2 * Copyright (C) 2004-2007 Internet Systems Consortium, Inc. ("ISC")
3 * Copyright (C) 1999-2003 Internet Software Consortium.
5 * Permission to use, copy, modify, and/or distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
9 * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
10 * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
11 * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
12 * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
13 * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
14 * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
15 * PERFORMANCE OF THIS SOFTWARE.
18 /* $Id: view.c,v 1.126.18.14 2007/08/28 07:20:05 tbox Exp $ */
26 #include <isc/string.h> /* Required for HP/UX (and others?) */
29 #include <dns/acache.h>
32 #include <dns/cache.h>
35 #include <dns/events.h>
36 #include <dns/forward.h>
37 #include <dns/keytable.h>
38 #include <dns/master.h>
39 #include <dns/masterdump.h>
40 #include <dns/order.h>
42 #include <dns/rdataset.h>
43 #include <dns/request.h>
44 #include <dns/resolver.h>
45 #include <dns/result.h>
50 #define RESSHUTDOWN(v) (((v)->attributes & DNS_VIEWATTR_RESSHUTDOWN) != 0)
51 #define ADBSHUTDOWN(v) (((v)->attributes & DNS_VIEWATTR_ADBSHUTDOWN) != 0)
52 #define REQSHUTDOWN(v) (((v)->attributes & DNS_VIEWATTR_REQSHUTDOWN) != 0)
54 #define DNS_VIEW_DELONLYHASH 111
56 static void resolver_shutdown(isc_task_t *task, isc_event_t *event);
57 static void adb_shutdown(isc_task_t *task, isc_event_t *event);
58 static void req_shutdown(isc_task_t *task, isc_event_t *event);
61 dns_view_create(isc_mem_t *mctx, dns_rdataclass_t rdclass,
62 const char *name, dns_view_t **viewp)
71 REQUIRE(name != NULL);
72 REQUIRE(viewp != NULL && *viewp == NULL);
74 view = isc_mem_get(mctx, sizeof(*view));
76 return (ISC_R_NOMEMORY);
77 view->name = isc_mem_strdup(mctx, name);
78 if (view->name == NULL) {
79 result = ISC_R_NOMEMORY;
82 result = isc_mutex_init(&view->lock);
83 if (result != ISC_R_SUCCESS)
86 view->zonetable = NULL;
87 result = dns_zt_create(mctx, rdclass, &view->zonetable);
88 if (result != ISC_R_SUCCESS) {
89 UNEXPECTED_ERROR(__FILE__, __LINE__,
90 "dns_zt_create() failed: %s",
91 isc_result_totext(result));
92 result = ISC_R_UNEXPECTED;
95 view->secroots = NULL;
96 result = dns_keytable_create(mctx, &view->secroots);
97 if (result != ISC_R_SUCCESS) {
98 UNEXPECTED_ERROR(__FILE__, __LINE__,
99 "dns_keytable_create() failed: %s",
100 isc_result_totext(result));
101 result = ISC_R_UNEXPECTED;
104 view->trustedkeys = NULL;
105 result = dns_keytable_create(mctx, &view->trustedkeys);
106 if (result != ISC_R_SUCCESS) {
107 UNEXPECTED_ERROR(__FILE__, __LINE__,
108 "dns_keytable_create() failed: %s",
109 isc_result_totext(result));
110 result = ISC_R_UNEXPECTED;
111 goto cleanup_secroots;
113 view->fwdtable = NULL;
114 result = dns_fwdtable_create(mctx, &view->fwdtable);
115 if (result != ISC_R_SUCCESS) {
116 UNEXPECTED_ERROR(__FILE__, __LINE__,
117 "dns_fwdtable_create() failed: %s",
118 isc_result_totext(result));
119 result = ISC_R_UNEXPECTED;
120 goto cleanup_trustedkeys;
125 view->cachedb = NULL;
126 view->dlzdatabase = NULL;
128 view->resolver = NULL;
130 view->requestmgr = NULL;
132 view->rdclass = rdclass;
133 view->frozen = ISC_FALSE;
135 result = isc_refcount_init(&view->references, 1);
136 if (result != ISC_R_SUCCESS)
137 goto cleanup_fwdtable;
139 view->attributes = (DNS_VIEWATTR_RESSHUTDOWN|DNS_VIEWATTR_ADBSHUTDOWN|
140 DNS_VIEWATTR_REQSHUTDOWN);
141 view->statickeys = NULL;
142 view->dynamickeys = NULL;
143 view->matchclients = NULL;
144 view->matchdestinations = NULL;
145 view->matchrecursiveonly = ISC_FALSE;
146 result = dns_tsigkeyring_create(view->mctx, &view->dynamickeys);
147 if (result != ISC_R_SUCCESS)
148 goto cleanup_references;
151 view->delonly = NULL;
152 view->rootdelonly = ISC_FALSE;
153 view->rootexclude = NULL;
156 * Initialize configuration data with default values.
158 view->recursion = ISC_TRUE;
159 view->auth_nxdomain = ISC_FALSE; /* Was true in BIND 8 */
160 view->additionalfromcache = ISC_TRUE;
161 view->additionalfromauth = ISC_TRUE;
162 view->enablednssec = ISC_TRUE;
163 view->enablevalidation = ISC_TRUE;
164 view->acceptexpired = ISC_FALSE;
165 view->minimalresponses = ISC_FALSE;
166 view->transfer_format = dns_one_answer;
167 view->queryacl = NULL;
168 view->recursionacl = NULL;
169 view->sortlist = NULL;
170 view->requestixfr = ISC_TRUE;
171 view->provideixfr = ISC_TRUE;
172 view->maxcachettl = 7 * 24 * 3600;
173 view->maxncachettl = 3 * 3600;
175 view->preferred_glue = 0;
176 view->flush = ISC_FALSE;
179 dns_fixedname_init(&view->dlv_fixed);
181 result = dns_order_create(view->mctx, &view->order);
182 if (result != ISC_R_SUCCESS)
183 goto cleanup_dynkeys;
185 result = dns_peerlist_new(view->mctx, &view->peers);
186 if (result != ISC_R_SUCCESS)
189 result = dns_aclenv_init(view->mctx, &view->aclenv);
190 if (result != ISC_R_SUCCESS)
191 goto cleanup_peerlist;
193 ISC_LINK_INIT(view, link);
194 ISC_EVENT_INIT(&view->resevent, sizeof(view->resevent), 0, NULL,
195 DNS_EVENT_VIEWRESSHUTDOWN, resolver_shutdown,
196 view, NULL, NULL, NULL);
197 ISC_EVENT_INIT(&view->adbevent, sizeof(view->adbevent), 0, NULL,
198 DNS_EVENT_VIEWADBSHUTDOWN, adb_shutdown,
199 view, NULL, NULL, NULL);
200 ISC_EVENT_INIT(&view->reqevent, sizeof(view->reqevent), 0, NULL,
201 DNS_EVENT_VIEWREQSHUTDOWN, req_shutdown,
202 view, NULL, NULL, NULL);
203 view->magic = DNS_VIEW_MAGIC;
207 return (ISC_R_SUCCESS);
210 dns_peerlist_detach(&view->peers);
213 dns_order_detach(&view->order);
216 dns_tsigkeyring_destroy(&view->dynamickeys);
219 isc_refcount_destroy(&view->references);
222 dns_fwdtable_destroy(&view->fwdtable);
225 dns_keytable_detach(&view->trustedkeys);
228 dns_keytable_detach(&view->secroots);
231 dns_zt_detach(&view->zonetable);
234 DESTROYLOCK(&view->lock);
237 isc_mem_free(mctx, view->name);
240 isc_mem_put(mctx, view, sizeof(*view));
246 destroy(dns_view_t *view) {
247 REQUIRE(!ISC_LINK_LINKED(view, link));
248 REQUIRE(isc_refcount_current(&view->references) == 0);
249 REQUIRE(view->weakrefs == 0);
250 REQUIRE(RESSHUTDOWN(view));
251 REQUIRE(ADBSHUTDOWN(view));
252 REQUIRE(REQSHUTDOWN(view));
254 if (view->order != NULL)
255 dns_order_detach(&view->order);
256 if (view->peers != NULL)
257 dns_peerlist_detach(&view->peers);
258 if (view->dynamickeys != NULL)
259 dns_tsigkeyring_destroy(&view->dynamickeys);
260 if (view->statickeys != NULL)
261 dns_tsigkeyring_destroy(&view->statickeys);
262 if (view->adb != NULL)
263 dns_adb_detach(&view->adb);
264 if (view->resolver != NULL)
265 dns_resolver_detach(&view->resolver);
266 if (view->acache != NULL) {
267 if (view->cachedb != NULL)
268 dns_acache_putdb(view->acache, view->cachedb);
269 dns_acache_detach(&view->acache);
271 if (view->requestmgr != NULL)
272 dns_requestmgr_detach(&view->requestmgr);
273 if (view->task != NULL)
274 isc_task_detach(&view->task);
275 if (view->hints != NULL)
276 dns_db_detach(&view->hints);
277 if (view->dlzdatabase != NULL)
278 dns_dlzdestroy(&view->dlzdatabase);
279 if (view->cachedb != NULL)
280 dns_db_detach(&view->cachedb);
281 if (view->cache != NULL)
282 dns_cache_detach(&view->cache);
283 if (view->matchclients != NULL)
284 dns_acl_detach(&view->matchclients);
285 if (view->matchdestinations != NULL)
286 dns_acl_detach(&view->matchdestinations);
287 if (view->queryacl != NULL)
288 dns_acl_detach(&view->queryacl);
289 if (view->recursionacl != NULL)
290 dns_acl_detach(&view->recursionacl);
291 if (view->sortlist != NULL)
292 dns_acl_detach(&view->sortlist);
293 if (view->delonly != NULL) {
297 for (i = 0; i < DNS_VIEW_DELONLYHASH; i++) {
298 name = ISC_LIST_HEAD(view->delonly[i]);
299 while (name != NULL) {
300 ISC_LIST_UNLINK(view->delonly[i], name, link);
301 dns_name_free(name, view->mctx);
302 isc_mem_put(view->mctx, name, sizeof(*name));
303 name = ISC_LIST_HEAD(view->delonly[i]);
306 isc_mem_put(view->mctx, view->delonly, sizeof(dns_namelist_t) *
307 DNS_VIEW_DELONLYHASH);
308 view->delonly = NULL;
310 if (view->rootexclude != NULL) {
314 for (i = 0; i < DNS_VIEW_DELONLYHASH; i++) {
315 name = ISC_LIST_HEAD(view->rootexclude[i]);
316 while (name != NULL) {
317 ISC_LIST_UNLINK(view->rootexclude[i],
319 dns_name_free(name, view->mctx);
320 isc_mem_put(view->mctx, name, sizeof(*name));
321 name = ISC_LIST_HEAD(view->rootexclude[i]);
324 isc_mem_put(view->mctx, view->rootexclude,
325 sizeof(dns_namelist_t) * DNS_VIEW_DELONLYHASH);
326 view->rootexclude = NULL;
328 dns_keytable_detach(&view->trustedkeys);
329 dns_keytable_detach(&view->secroots);
330 dns_fwdtable_destroy(&view->fwdtable);
331 dns_aclenv_destroy(&view->aclenv);
332 DESTROYLOCK(&view->lock);
333 isc_refcount_destroy(&view->references);
334 isc_mem_free(view->mctx, view->name);
335 isc_mem_put(view->mctx, view, sizeof(*view));
339 * Return true iff 'view' may be freed.
340 * The caller must be holding the view lock.
343 all_done(dns_view_t *view) {
345 if (isc_refcount_current(&view->references) == 0 &&
346 view->weakrefs == 0 &&
347 RESSHUTDOWN(view) && ADBSHUTDOWN(view) && REQSHUTDOWN(view))
354 dns_view_attach(dns_view_t *source, dns_view_t **targetp) {
356 REQUIRE(DNS_VIEW_VALID(source));
357 REQUIRE(targetp != NULL && *targetp == NULL);
359 isc_refcount_increment(&source->references, NULL);
365 view_flushanddetach(dns_view_t **viewp, isc_boolean_t flush) {
368 isc_boolean_t done = ISC_FALSE;
370 REQUIRE(viewp != NULL);
372 REQUIRE(DNS_VIEW_VALID(view));
375 view->flush = ISC_TRUE;
376 isc_refcount_decrement(&view->references, &refs);
379 if (!RESSHUTDOWN(view))
380 dns_resolver_shutdown(view->resolver);
381 if (!ADBSHUTDOWN(view))
382 dns_adb_shutdown(view->adb);
383 if (!REQSHUTDOWN(view))
384 dns_requestmgr_shutdown(view->requestmgr);
385 if (view->acache != NULL)
386 dns_acache_shutdown(view->acache);
388 dns_zt_flushanddetach(&view->zonetable);
390 dns_zt_detach(&view->zonetable);
391 done = all_done(view);
402 dns_view_flushanddetach(dns_view_t **viewp) {
403 view_flushanddetach(viewp, ISC_TRUE);
407 dns_view_detach(dns_view_t **viewp) {
408 view_flushanddetach(viewp, ISC_FALSE);
412 dialup(dns_zone_t *zone, void *dummy) {
414 dns_zone_dialup(zone);
415 return (ISC_R_SUCCESS);
419 dns_view_dialup(dns_view_t *view) {
420 REQUIRE(DNS_VIEW_VALID(view));
421 (void)dns_zt_apply(view->zonetable, ISC_FALSE, dialup, NULL);
425 dns_view_weakattach(dns_view_t *source, dns_view_t **targetp) {
427 REQUIRE(DNS_VIEW_VALID(source));
428 REQUIRE(targetp != NULL && *targetp == NULL);
432 UNLOCK(&source->lock);
438 dns_view_weakdetach(dns_view_t **viewp) {
440 isc_boolean_t done = ISC_FALSE;
442 REQUIRE(viewp != NULL);
444 REQUIRE(DNS_VIEW_VALID(view));
448 INSIST(view->weakrefs > 0);
450 done = all_done(view);
461 resolver_shutdown(isc_task_t *task, isc_event_t *event) {
462 dns_view_t *view = event->ev_arg;
465 REQUIRE(event->ev_type == DNS_EVENT_VIEWRESSHUTDOWN);
466 REQUIRE(DNS_VIEW_VALID(view));
467 REQUIRE(view->task == task);
473 view->attributes |= DNS_VIEWATTR_RESSHUTDOWN;
474 done = all_done(view);
478 isc_event_free(&event);
485 adb_shutdown(isc_task_t *task, isc_event_t *event) {
486 dns_view_t *view = event->ev_arg;
489 REQUIRE(event->ev_type == DNS_EVENT_VIEWADBSHUTDOWN);
490 REQUIRE(DNS_VIEW_VALID(view));
491 REQUIRE(view->task == task);
497 view->attributes |= DNS_VIEWATTR_ADBSHUTDOWN;
498 done = all_done(view);
502 isc_event_free(&event);
509 req_shutdown(isc_task_t *task, isc_event_t *event) {
510 dns_view_t *view = event->ev_arg;
513 REQUIRE(event->ev_type == DNS_EVENT_VIEWREQSHUTDOWN);
514 REQUIRE(DNS_VIEW_VALID(view));
515 REQUIRE(view->task == task);
521 view->attributes |= DNS_VIEWATTR_REQSHUTDOWN;
522 done = all_done(view);
526 isc_event_free(&event);
533 dns_view_createresolver(dns_view_t *view,
534 isc_taskmgr_t *taskmgr, unsigned int ntasks,
535 isc_socketmgr_t *socketmgr,
536 isc_timermgr_t *timermgr,
537 unsigned int options,
538 dns_dispatchmgr_t *dispatchmgr,
539 dns_dispatch_t *dispatchv4,
540 dns_dispatch_t *dispatchv6)
544 isc_mem_t *mctx = NULL;
546 REQUIRE(DNS_VIEW_VALID(view));
547 REQUIRE(!view->frozen);
548 REQUIRE(view->resolver == NULL);
550 result = isc_task_create(taskmgr, 0, &view->task);
551 if (result != ISC_R_SUCCESS)
553 isc_task_setname(view->task, "view", view);
555 result = dns_resolver_create(view, taskmgr, ntasks, socketmgr,
556 timermgr, options, dispatchmgr,
557 dispatchv4, dispatchv6,
559 if (result != ISC_R_SUCCESS) {
560 isc_task_detach(&view->task);
563 event = &view->resevent;
564 dns_resolver_whenshutdown(view->resolver, view->task, &event);
565 view->attributes &= ~DNS_VIEWATTR_RESSHUTDOWN;
567 result = isc_mem_create(0, 0, &mctx);
568 if (result != ISC_R_SUCCESS) {
569 dns_resolver_shutdown(view->resolver);
573 result = dns_adb_create(mctx, view, timermgr, taskmgr, &view->adb);
574 isc_mem_detach(&mctx);
575 if (result != ISC_R_SUCCESS) {
576 dns_resolver_shutdown(view->resolver);
579 event = &view->adbevent;
580 dns_adb_whenshutdown(view->adb, view->task, &event);
581 view->attributes &= ~DNS_VIEWATTR_ADBSHUTDOWN;
583 result = dns_requestmgr_create(view->mctx, timermgr, socketmgr,
584 dns_resolver_taskmgr(view->resolver),
585 dns_resolver_dispatchmgr(view->resolver),
586 dns_resolver_dispatchv4(view->resolver),
587 dns_resolver_dispatchv6(view->resolver),
589 if (result != ISC_R_SUCCESS) {
590 dns_adb_shutdown(view->adb);
591 dns_resolver_shutdown(view->resolver);
594 event = &view->reqevent;
595 dns_requestmgr_whenshutdown(view->requestmgr, view->task, &event);
596 view->attributes &= ~DNS_VIEWATTR_REQSHUTDOWN;
598 return (ISC_R_SUCCESS);
602 dns_view_setcache(dns_view_t *view, dns_cache_t *cache) {
603 REQUIRE(DNS_VIEW_VALID(view));
604 REQUIRE(!view->frozen);
606 if (view->cache != NULL) {
607 if (view->acache != NULL)
608 dns_acache_putdb(view->acache, view->cachedb);
609 dns_db_detach(&view->cachedb);
610 dns_cache_detach(&view->cache);
612 dns_cache_attach(cache, &view->cache);
613 dns_cache_attachdb(cache, &view->cachedb);
614 INSIST(DNS_DB_VALID(view->cachedb));
616 if (view->acache != NULL)
617 dns_acache_setdb(view->acache, view->cachedb);
621 dns_view_sethints(dns_view_t *view, dns_db_t *hints) {
622 REQUIRE(DNS_VIEW_VALID(view));
623 REQUIRE(!view->frozen);
624 REQUIRE(view->hints == NULL);
625 REQUIRE(dns_db_iszone(hints));
627 dns_db_attach(hints, &view->hints);
631 dns_view_setkeyring(dns_view_t *view, dns_tsig_keyring_t *ring) {
632 REQUIRE(DNS_VIEW_VALID(view));
633 REQUIRE(ring != NULL);
634 if (view->statickeys != NULL)
635 dns_tsigkeyring_destroy(&view->statickeys);
636 view->statickeys = ring;
640 dns_view_setdstport(dns_view_t *view, in_port_t dstport) {
641 REQUIRE(DNS_VIEW_VALID(view));
642 view->dstport = dstport;
646 dns_view_addzone(dns_view_t *view, dns_zone_t *zone) {
649 REQUIRE(DNS_VIEW_VALID(view));
650 REQUIRE(!view->frozen);
652 result = dns_zt_mount(view->zonetable, zone);
658 dns_view_freeze(dns_view_t *view) {
659 REQUIRE(DNS_VIEW_VALID(view));
660 REQUIRE(!view->frozen);
662 if (view->resolver != NULL) {
663 INSIST(view->cachedb != NULL);
664 dns_resolver_freeze(view->resolver);
666 view->frozen = ISC_TRUE;
670 dns_view_findzone(dns_view_t *view, dns_name_t *name, dns_zone_t **zonep) {
673 REQUIRE(DNS_VIEW_VALID(view));
675 result = dns_zt_find(view->zonetable, name, 0, NULL, zonep);
676 if (result == DNS_R_PARTIALMATCH) {
677 dns_zone_detach(zonep);
678 result = ISC_R_NOTFOUND;
685 dns_view_find(dns_view_t *view, dns_name_t *name, dns_rdatatype_t type,
686 isc_stdtime_t now, unsigned int options, isc_boolean_t use_hints,
687 dns_db_t **dbp, dns_dbnode_t **nodep, dns_name_t *foundname,
688 dns_rdataset_t *rdataset, dns_rdataset_t *sigrdataset)
692 dns_dbnode_t *node, *znode;
693 isc_boolean_t is_cache;
694 dns_rdataset_t zrdataset, zsigrdataset;
698 * Find an rdataset whose owner name is 'name', and whose type is
702 REQUIRE(DNS_VIEW_VALID(view));
703 REQUIRE(view->frozen);
704 REQUIRE(type != dns_rdatatype_rrsig);
705 REQUIRE(rdataset != NULL); /* XXXBEW - remove this */
706 REQUIRE(nodep == NULL || *nodep == NULL);
711 dns_rdataset_init(&zrdataset);
712 dns_rdataset_init(&zsigrdataset);
717 * Find a database to answer the query.
722 result = dns_zt_find(view->zonetable, name, 0, NULL, &zone);
723 if (result == ISC_R_SUCCESS || result == DNS_R_PARTIALMATCH) {
724 result = dns_zone_getdb(zone, &db);
725 if (result != ISC_R_SUCCESS && view->cachedb != NULL)
726 dns_db_attach(view->cachedb, &db);
727 else if (result != ISC_R_SUCCESS)
729 } else if (result == ISC_R_NOTFOUND && view->cachedb != NULL)
730 dns_db_attach(view->cachedb, &db);
734 is_cache = dns_db_iscache(db);
738 * Now look for an answer in the database.
740 result = dns_db_find(db, name, NULL, type, options,
741 now, &node, foundname, rdataset, sigrdataset);
743 if (result == DNS_R_DELEGATION ||
744 result == ISC_R_NOTFOUND) {
745 if (dns_rdataset_isassociated(rdataset))
746 dns_rdataset_disassociate(rdataset);
747 if (sigrdataset != NULL &&
748 dns_rdataset_isassociated(sigrdataset))
749 dns_rdataset_disassociate(sigrdataset);
751 dns_db_detachnode(db, &node);
754 if (view->cachedb != NULL) {
756 * Either the answer is in the cache, or we
760 dns_db_attach(view->cachedb, &db);
765 * We don't have the data in the cache. If we've got
766 * glue from the zone, use it.
768 if (dns_rdataset_isassociated(&zrdataset)) {
769 dns_rdataset_clone(&zrdataset, rdataset);
770 if (sigrdataset != NULL &&
771 dns_rdataset_isassociated(&zsigrdataset))
772 dns_rdataset_clone(&zsigrdataset,
777 dns_db_attach(zdb, &db);
778 dns_db_attachnode(db, znode, &node);
783 * We don't know the answer.
785 result = ISC_R_NOTFOUND;
786 } else if (result == DNS_R_GLUE) {
787 if (view->cachedb != NULL) {
789 * We found an answer, but the cache may be better.
790 * Remember what we've got and go look in the cache.
793 dns_rdataset_clone(rdataset, &zrdataset);
794 dns_rdataset_disassociate(rdataset);
795 if (sigrdataset != NULL &&
796 dns_rdataset_isassociated(sigrdataset)) {
797 dns_rdataset_clone(sigrdataset, &zsigrdataset);
798 dns_rdataset_disassociate(sigrdataset);
800 dns_db_attach(db, &zdb);
801 dns_db_attachnode(zdb, node, &znode);
802 dns_db_detachnode(db, &node);
804 dns_db_attach(view->cachedb, &db);
808 * Otherwise, the glue is the best answer.
810 result = ISC_R_SUCCESS;
813 if (result == ISC_R_NOTFOUND && use_hints && view->hints != NULL) {
814 if (dns_rdataset_isassociated(rdataset))
815 dns_rdataset_disassociate(rdataset);
816 if (sigrdataset != NULL &&
817 dns_rdataset_isassociated(sigrdataset))
818 dns_rdataset_disassociate(sigrdataset);
821 dns_db_detachnode(db, &node);
824 result = dns_db_find(view->hints, name, NULL, type, options,
825 now, &node, foundname,
826 rdataset, sigrdataset);
827 if (result == ISC_R_SUCCESS || result == DNS_R_GLUE) {
829 * We just used a hint. Let the resolver know it
830 * should consider priming.
832 dns_resolver_prime(view->resolver);
833 dns_db_attach(view->hints, &db);
835 } else if (result == DNS_R_NXRRSET) {
836 dns_db_attach(view->hints, &db);
837 result = DNS_R_HINTNXRRSET;
838 } else if (result == DNS_R_NXDOMAIN)
839 result = ISC_R_NOTFOUND;
842 * Cleanup if non-standard hints are used.
844 if (db == NULL && node != NULL)
845 dns_db_detachnode(view->hints, &node);
849 if (result == DNS_R_NXDOMAIN || result == DNS_R_NXRRSET) {
851 * We don't care about any DNSSEC proof data in these cases.
853 if (dns_rdataset_isassociated(rdataset))
854 dns_rdataset_disassociate(rdataset);
855 if (sigrdataset != NULL &&
856 dns_rdataset_isassociated(sigrdataset))
857 dns_rdataset_disassociate(sigrdataset);
860 if (dns_rdataset_isassociated(&zrdataset)) {
861 dns_rdataset_disassociate(&zrdataset);
862 if (dns_rdataset_isassociated(&zsigrdataset))
863 dns_rdataset_disassociate(&zsigrdataset);
868 dns_db_detachnode(zdb, &znode);
877 dns_db_detachnode(db, &node);
884 INSIST(node == NULL);
887 dns_zone_detach(&zone);
893 dns_view_simplefind(dns_view_t *view, dns_name_t *name, dns_rdatatype_t type,
894 isc_stdtime_t now, unsigned int options,
895 isc_boolean_t use_hints,
896 dns_rdataset_t *rdataset, dns_rdataset_t *sigrdataset)
899 dns_fixedname_t foundname;
901 dns_fixedname_init(&foundname);
902 result = dns_view_find(view, name, type, now, options, use_hints,
903 NULL, NULL, dns_fixedname_name(&foundname),
904 rdataset, sigrdataset);
905 if (result == DNS_R_NXDOMAIN) {
907 * The rdataset and sigrdataset of the relevant NSEC record
908 * may be returned, but the caller cannot use them because
909 * foundname is not returned by this simplified API. We
910 * disassociate them here to prevent any misuse by the caller.
912 if (dns_rdataset_isassociated(rdataset))
913 dns_rdataset_disassociate(rdataset);
914 if (sigrdataset != NULL &&
915 dns_rdataset_isassociated(sigrdataset))
916 dns_rdataset_disassociate(sigrdataset);
917 } else if (result != ISC_R_SUCCESS &&
918 result != DNS_R_GLUE &&
919 result != DNS_R_HINT &&
920 result != DNS_R_NCACHENXDOMAIN &&
921 result != DNS_R_NCACHENXRRSET &&
922 result != DNS_R_NXRRSET &&
923 result != DNS_R_HINTNXRRSET &&
924 result != ISC_R_NOTFOUND) {
925 if (dns_rdataset_isassociated(rdataset))
926 dns_rdataset_disassociate(rdataset);
927 if (sigrdataset != NULL &&
928 dns_rdataset_isassociated(sigrdataset))
929 dns_rdataset_disassociate(sigrdataset);
930 result = ISC_R_NOTFOUND;
937 dns_view_findzonecut(dns_view_t *view, dns_name_t *name, dns_name_t *fname,
938 isc_stdtime_t now, unsigned int options,
939 isc_boolean_t use_hints,
940 dns_rdataset_t *rdataset, dns_rdataset_t *sigrdataset)
942 return(dns_view_findzonecut2(view, name, fname, now, options,
944 rdataset, sigrdataset));
948 dns_view_findzonecut2(dns_view_t *view, dns_name_t *name, dns_name_t *fname,
949 isc_stdtime_t now, unsigned int options,
950 isc_boolean_t use_hints, isc_boolean_t use_cache,
951 dns_rdataset_t *rdataset, dns_rdataset_t *sigrdataset)
955 isc_boolean_t is_cache, use_zone, try_hints;
958 dns_rdataset_t zrdataset, zsigrdataset;
959 dns_fixedname_t zfixedname;
961 REQUIRE(DNS_VIEW_VALID(view));
962 REQUIRE(view->frozen);
966 use_zone = ISC_FALSE;
967 try_hints = ISC_FALSE;
973 dns_fixedname_init(&zfixedname);
974 dns_rdataset_init(&zrdataset);
975 dns_rdataset_init(&zsigrdataset);
978 * Find the right database.
980 result = dns_zt_find(view->zonetable, name, 0, NULL, &zone);
981 if (result == ISC_R_SUCCESS || result == DNS_R_PARTIALMATCH)
982 result = dns_zone_getdb(zone, &db);
983 if (result == ISC_R_NOTFOUND) {
985 * We're not directly authoritative for this query name, nor
986 * is it a subdomain of any zone for which we're
989 if (use_cache && view->cachedb != NULL) {
991 * We have a cache; try it.
993 dns_db_attach(view->cachedb, &db);
996 * Maybe we have hints...
998 try_hints = ISC_TRUE;
1001 } else if (result != ISC_R_SUCCESS) {
1003 * Something is broken.
1007 is_cache = dns_db_iscache(db);
1011 * Look for the zonecut.
1014 result = dns_db_find(db, name, NULL, dns_rdatatype_ns, options,
1015 now, NULL, fname, rdataset, sigrdataset);
1016 if (result == DNS_R_DELEGATION)
1017 result = ISC_R_SUCCESS;
1018 else if (result != ISC_R_SUCCESS)
1020 if (use_cache && view->cachedb != NULL && db != view->hints) {
1022 * We found an answer, but the cache may be better.
1024 zfname = dns_fixedname_name(&zfixedname);
1025 result = dns_name_copy(fname, zfname, NULL);
1026 if (result != ISC_R_SUCCESS)
1028 dns_rdataset_clone(rdataset, &zrdataset);
1029 dns_rdataset_disassociate(rdataset);
1030 if (sigrdataset != NULL &&
1031 dns_rdataset_isassociated(sigrdataset)) {
1032 dns_rdataset_clone(sigrdataset, &zsigrdataset);
1033 dns_rdataset_disassociate(sigrdataset);
1036 dns_db_attach(view->cachedb, &db);
1037 is_cache = ISC_TRUE;
1041 result = dns_db_findzonecut(db, name, options, now, NULL,
1042 fname, rdataset, sigrdataset);
1043 if (result == ISC_R_SUCCESS) {
1044 if (zfname != NULL &&
1045 !dns_name_issubdomain(fname, zfname)) {
1047 * We found a zonecut in the cache, but our
1048 * zone delegation is better.
1050 use_zone = ISC_TRUE;
1052 } else if (result == ISC_R_NOTFOUND) {
1053 if (zfname != NULL) {
1055 * We didn't find anything in the cache, but we
1056 * have a zone delegation, so use it.
1058 use_zone = ISC_TRUE;
1061 * Maybe we have hints...
1063 try_hints = ISC_TRUE;
1067 * Something bad happened.
1075 if (dns_rdataset_isassociated(rdataset)) {
1076 dns_rdataset_disassociate(rdataset);
1077 if (sigrdataset != NULL &&
1078 dns_rdataset_isassociated(sigrdataset))
1079 dns_rdataset_disassociate(sigrdataset);
1081 result = dns_name_copy(zfname, fname, NULL);
1082 if (result != ISC_R_SUCCESS)
1084 dns_rdataset_clone(&zrdataset, rdataset);
1085 if (sigrdataset != NULL &&
1086 dns_rdataset_isassociated(&zrdataset))
1087 dns_rdataset_clone(&zsigrdataset, sigrdataset);
1088 } else if (try_hints && use_hints && view->hints != NULL) {
1090 * We've found nothing so far, but we have hints.
1092 result = dns_db_find(view->hints, dns_rootname, NULL,
1093 dns_rdatatype_ns, 0, now, NULL, fname,
1095 if (result != ISC_R_SUCCESS) {
1097 * We can't even find the hints for the root
1100 if (dns_rdataset_isassociated(rdataset))
1101 dns_rdataset_disassociate(rdataset);
1102 result = ISC_R_NOTFOUND;
1107 if (dns_rdataset_isassociated(&zrdataset)) {
1108 dns_rdataset_disassociate(&zrdataset);
1109 if (dns_rdataset_isassociated(&zsigrdataset))
1110 dns_rdataset_disassociate(&zsigrdataset);
1115 dns_zone_detach(&zone);
1121 dns_viewlist_find(dns_viewlist_t *list, const char *name,
1122 dns_rdataclass_t rdclass, dns_view_t **viewp)
1126 REQUIRE(list != NULL);
1128 for (view = ISC_LIST_HEAD(*list);
1130 view = ISC_LIST_NEXT(view, link)) {
1131 if (strcmp(view->name, name) == 0 && view->rdclass == rdclass)
1135 return (ISC_R_NOTFOUND);
1137 dns_view_attach(view, viewp);
1139 return (ISC_R_SUCCESS);
1143 dns_view_load(dns_view_t *view, isc_boolean_t stop) {
1145 REQUIRE(DNS_VIEW_VALID(view));
1147 return (dns_zt_load(view->zonetable, stop));
1151 dns_view_loadnew(dns_view_t *view, isc_boolean_t stop) {
1153 REQUIRE(DNS_VIEW_VALID(view));
1155 return (dns_zt_loadnew(view->zonetable, stop));
1159 dns_view_gettsig(dns_view_t *view, dns_name_t *keyname, dns_tsigkey_t **keyp)
1161 isc_result_t result;
1162 REQUIRE(keyp != NULL && *keyp == NULL);
1164 result = dns_tsigkey_find(keyp, keyname, NULL,
1166 if (result == ISC_R_NOTFOUND)
1167 result = dns_tsigkey_find(keyp, keyname, NULL,
1173 dns_view_getpeertsig(dns_view_t *view, isc_netaddr_t *peeraddr,
1174 dns_tsigkey_t **keyp)
1176 isc_result_t result;
1177 dns_name_t *keyname = NULL;
1178 dns_peer_t *peer = NULL;
1180 result = dns_peerlist_peerbyaddr(view->peers, peeraddr, &peer);
1181 if (result != ISC_R_SUCCESS)
1184 result = dns_peer_getkey(peer, &keyname);
1185 if (result != ISC_R_SUCCESS)
1188 return (dns_view_gettsig(view, keyname, keyp));
1192 dns_view_checksig(dns_view_t *view, isc_buffer_t *source, dns_message_t *msg) {
1193 REQUIRE(DNS_VIEW_VALID(view));
1194 REQUIRE(source != NULL);
1196 return (dns_tsig_verify(source, msg, view->statickeys,
1197 view->dynamickeys));
1201 dns_view_dumpdbtostream(dns_view_t *view, FILE *fp) {
1202 isc_result_t result;
1204 REQUIRE(DNS_VIEW_VALID(view));
1206 (void)fprintf(fp, ";\n; Cache dump of view '%s'\n;\n", view->name);
1207 result = dns_master_dumptostream(view->mctx, view->cachedb, NULL,
1208 &dns_master_style_cache, fp);
1209 if (result != ISC_R_SUCCESS)
1211 dns_adb_dump(view->adb, fp);
1212 return (ISC_R_SUCCESS);
1216 dns_view_flushcache(dns_view_t *view) {
1217 isc_result_t result;
1219 REQUIRE(DNS_VIEW_VALID(view));
1221 if (view->cachedb == NULL)
1222 return (ISC_R_SUCCESS);
1223 result = dns_cache_flush(view->cache);
1224 if (result != ISC_R_SUCCESS)
1226 if (view->acache != NULL)
1227 dns_acache_putdb(view->acache, view->cachedb);
1228 dns_db_detach(&view->cachedb);
1229 dns_cache_attachdb(view->cache, &view->cachedb);
1230 if (view->acache != NULL)
1231 dns_acache_setdb(view->acache, view->cachedb);
1233 dns_adb_flush(view->adb);
1234 return (ISC_R_SUCCESS);
1238 dns_view_flushname(dns_view_t *view, dns_name_t *name) {
1240 REQUIRE(DNS_VIEW_VALID(view));
1242 if (view->adb != NULL)
1243 dns_adb_flushname(view->adb, name);
1244 if (view->cache == NULL)
1245 return (ISC_R_SUCCESS);
1246 return (dns_cache_flushname(view->cache, name));
1250 dns_view_adddelegationonly(dns_view_t *view, dns_name_t *name) {
1251 isc_result_t result;
1255 REQUIRE(DNS_VIEW_VALID(view));
1257 if (view->delonly == NULL) {
1258 view->delonly = isc_mem_get(view->mctx,
1259 sizeof(dns_namelist_t) *
1260 DNS_VIEW_DELONLYHASH);
1261 if (view->delonly == NULL)
1262 return (ISC_R_NOMEMORY);
1263 for (hash = 0; hash < DNS_VIEW_DELONLYHASH; hash++)
1264 ISC_LIST_INIT(view->delonly[hash]);
1266 hash = dns_name_hash(name, ISC_FALSE) % DNS_VIEW_DELONLYHASH;
1267 new = ISC_LIST_HEAD(view->delonly[hash]);
1268 while (new != NULL && !dns_name_equal(new, name))
1269 new = ISC_LIST_NEXT(new, link);
1271 return (ISC_R_SUCCESS);
1272 new = isc_mem_get(view->mctx, sizeof(*new));
1274 return (ISC_R_NOMEMORY);
1275 dns_name_init(new, NULL);
1276 result = dns_name_dup(name, view->mctx, new);
1277 if (result == ISC_R_SUCCESS)
1278 ISC_LIST_APPEND(view->delonly[hash], new, link);
1280 isc_mem_put(view->mctx, new, sizeof(*new));
1285 dns_view_excludedelegationonly(dns_view_t *view, dns_name_t *name) {
1286 isc_result_t result;
1290 REQUIRE(DNS_VIEW_VALID(view));
1292 if (view->rootexclude == NULL) {
1293 view->rootexclude = isc_mem_get(view->mctx,
1294 sizeof(dns_namelist_t) *
1295 DNS_VIEW_DELONLYHASH);
1296 if (view->rootexclude == NULL)
1297 return (ISC_R_NOMEMORY);
1298 for (hash = 0; hash < DNS_VIEW_DELONLYHASH; hash++)
1299 ISC_LIST_INIT(view->rootexclude[hash]);
1301 hash = dns_name_hash(name, ISC_FALSE) % DNS_VIEW_DELONLYHASH;
1302 new = ISC_LIST_HEAD(view->rootexclude[hash]);
1303 while (new != NULL && !dns_name_equal(new, name))
1304 new = ISC_LIST_NEXT(new, link);
1306 return (ISC_R_SUCCESS);
1307 new = isc_mem_get(view->mctx, sizeof(*new));
1309 return (ISC_R_NOMEMORY);
1310 dns_name_init(new, NULL);
1311 result = dns_name_dup(name, view->mctx, new);
1312 if (result == ISC_R_SUCCESS)
1313 ISC_LIST_APPEND(view->rootexclude[hash], new, link);
1315 isc_mem_put(view->mctx, new, sizeof(*new));
1320 dns_view_isdelegationonly(dns_view_t *view, dns_name_t *name) {
1324 REQUIRE(DNS_VIEW_VALID(view));
1326 if (!view->rootdelonly && view->delonly == NULL)
1329 hash = dns_name_hash(name, ISC_FALSE) % DNS_VIEW_DELONLYHASH;
1330 if (view->rootdelonly && dns_name_countlabels(name) <= 2) {
1331 if (view->rootexclude == NULL)
1333 new = ISC_LIST_HEAD(view->rootexclude[hash]);
1334 while (new != NULL && !dns_name_equal(new, name))
1335 new = ISC_LIST_NEXT(new, link);
1340 if (view->delonly == NULL)
1343 new = ISC_LIST_HEAD(view->delonly[hash]);
1344 while (new != NULL && !dns_name_equal(new, name))
1345 new = ISC_LIST_NEXT(new, link);
1352 dns_view_setrootdelonly(dns_view_t *view, isc_boolean_t value) {
1353 REQUIRE(DNS_VIEW_VALID(view));
1354 view->rootdelonly = value;
1358 dns_view_getrootdelonly(dns_view_t *view) {
1359 REQUIRE(DNS_VIEW_VALID(view));
1360 return (view->rootdelonly);
1364 dns_view_freezezones(dns_view_t *view, isc_boolean_t value) {
1365 REQUIRE(DNS_VIEW_VALID(view));
1366 return (dns_zt_freezezones(view->zonetable, value));