2 * iterator/iter_delegpt.c - delegation point with NS and address information.
4 * Copyright (c) 2007, NLnet Labs. All rights reserved.
6 * This software is open source.
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
12 * Redistributions of source code must retain the above copyright notice,
13 * this list of conditions and the following disclaimer.
15 * Redistributions in binary form must reproduce the above copyright notice,
16 * this list of conditions and the following disclaimer in the documentation
17 * and/or other materials provided with the distribution.
19 * Neither the name of the NLNET LABS nor the names of its contributors may
20 * be used to endorse or promote products derived from this software without
21 * specific prior written permission.
23 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
24 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
25 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
26 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE
27 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
28 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
29 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
30 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
31 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
32 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
33 * POSSIBILITY OF SUCH DAMAGE.
39 * This file implements the Delegation Point. It contains a list of name servers
40 * and their addresses if known.
43 #include "iterator/iter_delegpt.h"
44 #include "services/cache/dns.h"
45 #include "util/regional.h"
46 #include "util/data/dname.h"
47 #include "util/data/packed_rrset.h"
48 #include "util/data/msgreply.h"
49 #include "util/net_help.h"
52 delegpt_create(struct regional* region)
54 struct delegpt* dp=(struct delegpt*)regional_alloc(
58 memset(dp, 0, sizeof(*dp));
62 struct delegpt* delegpt_copy(struct delegpt* dp, struct regional* region)
64 struct delegpt* copy = delegpt_create(region);
65 struct delegpt_ns* ns;
66 struct delegpt_addr* a;
69 if(!delegpt_set_name(copy, region, dp->name))
71 copy->bogus = dp->bogus;
72 copy->has_parent_side_NS = dp->has_parent_side_NS;
73 for(ns = dp->nslist; ns; ns = ns->next) {
74 if(!delegpt_add_ns(copy, region, ns->name, (int)ns->lame))
76 copy->nslist->resolved = ns->resolved;
77 copy->nslist->got4 = ns->got4;
78 copy->nslist->got6 = ns->got6;
79 copy->nslist->done_pside4 = ns->done_pside4;
80 copy->nslist->done_pside6 = ns->done_pside6;
82 for(a = dp->target_list; a; a = a->next_target) {
83 if(!delegpt_add_addr(copy, region, &a->addr, a->addrlen,
91 delegpt_set_name(struct delegpt* dp, struct regional* region, uint8_t* name)
93 log_assert(!dp->dp_type_mlc);
94 dp->namelabs = dname_count_size_labels(name, &dp->namelen);
95 dp->name = regional_alloc_init(region, name, dp->namelen);
100 delegpt_add_ns(struct delegpt* dp, struct regional* region, uint8_t* name,
103 struct delegpt_ns* ns;
105 (void)dname_count_size_labels(name, &len);
106 log_assert(!dp->dp_type_mlc);
107 /* slow check for duplicates to avoid counting failures when
108 * adding the same server as a dependency twice */
109 if(delegpt_find_ns(dp, name, len))
111 ns = (struct delegpt_ns*)regional_alloc(region,
112 sizeof(struct delegpt_ns));
115 ns->next = dp->nslist;
118 ns->name = regional_alloc_init(region, name, ns->namelen);
122 ns->lame = (uint8_t)lame;
125 return ns->name != 0;
129 delegpt_find_ns(struct delegpt* dp, uint8_t* name, size_t namelen)
131 struct delegpt_ns* p = dp->nslist;
133 if(namelen == p->namelen &&
134 query_dname_compare(name, p->name) == 0) {
143 delegpt_find_addr(struct delegpt* dp, struct sockaddr_storage* addr,
146 struct delegpt_addr* p = dp->target_list;
148 if(sockaddr_cmp_addr(addr, addrlen, &p->addr, p->addrlen)==0) {
157 delegpt_add_target(struct delegpt* dp, struct regional* region,
158 uint8_t* name, size_t namelen, struct sockaddr_storage* addr,
159 socklen_t addrlen, int bogus, int lame)
161 struct delegpt_ns* ns = delegpt_find_ns(dp, name, namelen);
162 log_assert(!dp->dp_type_mlc);
168 if(addr_is_ip6(addr, addrlen))
171 if(ns->got4 && ns->got6)
174 return delegpt_add_addr(dp, region, addr, addrlen, bogus, lame);
178 delegpt_add_addr(struct delegpt* dp, struct regional* region,
179 struct sockaddr_storage* addr, socklen_t addrlen, int bogus,
182 struct delegpt_addr* a;
183 log_assert(!dp->dp_type_mlc);
184 /* check for duplicates */
185 if((a = delegpt_find_addr(dp, addr, addrlen))) {
193 a = (struct delegpt_addr*)regional_alloc(region,
194 sizeof(struct delegpt_addr));
197 a->next_target = dp->target_list;
200 a->next_usable = dp->usable_list;
202 memcpy(&a->addr, addr, addrlen);
203 a->addrlen = addrlen;
211 delegpt_count_ns(struct delegpt* dp, size_t* numns, size_t* missing)
213 struct delegpt_ns* ns;
216 for(ns = dp->nslist; ns; ns = ns->next) {
224 delegpt_count_addr(struct delegpt* dp, size_t* numaddr, size_t* numres,
227 struct delegpt_addr* a;
231 for(a = dp->target_list; a; a = a->next_target) {
234 for(a = dp->result_list; a; a = a->next_result) {
237 for(a = dp->usable_list; a; a = a->next_usable) {
242 void delegpt_log(enum verbosity_value v, struct delegpt* dp)
244 char buf[LDNS_MAX_DOMAINLEN+1];
245 struct delegpt_ns* ns;
246 struct delegpt_addr* a;
247 size_t missing=0, numns=0, numaddr=0, numres=0, numavail=0;
250 dname_str(dp->name, buf);
251 if(dp->nslist == NULL && dp->target_list == NULL) {
252 log_info("DelegationPoint<%s>: empty", buf);
255 delegpt_count_ns(dp, &numns, &missing);
256 delegpt_count_addr(dp, &numaddr, &numres, &numavail);
257 log_info("DelegationPoint<%s>: %u names (%u missing), "
258 "%u addrs (%u result, %u avail)%s",
259 buf, (unsigned)numns, (unsigned)missing,
260 (unsigned)numaddr, (unsigned)numres, (unsigned)numavail,
261 (dp->has_parent_side_NS?" parentNS":" cacheNS"));
262 if(verbosity >= VERB_ALGO) {
263 for(ns = dp->nslist; ns; ns = ns->next) {
264 dname_str(ns->name, buf);
265 log_info(" %s %s%s%s%s%s%s%s", buf,
266 (ns->resolved?"*":""),
267 (ns->got4?" A":""), (ns->got6?" AAAA":""),
268 (dp->bogus?" BOGUS":""), (ns->lame?" PARENTSIDE":""),
269 (ns->done_pside4?" PSIDE_A":""),
270 (ns->done_pside6?" PSIDE_AAAA":""));
272 for(a = dp->target_list; a; a = a->next_target) {
273 const char* str = " ";
274 if(a->bogus && a->lame) str = " BOGUS ADDR_LAME ";
275 else if(a->bogus) str = " BOGUS ";
276 else if(a->lame) str = " ADDR_LAME ";
277 log_addr(VERB_ALGO, str, &a->addr, a->addrlen);
283 delegpt_add_unused_targets(struct delegpt* dp)
285 struct delegpt_addr* usa = dp->usable_list;
286 dp->usable_list = NULL;
288 usa->next_result = dp->result_list;
289 dp->result_list = usa;
290 usa = usa->next_usable;
295 delegpt_count_targets(struct delegpt* dp)
297 struct delegpt_addr* a;
299 for(a = dp->target_list; a; a = a->next_target)
305 delegpt_count_missing_targets(struct delegpt* dp)
307 struct delegpt_ns* ns;
309 for(ns = dp->nslist; ns; ns = ns->next)
315 /** find NS rrset in given list */
316 static struct ub_packed_rrset_key*
317 find_NS(struct reply_info* rep, size_t from, size_t to)
320 for(i=from; i<to; i++) {
321 if(ntohs(rep->rrsets[i]->rk.type) == LDNS_RR_TYPE_NS)
322 return rep->rrsets[i];
328 delegpt_from_message(struct dns_msg* msg, struct regional* region)
330 struct ub_packed_rrset_key* ns_rrset = NULL;
333 /* look for NS records in the authority section... */
334 ns_rrset = find_NS(msg->rep, msg->rep->an_numrrsets,
335 msg->rep->an_numrrsets+msg->rep->ns_numrrsets);
337 /* In some cases (even legitimate, perfectly legal cases), the
338 * NS set for the "referral" might be in the answer section. */
340 ns_rrset = find_NS(msg->rep, 0, msg->rep->an_numrrsets);
342 /* If there was no NS rrset in the authority section, then this
343 * wasn't a referral message. (It might not actually be a
344 * referral message anyway) */
348 /* If we found any, then Yay! we have a delegation point. */
349 dp = delegpt_create(region);
352 dp->has_parent_side_NS = 1; /* created from message */
353 if(!delegpt_set_name(dp, region, ns_rrset->rk.dname))
355 if(!delegpt_rrset_add_ns(dp, region, ns_rrset, 0))
358 /* add glue, A and AAAA in answer and additional section */
359 for(i=0; i<msg->rep->rrset_count; i++) {
360 struct ub_packed_rrset_key* s = msg->rep->rrsets[i];
361 /* skip auth section. FIXME really needed?*/
362 if(msg->rep->an_numrrsets <= i &&
363 i < (msg->rep->an_numrrsets+msg->rep->ns_numrrsets))
366 if(ntohs(s->rk.type) == LDNS_RR_TYPE_A) {
367 if(!delegpt_add_rrset_A(dp, region, s, 0))
369 } else if(ntohs(s->rk.type) == LDNS_RR_TYPE_AAAA) {
370 if(!delegpt_add_rrset_AAAA(dp, region, s, 0))
378 delegpt_rrset_add_ns(struct delegpt* dp, struct regional* region,
379 struct ub_packed_rrset_key* ns_rrset, int lame)
381 struct packed_rrset_data* nsdata = (struct packed_rrset_data*)
382 ns_rrset->entry.data;
384 log_assert(!dp->dp_type_mlc);
385 if(nsdata->security == sec_status_bogus)
387 for(i=0; i<nsdata->count; i++) {
388 if(nsdata->rr_len[i] < 2+1) continue; /* len + root label */
389 if(dname_valid(nsdata->rr_data[i]+2, nsdata->rr_len[i]-2) !=
390 (size_t)ldns_read_uint16(nsdata->rr_data[i]))
391 continue; /* bad format */
392 /* add rdata of NS (= wirefmt dname), skip rdatalen bytes */
393 if(!delegpt_add_ns(dp, region, nsdata->rr_data[i]+2, lame))
400 delegpt_add_rrset_A(struct delegpt* dp, struct regional* region,
401 struct ub_packed_rrset_key* ak, int lame)
403 struct packed_rrset_data* d=(struct packed_rrset_data*)ak->entry.data;
405 struct sockaddr_in sa;
406 socklen_t len = (socklen_t)sizeof(sa);
407 log_assert(!dp->dp_type_mlc);
409 sa.sin_family = AF_INET;
410 sa.sin_port = (in_port_t)htons(UNBOUND_DNS_PORT);
411 for(i=0; i<d->count; i++) {
412 if(d->rr_len[i] != 2 + INET_SIZE)
414 memmove(&sa.sin_addr, d->rr_data[i]+2, INET_SIZE);
415 if(!delegpt_add_target(dp, region, ak->rk.dname,
416 ak->rk.dname_len, (struct sockaddr_storage*)&sa,
417 len, (d->security==sec_status_bogus), lame))
424 delegpt_add_rrset_AAAA(struct delegpt* dp, struct regional* region,
425 struct ub_packed_rrset_key* ak, int lame)
427 struct packed_rrset_data* d=(struct packed_rrset_data*)ak->entry.data;
429 struct sockaddr_in6 sa;
430 socklen_t len = (socklen_t)sizeof(sa);
431 log_assert(!dp->dp_type_mlc);
433 sa.sin6_family = AF_INET6;
434 sa.sin6_port = (in_port_t)htons(UNBOUND_DNS_PORT);
435 for(i=0; i<d->count; i++) {
436 if(d->rr_len[i] != 2 + INET6_SIZE) /* rdatalen + len of IP6 */
438 memmove(&sa.sin6_addr, d->rr_data[i]+2, INET6_SIZE);
439 if(!delegpt_add_target(dp, region, ak->rk.dname,
440 ak->rk.dname_len, (struct sockaddr_storage*)&sa,
441 len, (d->security==sec_status_bogus), lame))
448 delegpt_add_rrset(struct delegpt* dp, struct regional* region,
449 struct ub_packed_rrset_key* rrset, int lame)
453 if(ntohs(rrset->rk.type) == LDNS_RR_TYPE_NS)
454 return delegpt_rrset_add_ns(dp, region, rrset, lame);
455 else if(ntohs(rrset->rk.type) == LDNS_RR_TYPE_A)
456 return delegpt_add_rrset_A(dp, region, rrset, lame);
457 else if(ntohs(rrset->rk.type) == LDNS_RR_TYPE_AAAA)
458 return delegpt_add_rrset_AAAA(dp, region, rrset, lame);
459 log_warn("Unknown rrset type added to delegpt");
463 void delegpt_add_neg_msg(struct delegpt* dp, struct msgreply_entry* msg)
465 struct reply_info* rep = (struct reply_info*)msg->entry.data;
468 /* if error or no answers */
469 if(FLAGS_GET_RCODE(rep->flags) != 0 || rep->an_numrrsets == 0) {
470 struct delegpt_ns* ns = delegpt_find_ns(dp, msg->key.qname,
473 if(msg->key.qtype == LDNS_RR_TYPE_A)
475 else if(msg->key.qtype == LDNS_RR_TYPE_AAAA)
477 if(ns->got4 && ns->got6)
483 void delegpt_no_ipv6(struct delegpt* dp)
485 struct delegpt_ns* ns;
486 for(ns = dp->nslist; ns; ns = ns->next) {
487 /* no ipv6, so only ipv4 is enough to resolve a nameserver */
493 void delegpt_no_ipv4(struct delegpt* dp)
495 struct delegpt_ns* ns;
496 for(ns = dp->nslist; ns; ns = ns->next) {
497 /* no ipv4, so only ipv6 is enough to resolve a nameserver */
503 struct delegpt* delegpt_create_mlc(uint8_t* name)
505 struct delegpt* dp=(struct delegpt*)calloc(1, sizeof(*dp));
510 dp->namelabs = dname_count_size_labels(name, &dp->namelen);
511 dp->name = memdup(name, dp->namelen);
520 void delegpt_free_mlc(struct delegpt* dp)
522 struct delegpt_ns* n, *nn;
523 struct delegpt_addr* a, *na;
525 log_assert(dp->dp_type_mlc);
543 int delegpt_set_name_mlc(struct delegpt* dp, uint8_t* name)
545 log_assert(dp->dp_type_mlc);
546 dp->namelabs = dname_count_size_labels(name, &dp->namelen);
547 dp->name = memdup(name, dp->namelen);
548 return (dp->name != NULL);
551 int delegpt_add_ns_mlc(struct delegpt* dp, uint8_t* name, int lame)
553 struct delegpt_ns* ns;
555 (void)dname_count_size_labels(name, &len);
556 log_assert(dp->dp_type_mlc);
557 /* slow check for duplicates to avoid counting failures when
558 * adding the same server as a dependency twice */
559 if(delegpt_find_ns(dp, name, len))
561 ns = (struct delegpt_ns*)malloc(sizeof(struct delegpt_ns));
565 ns->name = memdup(name, ns->namelen);
570 ns->next = dp->nslist;
575 ns->lame = (uint8_t)lame;
581 int delegpt_add_addr_mlc(struct delegpt* dp, struct sockaddr_storage* addr,
582 socklen_t addrlen, int bogus, int lame)
584 struct delegpt_addr* a;
585 log_assert(dp->dp_type_mlc);
586 /* check for duplicates */
587 if((a = delegpt_find_addr(dp, addr, addrlen))) {
595 a = (struct delegpt_addr*)malloc(sizeof(struct delegpt_addr));
598 a->next_target = dp->target_list;
601 a->next_usable = dp->usable_list;
603 memcpy(&a->addr, addr, addrlen);
604 a->addrlen = addrlen;
611 int delegpt_add_target_mlc(struct delegpt* dp, uint8_t* name, size_t namelen,
612 struct sockaddr_storage* addr, socklen_t addrlen, int bogus, int lame)
614 struct delegpt_ns* ns = delegpt_find_ns(dp, name, namelen);
615 log_assert(dp->dp_type_mlc);
621 if(addr_is_ip6(addr, addrlen))
624 if(ns->got4 && ns->got6)
627 return delegpt_add_addr_mlc(dp, addr, addrlen, bogus, lame);
630 size_t delegpt_get_mem(struct delegpt* dp)
632 struct delegpt_ns* ns;
635 s = sizeof(*dp) + dp->namelen +
636 delegpt_count_targets(dp)*sizeof(struct delegpt_addr);
637 for(ns=dp->nslist; ns; ns=ns->next)
638 s += sizeof(*ns)+ns->namelen;