    delete m_name;
    if (!n_ptrdname) {
        delete m_ptrdname;
    }
    if (!n_address) {
        delete m_address;
    }
}

dns_packet_t::packet_flags_t::packet_flags_t(kaitai::kstream* p__io, dns_packet_t* p__parent, dns_packet_t* p__root) : kaitai::kstruct(p__io) {
    m__parent = p__parent;
    m__root = p__root;
    f_qr = false;
    f_ra = false;
    f_tc = false;
    f_rcode = false;
    f_opcode = false;
    f_aa = false;
    f_z = false;
    f_rd = false;
    f_cd = false;
    f_ad = false;
    _read();
}

void dns_packet_t::packet_flags_t::_read() {
    m_flag = m__io->read_u2be();
}

dns_packet_t::packet_flags_t::~packet_flags_t() {
}

int32_t dns_packet_t::packet_flags_t::qr() {
    if (f_qr)
        return m_qr;
    m_qr = ((flag() & 32768) >> 15);
    f_qr = true;
    return m_qr;
}

int32_t dns_packet_t::packet_flags_t::ra() {
    if (f_ra)
        return m_ra;
    m_ra = ((flag() & 128) >> 7);
    f_ra = true;
    return m_ra;
}

int32_t dns_packet_t::packet_flags_t::tc() {
    if (f_tc)
        return m_tc;
    m_tc = ((flag() & 512) >> 9);
    f_tc = true;
    return m_tc;
}

int32_t dns_packet_t::packet_flags_t::rcode() {
    if (f_rcode)
        return m_rcode;
    m_rcode = ((flag() & 15) >> 0);
    f_rcode = true;
    return m_rcode;
}

int32_t dns_packet_t::packet_flags_t::opcode() {
    if (f_opcode)
        return m_opcode;
    m_opcode = ((flag() & 30720) >> 11);
    f_opcode = true;
    return m_opcode;
}

int32_t dns_packet_t::packet_flags_t::aa() {
    if (f_aa)
        return m_aa;
    m_aa = ((flag() & 1024) >> 10);
    f_aa = true;
    return m_aa;
}

int32_t dns_packet_t::packet_flags_t::z() {
    if (f_z)
        return m_z;
    m_z = ((flag() & 64) >> 6);
    f_z = true;
    return m_z;
}

int32_t dns_packet_t::packet_flags_t::rd() {
    if (f_rd)
        return m_rd;
    m_rd = ((flag() & 256) >> 8);
    f_rd = true;
    return m_rd;
}

int32_t dns_packet_t::packet_flags_t::cd() {
    if (f_cd)
        return m_cd;
    m_cd = ((flag() & 16) >> 4);
    f_cd = true;
    return m_cd;
}

int32_t dns_packet_t::packet_flags_t::ad() {
    if (f_ad)
        return m_ad;
    m_ad = ((flag() & 32) >> 5);
    f_ad = true;
    return m_ad;
}