2 * services/authzone.c - authoritative zone that is locally hosted.
4 * Copyright (c) 2017, NLnet Labs. All rights reserved.
6 * This software is open source.
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
12 * Redistributions of source code must retain the above copyright notice,
13 * this list of conditions and the following disclaimer.
15 * Redistributions in binary form must reproduce the above copyright notice,
16 * this list of conditions and the following disclaimer in the documentation
17 * and/or other materials provided with the distribution.
19 * Neither the name of the NLNET LABS nor the names of its contributors may
20 * be used to endorse or promote products derived from this software without
21 * specific prior written permission.
23 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
24 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
25 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
26 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
27 * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
28 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
29 * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
30 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
31 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
32 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
33 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
39 * This file contains the functions for an authority zone. This zone
40 * is queried by the iterator, just like a stub or forward zone, but then
41 * the data is locally held.
45 #include "services/authzone.h"
46 #include "util/data/dname.h"
47 #include "util/data/msgparse.h"
48 #include "util/data/msgreply.h"
49 #include "util/data/msgencode.h"
50 #include "util/data/packed_rrset.h"
51 #include "util/regional.h"
52 #include "util/net_help.h"
53 #include "util/netevent.h"
54 #include "util/config_file.h"
56 #include "util/module.h"
57 #include "util/random.h"
58 #include "services/cache/dns.h"
59 #include "services/outside_network.h"
60 #include "services/listen_dnsport.h"
61 #include "services/mesh.h"
62 #include "sldns/rrdef.h"
63 #include "sldns/pkthdr.h"
64 #include "sldns/sbuffer.h"
65 #include "sldns/str2wire.h"
66 #include "sldns/wire2str.h"
67 #include "sldns/parseutil.h"
68 #include "sldns/keyraw.h"
69 #include "validator/val_nsec3.h"
70 #include "validator/val_nsec.h"
71 #include "validator/val_secalgo.h"
72 #include "validator/val_sigcrypt.h"
73 #include "validator/val_anchor.h"
74 #include "validator/val_utils.h"
77 /** bytes to use for NSEC3 hash buffer. 20 for sha1 */
78 #define N3HASHBUFLEN 32
79 /** max number of CNAMEs we are willing to follow (in one answer) */
80 #define MAX_CNAME_CHAIN 8
81 /** timeout for probe packets for SOA */
82 #define AUTH_PROBE_TIMEOUT 100 /* msec */
83 /** when to stop with SOA probes (when exponential timeouts exceed this) */
84 #define AUTH_PROBE_TIMEOUT_STOP 1000 /* msec */
85 /* auth transfer timeout for TCP connections, in msec */
86 #define AUTH_TRANSFER_TIMEOUT 10000 /* msec */
87 /* auth transfer max backoff for failed tranfers and probes */
88 #define AUTH_TRANSFER_MAX_BACKOFF 86400 /* sec */
89 /* auth http port number */
90 #define AUTH_HTTP_PORT 80
91 /* auth https port number */
92 #define AUTH_HTTPS_PORT 443
93 /* max depth for nested $INCLUDEs */
94 #define MAX_INCLUDE_DEPTH 10
95 /** number of timeouts before we fallback from IXFR to AXFR,
96 * because some versions of servers (eg. dnsmasq) drop IXFR packets. */
97 #define NUM_TIMEOUTS_FALLBACK_IXFR 3
99 /** pick up nextprobe task to start waiting to perform transfer actions */
100 static void xfr_set_timeout(struct auth_xfer* xfr, struct module_env* env,
101 int failure, int lookup_only);
102 /** move to sending the probe packets, next if fails. task_probe */
103 static void xfr_probe_send_or_end(struct auth_xfer* xfr,
104 struct module_env* env);
105 /** pick up probe task with specified(or NULL) destination first,
106 * or transfer task if nothing to probe, or false if already in progress */
107 static int xfr_start_probe(struct auth_xfer* xfr, struct module_env* env,
108 struct auth_master* spec);
109 /** delete xfer structure (not its tree entry) */
110 static void auth_xfer_delete(struct auth_xfer* xfr);
112 /** create new dns_msg */
113 static struct dns_msg*
114 msg_create(struct regional* region, struct query_info* qinfo)
116 struct dns_msg* msg = (struct dns_msg*)regional_alloc(region,
117 sizeof(struct dns_msg));
120 msg->qinfo.qname = regional_alloc_init(region, qinfo->qname,
122 if(!msg->qinfo.qname)
124 msg->qinfo.qname_len = qinfo->qname_len;
125 msg->qinfo.qtype = qinfo->qtype;
126 msg->qinfo.qclass = qinfo->qclass;
127 msg->qinfo.local_alias = NULL;
128 /* non-packed reply_info, because it needs to grow the array */
129 msg->rep = (struct reply_info*)regional_alloc_zero(region,
130 sizeof(struct reply_info)-sizeof(struct rrset_ref));
133 msg->rep->flags = (uint16_t)(BIT_QR | BIT_AA);
134 msg->rep->authoritative = 1;
135 msg->rep->qdcount = 1;
136 /* rrsets is NULL, no rrsets yet */
140 /** grow rrset array by one in msg */
142 msg_grow_array(struct regional* region, struct dns_msg* msg)
144 if(msg->rep->rrsets == NULL) {
145 msg->rep->rrsets = regional_alloc_zero(region,
146 sizeof(struct ub_packed_rrset_key*)*(msg->rep->rrset_count+1));
147 if(!msg->rep->rrsets)
150 struct ub_packed_rrset_key** rrsets_old = msg->rep->rrsets;
151 msg->rep->rrsets = regional_alloc_zero(region,
152 sizeof(struct ub_packed_rrset_key*)*(msg->rep->rrset_count+1));
153 if(!msg->rep->rrsets)
155 memmove(msg->rep->rrsets, rrsets_old,
156 sizeof(struct ub_packed_rrset_key*)*msg->rep->rrset_count);
161 /** get ttl of rrset */
163 get_rrset_ttl(struct ub_packed_rrset_key* k)
165 struct packed_rrset_data* d = (struct packed_rrset_data*)
170 /** Copy rrset into region from domain-datanode and packet rrset */
171 static struct ub_packed_rrset_key*
172 auth_packed_rrset_copy_region(struct auth_zone* z, struct auth_data* node,
173 struct auth_rrset* rrset, struct regional* region, time_t adjust)
175 struct ub_packed_rrset_key key;
176 memset(&key, 0, sizeof(key));
177 key.entry.key = &key;
178 key.entry.data = rrset->data;
179 key.rk.dname = node->name;
180 key.rk.dname_len = node->namelen;
181 key.rk.type = htons(rrset->type);
182 key.rk.rrset_class = htons(z->dclass);
183 key.entry.hash = rrset_key_hash(&key.rk);
184 return packed_rrset_copy_region(&key, region, adjust);
187 /** fix up msg->rep TTL and prefetch ttl */
189 msg_ttl(struct dns_msg* msg)
191 if(msg->rep->rrset_count == 0) return;
192 if(msg->rep->rrset_count == 1) {
193 msg->rep->ttl = get_rrset_ttl(msg->rep->rrsets[0]);
194 msg->rep->prefetch_ttl = PREFETCH_TTL_CALC(msg->rep->ttl);
195 msg->rep->serve_expired_ttl = msg->rep->ttl + SERVE_EXPIRED_TTL;
196 } else if(get_rrset_ttl(msg->rep->rrsets[msg->rep->rrset_count-1]) <
198 msg->rep->ttl = get_rrset_ttl(msg->rep->rrsets[
199 msg->rep->rrset_count-1]);
200 msg->rep->prefetch_ttl = PREFETCH_TTL_CALC(msg->rep->ttl);
201 msg->rep->serve_expired_ttl = msg->rep->ttl + SERVE_EXPIRED_TTL;
205 /** see if rrset is a duplicate in the answer message */
207 msg_rrset_duplicate(struct dns_msg* msg, uint8_t* nm, size_t nmlen,
208 uint16_t type, uint16_t dclass)
211 for(i=0; i<msg->rep->rrset_count; i++) {
212 struct ub_packed_rrset_key* k = msg->rep->rrsets[i];
213 if(ntohs(k->rk.type) == type && k->rk.dname_len == nmlen &&
214 ntohs(k->rk.rrset_class) == dclass &&
215 query_dname_compare(k->rk.dname, nm) == 0)
221 /** add rrset to answer section (no auth, add rrsets yet) */
223 msg_add_rrset_an(struct auth_zone* z, struct regional* region,
224 struct dns_msg* msg, struct auth_data* node, struct auth_rrset* rrset)
226 log_assert(msg->rep->ns_numrrsets == 0);
227 log_assert(msg->rep->ar_numrrsets == 0);
230 if(msg_rrset_duplicate(msg, node->name, node->namelen, rrset->type,
234 if(!msg_grow_array(region, msg))
237 if(!(msg->rep->rrsets[msg->rep->rrset_count] =
238 auth_packed_rrset_copy_region(z, node, rrset, region, 0)))
240 msg->rep->rrset_count++;
241 msg->rep->an_numrrsets++;
246 /** add rrset to authority section (no additonal section rrsets yet) */
248 msg_add_rrset_ns(struct auth_zone* z, struct regional* region,
249 struct dns_msg* msg, struct auth_data* node, struct auth_rrset* rrset)
251 log_assert(msg->rep->ar_numrrsets == 0);
254 if(msg_rrset_duplicate(msg, node->name, node->namelen, rrset->type,
258 if(!msg_grow_array(region, msg))
261 if(!(msg->rep->rrsets[msg->rep->rrset_count] =
262 auth_packed_rrset_copy_region(z, node, rrset, region, 0)))
264 msg->rep->rrset_count++;
265 msg->rep->ns_numrrsets++;
270 /** add rrset to additional section */
272 msg_add_rrset_ar(struct auth_zone* z, struct regional* region,
273 struct dns_msg* msg, struct auth_data* node, struct auth_rrset* rrset)
277 if(msg_rrset_duplicate(msg, node->name, node->namelen, rrset->type,
281 if(!msg_grow_array(region, msg))
284 if(!(msg->rep->rrsets[msg->rep->rrset_count] =
285 auth_packed_rrset_copy_region(z, node, rrset, region, 0)))
287 msg->rep->rrset_count++;
288 msg->rep->ar_numrrsets++;
293 struct auth_zones* auth_zones_create(void)
295 struct auth_zones* az = (struct auth_zones*)calloc(1, sizeof(*az));
297 log_err("out of memory");
300 rbtree_init(&az->ztree, &auth_zone_cmp);
301 rbtree_init(&az->xtree, &auth_xfer_cmp);
302 lock_rw_init(&az->lock);
303 lock_protect(&az->lock, &az->ztree, sizeof(az->ztree));
304 lock_protect(&az->lock, &az->xtree, sizeof(az->xtree));
305 /* also lock protects the rbnode's in struct auth_zone, auth_xfer */
306 lock_rw_init(&az->rpz_lock);
307 lock_protect(&az->rpz_lock, &az->rpz_first, sizeof(az->rpz_first));
311 int auth_zone_cmp(const void* z1, const void* z2)
313 /* first sort on class, so that hierarchy can be maintained within
315 struct auth_zone* a = (struct auth_zone*)z1;
316 struct auth_zone* b = (struct auth_zone*)z2;
318 if(a->dclass != b->dclass) {
319 if(a->dclass < b->dclass)
323 /* sorted such that higher zones sort before lower zones (their
325 return dname_lab_cmp(a->name, a->namelabs, b->name, b->namelabs, &m);
328 int auth_data_cmp(const void* z1, const void* z2)
330 struct auth_data* a = (struct auth_data*)z1;
331 struct auth_data* b = (struct auth_data*)z2;
333 /* canonical sort, because DNSSEC needs that */
334 return dname_canon_lab_cmp(a->name, a->namelabs, b->name,
338 int auth_xfer_cmp(const void* z1, const void* z2)
340 /* first sort on class, so that hierarchy can be maintained within
342 struct auth_xfer* a = (struct auth_xfer*)z1;
343 struct auth_xfer* b = (struct auth_xfer*)z2;
345 if(a->dclass != b->dclass) {
346 if(a->dclass < b->dclass)
350 /* sorted such that higher zones sort before lower zones (their
352 return dname_lab_cmp(a->name, a->namelabs, b->name, b->namelabs, &m);
355 /** delete auth rrset node */
357 auth_rrset_delete(struct auth_rrset* rrset)
364 /** delete auth data domain node */
366 auth_data_delete(struct auth_data* n)
368 struct auth_rrset* p, *np;
373 auth_rrset_delete(p);
380 /** helper traverse to delete zones */
382 auth_data_del(rbnode_type* n, void* ATTR_UNUSED(arg))
384 struct auth_data* z = (struct auth_data*)n->key;
388 /** delete an auth zone structure (tree remove must be done elsewhere) */
390 auth_zone_delete(struct auth_zone* z, struct auth_zones* az)
393 lock_rw_destroy(&z->lock);
394 traverse_postorder(&z->data, auth_data_del, NULL);
397 /* keep RPZ linked list intact */
398 lock_rw_wrlock(&az->rpz_lock);
400 z->rpz_az_prev->rpz_az_next = z->rpz_az_next;
402 az->rpz_first = z->rpz_az_next;
404 z->rpz_az_next->rpz_az_prev = z->rpz_az_prev;
405 lock_rw_unlock(&az->rpz_lock);
415 auth_zone_create(struct auth_zones* az, uint8_t* nm, size_t nmlen,
418 struct auth_zone* z = (struct auth_zone*)calloc(1, sizeof(*z));
425 z->namelabs = dname_count_labels(nm);
426 z->name = memdup(nm, nmlen);
431 rbtree_init(&z->data, &auth_data_cmp);
432 lock_rw_init(&z->lock);
433 lock_protect(&z->lock, &z->name, sizeof(*z)-sizeof(rbnode_type)-
434 sizeof(&z->rpz_az_next)-sizeof(&z->rpz_az_prev));
435 lock_rw_wrlock(&z->lock);
436 /* z lock protects all, except rbtree itself and the rpz linked list
437 * pointers, which are protected using az->lock */
438 if(!rbtree_insert(&az->ztree, &z->node)) {
439 lock_rw_unlock(&z->lock);
440 auth_zone_delete(z, NULL);
441 log_warn("duplicate auth zone");
448 auth_zone_find(struct auth_zones* az, uint8_t* nm, size_t nmlen,
451 struct auth_zone key;
456 key.namelabs = dname_count_labels(nm);
457 return (struct auth_zone*)rbtree_search(&az->ztree, &key);
461 auth_xfer_find(struct auth_zones* az, uint8_t* nm, size_t nmlen,
464 struct auth_xfer key;
469 key.namelabs = dname_count_labels(nm);
470 return (struct auth_xfer*)rbtree_search(&az->xtree, &key);
473 /** find an auth zone or sorted less-or-equal, return true if exact */
475 auth_zone_find_less_equal(struct auth_zones* az, uint8_t* nm, size_t nmlen,
476 uint16_t dclass, struct auth_zone** z)
478 struct auth_zone key;
483 key.namelabs = dname_count_labels(nm);
484 return rbtree_find_less_equal(&az->ztree, &key, (rbnode_type**)z);
488 /** find the auth zone that is above the given name */
490 auth_zones_find_zone(struct auth_zones* az, uint8_t* name, size_t name_len,
494 size_t nmlen = name_len;
496 if(auth_zone_find_less_equal(az, nm, nmlen, dclass, &z)) {
500 /* less-or-nothing */
501 if(!z) return NULL; /* nothing smaller, nothing above it */
502 /* we found smaller name; smaller may be above the name,
503 * but not below it. */
504 nm = dname_get_shared_topdomain(z->name, name);
505 dname_count_size_labels(nm, &nmlen);
511 z = auth_zone_find(az, nm, nmlen, dclass);
513 if(dname_is_root(nm)) break;
514 dname_remove_label(&nm, &nmlen);
519 /** find or create zone with name str. caller must have lock on az.
520 * returns a wrlocked zone */
521 static struct auth_zone*
522 auth_zones_find_or_add_zone(struct auth_zones* az, char* name)
524 uint8_t nm[LDNS_MAX_DOMAINLEN+1];
525 size_t nmlen = sizeof(nm);
528 if(sldns_str2wire_dname_buf(name, nm, &nmlen) != 0) {
529 log_err("cannot parse auth zone name: %s", name);
532 z = auth_zone_find(az, nm, nmlen, LDNS_RR_CLASS_IN);
534 /* not found, create the zone */
535 z = auth_zone_create(az, nm, nmlen, LDNS_RR_CLASS_IN);
537 lock_rw_wrlock(&z->lock);
542 /** find or create xfer zone with name str. caller must have lock on az.
543 * returns a locked xfer */
544 static struct auth_xfer*
545 auth_zones_find_or_add_xfer(struct auth_zones* az, struct auth_zone* z)
548 x = auth_xfer_find(az, z->name, z->namelen, z->dclass);
550 /* not found, create the zone */
551 x = auth_xfer_create(az, z);
553 lock_basic_lock(&x->lock);
559 auth_zone_set_zonefile(struct auth_zone* z, char* zonefile)
561 if(z->zonefile) free(z->zonefile);
562 if(zonefile == NULL) {
565 z->zonefile = strdup(zonefile);
567 log_err("malloc failure");
574 /** set auth zone fallback. caller must have lock on zone */
576 auth_zone_set_fallback(struct auth_zone* z, char* fallbackstr)
578 if(strcmp(fallbackstr, "yes") != 0 && strcmp(fallbackstr, "no") != 0){
579 log_err("auth zone fallback, expected yes or no, got %s",
583 z->fallback_enabled = (strcmp(fallbackstr, "yes")==0);
587 /** create domain with the given name */
588 static struct auth_data*
589 az_domain_create(struct auth_zone* z, uint8_t* nm, size_t nmlen)
591 struct auth_data* n = (struct auth_data*)malloc(sizeof(*n));
593 memset(n, 0, sizeof(*n));
595 n->name = memdup(nm, nmlen);
601 n->namelabs = dname_count_labels(nm);
602 if(!rbtree_insert(&z->data, &n->node)) {
603 log_warn("duplicate auth domain name");
611 /** find domain with exactly the given name */
612 static struct auth_data*
613 az_find_name(struct auth_zone* z, uint8_t* nm, size_t nmlen)
615 struct auth_zone key;
619 key.namelabs = dname_count_labels(nm);
620 return (struct auth_data*)rbtree_search(&z->data, &key);
623 /** Find domain name (or closest match) */
625 az_find_domain(struct auth_zone* z, struct query_info* qinfo, int* node_exact,
626 struct auth_data** node)
628 struct auth_zone key;
630 key.name = qinfo->qname;
631 key.namelen = qinfo->qname_len;
632 key.namelabs = dname_count_labels(key.name);
633 *node_exact = rbtree_find_less_equal(&z->data, &key,
634 (rbnode_type**)node);
637 /** find or create domain with name in zone */
638 static struct auth_data*
639 az_domain_find_or_create(struct auth_zone* z, uint8_t* dname,
642 struct auth_data* n = az_find_name(z, dname, dname_len);
644 n = az_domain_create(z, dname, dname_len);
649 /** find rrset of given type in the domain */
650 static struct auth_rrset*
651 az_domain_rrset(struct auth_data* n, uint16_t t)
653 struct auth_rrset* rrset;
664 /** remove rrset of this type from domain */
666 domain_remove_rrset(struct auth_data* node, uint16_t rr_type)
668 struct auth_rrset* rrset, *prev;
671 rrset = node->rrsets;
673 if(rrset->type == rr_type) {
674 /* found it, now delete it */
675 if(prev) prev->next = rrset->next;
676 else node->rrsets = rrset->next;
677 auth_rrset_delete(rrset);
685 /** find an rrsig index in the rrset. returns true if found */
687 az_rrset_find_rrsig(struct packed_rrset_data* d, uint8_t* rdata, size_t len,
691 for(i=d->count; i<d->count + d->rrsig_count; i++) {
692 if(d->rr_len[i] != len)
694 if(memcmp(d->rr_data[i], rdata, len) == 0) {
702 /** see if rdata is duplicate */
704 rdata_duplicate(struct packed_rrset_data* d, uint8_t* rdata, size_t len)
707 for(i=0; i<d->count + d->rrsig_count; i++) {
708 if(d->rr_len[i] != len)
710 if(memcmp(d->rr_data[i], rdata, len) == 0)
716 /** get rrsig type covered from rdata.
717 * @param rdata: rdata in wireformat, starting with 16bit rdlength.
718 * @param rdatalen: length of rdata buffer.
719 * @return type covered (or 0).
722 rrsig_rdata_get_type_covered(uint8_t* rdata, size_t rdatalen)
726 return sldns_read_uint16(rdata+2);
729 /** remove RR from existing RRset. Also sig, if it is a signature.
730 * reallocates the packed rrset for a new one, false on alloc failure */
732 rrset_remove_rr(struct auth_rrset* rrset, size_t index)
734 struct packed_rrset_data* d, *old = rrset->data;
736 if(index >= old->count + old->rrsig_count)
737 return 0; /* index out of bounds */
738 d = (struct packed_rrset_data*)calloc(1, packed_rrset_sizeof(old) - (
739 sizeof(size_t) + sizeof(uint8_t*) + sizeof(time_t) +
740 old->rr_len[index]));
742 log_err("malloc failure");
746 d->count = old->count;
747 d->rrsig_count = old->rrsig_count;
748 if(index < d->count) d->count--;
749 else d->rrsig_count--;
750 d->trust = old->trust;
751 d->security = old->security;
753 /* set rr_len, needed for ptr_fixup */
754 d->rr_len = (size_t*)((uint8_t*)d +
755 sizeof(struct packed_rrset_data));
757 memmove(d->rr_len, old->rr_len, (index)*sizeof(size_t));
758 if(index+1 < old->count+old->rrsig_count)
759 memmove(&d->rr_len[index], &old->rr_len[index+1],
760 (old->count+old->rrsig_count - (index+1))*sizeof(size_t));
761 packed_rrset_ptr_fixup(d);
765 memmove(d->rr_ttl, old->rr_ttl, (index)*sizeof(time_t));
766 if(index+1 < old->count+old->rrsig_count)
767 memmove(&d->rr_ttl[index], &old->rr_ttl[index+1],
768 (old->count+old->rrsig_count - (index+1))*sizeof(time_t));
770 /* move over rr_data */
771 for(i=0; i<d->count+d->rrsig_count; i++) {
773 if(i < index) oldi = i;
775 memmove(d->rr_data[i], old->rr_data[oldi], d->rr_len[i]);
778 /* recalc ttl (lowest of remaining RR ttls) */
779 if(d->count + d->rrsig_count > 0)
780 d->ttl = d->rr_ttl[0];
781 for(i=0; i<d->count+d->rrsig_count; i++) {
782 if(d->rr_ttl[i] < d->ttl)
783 d->ttl = d->rr_ttl[i];
791 /** add RR to existing RRset. If insert_sig is true, add to rrsigs.
792 * This reallocates the packed rrset for a new one */
794 rrset_add_rr(struct auth_rrset* rrset, uint32_t rr_ttl, uint8_t* rdata,
795 size_t rdatalen, int insert_sig)
797 struct packed_rrset_data* d, *old = rrset->data;
798 size_t total, old_total;
800 d = (struct packed_rrset_data*)calloc(1, packed_rrset_sizeof(old)
801 + sizeof(size_t) + sizeof(uint8_t*) + sizeof(time_t)
804 log_err("out of memory");
807 /* copy base values */
808 memcpy(d, old, sizeof(struct packed_rrset_data));
814 old_total = old->count + old->rrsig_count;
815 total = d->count + d->rrsig_count;
816 /* set rr_len, needed for ptr_fixup */
817 d->rr_len = (size_t*)((uint8_t*)d +
818 sizeof(struct packed_rrset_data));
820 memmove(d->rr_len, old->rr_len, old->count*sizeof(size_t));
821 if(old->rrsig_count != 0)
822 memmove(d->rr_len+d->count, old->rr_len+old->count,
823 old->rrsig_count*sizeof(size_t));
825 d->rr_len[d->count-1] = rdatalen;
826 else d->rr_len[total-1] = rdatalen;
827 packed_rrset_ptr_fixup(d);
828 if((time_t)rr_ttl < d->ttl)
831 /* copy old values into new array */
832 if(old->count != 0) {
833 memmove(d->rr_ttl, old->rr_ttl, old->count*sizeof(time_t));
834 /* all the old rr pieces are allocated sequential, so we
835 * can copy them in one go */
836 memmove(d->rr_data[0], old->rr_data[0],
837 (old->rr_data[old->count-1] - old->rr_data[0]) +
838 old->rr_len[old->count-1]);
840 if(old->rrsig_count != 0) {
841 memmove(d->rr_ttl+d->count, old->rr_ttl+old->count,
842 old->rrsig_count*sizeof(time_t));
843 memmove(d->rr_data[d->count], old->rr_data[old->count],
844 (old->rr_data[old_total-1] - old->rr_data[old->count]) +
845 old->rr_len[old_total-1]);
848 /* insert new value */
850 d->rr_ttl[d->count-1] = rr_ttl;
851 memmove(d->rr_data[d->count-1], rdata, rdatalen);
853 d->rr_ttl[total-1] = rr_ttl;
854 memmove(d->rr_data[total-1], rdata, rdatalen);
862 /** Create new rrset for node with packed rrset with one RR element */
863 static struct auth_rrset*
864 rrset_create(struct auth_data* node, uint16_t rr_type, uint32_t rr_ttl,
865 uint8_t* rdata, size_t rdatalen)
867 struct auth_rrset* rrset = (struct auth_rrset*)calloc(1,
869 struct auth_rrset* p, *prev;
870 struct packed_rrset_data* d;
872 log_err("out of memory");
875 rrset->type = rr_type;
877 /* the rrset data structure, with one RR */
878 d = (struct packed_rrset_data*)calloc(1,
879 sizeof(struct packed_rrset_data) + sizeof(size_t) +
880 sizeof(uint8_t*) + sizeof(time_t) + rdatalen);
883 log_err("out of memory");
888 d->trust = rrset_trust_prim_noglue;
889 d->rr_len = (size_t*)((uint8_t*)d + sizeof(struct packed_rrset_data));
890 d->rr_data = (uint8_t**)&(d->rr_len[1]);
891 d->rr_ttl = (time_t*)&(d->rr_data[1]);
892 d->rr_data[0] = (uint8_t*)&(d->rr_ttl[1]);
895 d->rr_len[0] = rdatalen;
896 d->rr_ttl[0] = rr_ttl;
897 memmove(d->rr_data[0], rdata, rdatalen);
900 /* insert rrset into linked list for domain */
901 /* find sorted place to link the rrset into the list */
904 while(p && p->type<=rr_type) {
908 /* so, prev is smaller, and p is larger than rr_type */
910 if(prev) prev->next = rrset;
911 else node->rrsets = rrset;
915 /** count number (and size) of rrsigs that cover a type */
917 rrsig_num_that_cover(struct auth_rrset* rrsig, uint16_t rr_type, size_t* sigsz)
919 struct packed_rrset_data* d = rrsig->data;
922 log_assert(d && rrsig->type == LDNS_RR_TYPE_RRSIG);
923 for(i=0; i<d->count+d->rrsig_count; i++) {
924 if(rrsig_rdata_get_type_covered(d->rr_data[i],
925 d->rr_len[i]) == rr_type) {
927 (*sigsz) += d->rr_len[i];
933 /** See if rrsig set has covered sigs for rrset and move them over */
935 rrset_moveover_rrsigs(struct auth_data* node, uint16_t rr_type,
936 struct auth_rrset* rrset, struct auth_rrset* rrsig)
938 size_t sigs, sigsz, i, j, total;
939 struct packed_rrset_data* sigold = rrsig->data;
940 struct packed_rrset_data* old = rrset->data;
941 struct packed_rrset_data* d, *sigd;
943 log_assert(rrset->type == rr_type);
944 log_assert(rrsig->type == LDNS_RR_TYPE_RRSIG);
945 sigs = rrsig_num_that_cover(rrsig, rr_type, &sigsz);
947 /* 0 rrsigs to move over, done */
951 /* allocate rrset sigsz larger for extra sigs elements, and
952 * allocate rrsig sigsz smaller for less sigs elements. */
953 d = (struct packed_rrset_data*)calloc(1, packed_rrset_sizeof(old)
954 + sigs*(sizeof(size_t) + sizeof(uint8_t*) + sizeof(time_t))
957 log_err("out of memory");
960 /* copy base values */
961 total = old->count + old->rrsig_count;
962 memcpy(d, old, sizeof(struct packed_rrset_data));
963 d->rrsig_count += sigs;
965 d->rr_len = (size_t*)((uint8_t*)d +
966 sizeof(struct packed_rrset_data));
968 memmove(d->rr_len, old->rr_len, total*sizeof(size_t));
969 j = d->count+d->rrsig_count-sigs;
970 for(i=0; i<sigold->count+sigold->rrsig_count; i++) {
971 if(rrsig_rdata_get_type_covered(sigold->rr_data[i],
972 sigold->rr_len[i]) == rr_type) {
973 d->rr_len[j] = sigold->rr_len[i];
977 packed_rrset_ptr_fixup(d);
979 /* copy old values into new array */
981 memmove(d->rr_ttl, old->rr_ttl, total*sizeof(time_t));
982 /* all the old rr pieces are allocated sequential, so we
983 * can copy them in one go */
984 memmove(d->rr_data[0], old->rr_data[0],
985 (old->rr_data[total-1] - old->rr_data[0]) +
986 old->rr_len[total-1]);
989 /* move over the rrsigs to the larger rrset*/
990 j = d->count+d->rrsig_count-sigs;
991 for(i=0; i<sigold->count+sigold->rrsig_count; i++) {
992 if(rrsig_rdata_get_type_covered(sigold->rr_data[i],
993 sigold->rr_len[i]) == rr_type) {
994 /* move this one over to location j */
995 d->rr_ttl[j] = sigold->rr_ttl[i];
996 memmove(d->rr_data[j], sigold->rr_data[i],
998 if(d->rr_ttl[j] < d->ttl)
999 d->ttl = d->rr_ttl[j];
1004 /* put it in and deallocate the old rrset */
1008 /* now make rrsig set smaller */
1009 if(sigold->count+sigold->rrsig_count == sigs) {
1010 /* remove all sigs from rrsig, remove it entirely */
1011 domain_remove_rrset(node, LDNS_RR_TYPE_RRSIG);
1014 log_assert(packed_rrset_sizeof(sigold) > sigs*(sizeof(size_t) +
1015 sizeof(uint8_t*) + sizeof(time_t)) + sigsz);
1016 sigd = (struct packed_rrset_data*)calloc(1, packed_rrset_sizeof(sigold)
1017 - sigs*(sizeof(size_t) + sizeof(uint8_t*) + sizeof(time_t))
1020 /* no need to free up d, it has already been placed in the
1021 * node->rrset structure */
1022 log_err("out of memory");
1025 /* copy base values */
1026 memcpy(sigd, sigold, sizeof(struct packed_rrset_data));
1027 /* in sigd the RRSIGs are stored in the base of the RR, in count */
1028 sigd->count -= sigs;
1030 sigd->rr_len = (size_t*)((uint8_t*)sigd +
1031 sizeof(struct packed_rrset_data));
1033 for(i=0; i<sigold->count+sigold->rrsig_count; i++) {
1034 if(rrsig_rdata_get_type_covered(sigold->rr_data[i],
1035 sigold->rr_len[i]) != rr_type) {
1036 sigd->rr_len[j] = sigold->rr_len[i];
1040 packed_rrset_ptr_fixup(sigd);
1042 /* copy old values into new rrsig array */
1044 for(i=0; i<sigold->count+sigold->rrsig_count; i++) {
1045 if(rrsig_rdata_get_type_covered(sigold->rr_data[i],
1046 sigold->rr_len[i]) != rr_type) {
1047 /* move this one over to location j */
1048 sigd->rr_ttl[j] = sigold->rr_ttl[i];
1049 memmove(sigd->rr_data[j], sigold->rr_data[i],
1051 if(j==0) sigd->ttl = sigd->rr_ttl[j];
1053 if(sigd->rr_ttl[j] < sigd->ttl)
1054 sigd->ttl = sigd->rr_ttl[j];
1060 /* put it in and deallocate the old rrset */
1067 /** copy the rrsigs from the rrset to the rrsig rrset, because the rrset
1068 * is going to be deleted. reallocates the RRSIG rrset data. */
1070 rrsigs_copy_from_rrset_to_rrsigset(struct auth_rrset* rrset,
1071 struct auth_rrset* rrsigset)
1074 if(rrset->data->rrsig_count == 0)
1077 /* move them over one by one, because there might be duplicates,
1078 * duplicates are ignored */
1079 for(i=rrset->data->count;
1080 i<rrset->data->count+rrset->data->rrsig_count; i++) {
1081 uint8_t* rdata = rrset->data->rr_data[i];
1082 size_t rdatalen = rrset->data->rr_len[i];
1083 time_t rr_ttl = rrset->data->rr_ttl[i];
1085 if(rdata_duplicate(rrsigset->data, rdata, rdatalen)) {
1088 if(!rrset_add_rr(rrsigset, rr_ttl, rdata, rdatalen, 0))
1094 /** Add rr to node, ignores duplicate RRs,
1095 * rdata points to buffer with rdatalen octets, starts with 2bytelength. */
1097 az_domain_add_rr(struct auth_data* node, uint16_t rr_type, uint32_t rr_ttl,
1098 uint8_t* rdata, size_t rdatalen, int* duplicate)
1100 struct auth_rrset* rrset;
1101 /* packed rrsets have their rrsigs along with them, sort them out */
1102 if(rr_type == LDNS_RR_TYPE_RRSIG) {
1103 uint16_t ctype = rrsig_rdata_get_type_covered(rdata, rdatalen);
1104 if((rrset=az_domain_rrset(node, ctype))!= NULL) {
1105 /* a node of the correct type exists, add the RRSIG
1106 * to the rrset of the covered data type */
1107 if(rdata_duplicate(rrset->data, rdata, rdatalen)) {
1108 if(duplicate) *duplicate = 1;
1111 if(!rrset_add_rr(rrset, rr_ttl, rdata, rdatalen, 1))
1113 } else if((rrset=az_domain_rrset(node, rr_type))!= NULL) {
1114 /* add RRSIG to rrset of type RRSIG */
1115 if(rdata_duplicate(rrset->data, rdata, rdatalen)) {
1116 if(duplicate) *duplicate = 1;
1119 if(!rrset_add_rr(rrset, rr_ttl, rdata, rdatalen, 0))
1122 /* create rrset of type RRSIG */
1123 if(!rrset_create(node, rr_type, rr_ttl, rdata,
1128 /* normal RR type */
1129 if((rrset=az_domain_rrset(node, rr_type))!= NULL) {
1130 /* add data to existing node with data type */
1131 if(rdata_duplicate(rrset->data, rdata, rdatalen)) {
1132 if(duplicate) *duplicate = 1;
1135 if(!rrset_add_rr(rrset, rr_ttl, rdata, rdatalen, 0))
1138 struct auth_rrset* rrsig;
1139 /* create new node with data type */
1140 if(!(rrset=rrset_create(node, rr_type, rr_ttl, rdata,
1144 /* see if node of type RRSIG has signatures that
1145 * cover the data type, and move them over */
1146 /* and then make the RRSIG type smaller */
1147 if((rrsig=az_domain_rrset(node, LDNS_RR_TYPE_RRSIG))
1149 if(!rrset_moveover_rrsigs(node, rr_type,
1158 /** insert RR into zone, ignore duplicates */
1160 az_insert_rr(struct auth_zone* z, uint8_t* rr, size_t rr_len,
1161 size_t dname_len, int* duplicate)
1163 struct auth_data* node;
1164 uint8_t* dname = rr;
1165 uint16_t rr_type = sldns_wirerr_get_type(rr, rr_len, dname_len);
1166 uint16_t rr_class = sldns_wirerr_get_class(rr, rr_len, dname_len);
1167 uint32_t rr_ttl = sldns_wirerr_get_ttl(rr, rr_len, dname_len);
1168 size_t rdatalen = ((size_t)sldns_wirerr_get_rdatalen(rr, rr_len,
1170 /* rdata points to rdata prefixed with uint16 rdatalength */
1171 uint8_t* rdata = sldns_wirerr_get_rdatawl(rr, rr_len, dname_len);
1173 if(rr_class != z->dclass) {
1174 log_err("wrong class for RR");
1177 if(!(node=az_domain_find_or_create(z, dname, dname_len))) {
1178 log_err("cannot create domain");
1181 if(!az_domain_add_rr(node, rr_type, rr_ttl, rdata, rdatalen,
1183 log_err("cannot add RR to domain");
1187 if(!(rpz_insert_rr(z->rpz, z->name, z->namelen, dname,
1188 dname_len, rr_type, rr_class, rr_ttl, rdata, rdatalen,
1195 /** Remove rr from node, ignores nonexisting RRs,
1196 * rdata points to buffer with rdatalen octets, starts with 2bytelength. */
1198 az_domain_remove_rr(struct auth_data* node, uint16_t rr_type,
1199 uint8_t* rdata, size_t rdatalen, int* nonexist)
1201 struct auth_rrset* rrset;
1204 /* find the plain RR of the given type */
1205 if((rrset=az_domain_rrset(node, rr_type))!= NULL) {
1206 if(packed_rrset_find_rr(rrset->data, rdata, rdatalen, &index)) {
1207 if(rrset->data->count == 1 &&
1208 rrset->data->rrsig_count == 0) {
1209 /* last RR, delete the rrset */
1210 domain_remove_rrset(node, rr_type);
1211 } else if(rrset->data->count == 1 &&
1212 rrset->data->rrsig_count != 0) {
1213 /* move RRSIGs to the RRSIG rrset, or
1214 * this one becomes that RRset */
1215 struct auth_rrset* rrsigset = az_domain_rrset(
1216 node, LDNS_RR_TYPE_RRSIG);
1218 /* move left over rrsigs to the
1219 * existing rrset of type RRSIG */
1220 rrsigs_copy_from_rrset_to_rrsigset(
1222 /* and then delete the rrset */
1223 domain_remove_rrset(node, rr_type);
1225 /* no rrset of type RRSIG, this
1226 * set is now of that type,
1227 * just remove the rr */
1228 if(!rrset_remove_rr(rrset, index))
1230 rrset->type = LDNS_RR_TYPE_RRSIG;
1231 rrset->data->count = rrset->data->rrsig_count;
1232 rrset->data->rrsig_count = 0;
1235 /* remove the RR from the rrset */
1236 if(!rrset_remove_rr(rrset, index))
1241 /* rr not found in rrset */
1244 /* is it a type RRSIG, look under the covered type */
1245 if(rr_type == LDNS_RR_TYPE_RRSIG) {
1246 uint16_t ctype = rrsig_rdata_get_type_covered(rdata, rdatalen);
1247 if((rrset=az_domain_rrset(node, ctype))!= NULL) {
1248 if(az_rrset_find_rrsig(rrset->data, rdata, rdatalen,
1250 /* rrsig should have d->count > 0, be
1251 * over some rr of that type */
1252 /* remove the rrsig from the rrsigs list of the
1254 if(!rrset_remove_rr(rrset, index))
1259 /* also RRSIG not found */
1262 /* nothing found to delete */
1263 if(nonexist) *nonexist = 1;
1267 /** remove RR from zone, ignore if it does not exist, false on alloc failure*/
1269 az_remove_rr(struct auth_zone* z, uint8_t* rr, size_t rr_len,
1270 size_t dname_len, int* nonexist)
1272 struct auth_data* node;
1273 uint8_t* dname = rr;
1274 uint16_t rr_type = sldns_wirerr_get_type(rr, rr_len, dname_len);
1275 uint16_t rr_class = sldns_wirerr_get_class(rr, rr_len, dname_len);
1276 size_t rdatalen = ((size_t)sldns_wirerr_get_rdatalen(rr, rr_len,
1278 /* rdata points to rdata prefixed with uint16 rdatalength */
1279 uint8_t* rdata = sldns_wirerr_get_rdatawl(rr, rr_len, dname_len);
1281 if(rr_class != z->dclass) {
1282 log_err("wrong class for RR");
1283 /* really also a nonexisting entry, because no records
1284 * of that class in the zone, but return an error because
1285 * getting records of the wrong class is a failure of the
1289 node = az_find_name(z, dname, dname_len);
1291 /* node with that name does not exist */
1292 /* nonexisting entry, because no such name */
1296 if(!az_domain_remove_rr(node, rr_type, rdata, rdatalen, nonexist)) {
1297 /* alloc failure or so */
1300 /* remove the node, if necessary */
1301 /* an rrsets==NULL entry is not kept around for empty nonterminals,
1302 * and also parent nodes are not kept around, so we just delete it */
1303 if(node->rrsets == NULL) {
1304 (void)rbtree_delete(&z->data, node);
1305 auth_data_delete(node);
1308 rpz_remove_rr(z->rpz, z->namelen, dname, dname_len, rr_type,
1309 rr_class, rdata, rdatalen);
1314 /** decompress an RR into the buffer where it'll be an uncompressed RR
1315 * with uncompressed dname and uncompressed rdata (dnames) */
1317 decompress_rr_into_buffer(struct sldns_buffer* buf, uint8_t* pkt,
1318 size_t pktlen, uint8_t* dname, uint16_t rr_type, uint16_t rr_class,
1319 uint32_t rr_ttl, uint8_t* rr_data, uint16_t rr_rdlen)
1321 sldns_buffer pktbuf;
1322 size_t dname_len = 0;
1326 const sldns_rr_descriptor* desc;
1327 sldns_buffer_init_frm_data(&pktbuf, pkt, pktlen);
1328 sldns_buffer_clear(buf);
1330 /* decompress dname */
1331 sldns_buffer_set_position(&pktbuf,
1332 (size_t)(dname - sldns_buffer_current(&pktbuf)));
1333 dname_len = pkt_dname_len(&pktbuf);
1334 if(dname_len == 0) return 0; /* parse fail on dname */
1335 if(!sldns_buffer_available(buf, dname_len)) return 0;
1336 dname_pkt_copy(&pktbuf, sldns_buffer_current(buf), dname);
1337 sldns_buffer_skip(buf, (ssize_t)dname_len);
1339 /* type, class, ttl and rdatalength fields */
1340 if(!sldns_buffer_available(buf, 10)) return 0;
1341 sldns_buffer_write_u16(buf, rr_type);
1342 sldns_buffer_write_u16(buf, rr_class);
1343 sldns_buffer_write_u32(buf, rr_ttl);
1344 rdlenpos = sldns_buffer_position(buf);
1345 sldns_buffer_write_u16(buf, 0); /* rd length position */
1347 /* decompress rdata */
1348 desc = sldns_rr_descript(rr_type);
1351 if(rdlen > 0 && desc && desc->_dname_count > 0) {
1352 int count = (int)desc->_dname_count;
1354 size_t len; /* how much rdata to plain copy */
1355 size_t uncompressed_len, compressed_len;
1357 /* decompress dnames. */
1358 while(rdlen > 0 && count) {
1359 switch(desc->_wireformat[rdf]) {
1360 case LDNS_RDF_TYPE_DNAME:
1361 sldns_buffer_set_position(&pktbuf,
1363 sldns_buffer_begin(&pktbuf)));
1364 oldpos = sldns_buffer_position(&pktbuf);
1365 /* moves pktbuf to right after the
1366 * compressed dname, and returns uncompressed
1368 uncompressed_len = pkt_dname_len(&pktbuf);
1369 if(!uncompressed_len)
1370 return 0; /* parse error in dname */
1371 if(!sldns_buffer_available(buf,
1373 /* dname too long for buffer */
1375 dname_pkt_copy(&pktbuf,
1376 sldns_buffer_current(buf), rd);
1377 sldns_buffer_skip(buf, (ssize_t)uncompressed_len);
1378 compressed_len = sldns_buffer_position(
1380 rd += compressed_len;
1381 rdlen -= compressed_len;
1385 case LDNS_RDF_TYPE_STR:
1389 len = get_rdf_size(desc->_wireformat[rdf]);
1393 if(!sldns_buffer_available(buf, len))
1394 return 0; /* too long for buffer */
1395 sldns_buffer_write(buf, rd, len);
1402 /* copy remaining data */
1404 if(!sldns_buffer_available(buf, rdlen)) return 0;
1405 sldns_buffer_write(buf, rd, rdlen);
1407 /* fixup rdlength */
1408 sldns_buffer_write_u16_at(buf, rdlenpos,
1409 sldns_buffer_position(buf)-rdlenpos-2);
1410 sldns_buffer_flip(buf);
1414 /** insert RR into zone, from packet, decompress RR,
1415 * if duplicate is nonNULL set the flag but otherwise ignore duplicates */
1417 az_insert_rr_decompress(struct auth_zone* z, uint8_t* pkt, size_t pktlen,
1418 struct sldns_buffer* scratch_buffer, uint8_t* dname, uint16_t rr_type,
1419 uint16_t rr_class, uint32_t rr_ttl, uint8_t* rr_data,
1420 uint16_t rr_rdlen, int* duplicate)
1425 if(!decompress_rr_into_buffer(scratch_buffer, pkt, pktlen, dname,
1426 rr_type, rr_class, rr_ttl, rr_data, rr_rdlen)) {
1427 log_err("could not decompress RR");
1430 rr = sldns_buffer_begin(scratch_buffer);
1431 rr_len = sldns_buffer_limit(scratch_buffer);
1432 dname_len = dname_valid(rr, rr_len);
1433 return az_insert_rr(z, rr, rr_len, dname_len, duplicate);
1436 /** remove RR from zone, from packet, decompress RR,
1437 * if nonexist is nonNULL set the flag but otherwise ignore nonexisting entries*/
1439 az_remove_rr_decompress(struct auth_zone* z, uint8_t* pkt, size_t pktlen,
1440 struct sldns_buffer* scratch_buffer, uint8_t* dname, uint16_t rr_type,
1441 uint16_t rr_class, uint32_t rr_ttl, uint8_t* rr_data,
1442 uint16_t rr_rdlen, int* nonexist)
1447 if(!decompress_rr_into_buffer(scratch_buffer, pkt, pktlen, dname,
1448 rr_type, rr_class, rr_ttl, rr_data, rr_rdlen)) {
1449 log_err("could not decompress RR");
1452 rr = sldns_buffer_begin(scratch_buffer);
1453 rr_len = sldns_buffer_limit(scratch_buffer);
1454 dname_len = dname_valid(rr, rr_len);
1455 return az_remove_rr(z, rr, rr_len, dname_len, nonexist);
1460 * @param z: zone to read in.
1461 * @param in: file to read from (just opened).
1462 * @param rr: buffer to use for RRs, 64k.
1463 * passed so that recursive includes can use the same buffer and do
1464 * not grow the stack too much.
1465 * @param rrbuflen: sizeof rr buffer.
1466 * @param state: parse state with $ORIGIN, $TTL and 'prev-dname' and so on,
1467 * that is kept between includes.
1468 * The lineno is set at 1 and then increased by the function.
1469 * @param fname: file name.
1470 * @param depth: recursion depth for includes
1471 * @param cfg: config for chroot.
1472 * returns false on failure, has printed an error message
1475 az_parse_file(struct auth_zone* z, FILE* in, uint8_t* rr, size_t rrbuflen,
1476 struct sldns_file_parse_state* state, char* fname, int depth,
1477 struct config_file* cfg)
1479 size_t rr_len, dname_len;
1486 status = sldns_fp2wire_rr_buf(in, rr, &rr_len, &dname_len,
1488 if(status == LDNS_WIREPARSE_ERR_INCLUDE && rr_len == 0) {
1489 /* we have $INCLUDE or $something */
1490 if(strncmp((char*)rr, "$INCLUDE ", 9) == 0 ||
1491 strncmp((char*)rr, "$INCLUDE\t", 9) == 0) {
1493 int lineno_orig = state->lineno;
1494 char* incfile = (char*)rr + 8;
1495 if(depth > MAX_INCLUDE_DEPTH) {
1496 log_err("%s:%d max include depth"
1497 "exceeded", fname, state->lineno);
1501 while(*incfile == ' ' || *incfile == '\t')
1503 /* adjust for chroot on include file */
1504 if(cfg->chrootdir && cfg->chrootdir[0] &&
1505 strncmp(incfile, cfg->chrootdir,
1506 strlen(cfg->chrootdir)) == 0)
1507 incfile += strlen(cfg->chrootdir);
1508 incfile = strdup(incfile);
1510 log_err("malloc failure");
1513 verbose(VERB_ALGO, "opening $INCLUDE %s",
1515 inc = fopen(incfile, "r");
1517 log_err("%s:%d cannot open include "
1518 "file %s: %s", fname,
1519 lineno_orig, incfile,
1524 /* recurse read that file now */
1525 if(!az_parse_file(z, inc, rr, rrbuflen,
1526 state, incfile, depth+1, cfg)) {
1527 log_err("%s:%d cannot parse include "
1529 lineno_orig, incfile);
1535 verbose(VERB_ALGO, "done with $INCLUDE %s",
1538 state->lineno = lineno_orig;
1543 log_err("parse error %s %d:%d: %s", fname,
1544 state->lineno, LDNS_WIREPARSE_OFFSET(status),
1545 sldns_get_errorstr_parse(status));
1549 /* EMPTY line, TTL or ORIGIN */
1552 /* insert wirerr in rrbuf */
1553 if(!az_insert_rr(z, rr, rr_len, dname_len, NULL)) {
1555 sldns_wire2str_type_buf(sldns_wirerr_get_type(rr,
1556 rr_len, dname_len), buf, sizeof(buf));
1557 log_err("%s:%d cannot insert RR of type %s",
1558 fname, state->lineno, buf);
1566 auth_zone_read_zonefile(struct auth_zone* z, struct config_file* cfg)
1568 uint8_t rr[LDNS_RR_BUF_SIZE];
1569 struct sldns_file_parse_state state;
1572 if(!z || !z->zonefile || z->zonefile[0]==0)
1573 return 1; /* no file, or "", nothing to read */
1575 zfilename = z->zonefile;
1576 if(cfg->chrootdir && cfg->chrootdir[0] && strncmp(zfilename,
1577 cfg->chrootdir, strlen(cfg->chrootdir)) == 0)
1578 zfilename += strlen(cfg->chrootdir);
1579 if(verbosity >= VERB_ALGO) {
1581 dname_str(z->name, nm);
1582 verbose(VERB_ALGO, "read zonefile %s for %s", zfilename, nm);
1584 in = fopen(zfilename, "r");
1586 char* n = sldns_wire2str_dname(z->name, z->namelen);
1587 if(z->zone_is_slave && errno == ENOENT) {
1588 /* we fetch the zone contents later, no file yet */
1589 verbose(VERB_ALGO, "no zonefile %s for %s",
1590 zfilename, n?n:"error");
1594 log_err("cannot open zonefile %s for %s: %s",
1595 zfilename, n?n:"error", strerror(errno));
1600 /* clear the data tree */
1601 traverse_postorder(&z->data, auth_data_del, NULL);
1602 rbtree_init(&z->data, &auth_data_cmp);
1603 /* clear the RPZ policies */
1607 memset(&state, 0, sizeof(state));
1608 /* default TTL to 3600 */
1609 state.default_ttl = 3600;
1610 /* set $ORIGIN to the zone name */
1611 if(z->namelen <= sizeof(state.origin)) {
1612 memcpy(state.origin, z->name, z->namelen);
1613 state.origin_len = z->namelen;
1615 /* parse the (toplevel) file */
1616 if(!az_parse_file(z, in, rr, sizeof(rr), &state, zfilename, 0, cfg)) {
1617 char* n = sldns_wire2str_dname(z->name, z->namelen);
1618 log_err("error parsing zonefile %s for %s",
1619 zfilename, n?n:"error");
1627 rpz_finish_config(z->rpz);
1631 /** write buffer to file and check return codes */
1633 write_out(FILE* out, const char* str, size_t len)
1638 r = fwrite(str, 1, len, out);
1640 log_err("write failed: %s", strerror(errno));
1642 } else if(r < len) {
1643 log_err("write failed: too short (disk full?)");
1649 /** convert auth rr to string */
1651 auth_rr_to_string(uint8_t* nm, size_t nmlen, uint16_t tp, uint16_t cl,
1652 struct packed_rrset_data* data, size_t i, char* s, size_t buflen)
1655 size_t slen = buflen, datlen;
1657 if(i >= data->count) tp = LDNS_RR_TYPE_RRSIG;
1660 w += sldns_wire2str_dname_scan(&dat, &datlen, &s, &slen, NULL, 0, NULL);
1661 w += sldns_str_print(&s, &slen, "\t");
1662 w += sldns_str_print(&s, &slen, "%lu\t", (unsigned long)data->rr_ttl[i]);
1663 w += sldns_wire2str_class_print(&s, &slen, cl);
1664 w += sldns_str_print(&s, &slen, "\t");
1665 w += sldns_wire2str_type_print(&s, &slen, tp);
1666 w += sldns_str_print(&s, &slen, "\t");
1667 datlen = data->rr_len[i]-2;
1668 dat = data->rr_data[i]+2;
1669 w += sldns_wire2str_rdata_scan(&dat, &datlen, &s, &slen, tp, NULL, 0, NULL);
1671 if(tp == LDNS_RR_TYPE_DNSKEY) {
1672 w += sldns_str_print(&s, &slen, " ;{id = %u}",
1673 sldns_calc_keytag_raw(data->rr_data[i]+2,
1674 data->rr_len[i]-2));
1676 w += sldns_str_print(&s, &slen, "\n");
1678 if(w >= (int)buflen) {
1679 log_nametypeclass(NO_VERBOSE, "RR too long to print", nm, tp, cl);
1685 /** write rrset to file */
1687 auth_zone_write_rrset(struct auth_zone* z, struct auth_data* node,
1688 struct auth_rrset* r, FILE* out)
1690 size_t i, count = r->data->count + r->data->rrsig_count;
1691 char buf[LDNS_RR_BUF_SIZE];
1692 for(i=0; i<count; i++) {
1693 if(!auth_rr_to_string(node->name, node->namelen, r->type,
1694 z->dclass, r->data, i, buf, sizeof(buf))) {
1695 verbose(VERB_ALGO, "failed to rr2str rr %d", (int)i);
1698 if(!write_out(out, buf, strlen(buf)))
1704 /** write domain to file */
1706 auth_zone_write_domain(struct auth_zone* z, struct auth_data* n, FILE* out)
1708 struct auth_rrset* r;
1709 /* if this is zone apex, write SOA first */
1710 if(z->namelen == n->namelen) {
1711 struct auth_rrset* soa = az_domain_rrset(n, LDNS_RR_TYPE_SOA);
1713 if(!auth_zone_write_rrset(z, n, soa, out))
1717 /* write all the RRsets for this domain */
1718 for(r = n->rrsets; r; r = r->next) {
1719 if(z->namelen == n->namelen &&
1720 r->type == LDNS_RR_TYPE_SOA)
1721 continue; /* skip SOA here */
1722 if(!auth_zone_write_rrset(z, n, r, out))
1728 int auth_zone_write_file(struct auth_zone* z, const char* fname)
1731 struct auth_data* n;
1732 out = fopen(fname, "w");
1734 log_err("could not open %s: %s", fname, strerror(errno));
1737 RBTREE_FOR(n, struct auth_data*, &z->data) {
1738 if(!auth_zone_write_domain(z, n, out)) {
1739 log_err("could not write domain to %s", fname);
1748 /** offline verify for zonemd, while reading a zone file to immediately
1749 * spot bad hashes in zonefile as they are read.
1750 * Creates temp buffers, but uses anchors and validation environment
1751 * from the module_env. */
1753 zonemd_offline_verify(struct auth_zone* z, struct module_env* env_for_val,
1754 struct module_stack* mods)
1756 struct module_env env;
1758 if(!z->zonemd_check)
1761 env.scratch_buffer = sldns_buffer_new(env.cfg->msg_buffer_size);
1762 if(!env.scratch_buffer) {
1763 log_err("out of memory");
1766 env.scratch = regional_create();
1772 log_err("out of memory");
1775 auth_zone_verify_zonemd(z, &env, mods, NULL, 1, 0);
1778 /* clean up and exit */
1779 sldns_buffer_free(env.scratch_buffer);
1780 regional_destroy(env.scratch);
1783 /** read all auth zones from file (if they have) */
1785 auth_zones_read_zones(struct auth_zones* az, struct config_file* cfg,
1786 struct module_env* env, struct module_stack* mods)
1788 struct auth_zone* z;
1789 lock_rw_wrlock(&az->lock);
1790 RBTREE_FOR(z, struct auth_zone*, &az->ztree) {
1791 lock_rw_wrlock(&z->lock);
1792 if(!auth_zone_read_zonefile(z, cfg)) {
1793 lock_rw_unlock(&z->lock);
1794 lock_rw_unlock(&az->lock);
1797 if(z->zonefile && z->zonefile[0]!=0 && env)
1798 zonemd_offline_verify(z, env, mods);
1799 lock_rw_unlock(&z->lock);
1801 lock_rw_unlock(&az->lock);
1805 /** fetch the content of a ZONEMD RR from the rdata */
1806 static int zonemd_fetch_parameters(struct auth_rrset* zonemd_rrset, size_t i,
1807 uint32_t* serial, int* scheme, int* hashalgo, uint8_t** hash,
1812 if(i >= zonemd_rrset->data->count)
1814 rr_len = zonemd_rrset->data->rr_len[i];
1815 if(rr_len < 2+4+1+1)
1816 return 0; /* too short, for rdlen+serial+scheme+algo */
1817 rdata = zonemd_rrset->data->rr_data[i];
1818 *serial = sldns_read_uint32(rdata+2);
1820 *hashalgo = rdata[7];
1821 *hashlen = rr_len - 8;
1824 else *hash = rdata+8;
1829 * See if the ZONEMD scheme, hash occurs more than once.
1830 * @param zonemd_rrset: the zonemd rrset to check with the RRs in it.
1831 * @param index: index of the original, this is allowed to have that
1832 * scheme and hashalgo, but other RRs should not have it.
1833 * @param scheme: the scheme to check for.
1834 * @param hashalgo: the hash algorithm to check for.
1835 * @return true if it occurs more than once.
1837 static int zonemd_is_duplicate_scheme_hash(struct auth_rrset* zonemd_rrset,
1838 size_t index, int scheme, int hashalgo)
1841 for(j=0; j<zonemd_rrset->data->count; j++) {
1842 uint32_t serial2 = 0;
1843 int scheme2 = 0, hashalgo2 = 0;
1844 uint8_t* hash2 = NULL;
1845 size_t hashlen2 = 0;
1847 /* this is the original */
1850 if(!zonemd_fetch_parameters(zonemd_rrset, j, &serial2,
1851 &scheme2, &hashalgo2, &hash2, &hashlen2)) {
1852 /* malformed, skip it */
1855 if(scheme == scheme2 && hashalgo == hashalgo2) {
1856 /* duplicate scheme, hash */
1857 verbose(VERB_ALGO, "zonemd duplicate for scheme %d "
1858 "and hash %d", scheme, hashalgo);
1866 * Check ZONEMDs if present for the auth zone. Depending on config
1867 * it can warn or fail on that. Checks the hash of the ZONEMD.
1868 * @param z: auth zone to check for.
1869 * caller must hold lock on zone.
1870 * @param env: module env for temp buffers.
1871 * @param reason: returned on failure.
1872 * @return false on failure, true if hash checks out.
1874 static int auth_zone_zonemd_check_hash(struct auth_zone* z,
1875 struct module_env* env, char** reason)
1877 /* loop over ZONEMDs and see which one is valid. if not print
1878 * failure (depending on config) */
1879 struct auth_data* apex;
1880 struct auth_rrset* zonemd_rrset;
1882 struct regional* region = NULL;
1883 struct sldns_buffer* buf = NULL;
1884 uint32_t soa_serial = 0;
1885 region = env->scratch;
1886 regional_free_all(region);
1887 buf = env->scratch_buffer;
1888 if(!auth_zone_get_serial(z, &soa_serial)) {
1889 *reason = "zone has no SOA serial";
1893 apex = az_find_name(z, z->name, z->namelen);
1895 *reason = "zone has no apex";
1898 zonemd_rrset = az_domain_rrset(apex, LDNS_RR_TYPE_ZONEMD);
1899 if(!zonemd_rrset || zonemd_rrset->data->count==0) {
1900 *reason = "zone has no ZONEMD";
1901 return 0; /* no RRset or no RRs in rrset */
1904 /* we have a ZONEMD, check if it is correct */
1905 for(i=0; i<zonemd_rrset->data->count; i++) {
1906 uint32_t serial = 0;
1907 int scheme = 0, hashalgo = 0;
1908 uint8_t* hash = NULL;
1910 if(!zonemd_fetch_parameters(zonemd_rrset, i, &serial, &scheme,
1911 &hashalgo, &hash, &hashlen)) {
1913 *reason = "ZONEMD rdata malformed";
1916 /* check for duplicates */
1917 if(zonemd_is_duplicate_scheme_hash(zonemd_rrset, i, scheme,
1919 /* duplicate hash of the same scheme,hash
1920 * is not allowed. */
1921 *reason = "ZONEMD RRSet contains more than one RR "
1922 "with the same scheme and hash algorithm";
1925 regional_free_all(region);
1926 if(serial != soa_serial) {
1927 *reason = "ZONEMD serial is wrong";
1930 if(auth_zone_generate_zonemd_check(z, scheme, hashalgo,
1931 hash, hashlen, region, buf, reason)) {
1933 if(verbosity >= VERB_ALGO) {
1935 dname_str(z->name, zstr);
1936 verbose(VERB_ALGO, "auth-zone %s ZONEMD hash is correct", zstr);
1942 /* fail, we may have reason */
1944 *reason = "no ZONEMD records found";
1945 if(verbosity >= VERB_ALGO) {
1947 dname_str(z->name, zstr);
1948 verbose(VERB_ALGO, "auth-zone %s ZONEMD failed: %s", zstr, *reason);
1953 /** find serial number of zone or false if none */
1955 auth_zone_get_serial(struct auth_zone* z, uint32_t* serial)
1957 struct auth_data* apex;
1958 struct auth_rrset* soa;
1959 struct packed_rrset_data* d;
1960 apex = az_find_name(z, z->name, z->namelen);
1962 soa = az_domain_rrset(apex, LDNS_RR_TYPE_SOA);
1963 if(!soa || soa->data->count==0)
1964 return 0; /* no RRset or no RRs in rrset */
1965 if(soa->data->rr_len[0] < 2+4*5) return 0; /* SOA too short */
1967 *serial = sldns_read_uint32(d->rr_data[0]+(d->rr_len[0]-20));
1971 /** Find auth_zone SOA and populate the values in xfr(soa values). */
1973 xfr_find_soa(struct auth_zone* z, struct auth_xfer* xfr)
1975 struct auth_data* apex;
1976 struct auth_rrset* soa;
1977 struct packed_rrset_data* d;
1978 apex = az_find_name(z, z->name, z->namelen);
1980 soa = az_domain_rrset(apex, LDNS_RR_TYPE_SOA);
1981 if(!soa || soa->data->count==0)
1982 return 0; /* no RRset or no RRs in rrset */
1983 if(soa->data->rr_len[0] < 2+4*5) return 0; /* SOA too short */
1984 /* SOA record ends with serial, refresh, retry, expiry, minimum,
1985 * as 4 byte fields */
1988 xfr->serial = sldns_read_uint32(d->rr_data[0]+(d->rr_len[0]-20));
1989 xfr->refresh = sldns_read_uint32(d->rr_data[0]+(d->rr_len[0]-16));
1990 xfr->retry = sldns_read_uint32(d->rr_data[0]+(d->rr_len[0]-12));
1991 xfr->expiry = sldns_read_uint32(d->rr_data[0]+(d->rr_len[0]-8));
1992 /* soa minimum at d->rr_len[0]-4 */
1997 * Setup auth_xfer zone
1998 * This populates the have_zone, soa values, and so on times.
1999 * Doesn't do network traffic yet, can set option flags.
2000 * @param z: locked by caller, and modified for setup
2001 * @param x: locked by caller, and modified.
2002 * @return false on failure.
2005 auth_xfer_setup(struct auth_zone* z, struct auth_xfer* x)
2007 /* for a zone without zone transfers, x==NULL, so skip them,
2008 * i.e. the zone config is fixed with no masters or urls */
2009 if(!z || !x) return 1;
2010 if(!xfr_find_soa(z, x)) {
2013 /* nothing for probe, nextprobe and transfer tasks */
2019 * @param az: auth zones structure
2020 * @return false on failure.
2023 auth_zones_setup_zones(struct auth_zones* az)
2025 struct auth_zone* z;
2026 struct auth_xfer* x;
2027 lock_rw_wrlock(&az->lock);
2028 RBTREE_FOR(z, struct auth_zone*, &az->ztree) {
2029 lock_rw_wrlock(&z->lock);
2030 x = auth_xfer_find(az, z->name, z->namelen, z->dclass);
2032 lock_basic_lock(&x->lock);
2034 if(!auth_xfer_setup(z, x)) {
2036 lock_basic_unlock(&x->lock);
2038 lock_rw_unlock(&z->lock);
2039 lock_rw_unlock(&az->lock);
2043 lock_basic_unlock(&x->lock);
2045 lock_rw_unlock(&z->lock);
2047 lock_rw_unlock(&az->lock);
2051 /** set config items and create zones */
2053 auth_zones_cfg(struct auth_zones* az, struct config_auth* c)
2055 struct auth_zone* z;
2056 struct auth_xfer* x = NULL;
2060 /* if the rpz lock is needed, grab it before the other
2061 * locks to avoid a lock dependency cycle */
2062 lock_rw_wrlock(&az->rpz_lock);
2064 lock_rw_wrlock(&az->lock);
2065 if(!(z=auth_zones_find_or_add_zone(az, c->name))) {
2066 lock_rw_unlock(&az->lock);
2068 lock_rw_unlock(&az->rpz_lock);
2072 if(c->masters || c->urls) {
2073 if(!(x=auth_zones_find_or_add_xfer(az, z))) {
2074 lock_rw_unlock(&az->lock);
2075 lock_rw_unlock(&z->lock);
2077 lock_rw_unlock(&az->rpz_lock);
2082 if(c->for_downstream)
2083 az->have_downstream = 1;
2084 lock_rw_unlock(&az->lock);
2087 z->zone_deleted = 0;
2088 if(!auth_zone_set_zonefile(z, c->zonefile)) {
2090 lock_basic_unlock(&x->lock);
2092 lock_rw_unlock(&z->lock);
2094 lock_rw_unlock(&az->rpz_lock);
2098 z->for_downstream = c->for_downstream;
2099 z->for_upstream = c->for_upstream;
2100 z->fallback_enabled = c->fallback_enabled;
2101 z->zonemd_check = c->zonemd_check;
2102 z->zonemd_reject_absence = c->zonemd_reject_absence;
2103 if(c->isrpz && !z->rpz){
2104 if(!(z->rpz = rpz_create(c))){
2105 fatal_exit("Could not setup RPZ zones");
2108 lock_protect(&z->lock, &z->rpz->local_zones, sizeof(*z->rpz));
2109 /* the az->rpz_lock is locked above */
2110 z->rpz_az_next = az->rpz_first;
2112 az->rpz_first->rpz_az_prev = z;
2116 lock_rw_unlock(&az->rpz_lock);
2121 z->zone_is_slave = 1;
2122 /* set options on xfer zone */
2123 if(!xfer_set_masters(&x->task_probe->masters, c, 0)) {
2124 lock_basic_unlock(&x->lock);
2125 lock_rw_unlock(&z->lock);
2128 if(!xfer_set_masters(&x->task_transfer->masters, c, 1)) {
2129 lock_basic_unlock(&x->lock);
2130 lock_rw_unlock(&z->lock);
2133 lock_basic_unlock(&x->lock);
2136 lock_rw_unlock(&z->lock);
2140 /** set all auth zones deleted, then in auth_zones_cfg, it marks them
2141 * as nondeleted (if they are still in the config), and then later
2142 * we can find deleted zones */
2144 az_setall_deleted(struct auth_zones* az)
2146 struct auth_zone* z;
2147 lock_rw_wrlock(&az->lock);
2148 RBTREE_FOR(z, struct auth_zone*, &az->ztree) {
2149 lock_rw_wrlock(&z->lock);
2150 z->zone_deleted = 1;
2151 lock_rw_unlock(&z->lock);
2153 lock_rw_unlock(&az->lock);
2156 /** find zones that are marked deleted and delete them.
2157 * This is called from apply_cfg, and there are no threads and no
2158 * workers, so the xfr can just be deleted. */
2160 az_delete_deleted_zones(struct auth_zones* az)
2162 struct auth_zone* z;
2163 struct auth_zone* delete_list = NULL, *next;
2164 struct auth_xfer* xfr;
2165 lock_rw_wrlock(&az->lock);
2166 RBTREE_FOR(z, struct auth_zone*, &az->ztree) {
2167 lock_rw_wrlock(&z->lock);
2168 if(z->zone_deleted) {
2169 /* we cannot alter the rbtree right now, but
2170 * we can put it on a linked list and then
2172 z->delete_next = delete_list;
2175 lock_rw_unlock(&z->lock);
2177 /* now we are out of the tree loop and we can loop and delete
2181 next = z->delete_next;
2182 xfr = auth_xfer_find(az, z->name, z->namelen, z->dclass);
2184 (void)rbtree_delete(&az->xtree, &xfr->node);
2185 auth_xfer_delete(xfr);
2187 (void)rbtree_delete(&az->ztree, &z->node);
2188 auth_zone_delete(z, az);
2191 lock_rw_unlock(&az->lock);
2194 int auth_zones_apply_cfg(struct auth_zones* az, struct config_file* cfg,
2195 int setup, int* is_rpz, struct module_env* env,
2196 struct module_stack* mods)
2198 struct config_auth* p;
2199 az_setall_deleted(az);
2200 for(p = cfg->auths; p; p = p->next) {
2201 if(!p->name || p->name[0] == 0) {
2202 log_warn("auth-zone without a name, skipped");
2205 *is_rpz = (*is_rpz || p->isrpz);
2206 if(!auth_zones_cfg(az, p)) {
2207 log_err("cannot config auth zone %s", p->name);
2211 az_delete_deleted_zones(az);
2212 if(!auth_zones_read_zones(az, cfg, env, mods))
2215 if(!auth_zones_setup_zones(az))
2222 * @param at: transfer structure with chunks list. The chunks and their
2226 auth_chunks_delete(struct auth_transfer* at)
2228 if(at->chunks_first) {
2229 struct auth_chunk* c, *cn;
2230 c = at->chunks_first;
2238 at->chunks_first = NULL;
2239 at->chunks_last = NULL;
2242 /** free master addr list */
2244 auth_free_master_addrs(struct auth_addr* list)
2246 struct auth_addr *n;
2254 /** free the masters list */
2256 auth_free_masters(struct auth_master* list)
2258 struct auth_master* n;
2261 auth_free_master_addrs(list->list);
2269 /** delete auth xfer structure
2270 * @param xfr: delete this xfer and its tasks.
2273 auth_xfer_delete(struct auth_xfer* xfr)
2276 lock_basic_destroy(&xfr->lock);
2278 if(xfr->task_nextprobe) {
2279 comm_timer_delete(xfr->task_nextprobe->timer);
2280 free(xfr->task_nextprobe);
2282 if(xfr->task_probe) {
2283 auth_free_masters(xfr->task_probe->masters);
2284 comm_point_delete(xfr->task_probe->cp);
2285 comm_timer_delete(xfr->task_probe->timer);
2286 free(xfr->task_probe);
2288 if(xfr->task_transfer) {
2289 auth_free_masters(xfr->task_transfer->masters);
2290 comm_point_delete(xfr->task_transfer->cp);
2291 comm_timer_delete(xfr->task_transfer->timer);
2292 if(xfr->task_transfer->chunks_first) {
2293 auth_chunks_delete(xfr->task_transfer);
2295 free(xfr->task_transfer);
2297 auth_free_masters(xfr->allow_notify_list);
2301 /** helper traverse to delete zones */
2303 auth_zone_del(rbnode_type* n, void* ATTR_UNUSED(arg))
2305 struct auth_zone* z = (struct auth_zone*)n->key;
2306 auth_zone_delete(z, NULL);
2309 /** helper traverse to delete xfer zones */
2311 auth_xfer_del(rbnode_type* n, void* ATTR_UNUSED(arg))
2313 struct auth_xfer* z = (struct auth_xfer*)n->key;
2314 auth_xfer_delete(z);
2317 void auth_zones_delete(struct auth_zones* az)
2320 lock_rw_destroy(&az->lock);
2321 lock_rw_destroy(&az->rpz_lock);
2322 traverse_postorder(&az->ztree, auth_zone_del, NULL);
2323 traverse_postorder(&az->xtree, auth_xfer_del, NULL);
2327 /** true if domain has only nsec3 */
2329 domain_has_only_nsec3(struct auth_data* n)
2331 struct auth_rrset* rrset = n->rrsets;
2334 if(rrset->type == LDNS_RR_TYPE_NSEC3) {
2336 } else if(rrset->type != LDNS_RR_TYPE_RRSIG) {
2339 rrset = rrset->next;
2344 /** see if the domain has a wildcard child '*.domain' */
2345 static struct auth_data*
2346 az_find_wildcard_domain(struct auth_zone* z, uint8_t* nm, size_t nmlen)
2348 uint8_t wc[LDNS_MAX_DOMAINLEN];
2349 if(nmlen+2 > sizeof(wc))
2350 return NULL; /* result would be too long */
2351 wc[0] = 1; /* length of wildcard label */
2352 wc[1] = (uint8_t)'*'; /* wildcard label */
2353 memmove(wc+2, nm, nmlen);
2354 return az_find_name(z, wc, nmlen+2);
2357 /** find wildcard between qname and cename */
2358 static struct auth_data*
2359 az_find_wildcard(struct auth_zone* z, struct query_info* qinfo,
2360 struct auth_data* ce)
2362 uint8_t* nm = qinfo->qname;
2363 size_t nmlen = qinfo->qname_len;
2364 struct auth_data* node;
2365 if(!dname_subdomain_c(nm, z->name))
2366 return NULL; /* out of zone */
2367 while((node=az_find_wildcard_domain(z, nm, nmlen))==NULL) {
2368 /* see if we can go up to find the wildcard */
2369 if(nmlen == z->namelen)
2370 return NULL; /* top of zone reached */
2371 if(ce && nmlen == ce->namelen)
2372 return NULL; /* ce reached */
2373 if(dname_is_root(nm))
2374 return NULL; /* cannot go up */
2375 dname_remove_label(&nm, &nmlen);
2380 /** domain is not exact, find first candidate ce (name that matches
2381 * a part of qname) in tree */
2382 static struct auth_data*
2383 az_find_candidate_ce(struct auth_zone* z, struct query_info* qinfo,
2384 struct auth_data* n)
2389 nm = dname_get_shared_topdomain(qinfo->qname, n->name);
2393 dname_count_size_labels(nm, &nmlen);
2394 n = az_find_name(z, nm, nmlen);
2395 /* delete labels and go up on name */
2397 if(dname_is_root(nm))
2398 return NULL; /* cannot go up */
2399 dname_remove_label(&nm, &nmlen);
2400 n = az_find_name(z, nm, nmlen);
2405 /** go up the auth tree to next existing name. */
2406 static struct auth_data*
2407 az_domain_go_up(struct auth_zone* z, struct auth_data* n)
2409 uint8_t* nm = n->name;
2410 size_t nmlen = n->namelen;
2411 while(!dname_is_root(nm)) {
2412 dname_remove_label(&nm, &nmlen);
2413 if((n=az_find_name(z, nm, nmlen)) != NULL)
2419 /** Find the closest encloser, an name that exists and is above the
2421 * return true if the node (param node) is existing, nonobscured and
2422 * can be used to generate answers from. It is then also node_exact.
2423 * returns false if the node is not good enough (or it wasn't node_exact)
2424 * in this case the ce can be filled.
2425 * if ce is NULL, no ce exists, and likely the zone is completely empty,
2426 * not even with a zone apex.
2427 * if ce is nonNULL it is the closest enclosing upper name (that exists
2428 * itself for answer purposes). That name may have DNAME, NS or wildcard
2429 * rrset is the closest DNAME or NS rrset that was found.
2432 az_find_ce(struct auth_zone* z, struct query_info* qinfo,
2433 struct auth_data* node, int node_exact, struct auth_data** ce,
2434 struct auth_rrset** rrset)
2436 struct auth_data* n = node;
2440 /* if not exact, lookup closest exact match */
2441 n = az_find_candidate_ce(z, qinfo, n);
2443 /* if exact, the node itself is the first candidate ce */
2447 /* no direct answer from nsec3-only domains */
2448 if(n && domain_has_only_nsec3(n)) {
2453 /* with exact matches, walk up the labels until we find the
2454 * delegation, or DNAME or zone end */
2456 /* see if the current candidate has issues */
2457 /* not zone apex and has type NS */
2458 if(n->namelen != z->namelen &&
2459 (*rrset=az_domain_rrset(n, LDNS_RR_TYPE_NS)) &&
2460 /* delegate here, but DS at exact the dp has notype */
2461 (qinfo->qtype != LDNS_RR_TYPE_DS ||
2462 n->namelen != qinfo->qname_len)) {
2464 /* this is ce and the lowernode is nonexisting */
2468 /* not equal to qname and has type DNAME */
2469 if(n->namelen != qinfo->qname_len &&
2470 (*rrset=az_domain_rrset(n, LDNS_RR_TYPE_DNAME))) {
2471 /* this is ce and the lowernode is nonexisting */
2476 if(*ce == NULL && !domain_has_only_nsec3(n)) {
2477 /* if not found yet, this exact name must be
2478 * our lowest match (but not nsec3onlydomain) */
2482 /* walk up the tree by removing labels from name and lookup */
2483 n = az_domain_go_up(z, n);
2485 /* found no problems, if it was an exact node, it is fine to use */
2489 /** add additional A/AAAA from domain names in rrset rdata (+offset)
2490 * offset is number of bytes in rdata where the dname is located. */
2492 az_add_additionals_from(struct auth_zone* z, struct regional* region,
2493 struct dns_msg* msg, struct auth_rrset* rrset, size_t offset)
2495 struct packed_rrset_data* d = rrset->data;
2498 for(i=0; i<d->count; i++) {
2500 struct auth_data* domain;
2501 struct auth_rrset* ref;
2502 if(d->rr_len[i] < 2+offset)
2503 continue; /* too short */
2504 if(!(dlen = dname_valid(d->rr_data[i]+2+offset,
2505 d->rr_len[i]-2-offset)))
2506 continue; /* malformed */
2507 domain = az_find_name(z, d->rr_data[i]+2+offset, dlen);
2510 if((ref=az_domain_rrset(domain, LDNS_RR_TYPE_A)) != NULL) {
2511 if(!msg_add_rrset_ar(z, region, msg, domain, ref))
2514 if((ref=az_domain_rrset(domain, LDNS_RR_TYPE_AAAA)) != NULL) {
2515 if(!msg_add_rrset_ar(z, region, msg, domain, ref))
2522 /** add negative SOA record (with negative TTL) */
2524 az_add_negative_soa(struct auth_zone* z, struct regional* region,
2525 struct dns_msg* msg)
2529 struct packed_rrset_data* d;
2530 struct auth_rrset* soa;
2531 struct auth_data* apex = az_find_name(z, z->name, z->namelen);
2533 soa = az_domain_rrset(apex, LDNS_RR_TYPE_SOA);
2535 /* must be first to put in message; we want to fix the TTL with
2536 * one RRset here, otherwise we'd need to loop over the RRs to get
2537 * the resulting lower TTL */
2538 log_assert(msg->rep->rrset_count == 0);
2539 if(!msg_add_rrset_ns(z, region, msg, apex, soa)) return 0;
2541 d = (struct packed_rrset_data*)msg->rep->rrsets[msg->rep->rrset_count-1]->entry.data;
2542 /* last 4 bytes are minimum ttl in network format */
2543 if(d->count == 0) return 0;
2544 if(d->rr_len[0] < 2+4) return 0;
2545 minimum = (time_t)sldns_read_uint32(d->rr_data[0]+(d->rr_len[0]-4));
2546 minimum = d->ttl<minimum?d->ttl:minimum;
2548 for(i=0; i < d->count + d->rrsig_count; i++)
2549 d->rr_ttl[i] = minimum;
2550 msg->rep->ttl = get_rrset_ttl(msg->rep->rrsets[0]);
2551 msg->rep->prefetch_ttl = PREFETCH_TTL_CALC(msg->rep->ttl);
2552 msg->rep->serve_expired_ttl = msg->rep->ttl + SERVE_EXPIRED_TTL;
2556 /** See if the query goes to empty nonterminal (that has no auth_data,
2557 * but there are nodes underneath. We already checked that there are
2558 * not NS, or DNAME above, so that we only need to check if some node
2559 * exists below (with nonempty rr list), return true if emptynonterminal */
2561 az_empty_nonterminal(struct auth_zone* z, struct query_info* qinfo,
2562 struct auth_data* node)
2564 struct auth_data* next;
2566 /* no smaller was found, use first (smallest) node as the
2568 next = (struct auth_data*)rbtree_first(&z->data);
2570 next = (struct auth_data*)rbtree_next(&node->node);
2572 while(next && (rbnode_type*)next != RBTREE_NULL && next->rrsets == NULL) {
2573 /* the next name has empty rrsets, is an empty nonterminal
2574 * itself, see if there exists something below it */
2575 next = (struct auth_data*)rbtree_next(&node->node);
2577 if((rbnode_type*)next == RBTREE_NULL || !next) {
2578 /* there is no next node, so something below it cannot
2582 /* a next node exists, if there was something below the query,
2583 * this node has to be it. See if it is below the query name */
2584 if(dname_strict_subdomain_c(next->name, qinfo->qname))
2589 /** create synth cname target name in buffer, or fail if too long */
2591 synth_cname_buf(uint8_t* qname, size_t qname_len, size_t dname_len,
2592 uint8_t* dtarg, size_t dtarglen, uint8_t* buf, size_t buflen)
2594 size_t newlen = qname_len + dtarglen - dname_len;
2595 if(newlen > buflen) {
2596 /* YXDOMAIN error */
2599 /* new name is concatenation of qname front (without DNAME owner)
2600 * and DNAME target name */
2601 memcpy(buf, qname, qname_len-dname_len);
2602 memmove(buf+(qname_len-dname_len), dtarg, dtarglen);
2606 /** create synthetic CNAME rrset for in a DNAME answer in region,
2607 * false on alloc failure, cname==NULL when name too long. */
2609 create_synth_cname(uint8_t* qname, size_t qname_len, struct regional* region,
2610 struct auth_data* node, struct auth_rrset* dname, uint16_t dclass,
2611 struct ub_packed_rrset_key** cname)
2613 uint8_t buf[LDNS_MAX_DOMAINLEN];
2615 size_t dtarglen, newlen;
2616 struct packed_rrset_data* d;
2618 /* get DNAME target name */
2619 if(dname->data->count < 1) return 0;
2620 if(dname->data->rr_len[0] < 3) return 0; /* at least rdatalen +1 */
2621 dtarg = dname->data->rr_data[0]+2;
2622 dtarglen = dname->data->rr_len[0]-2;
2623 if(sldns_read_uint16(dname->data->rr_data[0]) != dtarglen)
2624 return 0; /* rdatalen in DNAME rdata is malformed */
2625 if(dname_valid(dtarg, dtarglen) != dtarglen)
2626 return 0; /* DNAME RR has malformed rdata */
2628 return 0; /* too short */
2629 if(qname_len <= node->namelen)
2630 return 0; /* qname too short for dname removal */
2632 /* synthesize a CNAME */
2633 newlen = synth_cname_buf(qname, qname_len, node->namelen,
2634 dtarg, dtarglen, buf, sizeof(buf));
2636 /* YXDOMAIN error */
2640 *cname = (struct ub_packed_rrset_key*)regional_alloc(region,
2641 sizeof(struct ub_packed_rrset_key));
2643 return 0; /* out of memory */
2644 memset(&(*cname)->entry, 0, sizeof((*cname)->entry));
2645 (*cname)->entry.key = (*cname);
2646 (*cname)->rk.type = htons(LDNS_RR_TYPE_CNAME);
2647 (*cname)->rk.rrset_class = htons(dclass);
2648 (*cname)->rk.flags = 0;
2649 (*cname)->rk.dname = regional_alloc_init(region, qname, qname_len);
2650 if(!(*cname)->rk.dname)
2651 return 0; /* out of memory */
2652 (*cname)->rk.dname_len = qname_len;
2653 (*cname)->entry.hash = rrset_key_hash(&(*cname)->rk);
2654 d = (struct packed_rrset_data*)regional_alloc_zero(region,
2655 sizeof(struct packed_rrset_data) + sizeof(size_t) +
2656 sizeof(uint8_t*) + sizeof(time_t) + sizeof(uint16_t)
2659 return 0; /* out of memory */
2660 (*cname)->entry.data = d;
2661 d->ttl = 0; /* 0 for synthesized CNAME TTL */
2664 d->trust = rrset_trust_ans_noAA;
2665 d->rr_len = (size_t*)((uint8_t*)d +
2666 sizeof(struct packed_rrset_data));
2667 d->rr_len[0] = newlen + sizeof(uint16_t);
2668 packed_rrset_ptr_fixup(d);
2669 d->rr_ttl[0] = d->ttl;
2670 sldns_write_uint16(d->rr_data[0], newlen);
2671 memmove(d->rr_data[0] + sizeof(uint16_t), buf, newlen);
2675 /** add a synthesized CNAME to the answer section */
2677 add_synth_cname(struct auth_zone* z, uint8_t* qname, size_t qname_len,
2678 struct regional* region, struct dns_msg* msg, struct auth_data* dname,
2679 struct auth_rrset* rrset)
2681 struct ub_packed_rrset_key* cname;
2682 /* synthesize a CNAME */
2683 if(!create_synth_cname(qname, qname_len, region, dname, rrset,
2684 z->dclass, &cname)) {
2689 /* cname cannot be create because of YXDOMAIN */
2690 msg->rep->flags |= LDNS_RCODE_YXDOMAIN;
2693 /* add cname to message */
2694 if(!msg_grow_array(region, msg))
2696 msg->rep->rrsets[msg->rep->rrset_count] = cname;
2697 msg->rep->rrset_count++;
2698 msg->rep->an_numrrsets++;
2703 /** Change a dname to a different one, for wildcard namechange */
2705 az_change_dnames(struct dns_msg* msg, uint8_t* oldname, uint8_t* newname,
2706 size_t newlen, int an_only)
2709 size_t start = 0, end = msg->rep->rrset_count;
2710 if(!an_only) start = msg->rep->an_numrrsets;
2711 if(an_only) end = msg->rep->an_numrrsets;
2712 for(i=start; i<end; i++) {
2713 /* allocated in region so we can change the ptrs */
2714 if(query_dname_compare(msg->rep->rrsets[i]->rk.dname, oldname)
2716 msg->rep->rrsets[i]->rk.dname = newname;
2717 msg->rep->rrsets[i]->rk.dname_len = newlen;
2722 /** find NSEC record covering the query */
2723 static struct auth_rrset*
2724 az_find_nsec_cover(struct auth_zone* z, struct auth_data** node)
2726 uint8_t* nm = (*node)->name;
2727 size_t nmlen = (*node)->namelen;
2728 struct auth_rrset* rrset;
2729 /* find the NSEC for the smallest-or-equal node */
2730 /* if node == NULL, we did not find a smaller name. But the zone
2731 * name is the smallest name and should have an NSEC. So there is
2732 * no NSEC to return (for a properly signed zone) */
2733 /* for empty nonterminals, the auth-data node should not exist,
2734 * and thus we don't need to go rbtree_previous here to find
2735 * a domain with an NSEC record */
2736 /* but there could be glue, and if this is node, then it has no NSEC.
2737 * Go up to find nonglue (previous) NSEC-holding nodes */
2738 while((rrset=az_domain_rrset(*node, LDNS_RR_TYPE_NSEC)) == NULL) {
2739 if(dname_is_root(nm)) return NULL;
2740 if(nmlen == z->namelen) return NULL;
2741 dname_remove_label(&nm, &nmlen);
2742 /* adjust *node for the nsec rrset to find in */
2743 *node = az_find_name(z, nm, nmlen);
2748 /** Find NSEC and add for wildcard denial */
2750 az_nsec_wildcard_denial(struct auth_zone* z, struct regional* region,
2751 struct dns_msg* msg, uint8_t* cenm, size_t cenmlen)
2753 struct query_info qinfo;
2755 struct auth_data* node;
2756 struct auth_rrset* nsec;
2757 uint8_t wc[LDNS_MAX_DOMAINLEN];
2758 if(cenmlen+2 > sizeof(wc))
2759 return 0; /* result would be too long */
2760 wc[0] = 1; /* length of wildcard label */
2761 wc[1] = (uint8_t)'*'; /* wildcard label */
2762 memmove(wc+2, cenm, cenmlen);
2764 /* we have '*.ce' in wc wildcard name buffer */
2765 /* get nsec cover for that */
2767 qinfo.qname_len = cenmlen+2;
2770 az_find_domain(z, &qinfo, &node_exact, &node);
2771 if((nsec=az_find_nsec_cover(z, &node)) != NULL) {
2772 if(!msg_add_rrset_ns(z, region, msg, node, nsec)) return 0;
2777 /** Find the NSEC3PARAM rrset (if any) and if true you have the parameters */
2779 az_nsec3_param(struct auth_zone* z, int* algo, size_t* iter, uint8_t** salt,
2782 struct auth_data* apex;
2783 struct auth_rrset* param;
2785 apex = az_find_name(z, z->name, z->namelen);
2787 param = az_domain_rrset(apex, LDNS_RR_TYPE_NSEC3PARAM);
2788 if(!param || param->data->count==0)
2789 return 0; /* no RRset or no RRs in rrset */
2790 /* find out which NSEC3PARAM RR has supported parameters */
2791 /* skip unknown flags (dynamic signer is recalculating nsec3 chain) */
2792 for(i=0; i<param->data->count; i++) {
2793 uint8_t* rdata = param->data->rr_data[i]+2;
2794 size_t rdatalen = param->data->rr_len[i];
2796 continue; /* too short */
2797 if(!nsec3_hash_algo_size_supported((int)(rdata[0])))
2798 continue; /* unsupported algo */
2799 if(rdatalen < (size_t)(2+5+(size_t)rdata[4]))
2800 continue; /* salt missing */
2801 if((rdata[1]&NSEC3_UNKNOWN_FLAGS)!=0)
2802 continue; /* unknown flags */
2803 *algo = (int)(rdata[0]);
2804 *iter = sldns_read_uint16(rdata+2);
2805 *saltlen = rdata[4];
2808 else *salt = rdata+5;
2811 /* no supported params */
2815 /** Hash a name with nsec3param into buffer, it has zone name appended.
2816 * return length of hash */
2818 az_nsec3_hash(uint8_t* buf, size_t buflen, uint8_t* nm, size_t nmlen,
2819 int algo, size_t iter, uint8_t* salt, size_t saltlen)
2821 size_t hlen = nsec3_hash_algo_size_supported(algo);
2822 /* buffer has domain name, nsec3hash, and 256 is for max saltlen
2823 * (salt has 0-255 length) */
2824 unsigned char p[LDNS_MAX_DOMAINLEN+1+N3HASHBUFLEN+256];
2826 if(nmlen+saltlen > sizeof(p) || hlen+saltlen > sizeof(p))
2829 return 0; /* somehow too large for destination buffer */
2830 /* hashfunc(name, salt) */
2831 memmove(p, nm, nmlen);
2832 query_dname_tolower(p);
2833 if(salt && saltlen > 0)
2834 memmove(p+nmlen, salt, saltlen);
2835 (void)secalgo_nsec3_hash(algo, p, nmlen+saltlen, (unsigned char*)buf);
2836 for(i=0; i<iter; i++) {
2837 /* hashfunc(hash, salt) */
2838 memmove(p, buf, hlen);
2839 if(salt && saltlen > 0)
2840 memmove(p+hlen, salt, saltlen);
2841 (void)secalgo_nsec3_hash(algo, p, hlen+saltlen,
2842 (unsigned char*)buf);
2847 /** Hash name and return b32encoded hashname for lookup, zone name appended */
2849 az_nsec3_hashname(struct auth_zone* z, uint8_t* hashname, size_t* hashnmlen,
2850 uint8_t* nm, size_t nmlen, int algo, size_t iter, uint8_t* salt,
2853 uint8_t hash[N3HASHBUFLEN];
2856 hlen = az_nsec3_hash(hash, sizeof(hash), nm, nmlen, algo, iter,
2860 if(*hashnmlen < hlen*2+1+z->namelen) /* approx b32 as hexb16 */
2862 ret = sldns_b32_ntop_extended_hex(hash, hlen, (char*)(hashname+1),
2866 hashname[0] = (uint8_t)ret;
2868 if((*hashnmlen) - ret < z->namelen)
2870 memmove(hashname+ret, z->name, z->namelen);
2871 *hashnmlen = z->namelen+(size_t)ret;
2875 /** Find the datanode that covers the nsec3hash-name */
2876 static struct auth_data*
2877 az_nsec3_findnode(struct auth_zone* z, uint8_t* hashnm, size_t hashnmlen)
2879 struct query_info qinfo;
2880 struct auth_data* node;
2884 qinfo.qname = hashnm;
2885 qinfo.qname_len = hashnmlen;
2886 /* because canonical ordering and b32 nsec3 ordering are the same.
2887 * this is a good lookup to find the nsec3 name. */
2888 az_find_domain(z, &qinfo, &node_exact, &node);
2889 /* but we may have to skip non-nsec3 nodes */
2890 /* this may be a lot, the way to speed that up is to have a
2891 * separate nsec3 tree with nsec3 nodes */
2892 while(node && (rbnode_type*)node != RBTREE_NULL &&
2893 !az_domain_rrset(node, LDNS_RR_TYPE_NSEC3)) {
2894 node = (struct auth_data*)rbtree_previous(&node->node);
2896 if((rbnode_type*)node == RBTREE_NULL)
2901 /** Find cover for hashed(nm, nmlen) (or NULL) */
2902 static struct auth_data*
2903 az_nsec3_find_cover(struct auth_zone* z, uint8_t* nm, size_t nmlen,
2904 int algo, size_t iter, uint8_t* salt, size_t saltlen)
2906 struct auth_data* node;
2907 uint8_t hname[LDNS_MAX_DOMAINLEN];
2908 size_t hlen = sizeof(hname);
2909 if(!az_nsec3_hashname(z, hname, &hlen, nm, nmlen, algo, iter,
2912 node = az_nsec3_findnode(z, hname, hlen);
2915 /* we did not find any, perhaps because the NSEC3 hash is before
2916 * the first hash, we have to find the 'last hash' in the zone */
2917 node = (struct auth_data*)rbtree_last(&z->data);
2918 while(node && (rbnode_type*)node != RBTREE_NULL &&
2919 !az_domain_rrset(node, LDNS_RR_TYPE_NSEC3)) {
2920 node = (struct auth_data*)rbtree_previous(&node->node);
2922 if((rbnode_type*)node == RBTREE_NULL)
2927 /** Find exact match for hashed(nm, nmlen) NSEC3 record or NULL */
2928 static struct auth_data*
2929 az_nsec3_find_exact(struct auth_zone* z, uint8_t* nm, size_t nmlen,
2930 int algo, size_t iter, uint8_t* salt, size_t saltlen)
2932 struct auth_data* node;
2933 uint8_t hname[LDNS_MAX_DOMAINLEN];
2934 size_t hlen = sizeof(hname);
2935 if(!az_nsec3_hashname(z, hname, &hlen, nm, nmlen, algo, iter,
2938 node = az_find_name(z, hname, hlen);
2939 if(az_domain_rrset(node, LDNS_RR_TYPE_NSEC3))
2944 /** Return nextcloser name (as a ref into the qname). This is one label
2945 * more than the cenm (cename must be a suffix of qname) */
2947 az_nsec3_get_nextcloser(uint8_t* cenm, uint8_t* qname, size_t qname_len,
2948 uint8_t** nx, size_t* nxlen)
2950 int celabs = dname_count_labels(cenm);
2951 int qlabs = dname_count_labels(qname);
2952 int strip = qlabs - celabs -1;
2953 log_assert(dname_strict_subdomain(qname, qlabs, cenm, celabs));
2957 dname_remove_labels(nx, nxlen, strip);
2960 /** Find the closest encloser that has exact NSEC3.
2961 * updated cenm to the new name. If it went up no-exact-ce is true. */
2962 static struct auth_data*
2963 az_nsec3_find_ce(struct auth_zone* z, uint8_t** cenm, size_t* cenmlen,
2964 int* no_exact_ce, int algo, size_t iter, uint8_t* salt, size_t saltlen)
2966 struct auth_data* node;
2967 while((node = az_nsec3_find_exact(z, *cenm, *cenmlen,
2968 algo, iter, salt, saltlen)) == NULL) {
2969 if(*cenmlen == z->namelen) {
2970 /* next step up would take us out of the zone. fail */
2974 dname_remove_label(cenm, cenmlen);
2979 /* Insert NSEC3 record in authority section, if NULL does nothing */
2981 az_nsec3_insert(struct auth_zone* z, struct regional* region,
2982 struct dns_msg* msg, struct auth_data* node)
2984 struct auth_rrset* nsec3;
2985 if(!node) return 1; /* no node, skip this */
2986 nsec3 = az_domain_rrset(node, LDNS_RR_TYPE_NSEC3);
2987 if(!nsec3) return 1; /* if no nsec3 RR, skip it */
2988 if(!msg_add_rrset_ns(z, region, msg, node, nsec3)) return 0;
2992 /** add NSEC3 records to the zone for the nsec3 proof.
2993 * Specify with the flags with parts of the proof are required.
2994 * the ce is the exact matching name (for notype) but also delegation points.
2995 * qname is the one where the nextcloser name can be derived from.
2996 * If NSEC3 is not properly there (in the zone) nothing is added.
2997 * always enabled: include nsec3 proving about the Closest Encloser.
2998 * that is an exact match that should exist for it.
2999 * If that does not exist, a higher exact match + nxproof is enabled
3000 * (for some sort of opt-out empty nonterminal cases).
3001 * nodataproof: search for exact match and include that instead.
3002 * ceproof: include ce proof NSEC3 (omitted for wildcard replies).
3003 * nxproof: include denial of the qname.
3004 * wcproof: include denial of wildcard (wildcard.ce).
3007 az_add_nsec3_proof(struct auth_zone* z, struct regional* region,
3008 struct dns_msg* msg, uint8_t* cenm, size_t cenmlen, uint8_t* qname,
3009 size_t qname_len, int nodataproof, int ceproof, int nxproof,
3013 size_t iter, saltlen;
3015 int no_exact_ce = 0;
3016 struct auth_data* node;
3018 /* find parameters of nsec3 proof */
3019 if(!az_nsec3_param(z, &algo, &iter, &salt, &saltlen))
3020 return 1; /* no nsec3 */
3022 /* see if the node has a hash of itself for the nodata
3023 * proof nsec3, this has to be an exact match nsec3. */
3024 struct auth_data* match;
3025 match = az_nsec3_find_exact(z, qname, qname_len, algo,
3026 iter, salt, saltlen);
3028 if(!az_nsec3_insert(z, region, msg, match))
3030 /* only nodata NSEC3 needed, no CE or others. */
3034 /* find ce that has an NSEC3 */
3036 node = az_nsec3_find_ce(z, &cenm, &cenmlen, &no_exact_ce,
3037 algo, iter, salt, saltlen);
3038 if(no_exact_ce) nxproof = 1;
3039 if(!az_nsec3_insert(z, region, msg, node))
3046 /* create nextcloser domain name */
3047 az_nsec3_get_nextcloser(cenm, qname, qname_len, &nx, &nxlen);
3048 /* find nsec3 that matches or covers it */
3049 node = az_nsec3_find_cover(z, nx, nxlen, algo, iter, salt,
3051 if(!az_nsec3_insert(z, region, msg, node))
3055 /* create wildcard name *.ce */
3056 uint8_t wc[LDNS_MAX_DOMAINLEN];
3058 if(cenmlen+2 > sizeof(wc))
3059 return 0; /* result would be too long */
3060 wc[0] = 1; /* length of wildcard label */
3061 wc[1] = (uint8_t)'*'; /* wildcard label */
3062 memmove(wc+2, cenm, cenmlen);
3064 /* find nsec3 that matches or covers it */
3065 node = az_nsec3_find_cover(z, wc, wclen, algo, iter, salt,
3067 if(!az_nsec3_insert(z, region, msg, node))
3073 /** generate answer for positive answer */
3075 az_generate_positive_answer(struct auth_zone* z, struct regional* region,
3076 struct dns_msg* msg, struct auth_data* node, struct auth_rrset* rrset)
3078 if(!msg_add_rrset_an(z, region, msg, node, rrset)) return 0;
3079 /* see if we want additional rrs */
3080 if(rrset->type == LDNS_RR_TYPE_MX) {
3081 if(!az_add_additionals_from(z, region, msg, rrset, 2))
3083 } else if(rrset->type == LDNS_RR_TYPE_SRV) {
3084 if(!az_add_additionals_from(z, region, msg, rrset, 6))
3086 } else if(rrset->type == LDNS_RR_TYPE_NS) {
3087 if(!az_add_additionals_from(z, region, msg, rrset, 0))
3093 /** generate answer for type ANY answer */
3095 az_generate_any_answer(struct auth_zone* z, struct regional* region,
3096 struct dns_msg* msg, struct auth_data* node)
3098 struct auth_rrset* rrset;
3100 /* add a couple (at least one) RRs */
3101 if((rrset=az_domain_rrset(node, LDNS_RR_TYPE_SOA)) != NULL) {
3102 if(!msg_add_rrset_an(z, region, msg, node, rrset)) return 0;
3105 if((rrset=az_domain_rrset(node, LDNS_RR_TYPE_MX)) != NULL) {
3106 if(!msg_add_rrset_an(z, region, msg, node, rrset)) return 0;
3109 if((rrset=az_domain_rrset(node, LDNS_RR_TYPE_A)) != NULL) {
3110 if(!msg_add_rrset_an(z, region, msg, node, rrset)) return 0;
3113 if((rrset=az_domain_rrset(node, LDNS_RR_TYPE_AAAA)) != NULL) {
3114 if(!msg_add_rrset_an(z, region, msg, node, rrset)) return 0;
3117 if(added == 0 && node && node->rrsets) {
3118 if(!msg_add_rrset_an(z, region, msg, node,
3119 node->rrsets)) return 0;
3124 /** follow cname chain and add more data to the answer section */
3126 follow_cname_chain(struct auth_zone* z, uint16_t qtype,
3127 struct regional* region, struct dns_msg* msg,
3128 struct packed_rrset_data* d)
3131 /* see if we can add the target of the CNAME into the answer */
3132 while(maxchain++ < MAX_CNAME_CHAIN) {
3133 struct auth_data* node;
3134 struct auth_rrset* rrset;
3136 /* d has cname rdata */
3137 if(d->count == 0) break; /* no CNAME */
3138 if(d->rr_len[0] < 2+1) break; /* too small */
3139 if((clen=dname_valid(d->rr_data[0]+2, d->rr_len[0]-2))==0)
3140 break; /* malformed */
3141 if(!dname_subdomain_c(d->rr_data[0]+2, z->name))
3142 break; /* target out of zone */
3143 if((node = az_find_name(z, d->rr_data[0]+2, clen))==NULL)
3144 break; /* no such target name */
3145 if((rrset=az_domain_rrset(node, qtype))!=NULL) {
3146 /* done we found the target */
3147 if(!msg_add_rrset_an(z, region, msg, node, rrset))
3151 if((rrset=az_domain_rrset(node, LDNS_RR_TYPE_CNAME))==NULL)
3152 break; /* no further CNAME chain, notype */
3153 if(!msg_add_rrset_an(z, region, msg, node, rrset)) return 0;
3159 /** generate answer for cname answer */
3161 az_generate_cname_answer(struct auth_zone* z, struct query_info* qinfo,
3162 struct regional* region, struct dns_msg* msg,
3163 struct auth_data* node, struct auth_rrset* rrset)
3165 if(!msg_add_rrset_an(z, region, msg, node, rrset)) return 0;
3166 if(!rrset) return 1;
3167 if(!follow_cname_chain(z, qinfo->qtype, region, msg, rrset->data))
3172 /** generate answer for notype answer */
3174 az_generate_notype_answer(struct auth_zone* z, struct regional* region,
3175 struct dns_msg* msg, struct auth_data* node)
3177 struct auth_rrset* rrset;
3178 if(!az_add_negative_soa(z, region, msg)) return 0;
3179 /* DNSSEC denial NSEC */
3180 if((rrset=az_domain_rrset(node, LDNS_RR_TYPE_NSEC))!=NULL) {
3181 if(!msg_add_rrset_ns(z, region, msg, node, rrset)) return 0;
3183 /* DNSSEC denial NSEC3 */
3184 if(!az_add_nsec3_proof(z, region, msg, node->name,
3185 node->namelen, msg->qinfo.qname,
3186 msg->qinfo.qname_len, 1, 1, 0, 0))
3192 /** generate answer for referral answer */
3194 az_generate_referral_answer(struct auth_zone* z, struct regional* region,
3195 struct dns_msg* msg, struct auth_data* ce, struct auth_rrset* rrset)
3197 struct auth_rrset* ds, *nsec;
3198 /* turn off AA flag, referral is nonAA because it leaves the zone */
3200 msg->rep->flags &= ~BIT_AA;
3201 if(!msg_add_rrset_ns(z, region, msg, ce, rrset)) return 0;
3202 /* add DS or deny it */
3203 if((ds=az_domain_rrset(ce, LDNS_RR_TYPE_DS))!=NULL) {
3204 if(!msg_add_rrset_ns(z, region, msg, ce, ds)) return 0;
3207 if((nsec=az_domain_rrset(ce, LDNS_RR_TYPE_NSEC))!=NULL) {
3208 if(!msg_add_rrset_ns(z, region, msg, ce, nsec))
3211 if(!az_add_nsec3_proof(z, region, msg, ce->name,
3212 ce->namelen, msg->qinfo.qname,
3213 msg->qinfo.qname_len, 1, 1, 0, 0))
3217 /* add additional rrs for type NS */
3218 if(!az_add_additionals_from(z, region, msg, rrset, 0)) return 0;
3222 /** generate answer for DNAME answer */
3224 az_generate_dname_answer(struct auth_zone* z, struct query_info* qinfo,
3225 struct regional* region, struct dns_msg* msg, struct auth_data* ce,
3226 struct auth_rrset* rrset)
3229 /* add the DNAME and then a CNAME */
3230 if(!msg_add_rrset_an(z, region, msg, ce, rrset)) return 0;
3231 if(!add_synth_cname(z, qinfo->qname, qinfo->qname_len, region,
3232 msg, ce, rrset)) return 0;
3233 if(FLAGS_GET_RCODE(msg->rep->flags) == LDNS_RCODE_YXDOMAIN)
3235 if(msg->rep->rrset_count == 0 ||
3236 !msg->rep->rrsets[msg->rep->rrset_count-1])
3238 if(!follow_cname_chain(z, qinfo->qtype, region, msg,
3239 (struct packed_rrset_data*)msg->rep->rrsets[
3240 msg->rep->rrset_count-1]->entry.data))
3245 /** generate answer for wildcard answer */
3247 az_generate_wildcard_answer(struct auth_zone* z, struct query_info* qinfo,
3248 struct regional* region, struct dns_msg* msg, struct auth_data* ce,
3249 struct auth_data* wildcard, struct auth_data* node)
3251 struct auth_rrset* rrset, *nsec;
3253 if((rrset=az_domain_rrset(wildcard, qinfo->qtype)) != NULL) {
3254 /* wildcard has type, add it */
3255 if(!msg_add_rrset_an(z, region, msg, wildcard, rrset))
3257 az_change_dnames(msg, wildcard->name, msg->qinfo.qname,
3258 msg->qinfo.qname_len, 1);
3259 } else if((rrset=az_domain_rrset(wildcard, LDNS_RR_TYPE_CNAME))!=NULL) {
3260 /* wildcard has cname instead, do that */
3261 if(!msg_add_rrset_an(z, region, msg, wildcard, rrset))
3263 az_change_dnames(msg, wildcard->name, msg->qinfo.qname,
3264 msg->qinfo.qname_len, 1);
3265 if(!follow_cname_chain(z, qinfo->qtype, region, msg,
3268 } else if(qinfo->qtype == LDNS_RR_TYPE_ANY && wildcard->rrsets) {
3269 /* add ANY rrsets from wildcard node */
3270 if(!az_generate_any_answer(z, region, msg, wildcard))
3272 az_change_dnames(msg, wildcard->name, msg->qinfo.qname,
3273 msg->qinfo.qname_len, 1);
3275 /* wildcard has nodata, notype answer */
3276 /* call other notype routine for dnssec notype denials */
3277 if(!az_generate_notype_answer(z, region, msg, wildcard))
3279 /* because the notype, there is no positive data with an
3280 * RRSIG that indicates the wildcard position. Thus the
3281 * wildcard qname denial needs to have a CE nsec3. */
3285 /* ce and node for dnssec denial of wildcard original name */
3286 if((nsec=az_find_nsec_cover(z, &node)) != NULL) {
3287 if(!msg_add_rrset_ns(z, region, msg, node, nsec)) return 0;
3289 uint8_t* wildup = wildcard->name;
3290 size_t wilduplen= wildcard->namelen;
3291 dname_remove_label(&wildup, &wilduplen);
3292 if(!az_add_nsec3_proof(z, region, msg, wildup,
3293 wilduplen, msg->qinfo.qname,
3294 msg->qinfo.qname_len, 0, insert_ce, 1, 0))
3298 /* fixup name of wildcard from *.zone to qname, use already allocated
3299 * pointer to msg qname */
3300 az_change_dnames(msg, wildcard->name, msg->qinfo.qname,
3301 msg->qinfo.qname_len, 0);
3305 /** generate answer for nxdomain answer */
3307 az_generate_nxdomain_answer(struct auth_zone* z, struct regional* region,
3308 struct dns_msg* msg, struct auth_data* ce, struct auth_data* node)
3310 struct auth_rrset* nsec;
3311 msg->rep->flags |= LDNS_RCODE_NXDOMAIN;
3312 if(!az_add_negative_soa(z, region, msg)) return 0;
3313 if((nsec=az_find_nsec_cover(z, &node)) != NULL) {
3314 if(!msg_add_rrset_ns(z, region, msg, node, nsec)) return 0;
3315 if(ce && !az_nsec_wildcard_denial(z, region, msg, ce->name,
3316 ce->namelen)) return 0;
3318 if(!az_add_nsec3_proof(z, region, msg, ce->name,
3319 ce->namelen, msg->qinfo.qname,
3320 msg->qinfo.qname_len, 0, 1, 1, 1))
3326 /** Create answers when an exact match exists for the domain name */
3328 az_generate_answer_with_node(struct auth_zone* z, struct query_info* qinfo,
3329 struct regional* region, struct dns_msg* msg, struct auth_data* node)
3331 struct auth_rrset* rrset;
3332 /* positive answer, rrset we are looking for exists */
3333 if((rrset=az_domain_rrset(node, qinfo->qtype)) != NULL) {
3334 return az_generate_positive_answer(z, region, msg, node, rrset);
3337 if((rrset=az_domain_rrset(node, LDNS_RR_TYPE_CNAME)) != NULL) {
3338 return az_generate_cname_answer(z, qinfo, region, msg,
3342 if(qinfo->qtype == LDNS_RR_TYPE_ANY) {
3343 return az_generate_any_answer(z, region, msg, node);
3345 /* NOERROR/NODATA (no such type at domain name) */
3346 return az_generate_notype_answer(z, region, msg, node);
3349 /** Generate answer without an existing-node that we can use.
3350 * So it'll be a referral, DNAME or nxdomain */
3352 az_generate_answer_nonexistnode(struct auth_zone* z, struct query_info* qinfo,
3353 struct regional* region, struct dns_msg* msg, struct auth_data* ce,
3354 struct auth_rrset* rrset, struct auth_data* node)
3356 struct auth_data* wildcard;
3358 /* we do not have an exact matching name (that exists) */
3359 /* see if we have a NS or DNAME in the ce */
3360 if(ce && rrset && rrset->type == LDNS_RR_TYPE_NS) {
3361 return az_generate_referral_answer(z, region, msg, ce, rrset);
3363 if(ce && rrset && rrset->type == LDNS_RR_TYPE_DNAME) {
3364 return az_generate_dname_answer(z, qinfo, region, msg, ce,
3367 /* if there is an empty nonterminal, wildcard and nxdomain don't
3368 * happen, it is a notype answer */
3369 if(az_empty_nonterminal(z, qinfo, node)) {
3370 return az_generate_notype_answer(z, region, msg, node);
3372 /* see if we have a wildcard under the ce */
3373 if((wildcard=az_find_wildcard(z, qinfo, ce)) != NULL) {
3374 return az_generate_wildcard_answer(z, qinfo, region, msg,
3375 ce, wildcard, node);
3377 /* generate nxdomain answer */
3378 return az_generate_nxdomain_answer(z, region, msg, ce, node);
3381 /** Lookup answer in a zone. */
3383 auth_zone_generate_answer(struct auth_zone* z, struct query_info* qinfo,
3384 struct regional* region, struct dns_msg** msg, int* fallback)
3386 struct auth_data* node, *ce;
3387 struct auth_rrset* rrset;
3388 int node_exact, node_exists;
3389 /* does the zone want fallback in case of failure? */
3390 *fallback = z->fallback_enabled;
3391 if(!(*msg=msg_create(region, qinfo))) return 0;
3393 /* lookup if there is a matching domain name for the query */
3394 az_find_domain(z, qinfo, &node_exact, &node);
3396 /* see if node exists for generating answers from (i.e. not glue and
3397 * obscured by NS or DNAME or NSEC3-only), and also return the
3398 * closest-encloser from that, closest node that should be used
3399 * to generate answers from that is above the query */
3400 node_exists = az_find_ce(z, qinfo, node, node_exact, &ce, &rrset);
3402 if(verbosity >= VERB_ALGO) {
3403 char zname[256], qname[256], nname[256], cename[256],
3404 tpstr[32], rrstr[32];
3405 sldns_wire2str_dname_buf(qinfo->qname, qinfo->qname_len, qname,
3407 sldns_wire2str_type_buf(qinfo->qtype, tpstr, sizeof(tpstr));
3408 sldns_wire2str_dname_buf(z->name, z->namelen, zname,
3411 sldns_wire2str_dname_buf(node->name, node->namelen,
3412 nname, sizeof(nname));
3413 else snprintf(nname, sizeof(nname), "NULL");
3415 sldns_wire2str_dname_buf(ce->name, ce->namelen,
3416 cename, sizeof(cename));
3417 else snprintf(cename, sizeof(cename), "NULL");
3418 if(rrset) sldns_wire2str_type_buf(rrset->type, rrstr,
3420 else snprintf(rrstr, sizeof(rrstr), "NULL");
3421 log_info("auth_zone %s query %s %s, domain %s %s %s, "
3422 "ce %s, rrset %s", zname, qname, tpstr, nname,
3423 (node_exact?"exact":"notexact"),
3424 (node_exists?"exist":"notexist"), cename, rrstr);
3428 /* the node is fine, generate answer from node */
3429 return az_generate_answer_with_node(z, qinfo, region, *msg,
3432 return az_generate_answer_nonexistnode(z, qinfo, region, *msg,
3436 int auth_zones_lookup(struct auth_zones* az, struct query_info* qinfo,
3437 struct regional* region, struct dns_msg** msg, int* fallback,
3438 uint8_t* dp_nm, size_t dp_nmlen)
3441 struct auth_zone* z;
3442 /* find the zone that should contain the answer. */
3443 lock_rw_rdlock(&az->lock);
3444 z = auth_zone_find(az, dp_nm, dp_nmlen, qinfo->qclass);
3446 lock_rw_unlock(&az->lock);
3447 /* no auth zone, fallback to internet */
3451 lock_rw_rdlock(&z->lock);
3452 lock_rw_unlock(&az->lock);
3454 /* if not for upstream queries, fallback */
3455 if(!z->for_upstream) {
3456 lock_rw_unlock(&z->lock);
3460 if(z->zone_expired) {
3461 *fallback = z->fallback_enabled;
3462 lock_rw_unlock(&z->lock);
3465 /* see what answer that zone would generate */
3466 r = auth_zone_generate_answer(z, qinfo, region, msg, fallback);
3467 lock_rw_unlock(&z->lock);
3471 /** encode auth answer */
3473 auth_answer_encode(struct query_info* qinfo, struct module_env* env,
3474 struct edns_data* edns, struct comm_reply* repinfo, sldns_buffer* buf,
3475 struct regional* temp, struct dns_msg* msg)
3478 udpsize = edns->udp_size;
3479 edns->edns_version = EDNS_ADVERTISED_VERSION;
3480 edns->udp_size = EDNS_ADVERTISED_SIZE;
3481 edns->ext_rcode = 0;
3482 edns->bits &= EDNS_DO;
3484 if(!inplace_cb_reply_local_call(env, qinfo, NULL, msg->rep,
3485 (int)FLAGS_GET_RCODE(msg->rep->flags), edns, repinfo, temp, env->now_tv)
3486 || !reply_info_answer_encode(qinfo, msg->rep,
3487 *(uint16_t*)sldns_buffer_begin(buf),
3488 sldns_buffer_read_u16_at(buf, 2),
3489 buf, 0, 0, temp, udpsize, edns,
3490 (int)(edns->bits&EDNS_DO), 0)) {
3491 error_encode(buf, (LDNS_RCODE_SERVFAIL|BIT_AA), qinfo,
3492 *(uint16_t*)sldns_buffer_begin(buf),
3493 sldns_buffer_read_u16_at(buf, 2), edns);
3497 /** encode auth error answer */
3499 auth_error_encode(struct query_info* qinfo, struct module_env* env,
3500 struct edns_data* edns, struct comm_reply* repinfo, sldns_buffer* buf,
3501 struct regional* temp, int rcode)
3503 edns->edns_version = EDNS_ADVERTISED_VERSION;
3504 edns->udp_size = EDNS_ADVERTISED_SIZE;
3505 edns->ext_rcode = 0;
3506 edns->bits &= EDNS_DO;
3508 if(!inplace_cb_reply_local_call(env, qinfo, NULL, NULL,
3509 rcode, edns, repinfo, temp, env->now_tv))
3510 edns->opt_list = NULL;
3511 error_encode(buf, rcode|BIT_AA, qinfo,
3512 *(uint16_t*)sldns_buffer_begin(buf),
3513 sldns_buffer_read_u16_at(buf, 2), edns);
3516 int auth_zones_answer(struct auth_zones* az, struct module_env* env,
3517 struct query_info* qinfo, struct edns_data* edns,
3518 struct comm_reply* repinfo, struct sldns_buffer* buf, struct regional* temp)
3520 struct dns_msg* msg = NULL;
3521 struct auth_zone* z;
3525 lock_rw_rdlock(&az->lock);
3526 if(!az->have_downstream) {
3527 /* no downstream auth zones */
3528 lock_rw_unlock(&az->lock);
3531 if(qinfo->qtype == LDNS_RR_TYPE_DS) {
3532 uint8_t* delname = qinfo->qname;
3533 size_t delnamelen = qinfo->qname_len;
3534 dname_remove_label(&delname, &delnamelen);
3535 z = auth_zones_find_zone(az, delname, delnamelen,
3538 z = auth_zones_find_zone(az, qinfo->qname, qinfo->qname_len,
3542 /* no zone above it */
3543 lock_rw_unlock(&az->lock);
3546 lock_rw_rdlock(&z->lock);
3547 lock_rw_unlock(&az->lock);
3548 if(!z->for_downstream) {
3549 lock_rw_unlock(&z->lock);
3552 if(z->zone_expired) {
3553 if(z->fallback_enabled) {
3554 lock_rw_unlock(&z->lock);
3557 lock_rw_unlock(&z->lock);
3558 lock_rw_wrlock(&az->lock);
3559 az->num_query_down++;
3560 lock_rw_unlock(&az->lock);
3561 auth_error_encode(qinfo, env, edns, repinfo, buf, temp,
3562 LDNS_RCODE_SERVFAIL);
3566 /* answer it from zone z */
3567 r = auth_zone_generate_answer(z, qinfo, temp, &msg, &fallback);
3568 lock_rw_unlock(&z->lock);
3569 if(!r && fallback) {
3570 /* fallback to regular answering (recursive) */
3573 lock_rw_wrlock(&az->lock);
3574 az->num_query_down++;
3575 lock_rw_unlock(&az->lock);
3579 auth_error_encode(qinfo, env, edns, repinfo, buf, temp,
3580 LDNS_RCODE_SERVFAIL);
3581 else auth_answer_encode(qinfo, env, edns, repinfo, buf, temp, msg);
3586 int auth_zones_can_fallback(struct auth_zones* az, uint8_t* nm, size_t nmlen,
3590 struct auth_zone* z;
3591 lock_rw_rdlock(&az->lock);
3592 z = auth_zone_find(az, nm, nmlen, dclass);
3594 lock_rw_unlock(&az->lock);
3595 /* no such auth zone, fallback */
3598 lock_rw_rdlock(&z->lock);
3599 lock_rw_unlock(&az->lock);
3600 r = z->fallback_enabled || (!z->for_upstream);
3601 lock_rw_unlock(&z->lock);
3606 auth_zone_parse_notify_serial(sldns_buffer* pkt, uint32_t *serial)
3608 struct query_info q;
3610 memset(&q, 0, sizeof(q));
3611 sldns_buffer_set_position(pkt, 0);
3612 if(!query_info_parse(&q, pkt)) return 0;
3613 if(LDNS_ANCOUNT(sldns_buffer_begin(pkt)) == 0) return 0;
3614 /* skip name of RR in answer section */
3615 if(sldns_buffer_remaining(pkt) < 1) return 0;
3616 if(pkt_dname_len(pkt) == 0) return 0;
3618 if(sldns_buffer_remaining(pkt) < 10 /* type,class,ttl,rdatalen*/)
3620 if(sldns_buffer_read_u16(pkt) != LDNS_RR_TYPE_SOA) return 0;
3621 sldns_buffer_skip(pkt, 2); /* class */
3622 sldns_buffer_skip(pkt, 4); /* ttl */
3623 rdlen = sldns_buffer_read_u16(pkt); /* rdatalen */
3624 if(sldns_buffer_remaining(pkt) < rdlen) return 0;
3625 if(rdlen < 22) return 0; /* bad soa length */
3626 sldns_buffer_skip(pkt, (ssize_t)(rdlen-20));
3627 *serial = sldns_buffer_read_u32(pkt);
3628 /* return true when has serial in answer section */
3632 /** see if addr appears in the list */
3634 addr_in_list(struct auth_addr* list, struct sockaddr_storage* addr,
3637 struct auth_addr* p;
3638 for(p=list; p; p=p->next) {
3639 if(sockaddr_cmp_addr(addr, addrlen, &p->addr, p->addrlen)==0)
3645 /** check if an address matches a master specification (or one of its
3646 * addresses in the addr list) */
3648 addr_matches_master(struct auth_master* master, struct sockaddr_storage* addr,
3649 socklen_t addrlen, struct auth_master** fromhost)
3651 struct sockaddr_storage a;
3654 if(addr_in_list(master->list, addr, addrlen)) {
3658 /* compare address (but not port number, that is the destination
3659 * port of the master, the port number of the received notify is
3660 * allowed to by any port on that master) */
3661 if(extstrtoaddr(master->host, &a, &alen) &&
3662 sockaddr_cmp_addr(addr, addrlen, &a, alen)==0) {
3666 /* prefixes, addr/len, like 10.0.0.0/8 */
3667 /* not http and has a / and there is one / */
3668 if(master->allow_notify && !master->http &&
3669 strchr(master->host, '/') != NULL &&
3670 strchr(master->host, '/') == strrchr(master->host, '/') &&
3671 netblockstrtoaddr(master->host, UNBOUND_DNS_PORT, &a, &alen,
3672 &net) && alen == addrlen) {
3673 if(addr_in_common(addr, (addr_is_ip6(addr, addrlen)?128:32),
3674 &a, net, alen) >= net) {
3675 *fromhost = NULL; /* prefix does not have destination
3676 to send the probe or transfer with */
3677 return 1; /* matches the netblock */
3683 /** check access list for notifies */
3685 az_xfr_allowed_notify(struct auth_xfer* xfr, struct sockaddr_storage* addr,
3686 socklen_t addrlen, struct auth_master** fromhost)
3688 struct auth_master* p;
3689 for(p=xfr->allow_notify_list; p; p=p->next) {
3690 if(addr_matches_master(p, addr, addrlen, fromhost)) {
3697 /** see if the serial means the zone has to be updated, i.e. the serial
3698 * is newer than the zone serial, or we have no zone */
3700 xfr_serial_means_update(struct auth_xfer* xfr, uint32_t serial)
3703 return 1; /* no zone, anything is better */
3704 if(xfr->zone_expired)
3705 return 1; /* expired, the sent serial is better than expired
3707 if(compare_serial(xfr->serial, serial) < 0)
3708 return 1; /* our serial is smaller than the sent serial,
3709 the data is newer, fetch it */
3713 /** note notify serial, updates the notify information in the xfr struct */
3715 xfr_note_notify_serial(struct auth_xfer* xfr, int has_serial, uint32_t serial)
3717 if(xfr->notify_received && xfr->notify_has_serial && has_serial) {
3718 /* see if this serial is newer */
3719 if(compare_serial(xfr->notify_serial, serial) < 0)
3720 xfr->notify_serial = serial;
3721 } else if(xfr->notify_received && xfr->notify_has_serial &&
3723 /* remove serial, we have notify without serial */
3724 xfr->notify_has_serial = 0;
3725 xfr->notify_serial = 0;
3726 } else if(xfr->notify_received && !xfr->notify_has_serial) {
3727 /* we already have notify without serial, keep it
3728 * that way; no serial check when current operation
3731 xfr->notify_received = 1;
3732 xfr->notify_has_serial = has_serial;
3733 xfr->notify_serial = serial;
3737 /** process a notify serial, start new probe or note serial. xfr is locked */
3739 xfr_process_notify(struct auth_xfer* xfr, struct module_env* env,
3740 int has_serial, uint32_t serial, struct auth_master* fromhost)
3742 /* if the serial of notify is older than we have, don't fetch
3743 * a zone, we already have it */
3744 if(has_serial && !xfr_serial_means_update(xfr, serial)) {
3745 lock_basic_unlock(&xfr->lock);
3748 /* start new probe with this addr src, or note serial */
3749 if(!xfr_start_probe(xfr, env, fromhost)) {
3750 /* not started because already in progress, note the serial */
3751 xfr_note_notify_serial(xfr, has_serial, serial);
3752 lock_basic_unlock(&xfr->lock);
3754 /* successful end of start_probe unlocked xfr->lock */
3757 int auth_zones_notify(struct auth_zones* az, struct module_env* env,
3758 uint8_t* nm, size_t nmlen, uint16_t dclass,
3759 struct sockaddr_storage* addr, socklen_t addrlen, int has_serial,
3760 uint32_t serial, int* refused)
3762 struct auth_xfer* xfr;
3763 struct auth_master* fromhost = NULL;
3764 /* see which zone this is */
3765 lock_rw_rdlock(&az->lock);
3766 xfr = auth_xfer_find(az, nm, nmlen, dclass);
3768 lock_rw_unlock(&az->lock);
3769 /* no such zone, refuse the notify */
3773 lock_basic_lock(&xfr->lock);
3774 lock_rw_unlock(&az->lock);
3776 /* check access list for notifies */
3777 if(!az_xfr_allowed_notify(xfr, addr, addrlen, &fromhost)) {
3778 lock_basic_unlock(&xfr->lock);
3779 /* notify not allowed, refuse the notify */
3784 /* process the notify */
3785 xfr_process_notify(xfr, env, has_serial, serial, fromhost);
3789 int auth_zones_startprobesequence(struct auth_zones* az,
3790 struct module_env* env, uint8_t* nm, size_t nmlen, uint16_t dclass)
3792 struct auth_xfer* xfr;
3793 lock_rw_rdlock(&az->lock);
3794 xfr = auth_xfer_find(az, nm, nmlen, dclass);
3796 lock_rw_unlock(&az->lock);
3799 lock_basic_lock(&xfr->lock);
3800 lock_rw_unlock(&az->lock);
3802 xfr_process_notify(xfr, env, 0, 0, NULL);
3806 /** set a zone expired */
3808 auth_xfer_set_expired(struct auth_xfer* xfr, struct module_env* env,
3811 struct auth_zone* z;
3814 lock_basic_lock(&xfr->lock);
3815 xfr->zone_expired = expired;
3816 lock_basic_unlock(&xfr->lock);
3818 /* find auth_zone */
3819 lock_rw_rdlock(&env->auth_zones->lock);
3820 z = auth_zone_find(env->auth_zones, xfr->name, xfr->namelen,
3823 lock_rw_unlock(&env->auth_zones->lock);
3826 lock_rw_wrlock(&z->lock);
3827 lock_rw_unlock(&env->auth_zones->lock);
3829 /* expire auth_zone */
3830 z->zone_expired = expired;
3831 lock_rw_unlock(&z->lock);
3834 /** find master (from notify or probe) in list of masters */
3835 static struct auth_master*
3836 find_master_by_host(struct auth_master* list, char* host)
3838 struct auth_master* p;
3839 for(p=list; p; p=p->next) {
3840 if(strcmp(p->host, host) == 0)
3846 /** delete the looked up auth_addrs for all the masters in the list */
3848 xfr_masterlist_free_addrs(struct auth_master* list)
3850 struct auth_master* m;
3851 for(m=list; m; m=m->next) {
3853 auth_free_master_addrs(m->list);
3859 /** copy a list of auth_addrs */
3860 static struct auth_addr*
3861 auth_addr_list_copy(struct auth_addr* source)
3863 struct auth_addr* list = NULL, *last = NULL;
3864 struct auth_addr* p;
3865 for(p=source; p; p=p->next) {
3866 struct auth_addr* a = (struct auth_addr*)memdup(p, sizeof(*p));
3868 log_err("malloc failure");
3869 auth_free_master_addrs(list);
3873 if(last) last->next = a;
3880 /** copy a master to a new structure, NULL on alloc failure */
3881 static struct auth_master*
3882 auth_master_copy(struct auth_master* o)
3884 struct auth_master* m;
3886 m = (struct auth_master*)memdup(o, sizeof(*o));
3888 log_err("malloc failure");
3893 m->host = strdup(m->host);
3896 log_err("malloc failure");
3901 m->file = strdup(m->file);
3905 log_err("malloc failure");
3910 m->list = auth_addr_list_copy(m->list);
3921 /** copy the master addresses from the task_probe lookups to the allow_notify
3922 * list of masters */
3924 probe_copy_masters_for_allow_notify(struct auth_xfer* xfr)
3926 struct auth_master* list = NULL, *last = NULL;
3927 struct auth_master* p;
3928 /* build up new list with copies */
3929 for(p = xfr->task_probe->masters; p; p=p->next) {
3930 struct auth_master* m = auth_master_copy(p);
3932 auth_free_masters(list);
3933 /* failed because of malloc failure, use old list */
3937 if(last) last->next = m;
3941 /* success, replace list */
3942 auth_free_masters(xfr->allow_notify_list);
3943 xfr->allow_notify_list = list;
3946 /** start the lookups for task_transfer */
3948 xfr_transfer_start_lookups(struct auth_xfer* xfr)
3950 /* delete all the looked up addresses in the list */
3951 xfr->task_transfer->scan_addr = NULL;
3952 xfr_masterlist_free_addrs(xfr->task_transfer->masters);
3954 /* start lookup at the first master */
3955 xfr->task_transfer->lookup_target = xfr->task_transfer->masters;
3956 xfr->task_transfer->lookup_aaaa = 0;
3959 /** move to the next lookup of hostname for task_transfer */
3961 xfr_transfer_move_to_next_lookup(struct auth_xfer* xfr, struct module_env* env)
3963 if(!xfr->task_transfer->lookup_target)
3964 return; /* already at end of list */
3965 if(!xfr->task_transfer->lookup_aaaa && env->cfg->do_ip6) {
3966 /* move to lookup AAAA */
3967 xfr->task_transfer->lookup_aaaa = 1;
3970 xfr->task_transfer->lookup_target =
3971 xfr->task_transfer->lookup_target->next;
3972 xfr->task_transfer->lookup_aaaa = 0;
3973 if(!env->cfg->do_ip4 && xfr->task_transfer->lookup_target!=NULL)
3974 xfr->task_transfer->lookup_aaaa = 1;
3977 /** start the lookups for task_probe */
3979 xfr_probe_start_lookups(struct auth_xfer* xfr)
3981 /* delete all the looked up addresses in the list */
3982 xfr->task_probe->scan_addr = NULL;
3983 xfr_masterlist_free_addrs(xfr->task_probe->masters);
3985 /* start lookup at the first master */
3986 xfr->task_probe->lookup_target = xfr->task_probe->masters;
3987 xfr->task_probe->lookup_aaaa = 0;
3990 /** move to the next lookup of hostname for task_probe */
3992 xfr_probe_move_to_next_lookup(struct auth_xfer* xfr, struct module_env* env)
3994 if(!xfr->task_probe->lookup_target)
3995 return; /* already at end of list */
3996 if(!xfr->task_probe->lookup_aaaa && env->cfg->do_ip6) {
3997 /* move to lookup AAAA */
3998 xfr->task_probe->lookup_aaaa = 1;
4001 xfr->task_probe->lookup_target = xfr->task_probe->lookup_target->next;
4002 xfr->task_probe->lookup_aaaa = 0;
4003 if(!env->cfg->do_ip4 && xfr->task_probe->lookup_target!=NULL)
4004 xfr->task_probe->lookup_aaaa = 1;
4007 /** start the iteration of the task_transfer list of masters */
4009 xfr_transfer_start_list(struct auth_xfer* xfr, struct auth_master* spec)
4012 xfr->task_transfer->scan_specific = find_master_by_host(
4013 xfr->task_transfer->masters, spec->host);
4014 if(xfr->task_transfer->scan_specific) {
4015 xfr->task_transfer->scan_target = NULL;
4016 xfr->task_transfer->scan_addr = NULL;
4017 if(xfr->task_transfer->scan_specific->list)
4018 xfr->task_transfer->scan_addr =
4019 xfr->task_transfer->scan_specific->list;
4023 /* no specific (notified) host to scan */
4024 xfr->task_transfer->scan_specific = NULL;
4025 xfr->task_transfer->scan_addr = NULL;
4026 /* pick up first scan target */
4027 xfr->task_transfer->scan_target = xfr->task_transfer->masters;
4028 if(xfr->task_transfer->scan_target && xfr->task_transfer->
4030 xfr->task_transfer->scan_addr =
4031 xfr->task_transfer->scan_target->list;
4034 /** start the iteration of the task_probe list of masters */
4036 xfr_probe_start_list(struct auth_xfer* xfr, struct auth_master* spec)
4039 xfr->task_probe->scan_specific = find_master_by_host(
4040 xfr->task_probe->masters, spec->host);
4041 if(xfr->task_probe->scan_specific) {
4042 xfr->task_probe->scan_target = NULL;
4043 xfr->task_probe->scan_addr = NULL;
4044 if(xfr->task_probe->scan_specific->list)
4045 xfr->task_probe->scan_addr =
4046 xfr->task_probe->scan_specific->list;
4050 /* no specific (notified) host to scan */
4051 xfr->task_probe->scan_specific = NULL;
4052 xfr->task_probe->scan_addr = NULL;
4053 /* pick up first scan target */
4054 xfr->task_probe->scan_target = xfr->task_probe->masters;
4055 if(xfr->task_probe->scan_target && xfr->task_probe->scan_target->list)
4056 xfr->task_probe->scan_addr =
4057 xfr->task_probe->scan_target->list;
4060 /** pick up the master that is being scanned right now, task_transfer */
4061 static struct auth_master*
4062 xfr_transfer_current_master(struct auth_xfer* xfr)
4064 if(xfr->task_transfer->scan_specific)
4065 return xfr->task_transfer->scan_specific;
4066 return xfr->task_transfer->scan_target;
4069 /** pick up the master that is being scanned right now, task_probe */
4070 static struct auth_master*
4071 xfr_probe_current_master(struct auth_xfer* xfr)
4073 if(xfr->task_probe->scan_specific)
4074 return xfr->task_probe->scan_specific;
4075 return xfr->task_probe->scan_target;
4078 /** true if at end of list, task_transfer */
4080 xfr_transfer_end_of_list(struct auth_xfer* xfr)
4082 return !xfr->task_transfer->scan_specific &&
4083 !xfr->task_transfer->scan_target;
4086 /** true if at end of list, task_probe */
4088 xfr_probe_end_of_list(struct auth_xfer* xfr)
4090 return !xfr->task_probe->scan_specific && !xfr->task_probe->scan_target;
4093 /** move to next master in list, task_transfer */
4095 xfr_transfer_nextmaster(struct auth_xfer* xfr)
4097 if(!xfr->task_transfer->scan_specific &&
4098 !xfr->task_transfer->scan_target)
4100 if(xfr->task_transfer->scan_addr) {
4101 xfr->task_transfer->scan_addr =
4102 xfr->task_transfer->scan_addr->next;
4103 if(xfr->task_transfer->scan_addr)
4106 if(xfr->task_transfer->scan_specific) {
4107 xfr->task_transfer->scan_specific = NULL;
4108 xfr->task_transfer->scan_target = xfr->task_transfer->masters;
4109 if(xfr->task_transfer->scan_target && xfr->task_transfer->
4111 xfr->task_transfer->scan_addr =
4112 xfr->task_transfer->scan_target->list;
4115 if(!xfr->task_transfer->scan_target)
4117 xfr->task_transfer->scan_target = xfr->task_transfer->scan_target->next;
4118 if(xfr->task_transfer->scan_target && xfr->task_transfer->
4120 xfr->task_transfer->scan_addr =
4121 xfr->task_transfer->scan_target->list;
4125 /** move to next master in list, task_probe */
4127 xfr_probe_nextmaster(struct auth_xfer* xfr)
4129 if(!xfr->task_probe->scan_specific && !xfr->task_probe->scan_target)
4131 if(xfr->task_probe->scan_addr) {
4132 xfr->task_probe->scan_addr = xfr->task_probe->scan_addr->next;
4133 if(xfr->task_probe->scan_addr)
4136 if(xfr->task_probe->scan_specific) {
4137 xfr->task_probe->scan_specific = NULL;
4138 xfr->task_probe->scan_target = xfr->task_probe->masters;
4139 if(xfr->task_probe->scan_target && xfr->task_probe->
4141 xfr->task_probe->scan_addr =
4142 xfr->task_probe->scan_target->list;
4145 if(!xfr->task_probe->scan_target)
4147 xfr->task_probe->scan_target = xfr->task_probe->scan_target->next;
4148 if(xfr->task_probe->scan_target && xfr->task_probe->
4150 xfr->task_probe->scan_addr =
4151 xfr->task_probe->scan_target->list;
4155 /** create SOA probe packet for xfr */
4157 xfr_create_soa_probe_packet(struct auth_xfer* xfr, sldns_buffer* buf,
4160 struct query_info qinfo;
4162 memset(&qinfo, 0, sizeof(qinfo));
4163 qinfo.qname = xfr->name;
4164 qinfo.qname_len = xfr->namelen;
4165 qinfo.qtype = LDNS_RR_TYPE_SOA;
4166 qinfo.qclass = xfr->dclass;
4167 qinfo_query_encode(buf, &qinfo);
4168 sldns_buffer_write_u16_at(buf, 0, id);
4171 /** create IXFR/AXFR packet for xfr */
4173 xfr_create_ixfr_packet(struct auth_xfer* xfr, sldns_buffer* buf, uint16_t id,
4174 struct auth_master* master)
4176 struct query_info qinfo;
4179 have_zone = xfr->have_zone;
4180 serial = xfr->serial;
4182 memset(&qinfo, 0, sizeof(qinfo));
4183 qinfo.qname = xfr->name;
4184 qinfo.qname_len = xfr->namelen;
4185 xfr->task_transfer->got_xfr_serial = 0;
4186 xfr->task_transfer->rr_scan_num = 0;
4187 xfr->task_transfer->incoming_xfr_serial = 0;
4188 xfr->task_transfer->on_ixfr_is_axfr = 0;
4189 xfr->task_transfer->on_ixfr = 1;
4190 qinfo.qtype = LDNS_RR_TYPE_IXFR;
4191 if(!have_zone || xfr->task_transfer->ixfr_fail || !master->ixfr) {
4192 qinfo.qtype = LDNS_RR_TYPE_AXFR;
4193 xfr->task_transfer->ixfr_fail = 0;
4194 xfr->task_transfer->on_ixfr = 0;
4197 qinfo.qclass = xfr->dclass;
4198 qinfo_query_encode(buf, &qinfo);
4199 sldns_buffer_write_u16_at(buf, 0, id);
4201 /* append serial for IXFR */
4202 if(qinfo.qtype == LDNS_RR_TYPE_IXFR) {
4203 size_t end = sldns_buffer_limit(buf);
4204 sldns_buffer_clear(buf);
4205 sldns_buffer_set_position(buf, end);
4206 /* auth section count 1 */
4207 sldns_buffer_write_u16_at(buf, LDNS_NSCOUNT_OFF, 1);
4209 sldns_buffer_write_u8(buf, 0xC0); /* compressed ptr to qname */
4210 sldns_buffer_write_u8(buf, 0x0C);
4211 sldns_buffer_write_u16(buf, LDNS_RR_TYPE_SOA);
4212 sldns_buffer_write_u16(buf, qinfo.qclass);
4213 sldns_buffer_write_u32(buf, 0); /* ttl */
4214 sldns_buffer_write_u16(buf, 22); /* rdata length */
4215 sldns_buffer_write_u8(buf, 0); /* . */
4216 sldns_buffer_write_u8(buf, 0); /* . */
4217 sldns_buffer_write_u32(buf, serial); /* serial */
4218 sldns_buffer_write_u32(buf, 0); /* refresh */
4219 sldns_buffer_write_u32(buf, 0); /* retry */
4220 sldns_buffer_write_u32(buf, 0); /* expire */
4221 sldns_buffer_write_u32(buf, 0); /* minimum */
4222 sldns_buffer_flip(buf);
4226 /** check if returned packet is OK */
4228 check_packet_ok(sldns_buffer* pkt, uint16_t qtype, struct auth_xfer* xfr,
4231 /* parse to see if packet worked, valid reply */
4233 /* check serial number of SOA */
4234 if(sldns_buffer_limit(pkt) < LDNS_HEADER_SIZE)
4238 if(LDNS_ID_WIRE(sldns_buffer_begin(pkt)) != xfr->task_probe->id)
4241 /* check flag bits and rcode */
4242 if(!LDNS_QR_WIRE(sldns_buffer_begin(pkt)))
4244 if(LDNS_OPCODE_WIRE(sldns_buffer_begin(pkt)) != LDNS_PACKET_QUERY)
4246 if(LDNS_RCODE_WIRE(sldns_buffer_begin(pkt)) != LDNS_RCODE_NOERROR)
4250 if(LDNS_QDCOUNT(sldns_buffer_begin(pkt)) != 1)
4252 sldns_buffer_skip(pkt, LDNS_HEADER_SIZE);
4253 if(sldns_buffer_remaining(pkt) < xfr->namelen)
4255 if(query_dname_compare(sldns_buffer_current(pkt), xfr->name) != 0)
4257 sldns_buffer_skip(pkt, (ssize_t)xfr->namelen);
4259 /* check qtype, qclass */
4260 if(sldns_buffer_remaining(pkt) < 4)
4262 if(sldns_buffer_read_u16(pkt) != qtype)
4264 if(sldns_buffer_read_u16(pkt) != xfr->dclass)
4269 /* read serial number, from answer section SOA */
4270 if(LDNS_ANCOUNT(sldns_buffer_begin(pkt)) == 0)
4272 /* read from first record SOA record */
4273 if(sldns_buffer_remaining(pkt) < 1)
4275 if(dname_pkt_compare(pkt, sldns_buffer_current(pkt),
4278 if(!pkt_dname_len(pkt))
4280 /* type, class, ttl, rdatalen */
4281 if(sldns_buffer_remaining(pkt) < 4+4+2)
4283 if(sldns_buffer_read_u16(pkt) != qtype)
4285 if(sldns_buffer_read_u16(pkt) != xfr->dclass)
4287 sldns_buffer_skip(pkt, 4); /* ttl */
4288 rdlen = sldns_buffer_read_u16(pkt);
4289 if(sldns_buffer_remaining(pkt) < rdlen)
4291 if(sldns_buffer_remaining(pkt) < 1)
4293 if(!pkt_dname_len(pkt)) /* soa name */
4295 if(sldns_buffer_remaining(pkt) < 1)
4297 if(!pkt_dname_len(pkt)) /* soa name */
4299 if(sldns_buffer_remaining(pkt) < 20)
4301 *serial = sldns_buffer_read_u32(pkt);
4306 /** read one line from chunks into buffer at current position */
4308 chunkline_get_line(struct auth_chunk** chunk, size_t* chunk_pos,
4313 /* more text in this chunk? */
4314 if(*chunk_pos < (*chunk)->len) {
4316 while(*chunk_pos < (*chunk)->len) {
4317 char c = (char)((*chunk)->data[*chunk_pos]);
4319 if(sldns_buffer_remaining(buf) < 2) {
4320 /* buffer too short */
4321 verbose(VERB_ALGO, "http chunkline, "
4325 sldns_buffer_write_u8(buf, (uint8_t)c);
4332 /* move to next chunk */
4333 *chunk = (*chunk)->next;
4337 if(readsome) return 1;
4341 /** count number of open and closed parenthesis in a chunkline */
4343 chunkline_count_parens(sldns_buffer* buf, size_t start)
4345 size_t end = sldns_buffer_position(buf);
4348 int squote = 0, dquote = 0;
4349 for(i=start; i<end; i++) {
4350 char c = (char)sldns_buffer_read_u8_at(buf, i);
4351 if(squote && c != '\'') continue;
4352 if(dquote && c != '"') continue;
4354 dquote = !dquote; /* skip quoted part */
4356 squote = !squote; /* skip quoted part */
4362 /* rest is a comment */
4369 /** remove trailing ;... comment from a line in the chunkline buffer */
4371 chunkline_remove_trailcomment(sldns_buffer* buf, size_t start)
4373 size_t end = sldns_buffer_position(buf);
4375 int squote = 0, dquote = 0;
4376 for(i=start; i<end; i++) {
4377 char c = (char)sldns_buffer_read_u8_at(buf, i);
4378 if(squote && c != '\'') continue;
4379 if(dquote && c != '"') continue;
4381 dquote = !dquote; /* skip quoted part */
4383 squote = !squote; /* skip quoted part */
4385 /* rest is a comment */
4386 sldns_buffer_set_position(buf, i);
4390 /* nothing to remove */
4393 /** see if a chunkline is a comment line (or empty line) */
4395 chunkline_is_comment_line_or_empty(sldns_buffer* buf)
4397 size_t i, end = sldns_buffer_limit(buf);
4398 for(i=0; i<end; i++) {
4399 char c = (char)sldns_buffer_read_u8_at(buf, i);
4401 return 1; /* comment */
4402 else if(c != ' ' && c != '\t' && c != '\r' && c != '\n')
4403 return 0; /* not a comment */
4405 return 1; /* empty */
4408 /** find a line with ( ) collated */
4410 chunkline_get_line_collated(struct auth_chunk** chunk, size_t* chunk_pos,
4415 sldns_buffer_clear(buf);
4416 pos = sldns_buffer_position(buf);
4417 if(!chunkline_get_line(chunk, chunk_pos, buf)) {
4418 if(sldns_buffer_position(buf) < sldns_buffer_limit(buf))
4419 sldns_buffer_write_u8_at(buf, sldns_buffer_position(buf), 0);
4420 else sldns_buffer_write_u8_at(buf, sldns_buffer_position(buf)-1, 0);
4421 sldns_buffer_flip(buf);
4424 parens += chunkline_count_parens(buf, pos);
4426 chunkline_remove_trailcomment(buf, pos);
4427 pos = sldns_buffer_position(buf);
4428 if(!chunkline_get_line(chunk, chunk_pos, buf)) {
4429 if(sldns_buffer_position(buf) < sldns_buffer_limit(buf))
4430 sldns_buffer_write_u8_at(buf, sldns_buffer_position(buf), 0);
4431 else sldns_buffer_write_u8_at(buf, sldns_buffer_position(buf)-1, 0);
4432 sldns_buffer_flip(buf);
4435 parens += chunkline_count_parens(buf, pos);
4438 if(sldns_buffer_remaining(buf) < 1) {
4439 verbose(VERB_ALGO, "http chunkline: "
4443 sldns_buffer_write_u8_at(buf, sldns_buffer_position(buf), 0);
4444 sldns_buffer_flip(buf);
4448 /** process $ORIGIN for http */
4450 http_parse_origin(sldns_buffer* buf, struct sldns_file_parse_state* pstate)
4452 char* line = (char*)sldns_buffer_begin(buf);
4453 if(strncmp(line, "$ORIGIN", 7) == 0 &&
4454 isspace((unsigned char)line[7])) {
4456 pstate->origin_len = sizeof(pstate->origin);
4457 s = sldns_str2wire_dname_buf(sldns_strip_ws(line+8),
4458 pstate->origin, &pstate->origin_len);
4459 if(s) pstate->origin_len = 0;
4465 /** process $TTL for http */
4467 http_parse_ttl(sldns_buffer* buf, struct sldns_file_parse_state* pstate)
4469 char* line = (char*)sldns_buffer_begin(buf);
4470 if(strncmp(line, "$TTL", 4) == 0 &&
4471 isspace((unsigned char)line[4])) {
4472 const char* end = NULL;
4473 pstate->default_ttl = sldns_str2period(
4474 sldns_strip_ws(line+5), &end);
4480 /** find noncomment RR line in chunks, collates lines if ( ) format */
4482 chunkline_non_comment_RR(struct auth_chunk** chunk, size_t* chunk_pos,
4483 sldns_buffer* buf, struct sldns_file_parse_state* pstate)
4485 while(chunkline_get_line_collated(chunk, chunk_pos, buf)) {
4486 if(chunkline_is_comment_line_or_empty(buf)) {
4487 /* a comment, go to next line */
4490 if(http_parse_origin(buf, pstate)) {
4491 continue; /* $ORIGIN has been handled */
4493 if(http_parse_ttl(buf, pstate)) {
4494 continue; /* $TTL has been handled */
4498 /* no noncomments, fail */
4502 /** check syntax of chunklist zonefile, parse first RR, return false on
4503 * failure and return a string in the scratch buffer (first RR string)
4506 http_zonefile_syntax_check(struct auth_xfer* xfr, sldns_buffer* buf)
4508 uint8_t rr[LDNS_RR_BUF_SIZE];
4509 size_t rr_len, dname_len = 0;
4510 struct sldns_file_parse_state pstate;
4511 struct auth_chunk* chunk;
4514 memset(&pstate, 0, sizeof(pstate));
4515 pstate.default_ttl = 3600;
4516 if(xfr->namelen < sizeof(pstate.origin)) {
4517 pstate.origin_len = xfr->namelen;
4518 memmove(pstate.origin, xfr->name, xfr->namelen);
4520 chunk = xfr->task_transfer->chunks_first;
4522 if(!chunkline_non_comment_RR(&chunk, &chunk_pos, buf, &pstate)) {
4525 rr_len = sizeof(rr);
4526 e=sldns_str2wire_rr_buf((char*)sldns_buffer_begin(buf), rr, &rr_len,
4527 &dname_len, pstate.default_ttl,
4528 pstate.origin_len?pstate.origin:NULL, pstate.origin_len,
4529 pstate.prev_rr_len?pstate.prev_rr:NULL, pstate.prev_rr_len);
4531 log_err("parse failure on first RR[%d]: %s",
4532 LDNS_WIREPARSE_OFFSET(e),
4533 sldns_get_errorstr_parse(LDNS_WIREPARSE_ERROR(e)));
4536 /* check that class is correct */
4537 if(sldns_wirerr_get_class(rr, rr_len, dname_len) != xfr->dclass) {
4538 log_err("parse failure: first record in downloaded zonefile "
4539 "from wrong RR class");
4545 /** sum sizes of chunklist */
4547 chunklist_sum(struct auth_chunk* list)
4549 struct auth_chunk* p;
4551 for(p=list; p; p=p->next) {
4557 /** remove newlines from collated line */
4559 chunkline_newline_removal(sldns_buffer* buf)
4561 size_t i, end=sldns_buffer_limit(buf);
4562 for(i=0; i<end; i++) {
4563 char c = (char)sldns_buffer_read_u8_at(buf, i);
4564 if(c == '\n' && i==end-1) {
4565 sldns_buffer_write_u8_at(buf, i, 0);
4566 sldns_buffer_set_limit(buf, end-1);
4570 sldns_buffer_write_u8_at(buf, i, (uint8_t)' ');
4574 /** for http download, parse and add RR to zone */
4576 http_parse_add_rr(struct auth_xfer* xfr, struct auth_zone* z,
4577 sldns_buffer* buf, struct sldns_file_parse_state* pstate)
4579 uint8_t rr[LDNS_RR_BUF_SIZE];
4580 size_t rr_len, dname_len = 0;
4582 char* line = (char*)sldns_buffer_begin(buf);
4583 rr_len = sizeof(rr);
4584 e = sldns_str2wire_rr_buf(line, rr, &rr_len, &dname_len,
4585 pstate->default_ttl,
4586 pstate->origin_len?pstate->origin:NULL, pstate->origin_len,
4587 pstate->prev_rr_len?pstate->prev_rr:NULL, pstate->prev_rr_len);
4589 log_err("%s/%s parse failure RR[%d]: %s in '%s'",
4590 xfr->task_transfer->master->host,
4591 xfr->task_transfer->master->file,
4592 LDNS_WIREPARSE_OFFSET(e),
4593 sldns_get_errorstr_parse(LDNS_WIREPARSE_ERROR(e)),
4598 return 1; /* empty line or so */
4601 if(dname_len < sizeof(pstate->prev_rr)) {
4602 memmove(pstate->prev_rr, rr, dname_len);
4603 pstate->prev_rr_len = dname_len;
4606 return az_insert_rr(z, rr, rr_len, dname_len, NULL);
4609 /** RR list iterator, returns RRs from answer section one by one from the
4610 * dns packets in the chunklist */
4612 chunk_rrlist_start(struct auth_xfer* xfr, struct auth_chunk** rr_chunk,
4613 int* rr_num, size_t* rr_pos)
4615 *rr_chunk = xfr->task_transfer->chunks_first;
4620 /** RR list iterator, see if we are at the end of the list */
4622 chunk_rrlist_end(struct auth_chunk* rr_chunk, int rr_num)
4625 if(rr_chunk->len < LDNS_HEADER_SIZE)
4627 if(rr_num < (int)LDNS_ANCOUNT(rr_chunk->data))
4629 /* no more RRs in this chunk */
4630 /* continue with next chunk, see if it has RRs */
4631 rr_chunk = rr_chunk->next;
4637 /** RR list iterator, move to next RR */
4639 chunk_rrlist_gonext(struct auth_chunk** rr_chunk, int* rr_num,
4640 size_t* rr_pos, size_t rr_nextpos)
4642 /* already at end of chunks? */
4645 /* move within this chunk */
4646 if((*rr_chunk)->len >= LDNS_HEADER_SIZE &&
4647 (*rr_num)+1 < (int)LDNS_ANCOUNT((*rr_chunk)->data)) {
4649 *rr_pos = rr_nextpos;
4652 /* no more RRs in this chunk */
4653 /* continue with next chunk, see if it has RRs */
4655 *rr_chunk = (*rr_chunk)->next;
4659 if((*rr_chunk)->len >= LDNS_HEADER_SIZE &&
4660 LDNS_ANCOUNT((*rr_chunk)->data) > 0) {
4663 *rr_chunk = (*rr_chunk)->next;
4667 /** RR iterator, get current RR information, false on parse error */
4669 chunk_rrlist_get_current(struct auth_chunk* rr_chunk, int rr_num,
4670 size_t rr_pos, uint8_t** rr_dname, uint16_t* rr_type,
4671 uint16_t* rr_class, uint32_t* rr_ttl, uint16_t* rr_rdlen,
4672 uint8_t** rr_rdata, size_t* rr_nextpos)
4675 /* integrity checks on position */
4676 if(!rr_chunk) return 0;
4677 if(rr_chunk->len < LDNS_HEADER_SIZE) return 0;
4678 if(rr_num >= (int)LDNS_ANCOUNT(rr_chunk->data)) return 0;
4679 if(rr_pos >= rr_chunk->len) return 0;
4681 /* fetch rr information */
4682 sldns_buffer_init_frm_data(&pkt, rr_chunk->data, rr_chunk->len);
4685 /* skip question section */
4686 sldns_buffer_set_position(&pkt, LDNS_HEADER_SIZE);
4687 for(i=0; i<LDNS_QDCOUNT(rr_chunk->data); i++) {
4688 if(pkt_dname_len(&pkt) == 0) return 0;
4689 if(sldns_buffer_remaining(&pkt) < 4) return 0;
4690 sldns_buffer_skip(&pkt, 4); /* type and class */
4693 sldns_buffer_set_position(&pkt, rr_pos);
4695 *rr_dname = sldns_buffer_current(&pkt);
4696 if(pkt_dname_len(&pkt) == 0) return 0;
4697 if(sldns_buffer_remaining(&pkt) < 10) return 0;
4698 *rr_type = sldns_buffer_read_u16(&pkt);
4699 *rr_class = sldns_buffer_read_u16(&pkt);
4700 *rr_ttl = sldns_buffer_read_u32(&pkt);
4701 *rr_rdlen = sldns_buffer_read_u16(&pkt);
4702 if(sldns_buffer_remaining(&pkt) < (*rr_rdlen)) return 0;
4703 *rr_rdata = sldns_buffer_current(&pkt);
4704 sldns_buffer_skip(&pkt, (ssize_t)(*rr_rdlen));
4705 *rr_nextpos = sldns_buffer_position(&pkt);
4709 /** print log message where we are in parsing the zone transfer */
4711 log_rrlist_position(const char* label, struct auth_chunk* rr_chunk,
4712 uint8_t* rr_dname, uint16_t rr_type, size_t rr_counter)
4719 sldns_buffer_init_frm_data(&pkt, rr_chunk->data, rr_chunk->len);
4720 sldns_buffer_set_position(&pkt, (size_t)(rr_dname -
4721 sldns_buffer_begin(&pkt)));
4722 if((dlen=pkt_dname_len(&pkt)) == 0) return;
4723 if(dlen >= sizeof(buf)) return;
4724 dname_pkt_copy(&pkt, buf, rr_dname);
4725 dname_str(buf, str);
4726 (void)sldns_wire2str_type_buf(rr_type, typestr, sizeof(typestr));
4727 verbose(VERB_ALGO, "%s at[%d] %s %s", label, (int)rr_counter,
4731 /** check that start serial is OK for ixfr. we are at rr_counter == 0,
4732 * and we are going to check rr_counter == 1 (has to be type SOA) serial */
4734 ixfr_start_serial(struct auth_chunk* rr_chunk, int rr_num, size_t rr_pos,
4735 uint8_t* rr_dname, uint16_t rr_type, uint16_t rr_class,
4736 uint32_t rr_ttl, uint16_t rr_rdlen, uint8_t* rr_rdata,
4737 size_t rr_nextpos, uint32_t transfer_serial, uint32_t xfr_serial)
4739 uint32_t startserial;
4740 /* move forward on RR */
4741 chunk_rrlist_gonext(&rr_chunk, &rr_num, &rr_pos, rr_nextpos);
4742 if(chunk_rrlist_end(rr_chunk, rr_num)) {
4744 verbose(VERB_OPS, "IXFR has no second SOA record");
4747 if(!chunk_rrlist_get_current(rr_chunk, rr_num, rr_pos,
4748 &rr_dname, &rr_type, &rr_class, &rr_ttl, &rr_rdlen,
4749 &rr_rdata, &rr_nextpos)) {
4750 verbose(VERB_OPS, "IXFR cannot parse second SOA record");
4751 /* failed to parse RR */
4754 if(rr_type != LDNS_RR_TYPE_SOA) {
4755 verbose(VERB_OPS, "IXFR second record is not type SOA");
4759 verbose(VERB_OPS, "IXFR, second SOA has short rdlength");
4760 return 0; /* bad SOA rdlen */
4762 startserial = sldns_read_uint32(rr_rdata+rr_rdlen-20);
4763 if(startserial == transfer_serial) {
4764 /* empty AXFR, not an IXFR */
4765 verbose(VERB_OPS, "IXFR second serial same as first");
4768 if(startserial != xfr_serial) {
4769 /* wrong start serial, it does not match the serial in
4771 verbose(VERB_OPS, "IXFR is from serial %u to %u but %u "
4772 "in memory, rejecting the zone transfer",
4773 (unsigned)startserial, (unsigned)transfer_serial,
4774 (unsigned)xfr_serial);
4777 /* everything OK in second SOA serial */
4781 /** apply IXFR to zone in memory. z is locked. false on failure(mallocfail) */
4783 apply_ixfr(struct auth_xfer* xfr, struct auth_zone* z,
4784 struct sldns_buffer* scratch_buffer)
4786 struct auth_chunk* rr_chunk;
4789 uint8_t* rr_dname, *rr_rdata;
4790 uint16_t rr_type, rr_class, rr_rdlen;
4793 int have_transfer_serial = 0;
4794 uint32_t transfer_serial = 0;
4795 size_t rr_counter = 0;
4799 /* start RR iterator over chunklist of packets */
4800 chunk_rrlist_start(xfr, &rr_chunk, &rr_num, &rr_pos);
4801 while(!chunk_rrlist_end(rr_chunk, rr_num)) {
4802 if(!chunk_rrlist_get_current(rr_chunk, rr_num, rr_pos,
4803 &rr_dname, &rr_type, &rr_class, &rr_ttl, &rr_rdlen,
4804 &rr_rdata, &rr_nextpos)) {
4805 /* failed to parse RR */
4808 if(verbosity>=7) log_rrlist_position("apply ixfr",
4809 rr_chunk, rr_dname, rr_type, rr_counter);
4810 /* twiddle add/del mode and check for start and end */
4811 if(rr_counter == 0 && rr_type != LDNS_RR_TYPE_SOA)
4813 if(rr_counter == 1 && rr_type != LDNS_RR_TYPE_SOA) {
4814 /* this is an AXFR returned from the IXFR master */
4815 /* but that should already have been detected, by
4816 * on_ixfr_is_axfr */
4819 if(rr_type == LDNS_RR_TYPE_SOA) {
4821 if(rr_rdlen < 22) return 0; /* bad SOA rdlen */
4822 serial = sldns_read_uint32(rr_rdata+rr_rdlen-20);
4823 if(have_transfer_serial == 0) {
4824 have_transfer_serial = 1;
4825 transfer_serial = serial;
4826 delmode = 1; /* gets negated below */
4827 /* check second RR before going any further */
4828 if(!ixfr_start_serial(rr_chunk, rr_num, rr_pos,
4829 rr_dname, rr_type, rr_class, rr_ttl,
4830 rr_rdlen, rr_rdata, rr_nextpos,
4831 transfer_serial, xfr->serial)) {
4834 } else if(transfer_serial == serial) {
4835 have_transfer_serial++;
4836 if(rr_counter == 1) {
4837 /* empty AXFR, with SOA; SOA; */
4838 /* should have been detected by
4839 * on_ixfr_is_axfr */
4842 if(have_transfer_serial == 3) {
4843 /* see serial three times for end */
4846 * SOA 1 second RR, followed by del
4847 * SOA 2 followed by add
4848 * SOA 2 followed by del
4849 * SOA 3 followed by add
4851 /* ended by SOA record */
4852 xfr->serial = transfer_serial;
4856 /* twiddle add/del mode */
4857 /* switch from delete part to add part and back again
4858 * just before the soa, it gets deleted and added too
4859 * this means we switch to delete mode for the final
4860 * SOA(so skip that one) */
4863 /* process this RR */
4864 /* if the RR is deleted twice or added twice, then we
4865 * softfail, and continue with the rest of the IXFR, so
4866 * that we serve something fairly nice during the refetch */
4867 if(verbosity>=7) log_rrlist_position((delmode?"del":"add"),
4868 rr_chunk, rr_dname, rr_type, rr_counter);
4870 /* delete this RR */
4872 if(!az_remove_rr_decompress(z, rr_chunk->data,
4873 rr_chunk->len, scratch_buffer, rr_dname,
4874 rr_type, rr_class, rr_ttl, rr_rdata, rr_rdlen,
4876 /* failed, malloc error or so */
4880 /* it was removal of a nonexisting RR */
4881 if(verbosity>=4) log_rrlist_position(
4882 "IXFR error nonexistent RR",
4883 rr_chunk, rr_dname, rr_type, rr_counter);
4886 } else if(rr_counter != 0) {
4887 /* skip first SOA RR for addition, it is added in
4888 * the addition part near the end of the ixfr, when
4889 * that serial is seen the second time. */
4892 if(!az_insert_rr_decompress(z, rr_chunk->data,
4893 rr_chunk->len, scratch_buffer, rr_dname,
4894 rr_type, rr_class, rr_ttl, rr_rdata, rr_rdlen,
4896 /* failed, malloc error or so */
4900 /* it was a duplicate */
4901 if(verbosity>=4) log_rrlist_position(
4902 "IXFR error duplicate RR",
4903 rr_chunk, rr_dname, rr_type, rr_counter);
4909 chunk_rrlist_gonext(&rr_chunk, &rr_num, &rr_pos, rr_nextpos);
4912 verbose(VERB_ALGO, "IXFR did not apply cleanly, fetching full zone");
4918 /** apply AXFR to zone in memory. z is locked. false on failure(mallocfail) */
4920 apply_axfr(struct auth_xfer* xfr, struct auth_zone* z,
4921 struct sldns_buffer* scratch_buffer)
4923 struct auth_chunk* rr_chunk;
4926 uint8_t* rr_dname, *rr_rdata;
4927 uint16_t rr_type, rr_class, rr_rdlen;
4929 uint32_t serial = 0;
4931 size_t rr_counter = 0;
4932 int have_end_soa = 0;
4934 /* clear the data tree */
4935 traverse_postorder(&z->data, auth_data_del, NULL);
4936 rbtree_init(&z->data, &auth_data_cmp);
4937 /* clear the RPZ policies */
4944 /* insert all RRs in to the zone */
4945 /* insert the SOA only once, skip the last one */
4946 /* start RR iterator over chunklist of packets */
4947 chunk_rrlist_start(xfr, &rr_chunk, &rr_num, &rr_pos);
4948 while(!chunk_rrlist_end(rr_chunk, rr_num)) {
4949 if(!chunk_rrlist_get_current(rr_chunk, rr_num, rr_pos,
4950 &rr_dname, &rr_type, &rr_class, &rr_ttl, &rr_rdlen,
4951 &rr_rdata, &rr_nextpos)) {
4952 /* failed to parse RR */
4955 if(verbosity>=7) log_rrlist_position("apply_axfr",
4956 rr_chunk, rr_dname, rr_type, rr_counter);
4957 if(rr_type == LDNS_RR_TYPE_SOA) {
4958 if(rr_counter != 0) {
4959 /* end of the axfr */
4963 if(rr_rdlen < 22) return 0; /* bad SOA rdlen */
4964 serial = sldns_read_uint32(rr_rdata+rr_rdlen-20);
4968 if(!az_insert_rr_decompress(z, rr_chunk->data, rr_chunk->len,
4969 scratch_buffer, rr_dname, rr_type, rr_class, rr_ttl,
4970 rr_rdata, rr_rdlen, NULL)) {
4971 /* failed, malloc error or so */
4976 chunk_rrlist_gonext(&rr_chunk, &rr_num, &rr_pos, rr_nextpos);
4979 log_err("no end SOA record for AXFR");
4983 xfr->serial = serial;
4988 /** apply HTTP to zone in memory. z is locked. false on failure(mallocfail) */
4990 apply_http(struct auth_xfer* xfr, struct auth_zone* z,
4991 struct sldns_buffer* scratch_buffer)
4993 /* parse data in chunks */
4994 /* parse RR's and read into memory. ignore $INCLUDE from the
4996 struct sldns_file_parse_state pstate;
4997 struct auth_chunk* chunk;
4999 memset(&pstate, 0, sizeof(pstate));
5000 pstate.default_ttl = 3600;
5001 if(xfr->namelen < sizeof(pstate.origin)) {
5002 pstate.origin_len = xfr->namelen;
5003 memmove(pstate.origin, xfr->name, xfr->namelen);
5006 if(verbosity >= VERB_ALGO)
5007 verbose(VERB_ALGO, "http download %s of size %d",
5008 xfr->task_transfer->master->file,
5009 (int)chunklist_sum(xfr->task_transfer->chunks_first));
5010 if(xfr->task_transfer->chunks_first && verbosity >= VERB_ALGO) {
5012 if(xfr->task_transfer->chunks_first->len+1 > sizeof(preview)) {
5013 memmove(preview, xfr->task_transfer->chunks_first->data,
5015 preview[sizeof(preview)-1]=0;
5017 memmove(preview, xfr->task_transfer->chunks_first->data,
5018 xfr->task_transfer->chunks_first->len);
5019 preview[xfr->task_transfer->chunks_first->len]=0;
5021 log_info("auth zone http downloaded content preview: %s",
5025 /* perhaps a little syntax check before we try to apply the data? */
5026 if(!http_zonefile_syntax_check(xfr, scratch_buffer)) {
5027 log_err("http download %s/%s does not contain a zonefile, "
5028 "but got '%s'", xfr->task_transfer->master->host,
5029 xfr->task_transfer->master->file,
5030 sldns_buffer_begin(scratch_buffer));
5034 /* clear the data tree */
5035 traverse_postorder(&z->data, auth_data_del, NULL);
5036 rbtree_init(&z->data, &auth_data_cmp);
5037 /* clear the RPZ policies */
5044 chunk = xfr->task_transfer->chunks_first;
5047 while(chunkline_get_line_collated(&chunk, &chunk_pos, scratch_buffer)) {
5048 /* process this line */
5050 chunkline_newline_removal(scratch_buffer);
5051 if(chunkline_is_comment_line_or_empty(scratch_buffer)) {
5054 /* parse line and add RR */
5055 if(http_parse_origin(scratch_buffer, &pstate)) {
5056 continue; /* $ORIGIN has been handled */
5058 if(http_parse_ttl(scratch_buffer, &pstate)) {
5059 continue; /* $TTL has been handled */
5061 if(!http_parse_add_rr(xfr, z, scratch_buffer, &pstate)) {
5062 verbose(VERB_ALGO, "error parsing line [%s:%d] %s",
5063 xfr->task_transfer->master->file,
5065 sldns_buffer_begin(scratch_buffer));
5072 /** write http chunks to zonefile to create downloaded file */
5074 auth_zone_write_chunks(struct auth_xfer* xfr, const char* fname)
5077 struct auth_chunk* p;
5078 out = fopen(fname, "w");
5080 log_err("could not open %s: %s", fname, strerror(errno));
5083 for(p = xfr->task_transfer->chunks_first; p ; p = p->next) {
5084 if(!write_out(out, (char*)p->data, p->len)) {
5085 log_err("could not write http download to %s", fname);
5094 /** write to zonefile after zone has been updated */
5096 xfr_write_after_update(struct auth_xfer* xfr, struct module_env* env)
5098 struct config_file* cfg = env->cfg;
5099 struct auth_zone* z;
5102 lock_basic_unlock(&xfr->lock);
5104 /* get lock again, so it is a readlock and concurrently queries
5105 * can be answered */
5106 lock_rw_rdlock(&env->auth_zones->lock);
5107 z = auth_zone_find(env->auth_zones, xfr->name, xfr->namelen,
5110 lock_rw_unlock(&env->auth_zones->lock);
5111 /* the zone is gone, ignore xfr results */
5112 lock_basic_lock(&xfr->lock);
5115 lock_rw_rdlock(&z->lock);
5116 lock_basic_lock(&xfr->lock);
5117 lock_rw_unlock(&env->auth_zones->lock);
5119 if(z->zonefile == NULL || z->zonefile[0] == 0) {
5120 lock_rw_unlock(&z->lock);
5121 /* no write needed, no zonefile set */
5124 zfilename = z->zonefile;
5125 if(cfg->chrootdir && cfg->chrootdir[0] && strncmp(zfilename,
5126 cfg->chrootdir, strlen(cfg->chrootdir)) == 0)
5127 zfilename += strlen(cfg->chrootdir);
5128 if(verbosity >= VERB_ALGO) {
5130 dname_str(z->name, nm);
5131 verbose(VERB_ALGO, "write zonefile %s for %s", zfilename, nm);
5134 /* write to tempfile first */
5135 if((size_t)strlen(zfilename) + 16 > sizeof(tmpfile)) {
5136 verbose(VERB_ALGO, "tmpfilename too long, cannot update "
5137 " zonefile %s", zfilename);
5138 lock_rw_unlock(&z->lock);
5141 snprintf(tmpfile, sizeof(tmpfile), "%s.tmp%u", zfilename,
5142 (unsigned)getpid());
5143 if(xfr->task_transfer->master->http) {
5144 /* use the stored chunk list to write them */
5145 if(!auth_zone_write_chunks(xfr, tmpfile)) {
5147 lock_rw_unlock(&z->lock);
5150 } else if(!auth_zone_write_file(z, tmpfile)) {
5152 lock_rw_unlock(&z->lock);
5155 #ifdef UB_ON_WINDOWS
5156 (void)unlink(zfilename); /* windows does not replace file with rename() */
5158 if(rename(tmpfile, zfilename) < 0) {
5159 log_err("could not rename(%s, %s): %s", tmpfile, zfilename,
5162 lock_rw_unlock(&z->lock);
5165 lock_rw_unlock(&z->lock);
5168 /** reacquire locks and structures. Starts with no locks, ends
5169 * with xfr and z locks, if fail, no z lock */
5170 static int xfr_process_reacquire_locks(struct auth_xfer* xfr,
5171 struct module_env* env, struct auth_zone** z)
5173 /* release xfr lock, then, while holding az->lock grab both
5174 * z->lock and xfr->lock */
5175 lock_rw_rdlock(&env->auth_zones->lock);
5176 *z = auth_zone_find(env->auth_zones, xfr->name, xfr->namelen,
5179 lock_rw_unlock(&env->auth_zones->lock);
5180 lock_basic_lock(&xfr->lock);
5184 lock_rw_wrlock(&(*z)->lock);
5185 lock_basic_lock(&xfr->lock);
5186 lock_rw_unlock(&env->auth_zones->lock);
5190 /** process chunk list and update zone in memory,
5191 * return false if it did not work */
5193 xfr_process_chunk_list(struct auth_xfer* xfr, struct module_env* env,
5196 struct auth_zone* z;
5198 /* obtain locks and structures */
5199 lock_basic_unlock(&xfr->lock);
5200 if(!xfr_process_reacquire_locks(xfr, env, &z)) {
5201 /* the zone is gone, ignore xfr results */
5204 /* holding xfr and z locks */
5207 if(xfr->task_transfer->master->http) {
5208 if(!apply_http(xfr, z, env->scratch_buffer)) {
5209 lock_rw_unlock(&z->lock);
5210 verbose(VERB_ALGO, "http from %s: could not store data",
5211 xfr->task_transfer->master->host);
5214 } else if(xfr->task_transfer->on_ixfr &&
5215 !xfr->task_transfer->on_ixfr_is_axfr) {
5216 if(!apply_ixfr(xfr, z, env->scratch_buffer)) {
5217 lock_rw_unlock(&z->lock);
5218 verbose(VERB_ALGO, "xfr from %s: could not store IXFR"
5219 " data", xfr->task_transfer->master->host);
5224 if(!apply_axfr(xfr, z, env->scratch_buffer)) {
5225 lock_rw_unlock(&z->lock);
5226 verbose(VERB_ALGO, "xfr from %s: could not store AXFR"
5227 " data", xfr->task_transfer->master->host);
5231 xfr->zone_expired = 0;
5232 z->zone_expired = 0;
5233 if(!xfr_find_soa(z, xfr)) {
5234 lock_rw_unlock(&z->lock);
5235 verbose(VERB_ALGO, "xfr from %s: no SOA in zone after update"
5236 " (or malformed RR)", xfr->task_transfer->master->host);
5240 /* release xfr lock while verifying zonemd because it may have
5241 * to spawn lookups in the state machines */
5242 lock_basic_unlock(&xfr->lock);
5243 /* holding z lock */
5244 auth_zone_verify_zonemd(z, env, &env->mesh->mods, NULL, 0, 0);
5245 if(z->zone_expired) {
5247 /* ZONEMD must have failed */
5248 /* reacquire locks, so we hold xfr lock on exit of routine,
5249 * and both xfr and z again after releasing xfr for potential
5250 * state machine mesh callbacks */
5251 lock_rw_unlock(&z->lock);
5252 if(!xfr_process_reacquire_locks(xfr, env, &z))
5254 dname_str(xfr->name, zname);
5255 verbose(VERB_ALGO, "xfr from %s: ZONEMD failed for %s, transfer is failed", xfr->task_transfer->master->host, zname);
5256 xfr->zone_expired = 1;
5257 lock_rw_unlock(&z->lock);
5260 /* reacquire locks, so we hold xfr lock on exit of routine,
5261 * and both xfr and z again after releasing xfr for potential
5262 * state machine mesh callbacks */
5263 lock_rw_unlock(&z->lock);
5264 if(!xfr_process_reacquire_locks(xfr, env, &z))
5266 /* holding xfr and z locks */
5269 xfr->lease_time = *env->now;
5272 rpz_finish_config(z->rpz);
5275 lock_rw_unlock(&z->lock);
5277 if(verbosity >= VERB_QUERY && xfr->have_zone) {
5279 dname_str(xfr->name, zname);
5280 verbose(VERB_QUERY, "auth zone %s updated to serial %u", zname,
5281 (unsigned)xfr->serial);
5283 /* see if we need to write to a zonefile */
5284 xfr_write_after_update(xfr, env);
5288 /** disown task_transfer. caller must hold xfr.lock */
5290 xfr_transfer_disown(struct auth_xfer* xfr)
5292 /* remove timer (from this worker's event base) */
5293 comm_timer_delete(xfr->task_transfer->timer);
5294 xfr->task_transfer->timer = NULL;
5295 /* remove the commpoint */
5296 comm_point_delete(xfr->task_transfer->cp);
5297 xfr->task_transfer->cp = NULL;
5298 /* we don't own this item anymore */
5299 xfr->task_transfer->worker = NULL;
5300 xfr->task_transfer->env = NULL;
5303 /** lookup a host name for its addresses, if needed */
5305 xfr_transfer_lookup_host(struct auth_xfer* xfr, struct module_env* env)
5307 struct sockaddr_storage addr;
5308 socklen_t addrlen = 0;
5309 struct auth_master* master = xfr->task_transfer->lookup_target;
5310 struct query_info qinfo;
5311 uint16_t qflags = BIT_RD;
5312 uint8_t dname[LDNS_MAX_DOMAINLEN+1];
5313 struct edns_data edns;
5314 sldns_buffer* buf = env->scratch_buffer;
5315 if(!master) return 0;
5316 if(extstrtoaddr(master->host, &addr, &addrlen)) {
5317 /* not needed, host is in IP addr format */
5320 if(master->allow_notify)
5321 return 0; /* allow-notifies are not transferred from, no
5324 /* use mesh_new_callback to probe for non-addr hosts,
5325 * and then wait for them to be looked up (in cache, or query) */
5326 qinfo.qname_len = sizeof(dname);
5327 if(sldns_str2wire_dname_buf(master->host, dname, &qinfo.qname_len)
5329 log_err("cannot parse host name of master %s", master->host);
5332 qinfo.qname = dname;
5333 qinfo.qclass = xfr->dclass;
5334 qinfo.qtype = LDNS_RR_TYPE_A;
5335 if(xfr->task_transfer->lookup_aaaa)
5336 qinfo.qtype = LDNS_RR_TYPE_AAAA;
5337 qinfo.local_alias = NULL;
5338 if(verbosity >= VERB_ALGO) {
5340 char buf2[LDNS_MAX_DOMAINLEN+1];
5341 dname_str(xfr->name, buf2);
5342 snprintf(buf1, sizeof(buf1), "auth zone %s: master lookup"
5343 " for task_transfer", buf2);
5344 log_query_info(VERB_ALGO, buf1, &qinfo);
5346 edns.edns_present = 1;
5348 edns.edns_version = 0;
5349 edns.bits = EDNS_DO;
5350 edns.opt_list = NULL;
5351 edns.padding_block_size = 0;
5352 if(sldns_buffer_capacity(buf) < 65535)
5353 edns.udp_size = (uint16_t)sldns_buffer_capacity(buf);
5354 else edns.udp_size = 65535;
5356 /* unlock xfr during mesh_new_callback() because the callback can be
5357 * called straight away */
5358 lock_basic_unlock(&xfr->lock);
5359 if(!mesh_new_callback(env->mesh, &qinfo, qflags, &edns, buf, 0,
5360 &auth_xfer_transfer_lookup_callback, xfr)) {
5361 lock_basic_lock(&xfr->lock);
5362 log_err("out of memory lookup up master %s", master->host);
5365 lock_basic_lock(&xfr->lock);
5369 /** initiate TCP to the target and fetch zone.
5370 * returns true if that was successfully started, and timeout setup. */
5372 xfr_transfer_init_fetch(struct auth_xfer* xfr, struct module_env* env)
5374 struct sockaddr_storage addr;
5375 socklen_t addrlen = 0;
5376 struct auth_master* master = xfr->task_transfer->master;
5377 char *auth_name = NULL;
5380 if(!master) return 0;
5381 if(master->allow_notify) return 0; /* only for notify */
5383 /* get master addr */
5384 if(xfr->task_transfer->scan_addr) {
5385 addrlen = xfr->task_transfer->scan_addr->addrlen;
5386 memmove(&addr, &xfr->task_transfer->scan_addr->addr, addrlen);
5388 if(!authextstrtoaddr(master->host, &addr, &addrlen, &auth_name)) {
5389 /* the ones that are not in addr format are supposed
5390 * to be looked up. The lookup has failed however,
5393 dname_str(xfr->name, zname);
5394 log_err("%s: failed lookup, cannot transfer from master %s",
5395 zname, master->host);
5400 /* remove previous TCP connection (if any) */
5401 if(xfr->task_transfer->cp) {
5402 comm_point_delete(xfr->task_transfer->cp);
5403 xfr->task_transfer->cp = NULL;
5405 if(!xfr->task_transfer->timer) {
5406 xfr->task_transfer->timer = comm_timer_create(env->worker_base,
5407 auth_xfer_transfer_timer_callback, xfr);
5408 if(!xfr->task_transfer->timer) {
5409 log_err("malloc failure");
5413 timeout = AUTH_TRANSFER_TIMEOUT;
5415 t.tv_sec = timeout/1000;
5416 t.tv_usec = (timeout%1000)*1000;
5420 /* perform http fetch */
5421 /* store http port number into sockaddr,
5422 * unless someone used unbound's host@port notation */
5423 xfr->task_transfer->on_ixfr = 0;
5424 if(strchr(master->host, '@') == NULL)
5425 sockaddr_store_port(&addr, addrlen, master->port);
5426 xfr->task_transfer->cp = outnet_comm_point_for_http(
5427 env->outnet, auth_xfer_transfer_http_callback, xfr,
5428 &addr, addrlen, -1, master->ssl, master->host,
5429 master->file, env->cfg);
5430 if(!xfr->task_transfer->cp) {
5431 char zname[255+1], as[256];
5432 dname_str(xfr->name, zname);
5433 addr_to_str(&addr, addrlen, as, sizeof(as));
5434 verbose(VERB_ALGO, "cannot create http cp "
5435 "connection for %s to %s", zname, as);
5438 comm_timer_set(xfr->task_transfer->timer, &t);
5439 if(verbosity >= VERB_ALGO) {
5440 char zname[255+1], as[256];
5441 dname_str(xfr->name, zname);
5442 addr_to_str(&addr, addrlen, as, sizeof(as));
5443 verbose(VERB_ALGO, "auth zone %s transfer next HTTP fetch from %s started", zname, as);
5448 /* perform AXFR/IXFR */
5449 /* set the packet to be written */
5451 xfr->task_transfer->id = GET_RANDOM_ID(env->rnd);
5452 xfr_create_ixfr_packet(xfr, env->scratch_buffer,
5453 xfr->task_transfer->id, master);
5456 xfr->task_transfer->cp = outnet_comm_point_for_tcp(env->outnet,
5457 auth_xfer_transfer_tcp_callback, xfr, &addr, addrlen,
5458 env->scratch_buffer, -1,
5459 auth_name != NULL, auth_name);
5460 if(!xfr->task_transfer->cp) {
5461 char zname[255+1], as[256];
5462 dname_str(xfr->name, zname);
5463 addr_to_str(&addr, addrlen, as, sizeof(as));
5464 verbose(VERB_ALGO, "cannot create tcp cp connection for "
5465 "xfr %s to %s", zname, as);
5468 comm_timer_set(xfr->task_transfer->timer, &t);
5469 if(verbosity >= VERB_ALGO) {
5470 char zname[255+1], as[256];
5471 dname_str(xfr->name, zname);
5472 addr_to_str(&addr, addrlen, as, sizeof(as));
5473 verbose(VERB_ALGO, "auth zone %s transfer next %s fetch from %s started", zname,
5474 (xfr->task_transfer->on_ixfr?"IXFR":"AXFR"), as);
5479 /** perform next lookup, next transfer TCP, or end and resume wait time task */
5481 xfr_transfer_nexttarget_or_end(struct auth_xfer* xfr, struct module_env* env)
5483 log_assert(xfr->task_transfer->worker == env->worker);
5485 /* are we performing lookups? */
5486 while(xfr->task_transfer->lookup_target) {
5487 if(xfr_transfer_lookup_host(xfr, env)) {
5488 /* wait for lookup to finish,
5489 * note that the hostname may be in unbound's cache
5490 * and we may then get an instant cache response,
5491 * and that calls the callback just like a full
5492 * lookup and lookup failures also call callback */
5493 if(verbosity >= VERB_ALGO) {
5495 dname_str(xfr->name, zname);
5496 verbose(VERB_ALGO, "auth zone %s transfer next target lookup", zname);
5498 lock_basic_unlock(&xfr->lock);
5501 xfr_transfer_move_to_next_lookup(xfr, env);
5504 /* initiate TCP and fetch the zone from the master */
5505 /* and set timeout on it */
5506 while(!xfr_transfer_end_of_list(xfr)) {
5507 xfr->task_transfer->master = xfr_transfer_current_master(xfr);
5508 if(xfr_transfer_init_fetch(xfr, env)) {
5509 /* successfully started, wait for callback */
5510 lock_basic_unlock(&xfr->lock);
5513 /* failed to fetch, next master */
5514 xfr_transfer_nextmaster(xfr);
5516 if(verbosity >= VERB_ALGO) {
5518 dname_str(xfr->name, zname);
5519 verbose(VERB_ALGO, "auth zone %s transfer failed, wait", zname);
5522 /* we failed to fetch the zone, move to wait task
5523 * use the shorter retry timeout */
5524 xfr_transfer_disown(xfr);
5526 /* pick up the nextprobe task and wait */
5527 if(xfr->task_nextprobe->worker == NULL)
5528 xfr_set_timeout(xfr, env, 1, 0);
5529 lock_basic_unlock(&xfr->lock);
5532 /** add addrs from A or AAAA rrset to the master */
5534 xfr_master_add_addrs(struct auth_master* m, struct ub_packed_rrset_key* rrset,
5538 struct packed_rrset_data* data;
5539 if(!m || !rrset) return;
5540 if(rrtype != LDNS_RR_TYPE_A && rrtype != LDNS_RR_TYPE_AAAA)
5542 data = (struct packed_rrset_data*)rrset->entry.data;
5543 for(i=0; i<data->count; i++) {
5544 struct auth_addr* a;
5545 size_t len = data->rr_len[i] - 2;
5546 uint8_t* rdata = data->rr_data[i]+2;
5547 if(rrtype == LDNS_RR_TYPE_A && len != INET_SIZE)
5548 continue; /* wrong length for A */
5549 if(rrtype == LDNS_RR_TYPE_AAAA && len != INET6_SIZE)
5550 continue; /* wrong length for AAAA */
5552 /* add and alloc it */
5553 a = (struct auth_addr*)calloc(1, sizeof(*a));
5555 log_err("out of memory");
5558 if(rrtype == LDNS_RR_TYPE_A) {
5559 struct sockaddr_in* sa;
5560 a->addrlen = (socklen_t)sizeof(*sa);
5561 sa = (struct sockaddr_in*)&a->addr;
5562 sa->sin_family = AF_INET;
5563 sa->sin_port = (in_port_t)htons(UNBOUND_DNS_PORT);
5564 memmove(&sa->sin_addr, rdata, INET_SIZE);
5566 struct sockaddr_in6* sa;
5567 a->addrlen = (socklen_t)sizeof(*sa);
5568 sa = (struct sockaddr_in6*)&a->addr;
5569 sa->sin6_family = AF_INET6;
5570 sa->sin6_port = (in_port_t)htons(UNBOUND_DNS_PORT);
5571 memmove(&sa->sin6_addr, rdata, INET6_SIZE);
5573 if(verbosity >= VERB_ALGO) {
5575 addr_to_str(&a->addr, a->addrlen, s, sizeof(s));
5576 verbose(VERB_ALGO, "auth host %s lookup %s",
5579 /* append to list */
5585 /** callback for task_transfer lookup of host name, of A or AAAA */
5586 void auth_xfer_transfer_lookup_callback(void* arg, int rcode, sldns_buffer* buf,
5587 enum sec_status ATTR_UNUSED(sec), char* ATTR_UNUSED(why_bogus),
5588 int ATTR_UNUSED(was_ratelimited))
5590 struct auth_xfer* xfr = (struct auth_xfer*)arg;
5591 struct module_env* env;
5592 log_assert(xfr->task_transfer);
5593 lock_basic_lock(&xfr->lock);
5594 env = xfr->task_transfer->env;
5595 if(!env || env->outnet->want_to_quit) {
5596 lock_basic_unlock(&xfr->lock);
5597 return; /* stop on quit */
5600 /* process result */
5601 if(rcode == LDNS_RCODE_NOERROR) {
5602 uint16_t wanted_qtype = LDNS_RR_TYPE_A;
5603 struct regional* temp = env->scratch;
5604 struct query_info rq;
5605 struct reply_info* rep;
5606 if(xfr->task_transfer->lookup_aaaa)
5607 wanted_qtype = LDNS_RR_TYPE_AAAA;
5608 memset(&rq, 0, sizeof(rq));
5609 rep = parse_reply_in_temp_region(buf, temp, &rq);
5610 if(rep && rq.qtype == wanted_qtype &&
5611 FLAGS_GET_RCODE(rep->flags) == LDNS_RCODE_NOERROR) {
5612 /* parsed successfully */
5613 struct ub_packed_rrset_key* answer =
5614 reply_find_answer_rrset(&rq, rep);
5616 xfr_master_add_addrs(xfr->task_transfer->
5617 lookup_target, answer, wanted_qtype);
5619 if(verbosity >= VERB_ALGO) {
5621 dname_str(xfr->name, zname);
5622 verbose(VERB_ALGO, "auth zone %s host %s type %s transfer lookup has nodata", zname, xfr->task_transfer->lookup_target->host, (xfr->task_transfer->lookup_aaaa?"AAAA":"A"));
5626 if(verbosity >= VERB_ALGO) {
5628 dname_str(xfr->name, zname);
5629 verbose(VERB_ALGO, "auth zone %s host %s type %s transfer lookup has no answer", zname, xfr->task_transfer->lookup_target->host, (xfr->task_transfer->lookup_aaaa?"AAAA":"A"));
5632 regional_free_all(temp);
5634 if(verbosity >= VERB_ALGO) {
5636 dname_str(xfr->name, zname);
5637 verbose(VERB_ALGO, "auth zone %s host %s type %s transfer lookup failed", zname, xfr->task_transfer->lookup_target->host, (xfr->task_transfer->lookup_aaaa?"AAAA":"A"));
5640 if(xfr->task_transfer->lookup_target->list &&
5641 xfr->task_transfer->lookup_target == xfr_transfer_current_master(xfr))
5642 xfr->task_transfer->scan_addr = xfr->task_transfer->lookup_target->list;
5644 /* move to lookup AAAA after A lookup, move to next hostname lookup,
5645 * or move to fetch the zone, or, if nothing to do, end task_transfer */
5646 xfr_transfer_move_to_next_lookup(xfr, env);
5647 xfr_transfer_nexttarget_or_end(xfr, env);
5650 /** check if xfer (AXFR or IXFR) packet is OK.
5651 * return false if we lost connection (SERVFAIL, or unreadable).
5652 * return false if we need to move from IXFR to AXFR, with gonextonfail
5653 * set to false, so the same master is tried again, but with AXFR.
5654 * return true if fine to link into data.
5655 * return true with transferdone=true when the transfer has ended.
5658 check_xfer_packet(sldns_buffer* pkt, struct auth_xfer* xfr,
5659 int* gonextonfail, int* transferdone)
5661 uint8_t* wire = sldns_buffer_begin(pkt);
5663 if(sldns_buffer_limit(pkt) < LDNS_HEADER_SIZE) {
5664 verbose(VERB_ALGO, "xfr to %s failed, packet too small",
5665 xfr->task_transfer->master->host);
5668 if(!LDNS_QR_WIRE(wire)) {
5669 verbose(VERB_ALGO, "xfr to %s failed, packet has no QR flag",
5670 xfr->task_transfer->master->host);
5673 if(LDNS_TC_WIRE(wire)) {
5674 verbose(VERB_ALGO, "xfr to %s failed, packet has TC flag",
5675 xfr->task_transfer->master->host);
5679 if(LDNS_ID_WIRE(wire) != xfr->task_transfer->id) {
5680 verbose(VERB_ALGO, "xfr to %s failed, packet wrong ID",
5681 xfr->task_transfer->master->host);
5684 if(LDNS_RCODE_WIRE(wire) != LDNS_RCODE_NOERROR) {
5686 sldns_wire2str_rcode_buf((int)LDNS_RCODE_WIRE(wire), rcode,
5688 /* if we are doing IXFR, check for fallback */
5689 if(xfr->task_transfer->on_ixfr) {
5690 if(LDNS_RCODE_WIRE(wire) == LDNS_RCODE_NOTIMPL ||
5691 LDNS_RCODE_WIRE(wire) == LDNS_RCODE_SERVFAIL ||
5692 LDNS_RCODE_WIRE(wire) == LDNS_RCODE_REFUSED ||
5693 LDNS_RCODE_WIRE(wire) == LDNS_RCODE_FORMERR) {
5694 verbose(VERB_ALGO, "xfr to %s, fallback "
5695 "from IXFR to AXFR (with rcode %s)",
5696 xfr->task_transfer->master->host,
5698 xfr->task_transfer->ixfr_fail = 1;
5703 verbose(VERB_ALGO, "xfr to %s failed, packet with rcode %s",
5704 xfr->task_transfer->master->host, rcode);
5707 if(LDNS_OPCODE_WIRE(wire) != LDNS_PACKET_QUERY) {
5708 verbose(VERB_ALGO, "xfr to %s failed, packet with bad opcode",
5709 xfr->task_transfer->master->host);
5712 if(LDNS_QDCOUNT(wire) > 1) {
5713 verbose(VERB_ALGO, "xfr to %s failed, packet has qdcount %d",
5714 xfr->task_transfer->master->host,
5715 (int)LDNS_QDCOUNT(wire));
5720 sldns_buffer_set_position(pkt, LDNS_HEADER_SIZE);
5721 for(i=0; i<(int)LDNS_QDCOUNT(wire); i++) {
5722 size_t pos = sldns_buffer_position(pkt);
5723 uint16_t qtype, qclass;
5724 if(pkt_dname_len(pkt) == 0) {
5725 verbose(VERB_ALGO, "xfr to %s failed, packet with "
5727 xfr->task_transfer->master->host);
5730 if(dname_pkt_compare(pkt, sldns_buffer_at(pkt, pos),
5732 verbose(VERB_ALGO, "xfr to %s failed, packet with "
5734 xfr->task_transfer->master->host);
5737 if(sldns_buffer_remaining(pkt) < 4) {
5738 verbose(VERB_ALGO, "xfr to %s failed, packet with "
5739 "truncated query RR",
5740 xfr->task_transfer->master->host);
5743 qtype = sldns_buffer_read_u16(pkt);
5744 qclass = sldns_buffer_read_u16(pkt);
5745 if(qclass != xfr->dclass) {
5746 verbose(VERB_ALGO, "xfr to %s failed, packet with "
5748 xfr->task_transfer->master->host);
5751 if(xfr->task_transfer->on_ixfr) {
5752 if(qtype != LDNS_RR_TYPE_IXFR) {
5753 verbose(VERB_ALGO, "xfr to %s failed, packet "
5754 "with wrong qtype, expected IXFR",
5755 xfr->task_transfer->master->host);
5759 if(qtype != LDNS_RR_TYPE_AXFR) {
5760 verbose(VERB_ALGO, "xfr to %s failed, packet "
5761 "with wrong qtype, expected AXFR",
5762 xfr->task_transfer->master->host);
5768 /* check parse of RRs in packet, store first SOA serial
5769 * to be able to detect last SOA (with that serial) to see if done */
5770 /* also check for IXFR 'zone up to date' reply */
5771 for(i=0; i<(int)LDNS_ANCOUNT(wire); i++) {
5772 size_t pos = sldns_buffer_position(pkt);
5774 if(pkt_dname_len(pkt) == 0) {
5775 verbose(VERB_ALGO, "xfr to %s failed, packet with "
5776 "malformed dname in answer section",
5777 xfr->task_transfer->master->host);
5780 if(sldns_buffer_remaining(pkt) < 10) {
5781 verbose(VERB_ALGO, "xfr to %s failed, packet with "
5783 xfr->task_transfer->master->host);
5786 tp = sldns_buffer_read_u16(pkt);
5787 (void)sldns_buffer_read_u16(pkt); /* class */
5788 (void)sldns_buffer_read_u32(pkt); /* ttl */
5789 rdlen = sldns_buffer_read_u16(pkt);
5790 if(sldns_buffer_remaining(pkt) < rdlen) {
5791 verbose(VERB_ALGO, "xfr to %s failed, packet with "
5792 "truncated RR rdata",
5793 xfr->task_transfer->master->host);
5797 /* RR parses (haven't checked rdata itself), now look at
5798 * SOA records to see serial number */
5799 if(xfr->task_transfer->rr_scan_num == 0 &&
5800 tp != LDNS_RR_TYPE_SOA) {
5801 verbose(VERB_ALGO, "xfr to %s failed, packet with "
5802 "malformed zone transfer, no start SOA",
5803 xfr->task_transfer->master->host);
5806 if(xfr->task_transfer->rr_scan_num == 1 &&
5807 tp != LDNS_RR_TYPE_SOA) {
5808 /* second RR is not a SOA record, this is not an IXFR
5809 * the master is replying with an AXFR */
5810 xfr->task_transfer->on_ixfr_is_axfr = 1;
5812 if(tp == LDNS_RR_TYPE_SOA) {
5815 verbose(VERB_ALGO, "xfr to %s failed, packet "
5816 "with SOA with malformed rdata",
5817 xfr->task_transfer->master->host);
5820 if(dname_pkt_compare(pkt, sldns_buffer_at(pkt, pos),
5822 verbose(VERB_ALGO, "xfr to %s failed, packet "
5823 "with SOA with wrong dname",
5824 xfr->task_transfer->master->host);
5828 /* read serial number of SOA */
5829 serial = sldns_buffer_read_u32_at(pkt,
5830 sldns_buffer_position(pkt)+rdlen-20);
5832 /* check for IXFR 'zone has SOA x' reply */
5833 if(xfr->task_transfer->on_ixfr &&
5834 xfr->task_transfer->rr_scan_num == 0 &&
5835 LDNS_ANCOUNT(wire)==1) {
5836 verbose(VERB_ALGO, "xfr to %s ended, "
5837 "IXFR reply that zone has serial %u,"
5838 " fallback from IXFR to AXFR",
5839 xfr->task_transfer->master->host,
5841 xfr->task_transfer->ixfr_fail = 1;
5846 /* if first SOA, store serial number */
5847 if(xfr->task_transfer->got_xfr_serial == 0) {
5848 xfr->task_transfer->got_xfr_serial = 1;
5849 xfr->task_transfer->incoming_xfr_serial =
5851 verbose(VERB_ALGO, "xfr %s: contains "
5853 xfr->task_transfer->master->host,
5855 /* see if end of AXFR */
5856 } else if(!xfr->task_transfer->on_ixfr ||
5857 xfr->task_transfer->on_ixfr_is_axfr) {
5858 /* second SOA with serial is the end
5861 verbose(VERB_ALGO, "xfr %s: last AXFR packet",
5862 xfr->task_transfer->master->host);
5863 /* for IXFR, count SOA records with that serial */
5864 } else if(xfr->task_transfer->incoming_xfr_serial ==
5865 serial && xfr->task_transfer->got_xfr_serial
5867 xfr->task_transfer->got_xfr_serial++;
5868 /* if not first soa, if serial==firstserial, the
5869 * third time we are at the end, for IXFR */
5870 } else if(xfr->task_transfer->incoming_xfr_serial ==
5871 serial && xfr->task_transfer->got_xfr_serial
5873 verbose(VERB_ALGO, "xfr %s: last IXFR packet",
5874 xfr->task_transfer->master->host);
5876 /* continue parse check, if that succeeds,
5877 * transfer is done */
5880 xfr->task_transfer->rr_scan_num++;
5882 /* skip over RR rdata to go to the next RR */
5883 sldns_buffer_skip(pkt, (ssize_t)rdlen);
5886 /* check authority section */
5887 /* we skip over the RRs checking packet format */
5888 for(i=0; i<(int)LDNS_NSCOUNT(wire); i++) {
5890 if(pkt_dname_len(pkt) == 0) {
5891 verbose(VERB_ALGO, "xfr to %s failed, packet with "
5892 "malformed dname in authority section",
5893 xfr->task_transfer->master->host);
5896 if(sldns_buffer_remaining(pkt) < 10) {
5897 verbose(VERB_ALGO, "xfr to %s failed, packet with "
5899 xfr->task_transfer->master->host);
5902 (void)sldns_buffer_read_u16(pkt); /* type */
5903 (void)sldns_buffer_read_u16(pkt); /* class */
5904 (void)sldns_buffer_read_u32(pkt); /* ttl */
5905 rdlen = sldns_buffer_read_u16(pkt);
5906 if(sldns_buffer_remaining(pkt) < rdlen) {
5907 verbose(VERB_ALGO, "xfr to %s failed, packet with "
5908 "truncated RR rdata",
5909 xfr->task_transfer->master->host);
5912 /* skip over RR rdata to go to the next RR */
5913 sldns_buffer_skip(pkt, (ssize_t)rdlen);
5916 /* check additional section */
5917 for(i=0; i<(int)LDNS_ARCOUNT(wire); i++) {
5919 if(pkt_dname_len(pkt) == 0) {
5920 verbose(VERB_ALGO, "xfr to %s failed, packet with "
5921 "malformed dname in additional section",
5922 xfr->task_transfer->master->host);
5925 if(sldns_buffer_remaining(pkt) < 10) {
5926 verbose(VERB_ALGO, "xfr to %s failed, packet with "
5928 xfr->task_transfer->master->host);
5931 (void)sldns_buffer_read_u16(pkt); /* type */
5932 (void)sldns_buffer_read_u16(pkt); /* class */
5933 (void)sldns_buffer_read_u32(pkt); /* ttl */
5934 rdlen = sldns_buffer_read_u16(pkt);
5935 if(sldns_buffer_remaining(pkt) < rdlen) {
5936 verbose(VERB_ALGO, "xfr to %s failed, packet with "
5937 "truncated RR rdata",
5938 xfr->task_transfer->master->host);
5941 /* skip over RR rdata to go to the next RR */
5942 sldns_buffer_skip(pkt, (ssize_t)rdlen);
5948 /** Link the data from this packet into the worklist of transferred data */
5950 xfer_link_data(sldns_buffer* pkt, struct auth_xfer* xfr)
5953 struct auth_chunk* e;
5954 e = (struct auth_chunk*)calloc(1, sizeof(*e));
5957 e->len = sldns_buffer_limit(pkt);
5958 e->data = memdup(sldns_buffer_begin(pkt), e->len);
5964 /* alloc succeeded, link into list */
5965 if(!xfr->task_transfer->chunks_first)
5966 xfr->task_transfer->chunks_first = e;
5967 if(xfr->task_transfer->chunks_last)
5968 xfr->task_transfer->chunks_last->next = e;
5969 xfr->task_transfer->chunks_last = e;
5973 /** task transfer. the list of data is complete. process it and if failed
5974 * move to next master, if succeeded, end the task transfer */
5976 process_list_end_transfer(struct auth_xfer* xfr, struct module_env* env)
5979 if(xfr_process_chunk_list(xfr, env, &ixfr_fail)) {
5981 auth_chunks_delete(xfr->task_transfer);
5983 /* we fetched the zone, move to wait task */
5984 xfr_transfer_disown(xfr);
5986 if(xfr->notify_received && (!xfr->notify_has_serial ||
5987 (xfr->notify_has_serial &&
5988 xfr_serial_means_update(xfr, xfr->notify_serial)))) {
5989 uint32_t sr = xfr->notify_serial;
5990 int has_sr = xfr->notify_has_serial;
5991 /* we received a notify while probe/transfer was
5992 * in progress. start a new probe and transfer */
5993 xfr->notify_received = 0;
5994 xfr->notify_has_serial = 0;
5995 xfr->notify_serial = 0;
5996 if(!xfr_start_probe(xfr, env, NULL)) {
5997 /* if we couldn't start it, already in
5998 * progress; restore notify serial,
5999 * while xfr still locked */
6000 xfr->notify_received = 1;
6001 xfr->notify_has_serial = has_sr;
6002 xfr->notify_serial = sr;
6003 lock_basic_unlock(&xfr->lock);
6007 /* pick up the nextprobe task and wait (normail wait time) */
6008 if(xfr->task_nextprobe->worker == NULL)
6009 xfr_set_timeout(xfr, env, 0, 0);
6011 lock_basic_unlock(&xfr->lock);
6014 /* processing failed */
6015 /* when done, delete data from list */
6016 auth_chunks_delete(xfr->task_transfer);
6018 xfr->task_transfer->ixfr_fail = 1;
6020 xfr_transfer_nextmaster(xfr);
6022 xfr_transfer_nexttarget_or_end(xfr, env);
6025 /** callback for the task_transfer timer */
6027 auth_xfer_transfer_timer_callback(void* arg)
6029 struct auth_xfer* xfr = (struct auth_xfer*)arg;
6030 struct module_env* env;
6031 int gonextonfail = 1;
6032 log_assert(xfr->task_transfer);
6033 lock_basic_lock(&xfr->lock);
6034 env = xfr->task_transfer->env;
6035 if(!env || env->outnet->want_to_quit) {
6036 lock_basic_unlock(&xfr->lock);
6037 return; /* stop on quit */
6040 verbose(VERB_ALGO, "xfr stopped, connection timeout to %s",
6041 xfr->task_transfer->master->host);
6043 /* see if IXFR caused the failure, if so, try AXFR */
6044 if(xfr->task_transfer->on_ixfr) {
6045 xfr->task_transfer->ixfr_possible_timeout_count++;
6046 if(xfr->task_transfer->ixfr_possible_timeout_count >=
6047 NUM_TIMEOUTS_FALLBACK_IXFR) {
6048 verbose(VERB_ALGO, "xfr to %s, fallback "
6049 "from IXFR to AXFR (because of timeouts)",
6050 xfr->task_transfer->master->host);
6051 xfr->task_transfer->ixfr_fail = 1;
6056 /* delete transferred data from list */
6057 auth_chunks_delete(xfr->task_transfer);
6058 comm_point_delete(xfr->task_transfer->cp);
6059 xfr->task_transfer->cp = NULL;
6061 xfr_transfer_nextmaster(xfr);
6062 xfr_transfer_nexttarget_or_end(xfr, env);
6065 /** callback for task_transfer tcp connections */
6067 auth_xfer_transfer_tcp_callback(struct comm_point* c, void* arg, int err,
6068 struct comm_reply* ATTR_UNUSED(repinfo))
6070 struct auth_xfer* xfr = (struct auth_xfer*)arg;
6071 struct module_env* env;
6072 int gonextonfail = 1;
6073 int transferdone = 0;
6074 log_assert(xfr->task_transfer);
6075 lock_basic_lock(&xfr->lock);
6076 env = xfr->task_transfer->env;
6077 if(!env || env->outnet->want_to_quit) {
6078 lock_basic_unlock(&xfr->lock);
6079 return 0; /* stop on quit */
6081 /* stop the timer */
6082 comm_timer_disable(xfr->task_transfer->timer);
6084 if(err != NETEVENT_NOERROR) {
6085 /* connection failed, closed, or timeout */
6086 /* stop this transfer, cleanup
6087 * and continue task_transfer*/
6088 verbose(VERB_ALGO, "xfr stopped, connection lost to %s",
6089 xfr->task_transfer->master->host);
6091 /* see if IXFR caused the failure, if so, try AXFR */
6092 if(xfr->task_transfer->on_ixfr) {
6093 xfr->task_transfer->ixfr_possible_timeout_count++;
6094 if(xfr->task_transfer->ixfr_possible_timeout_count >=
6095 NUM_TIMEOUTS_FALLBACK_IXFR) {
6096 verbose(VERB_ALGO, "xfr to %s, fallback "
6097 "from IXFR to AXFR (because of timeouts)",
6098 xfr->task_transfer->master->host);
6099 xfr->task_transfer->ixfr_fail = 1;
6105 /* delete transferred data from list */
6106 auth_chunks_delete(xfr->task_transfer);
6107 comm_point_delete(xfr->task_transfer->cp);
6108 xfr->task_transfer->cp = NULL;
6110 xfr_transfer_nextmaster(xfr);
6111 xfr_transfer_nexttarget_or_end(xfr, env);
6114 /* note that IXFR worked without timeout */
6115 if(xfr->task_transfer->on_ixfr)
6116 xfr->task_transfer->ixfr_possible_timeout_count = 0;
6118 /* handle returned packet */
6119 /* if it fails, cleanup and end this transfer */
6120 /* if it needs to fallback from IXFR to AXFR, do that */
6121 if(!check_xfer_packet(c->buffer, xfr, &gonextonfail, &transferdone)) {
6124 /* if it is good, link it into the list of data */
6125 /* if the link into list of data fails (malloc fail) cleanup and end */
6126 if(!xfer_link_data(c->buffer, xfr)) {
6127 verbose(VERB_ALGO, "xfr stopped to %s, malloc failed",
6128 xfr->task_transfer->master->host);
6131 /* if the transfer is done now, disconnect and process the list */
6133 comm_point_delete(xfr->task_transfer->cp);
6134 xfr->task_transfer->cp = NULL;
6135 process_list_end_transfer(xfr, env);
6139 /* if we want to read more messages, setup the commpoint to read
6140 * a DNS packet, and the timeout */
6141 lock_basic_unlock(&xfr->lock);
6142 c->tcp_is_reading = 1;
6143 sldns_buffer_clear(c->buffer);
6144 comm_point_start_listening(c, -1, AUTH_TRANSFER_TIMEOUT);
6148 /** callback for task_transfer http connections */
6150 auth_xfer_transfer_http_callback(struct comm_point* c, void* arg, int err,
6151 struct comm_reply* repinfo)
6153 struct auth_xfer* xfr = (struct auth_xfer*)arg;
6154 struct module_env* env;
6155 log_assert(xfr->task_transfer);
6156 lock_basic_lock(&xfr->lock);
6157 env = xfr->task_transfer->env;
6158 if(!env || env->outnet->want_to_quit) {
6159 lock_basic_unlock(&xfr->lock);
6160 return 0; /* stop on quit */
6162 verbose(VERB_ALGO, "auth zone transfer http callback");
6163 /* stop the timer */
6164 comm_timer_disable(xfr->task_transfer->timer);
6166 if(err != NETEVENT_NOERROR && err != NETEVENT_DONE) {
6167 /* connection failed, closed, or timeout */
6168 /* stop this transfer, cleanup
6169 * and continue task_transfer*/
6170 verbose(VERB_ALGO, "http stopped, connection lost to %s",
6171 xfr->task_transfer->master->host);
6173 /* delete transferred data from list */
6174 auth_chunks_delete(xfr->task_transfer);
6175 if(repinfo) repinfo->c = NULL; /* signal cp deleted to
6176 the routine calling this callback */
6177 comm_point_delete(xfr->task_transfer->cp);
6178 xfr->task_transfer->cp = NULL;
6179 xfr_transfer_nextmaster(xfr);
6180 xfr_transfer_nexttarget_or_end(xfr, env);
6184 /* if it is good, link it into the list of data */
6185 /* if the link into list of data fails (malloc fail) cleanup and end */
6186 if(sldns_buffer_limit(c->buffer) > 0) {
6187 verbose(VERB_ALGO, "auth zone http queued up %d bytes",
6188 (int)sldns_buffer_limit(c->buffer));
6189 if(!xfer_link_data(c->buffer, xfr)) {
6190 verbose(VERB_ALGO, "http stopped to %s, malloc failed",
6191 xfr->task_transfer->master->host);
6195 /* if the transfer is done now, disconnect and process the list */
6196 if(err == NETEVENT_DONE) {
6197 if(repinfo) repinfo->c = NULL; /* signal cp deleted to
6198 the routine calling this callback */
6199 comm_point_delete(xfr->task_transfer->cp);
6200 xfr->task_transfer->cp = NULL;
6201 process_list_end_transfer(xfr, env);
6205 /* if we want to read more messages, setup the commpoint to read
6206 * a DNS packet, and the timeout */
6207 lock_basic_unlock(&xfr->lock);
6208 c->tcp_is_reading = 1;
6209 sldns_buffer_clear(c->buffer);
6210 comm_point_start_listening(c, -1, AUTH_TRANSFER_TIMEOUT);
6215 /** start transfer task by this worker , xfr is locked. */
6217 xfr_start_transfer(struct auth_xfer* xfr, struct module_env* env,
6218 struct auth_master* master)
6220 log_assert(xfr->task_transfer != NULL);
6221 log_assert(xfr->task_transfer->worker == NULL);
6222 log_assert(xfr->task_transfer->chunks_first == NULL);
6223 log_assert(xfr->task_transfer->chunks_last == NULL);
6224 xfr->task_transfer->worker = env->worker;
6225 xfr->task_transfer->env = env;
6227 /* init transfer process */
6228 /* find that master in the transfer's list of masters? */
6229 xfr_transfer_start_list(xfr, master);
6230 /* start lookup for hostnames in transfer master list */
6231 xfr_transfer_start_lookups(xfr);
6233 /* initiate TCP, and set timeout on it */
6234 xfr_transfer_nexttarget_or_end(xfr, env);
6237 /** disown task_probe. caller must hold xfr.lock */
6239 xfr_probe_disown(struct auth_xfer* xfr)
6241 /* remove timer (from this worker's event base) */
6242 comm_timer_delete(xfr->task_probe->timer);
6243 xfr->task_probe->timer = NULL;
6244 /* remove the commpoint */
6245 comm_point_delete(xfr->task_probe->cp);
6246 xfr->task_probe->cp = NULL;
6247 /* we don't own this item anymore */
6248 xfr->task_probe->worker = NULL;
6249 xfr->task_probe->env = NULL;
6252 /** send the UDP probe to the master, this is part of task_probe */
6254 xfr_probe_send_probe(struct auth_xfer* xfr, struct module_env* env,
6257 struct sockaddr_storage addr;
6258 socklen_t addrlen = 0;
6261 struct auth_master* master = xfr_probe_current_master(xfr);
6262 char *auth_name = NULL;
6263 if(!master) return 0;
6264 if(master->allow_notify) return 0; /* only for notify */
6265 if(master->http) return 0; /* only masters get SOA UDP probe,
6266 not urls, if those are in this list */
6268 /* get master addr */
6269 if(xfr->task_probe->scan_addr) {
6270 addrlen = xfr->task_probe->scan_addr->addrlen;
6271 memmove(&addr, &xfr->task_probe->scan_addr->addr, addrlen);
6273 if(!authextstrtoaddr(master->host, &addr, &addrlen, &auth_name)) {
6274 /* the ones that are not in addr format are supposed
6275 * to be looked up. The lookup has failed however,
6278 dname_str(xfr->name, zname);
6279 log_err("%s: failed lookup, cannot probe to master %s",
6280 zname, master->host);
6283 if (auth_name != NULL) {
6284 if (addr.ss_family == AF_INET
6285 && (int)ntohs(((struct sockaddr_in *)&addr)->sin_port)
6286 == env->cfg->ssl_port)
6287 ((struct sockaddr_in *)&addr)->sin_port
6288 = htons((uint16_t)env->cfg->port);
6289 else if (addr.ss_family == AF_INET6
6290 && (int)ntohs(((struct sockaddr_in6 *)&addr)->sin6_port)
6291 == env->cfg->ssl_port)
6292 ((struct sockaddr_in6 *)&addr)->sin6_port
6293 = htons((uint16_t)env->cfg->port);
6298 /* create new ID for new probes, but not on timeout retries,
6299 * this means we'll accept replies to previous retries to same ip */
6300 if(timeout == AUTH_PROBE_TIMEOUT)
6301 xfr->task_probe->id = GET_RANDOM_ID(env->rnd);
6302 xfr_create_soa_probe_packet(xfr, env->scratch_buffer,
6303 xfr->task_probe->id);
6304 /* we need to remove the cp if we have a different ip4/ip6 type now */
6305 if(xfr->task_probe->cp &&
6306 ((xfr->task_probe->cp_is_ip6 && !addr_is_ip6(&addr, addrlen)) ||
6307 (!xfr->task_probe->cp_is_ip6 && addr_is_ip6(&addr, addrlen)))
6309 comm_point_delete(xfr->task_probe->cp);
6310 xfr->task_probe->cp = NULL;
6312 if(!xfr->task_probe->cp) {
6313 if(addr_is_ip6(&addr, addrlen))
6314 xfr->task_probe->cp_is_ip6 = 1;
6315 else xfr->task_probe->cp_is_ip6 = 0;
6316 xfr->task_probe->cp = outnet_comm_point_for_udp(env->outnet,
6317 auth_xfer_probe_udp_callback, xfr, &addr, addrlen);
6318 if(!xfr->task_probe->cp) {
6319 char zname[255+1], as[256];
6320 dname_str(xfr->name, zname);
6321 addr_to_str(&addr, addrlen, as, sizeof(as));
6322 verbose(VERB_ALGO, "cannot create udp cp for "
6323 "probe %s to %s", zname, as);
6327 if(!xfr->task_probe->timer) {
6328 xfr->task_probe->timer = comm_timer_create(env->worker_base,
6329 auth_xfer_probe_timer_callback, xfr);
6330 if(!xfr->task_probe->timer) {
6331 log_err("malloc failure");
6336 /* send udp packet */
6337 if(!comm_point_send_udp_msg(xfr->task_probe->cp, env->scratch_buffer,
6338 (struct sockaddr*)&addr, addrlen, 0)) {
6339 char zname[255+1], as[256];
6340 dname_str(xfr->name, zname);
6341 addr_to_str(&addr, addrlen, as, sizeof(as));
6342 verbose(VERB_ALGO, "failed to send soa probe for %s to %s",
6346 if(verbosity >= VERB_ALGO) {
6347 char zname[255+1], as[256];
6348 dname_str(xfr->name, zname);
6349 addr_to_str(&addr, addrlen, as, sizeof(as));
6350 verbose(VERB_ALGO, "auth zone %s soa probe sent to %s", zname,
6353 xfr->task_probe->timeout = timeout;
6355 t.tv_sec = timeout/1000;
6356 t.tv_usec = (timeout%1000)*1000;
6358 comm_timer_set(xfr->task_probe->timer, &t);
6363 /** callback for task_probe timer */
6365 auth_xfer_probe_timer_callback(void* arg)
6367 struct auth_xfer* xfr = (struct auth_xfer*)arg;
6368 struct module_env* env;
6369 log_assert(xfr->task_probe);
6370 lock_basic_lock(&xfr->lock);
6371 env = xfr->task_probe->env;
6372 if(!env || env->outnet->want_to_quit) {
6373 lock_basic_unlock(&xfr->lock);
6374 return; /* stop on quit */
6377 if(verbosity >= VERB_ALGO) {
6379 dname_str(xfr->name, zname);
6380 verbose(VERB_ALGO, "auth zone %s soa probe timeout", zname);
6382 if(xfr->task_probe->timeout <= AUTH_PROBE_TIMEOUT_STOP) {
6383 /* try again with bigger timeout */
6384 if(xfr_probe_send_probe(xfr, env, xfr->task_probe->timeout*2)) {
6385 lock_basic_unlock(&xfr->lock);
6389 /* delete commpoint so a new one is created, with a fresh port nr */
6390 comm_point_delete(xfr->task_probe->cp);
6391 xfr->task_probe->cp = NULL;
6393 /* too many timeouts (or fail to send), move to next or end */
6394 xfr_probe_nextmaster(xfr);
6395 xfr_probe_send_or_end(xfr, env);
6398 /** callback for task_probe udp packets */
6400 auth_xfer_probe_udp_callback(struct comm_point* c, void* arg, int err,
6401 struct comm_reply* repinfo)
6403 struct auth_xfer* xfr = (struct auth_xfer*)arg;
6404 struct module_env* env;
6405 log_assert(xfr->task_probe);
6406 lock_basic_lock(&xfr->lock);
6407 env = xfr->task_probe->env;
6408 if(!env || env->outnet->want_to_quit) {
6409 lock_basic_unlock(&xfr->lock);
6410 return 0; /* stop on quit */
6413 /* the comm_point_udp_callback is in a for loop for NUM_UDP_PER_SELECT
6414 * and we set rep.c=NULL to stop if from looking inside the commpoint*/
6416 /* stop the timer */
6417 comm_timer_disable(xfr->task_probe->timer);
6419 /* see if we got a packet and what that means */
6420 if(err == NETEVENT_NOERROR) {
6421 uint32_t serial = 0;
6422 if(check_packet_ok(c->buffer, LDNS_RR_TYPE_SOA, xfr,
6424 /* successful lookup */
6425 if(verbosity >= VERB_ALGO) {
6427 dname_str(xfr->name, buf);
6428 verbose(VERB_ALGO, "auth zone %s: soa probe "
6429 "serial is %u", buf, (unsigned)serial);
6431 /* see if this serial indicates that the zone has
6433 if(xfr_serial_means_update(xfr, serial)) {
6434 /* if updated, start the transfer task, if needed */
6435 verbose(VERB_ALGO, "auth_zone updated, start transfer");
6436 if(xfr->task_transfer->worker == NULL) {
6437 struct auth_master* master =
6438 xfr_probe_current_master(xfr);
6439 /* if we have download URLs use them
6440 * in preference to this master we
6441 * just probed the SOA from */
6442 if(xfr->task_transfer->masters &&
6443 xfr->task_transfer->masters->http)
6445 xfr_probe_disown(xfr);
6446 xfr_start_transfer(xfr, env, master);
6450 /* other tasks are running, we don't do this anymore */
6451 xfr_probe_disown(xfr);
6452 lock_basic_unlock(&xfr->lock);
6453 /* return, we don't sent a reply to this udp packet,
6454 * and we setup the tasks to do next */
6457 verbose(VERB_ALGO, "auth_zone master reports unchanged soa serial");
6458 /* we if cannot find updates amongst the
6459 * masters, this means we then have a new lease
6461 xfr->task_probe->have_new_lease = 1;
6464 if(verbosity >= VERB_ALGO) {
6466 dname_str(xfr->name, buf);
6467 verbose(VERB_ALGO, "auth zone %s: bad reply to soa probe", buf);
6471 if(verbosity >= VERB_ALGO) {
6473 dname_str(xfr->name, buf);
6474 verbose(VERB_ALGO, "auth zone %s: soa probe failed", buf);
6478 /* failed lookup or not an update */
6479 /* delete commpoint so a new one is created, with a fresh port nr */
6480 comm_point_delete(xfr->task_probe->cp);
6481 xfr->task_probe->cp = NULL;
6483 /* if the result was not a successfull probe, we need
6484 * to send the next one */
6485 xfr_probe_nextmaster(xfr);
6486 xfr_probe_send_or_end(xfr, env);
6490 /** lookup a host name for its addresses, if needed */
6492 xfr_probe_lookup_host(struct auth_xfer* xfr, struct module_env* env)
6494 struct sockaddr_storage addr;
6495 socklen_t addrlen = 0;
6496 struct auth_master* master = xfr->task_probe->lookup_target;
6497 struct query_info qinfo;
6498 uint16_t qflags = BIT_RD;
6499 uint8_t dname[LDNS_MAX_DOMAINLEN+1];
6500 struct edns_data edns;
6501 sldns_buffer* buf = env->scratch_buffer;
6502 if(!master) return 0;
6503 if(extstrtoaddr(master->host, &addr, &addrlen)) {
6504 /* not needed, host is in IP addr format */
6507 if(master->allow_notify && !master->http &&
6508 strchr(master->host, '/') != NULL &&
6509 strchr(master->host, '/') == strrchr(master->host, '/')) {
6510 return 0; /* is IP/prefix format, not something to look up */
6513 /* use mesh_new_callback to probe for non-addr hosts,
6514 * and then wait for them to be looked up (in cache, or query) */
6515 qinfo.qname_len = sizeof(dname);
6516 if(sldns_str2wire_dname_buf(master->host, dname, &qinfo.qname_len)
6518 log_err("cannot parse host name of master %s", master->host);
6521 qinfo.qname = dname;
6522 qinfo.qclass = xfr->dclass;
6523 qinfo.qtype = LDNS_RR_TYPE_A;
6524 if(xfr->task_probe->lookup_aaaa)
6525 qinfo.qtype = LDNS_RR_TYPE_AAAA;
6526 qinfo.local_alias = NULL;
6527 if(verbosity >= VERB_ALGO) {
6529 char buf2[LDNS_MAX_DOMAINLEN+1];
6530 dname_str(xfr->name, buf2);
6531 snprintf(buf1, sizeof(buf1), "auth zone %s: master lookup"
6532 " for task_probe", buf2);
6533 log_query_info(VERB_ALGO, buf1, &qinfo);
6535 edns.edns_present = 1;
6537 edns.edns_version = 0;
6538 edns.bits = EDNS_DO;
6539 edns.opt_list = NULL;
6540 edns.padding_block_size = 0;
6541 if(sldns_buffer_capacity(buf) < 65535)
6542 edns.udp_size = (uint16_t)sldns_buffer_capacity(buf);
6543 else edns.udp_size = 65535;
6545 /* unlock xfr during mesh_new_callback() because the callback can be
6546 * called straight away */
6547 lock_basic_unlock(&xfr->lock);
6548 if(!mesh_new_callback(env->mesh, &qinfo, qflags, &edns, buf, 0,
6549 &auth_xfer_probe_lookup_callback, xfr)) {
6550 lock_basic_lock(&xfr->lock);
6551 log_err("out of memory lookup up master %s", master->host);
6554 lock_basic_lock(&xfr->lock);
6558 /** move to sending the probe packets, next if fails. task_probe */
6560 xfr_probe_send_or_end(struct auth_xfer* xfr, struct module_env* env)
6562 /* are we doing hostname lookups? */
6563 while(xfr->task_probe->lookup_target) {
6564 if(xfr_probe_lookup_host(xfr, env)) {
6565 /* wait for lookup to finish,
6566 * note that the hostname may be in unbound's cache
6567 * and we may then get an instant cache response,
6568 * and that calls the callback just like a full
6569 * lookup and lookup failures also call callback */
6570 if(verbosity >= VERB_ALGO) {
6572 dname_str(xfr->name, zname);
6573 verbose(VERB_ALGO, "auth zone %s probe next target lookup", zname);
6575 lock_basic_unlock(&xfr->lock);
6578 xfr_probe_move_to_next_lookup(xfr, env);
6580 /* probe of list has ended. Create or refresh the list of of
6581 * allow_notify addrs */
6582 probe_copy_masters_for_allow_notify(xfr);
6583 if(verbosity >= VERB_ALGO) {
6585 dname_str(xfr->name, zname);
6586 verbose(VERB_ALGO, "auth zone %s probe: notify addrs updated", zname);
6588 if(xfr->task_probe->only_lookup) {
6589 /* only wanted lookups for copy, stop probe and start wait */
6590 xfr->task_probe->only_lookup = 0;
6591 if(verbosity >= VERB_ALGO) {
6593 dname_str(xfr->name, zname);
6594 verbose(VERB_ALGO, "auth zone %s probe: finished only_lookup", zname);
6596 xfr_probe_disown(xfr);
6597 if(xfr->task_nextprobe->worker == NULL)
6598 xfr_set_timeout(xfr, env, 0, 0);
6599 lock_basic_unlock(&xfr->lock);
6603 /* send probe packets */
6604 while(!xfr_probe_end_of_list(xfr)) {
6605 if(xfr_probe_send_probe(xfr, env, AUTH_PROBE_TIMEOUT)) {
6606 /* successfully sent probe, wait for callback */
6607 lock_basic_unlock(&xfr->lock);
6610 /* failed to send probe, next master */
6611 xfr_probe_nextmaster(xfr);
6614 /* done with probe sequence, wait */
6615 if(xfr->task_probe->have_new_lease) {
6616 /* if zone not updated, start the wait timer again */
6617 if(verbosity >= VERB_ALGO) {
6619 dname_str(xfr->name, zname);
6620 verbose(VERB_ALGO, "auth_zone %s unchanged, new lease, wait", zname);
6622 xfr_probe_disown(xfr);
6624 xfr->lease_time = *env->now;
6625 if(xfr->task_nextprobe->worker == NULL)
6626 xfr_set_timeout(xfr, env, 0, 0);
6628 if(verbosity >= VERB_ALGO) {
6630 dname_str(xfr->name, zname);
6631 verbose(VERB_ALGO, "auth zone %s soa probe failed, wait to retry", zname);
6633 /* we failed to send this as well, move to the wait task,
6634 * use the shorter retry timeout */
6635 xfr_probe_disown(xfr);
6636 /* pick up the nextprobe task and wait */
6637 if(xfr->task_nextprobe->worker == NULL)
6638 xfr_set_timeout(xfr, env, 1, 0);
6641 lock_basic_unlock(&xfr->lock);
6644 /** callback for task_probe lookup of host name, of A or AAAA */
6645 void auth_xfer_probe_lookup_callback(void* arg, int rcode, sldns_buffer* buf,
6646 enum sec_status ATTR_UNUSED(sec), char* ATTR_UNUSED(why_bogus),
6647 int ATTR_UNUSED(was_ratelimited))
6649 struct auth_xfer* xfr = (struct auth_xfer*)arg;
6650 struct module_env* env;
6651 log_assert(xfr->task_probe);
6652 lock_basic_lock(&xfr->lock);
6653 env = xfr->task_probe->env;
6654 if(!env || env->outnet->want_to_quit) {
6655 lock_basic_unlock(&xfr->lock);
6656 return; /* stop on quit */
6659 /* process result */
6660 if(rcode == LDNS_RCODE_NOERROR) {
6661 uint16_t wanted_qtype = LDNS_RR_TYPE_A;
6662 struct regional* temp = env->scratch;
6663 struct query_info rq;
6664 struct reply_info* rep;
6665 if(xfr->task_probe->lookup_aaaa)
6666 wanted_qtype = LDNS_RR_TYPE_AAAA;
6667 memset(&rq, 0, sizeof(rq));
6668 rep = parse_reply_in_temp_region(buf, temp, &rq);
6669 if(rep && rq.qtype == wanted_qtype &&
6670 FLAGS_GET_RCODE(rep->flags) == LDNS_RCODE_NOERROR) {
6671 /* parsed successfully */
6672 struct ub_packed_rrset_key* answer =
6673 reply_find_answer_rrset(&rq, rep);
6675 xfr_master_add_addrs(xfr->task_probe->
6676 lookup_target, answer, wanted_qtype);
6678 if(verbosity >= VERB_ALGO) {
6680 dname_str(xfr->name, zname);
6681 verbose(VERB_ALGO, "auth zone %s host %s type %s probe lookup has nodata", zname, xfr->task_probe->lookup_target->host, (xfr->task_probe->lookup_aaaa?"AAAA":"A"));
6685 if(verbosity >= VERB_ALGO) {
6687 dname_str(xfr->name, zname);
6688 verbose(VERB_ALGO, "auth zone %s host %s type %s probe lookup has no address", zname, xfr->task_probe->lookup_target->host, (xfr->task_probe->lookup_aaaa?"AAAA":"A"));
6691 regional_free_all(temp);
6693 if(verbosity >= VERB_ALGO) {
6695 dname_str(xfr->name, zname);
6696 verbose(VERB_ALGO, "auth zone %s host %s type %s probe lookup failed", zname, xfr->task_probe->lookup_target->host, (xfr->task_probe->lookup_aaaa?"AAAA":"A"));
6699 if(xfr->task_probe->lookup_target->list &&
6700 xfr->task_probe->lookup_target == xfr_probe_current_master(xfr))
6701 xfr->task_probe->scan_addr = xfr->task_probe->lookup_target->list;
6703 /* move to lookup AAAA after A lookup, move to next hostname lookup,
6704 * or move to send the probes, or, if nothing to do, end task_probe */
6705 xfr_probe_move_to_next_lookup(xfr, env);
6706 xfr_probe_send_or_end(xfr, env);
6709 /** disown task_nextprobe. caller must hold xfr.lock */
6711 xfr_nextprobe_disown(struct auth_xfer* xfr)
6713 /* delete the timer, because the next worker to pick this up may
6714 * not have the same event base */
6715 comm_timer_delete(xfr->task_nextprobe->timer);
6716 xfr->task_nextprobe->timer = NULL;
6717 xfr->task_nextprobe->next_probe = 0;
6718 /* we don't own this item anymore */
6719 xfr->task_nextprobe->worker = NULL;
6720 xfr->task_nextprobe->env = NULL;
6723 /** xfer nextprobe timeout callback, this is part of task_nextprobe */
6725 auth_xfer_timer(void* arg)
6727 struct auth_xfer* xfr = (struct auth_xfer*)arg;
6728 struct module_env* env;
6729 log_assert(xfr->task_nextprobe);
6730 lock_basic_lock(&xfr->lock);
6731 env = xfr->task_nextprobe->env;
6732 if(!env || env->outnet->want_to_quit) {
6733 lock_basic_unlock(&xfr->lock);
6734 return; /* stop on quit */
6737 /* see if zone has expired, and if so, also set auth_zone expired */
6738 if(xfr->have_zone && !xfr->zone_expired &&
6739 *env->now >= xfr->lease_time + xfr->expiry) {
6740 lock_basic_unlock(&xfr->lock);
6741 auth_xfer_set_expired(xfr, env, 1);
6742 lock_basic_lock(&xfr->lock);
6745 xfr_nextprobe_disown(xfr);
6747 if(!xfr_start_probe(xfr, env, NULL)) {
6748 /* not started because already in progress */
6749 lock_basic_unlock(&xfr->lock);
6753 /** return true if there are probe (SOA UDP query) targets in the master list*/
6755 have_probe_targets(struct auth_master* list)
6757 struct auth_master* p;
6758 for(p=list; p; p = p->next) {
6759 if(!p->allow_notify && p->host)
6765 /** start task_probe if possible, if no masters for probe start task_transfer
6766 * returns true if task has been started, and false if the task is already
6769 xfr_start_probe(struct auth_xfer* xfr, struct module_env* env,
6770 struct auth_master* spec)
6772 /* see if we need to start a probe (or maybe it is already in
6773 * progress (due to notify)) */
6774 if(xfr->task_probe->worker == NULL) {
6775 if(!have_probe_targets(xfr->task_probe->masters) &&
6776 !(xfr->task_probe->only_lookup &&
6777 xfr->task_probe->masters != NULL)) {
6778 /* useless to pick up task_probe, no masters to
6779 * probe. Instead attempt to pick up task transfer */
6780 if(xfr->task_transfer->worker == NULL) {
6781 xfr_start_transfer(xfr, env, spec);
6784 /* task transfer already in progress */
6788 /* pick up the probe task ourselves */
6789 xfr->task_probe->worker = env->worker;
6790 xfr->task_probe->env = env;
6791 xfr->task_probe->cp = NULL;
6793 /* start the task */
6794 /* have not seen a new lease yet, this scan */
6795 xfr->task_probe->have_new_lease = 0;
6796 /* if this was a timeout, no specific first master to scan */
6797 /* otherwise, spec is nonNULL the notified master, scan
6798 * first and also transfer first from it */
6799 xfr_probe_start_list(xfr, spec);
6800 /* setup to start the lookup of hostnames of masters afresh */
6801 xfr_probe_start_lookups(xfr);
6802 /* send the probe packet or next send, or end task */
6803 xfr_probe_send_or_end(xfr, env);
6809 /** for task_nextprobe.
6810 * determine next timeout for auth_xfer. Also (re)sets timer.
6811 * @param xfr: task structure
6812 * @param env: module environment, with worker and time.
6813 * @param failure: set true if timer should be set for failure retry.
6814 * @param lookup_only: only perform lookups when timer done, 0 sec timeout
6817 xfr_set_timeout(struct auth_xfer* xfr, struct module_env* env,
6818 int failure, int lookup_only)
6821 log_assert(xfr->task_nextprobe != NULL);
6822 log_assert(xfr->task_nextprobe->worker == NULL ||
6823 xfr->task_nextprobe->worker == env->worker);
6824 /* normally, nextprobe = startoflease + refresh,
6825 * but if expiry is sooner, use that one.
6826 * after a failure, use the retry timer instead. */
6827 xfr->task_nextprobe->next_probe = *env->now;
6828 if(xfr->lease_time && !failure)
6829 xfr->task_nextprobe->next_probe = xfr->lease_time;
6832 xfr->task_nextprobe->backoff = 0;
6834 if(xfr->task_nextprobe->backoff == 0)
6835 xfr->task_nextprobe->backoff = 3;
6836 else xfr->task_nextprobe->backoff *= 2;
6837 if(xfr->task_nextprobe->backoff > AUTH_TRANSFER_MAX_BACKOFF)
6838 xfr->task_nextprobe->backoff =
6839 AUTH_TRANSFER_MAX_BACKOFF;
6842 if(xfr->have_zone) {
6843 time_t wait = xfr->refresh;
6844 if(failure) wait = xfr->retry;
6845 if(xfr->expiry < wait)
6846 xfr->task_nextprobe->next_probe += xfr->expiry;
6847 else xfr->task_nextprobe->next_probe += wait;
6849 xfr->task_nextprobe->next_probe +=
6850 xfr->task_nextprobe->backoff;
6851 /* put the timer exactly on expiry, if possible */
6852 if(xfr->lease_time && xfr->lease_time+xfr->expiry <
6853 xfr->task_nextprobe->next_probe &&
6854 xfr->lease_time+xfr->expiry > *env->now)
6855 xfr->task_nextprobe->next_probe =
6856 xfr->lease_time+xfr->expiry;
6858 xfr->task_nextprobe->next_probe +=
6859 xfr->task_nextprobe->backoff;
6862 if(!xfr->task_nextprobe->timer) {
6863 xfr->task_nextprobe->timer = comm_timer_create(
6864 env->worker_base, auth_xfer_timer, xfr);
6865 if(!xfr->task_nextprobe->timer) {
6866 /* failed to malloc memory. likely zone transfer
6867 * also fails for that. skip the timeout */
6869 dname_str(xfr->name, zname);
6870 log_err("cannot allocate timer, no refresh for %s",
6875 xfr->task_nextprobe->worker = env->worker;
6876 xfr->task_nextprobe->env = env;
6877 if(*(xfr->task_nextprobe->env->now) <= xfr->task_nextprobe->next_probe)
6878 tv.tv_sec = xfr->task_nextprobe->next_probe -
6879 *(xfr->task_nextprobe->env->now);
6881 if(tv.tv_sec != 0 && lookup_only && xfr->task_probe->masters) {
6882 /* don't lookup_only, if lookup timeout is 0 anyway,
6883 * or if we don't have masters to lookup */
6885 if(xfr->task_probe->worker == NULL)
6886 xfr->task_probe->only_lookup = 1;
6888 if(verbosity >= VERB_ALGO) {
6890 dname_str(xfr->name, zname);
6891 verbose(VERB_ALGO, "auth zone %s timeout in %d seconds",
6892 zname, (int)tv.tv_sec);
6895 comm_timer_set(xfr->task_nextprobe->timer, &tv);
6898 /** initial pick up of worker timeouts, ties events to worker event loop */
6900 auth_xfer_pickup_initial(struct auth_zones* az, struct module_env* env)
6902 struct auth_xfer* x;
6903 lock_rw_wrlock(&az->lock);
6904 RBTREE_FOR(x, struct auth_xfer*, &az->xtree) {
6905 lock_basic_lock(&x->lock);
6906 /* set lease_time, because we now have timestamp in env,
6907 * (not earlier during startup and apply_cfg), and this
6908 * notes the start time when the data was acquired */
6910 x->lease_time = *env->now;
6911 if(x->task_nextprobe && x->task_nextprobe->worker == NULL) {
6912 xfr_set_timeout(x, env, 0, 1);
6914 lock_basic_unlock(&x->lock);
6916 lock_rw_unlock(&az->lock);
6919 void auth_zones_cleanup(struct auth_zones* az)
6921 struct auth_xfer* x;
6922 lock_rw_wrlock(&az->lock);
6923 RBTREE_FOR(x, struct auth_xfer*, &az->xtree) {
6924 lock_basic_lock(&x->lock);
6925 if(x->task_nextprobe && x->task_nextprobe->worker != NULL) {
6926 xfr_nextprobe_disown(x);
6928 if(x->task_probe && x->task_probe->worker != NULL) {
6929 xfr_probe_disown(x);
6931 if(x->task_transfer && x->task_transfer->worker != NULL) {
6932 auth_chunks_delete(x->task_transfer);
6933 xfr_transfer_disown(x);
6935 lock_basic_unlock(&x->lock);
6937 lock_rw_unlock(&az->lock);
6941 * malloc the xfer and tasks
6942 * @param z: auth_zone with name of zone.
6944 static struct auth_xfer*
6945 auth_xfer_new(struct auth_zone* z)
6947 struct auth_xfer* xfr;
6948 xfr = (struct auth_xfer*)calloc(1, sizeof(*xfr));
6949 if(!xfr) return NULL;
6950 xfr->name = memdup(z->name, z->namelen);
6955 xfr->node.key = xfr;
6956 xfr->namelen = z->namelen;
6957 xfr->namelabs = z->namelabs;
6958 xfr->dclass = z->dclass;
6960 xfr->task_nextprobe = (struct auth_nextprobe*)calloc(1,
6961 sizeof(struct auth_nextprobe));
6962 if(!xfr->task_nextprobe) {
6967 xfr->task_probe = (struct auth_probe*)calloc(1,
6968 sizeof(struct auth_probe));
6969 if(!xfr->task_probe) {
6970 free(xfr->task_nextprobe);
6975 xfr->task_transfer = (struct auth_transfer*)calloc(1,
6976 sizeof(struct auth_transfer));
6977 if(!xfr->task_transfer) {
6978 free(xfr->task_probe);
6979 free(xfr->task_nextprobe);
6985 lock_basic_init(&xfr->lock);
6986 lock_protect(&xfr->lock, &xfr->name, sizeof(xfr->name));
6987 lock_protect(&xfr->lock, &xfr->namelen, sizeof(xfr->namelen));
6988 lock_protect(&xfr->lock, xfr->name, xfr->namelen);
6989 lock_protect(&xfr->lock, &xfr->namelabs, sizeof(xfr->namelabs));
6990 lock_protect(&xfr->lock, &xfr->dclass, sizeof(xfr->dclass));
6991 lock_protect(&xfr->lock, &xfr->notify_received, sizeof(xfr->notify_received));
6992 lock_protect(&xfr->lock, &xfr->notify_serial, sizeof(xfr->notify_serial));
6993 lock_protect(&xfr->lock, &xfr->zone_expired, sizeof(xfr->zone_expired));
6994 lock_protect(&xfr->lock, &xfr->have_zone, sizeof(xfr->have_zone));
6995 lock_protect(&xfr->lock, &xfr->serial, sizeof(xfr->serial));
6996 lock_protect(&xfr->lock, &xfr->retry, sizeof(xfr->retry));
6997 lock_protect(&xfr->lock, &xfr->refresh, sizeof(xfr->refresh));
6998 lock_protect(&xfr->lock, &xfr->expiry, sizeof(xfr->expiry));
6999 lock_protect(&xfr->lock, &xfr->lease_time, sizeof(xfr->lease_time));
7000 lock_protect(&xfr->lock, &xfr->task_nextprobe->worker,
7001 sizeof(xfr->task_nextprobe->worker));
7002 lock_protect(&xfr->lock, &xfr->task_probe->worker,
7003 sizeof(xfr->task_probe->worker));
7004 lock_protect(&xfr->lock, &xfr->task_transfer->worker,
7005 sizeof(xfr->task_transfer->worker));
7006 lock_basic_lock(&xfr->lock);
7010 /** Create auth_xfer structure.
7011 * This populates the have_zone, soa values, and so on times.
7012 * and sets the timeout, if a zone transfer is needed a short timeout is set.
7013 * For that the auth_zone itself must exist (and read in zonefile)
7014 * returns false on alloc failure. */
7016 auth_xfer_create(struct auth_zones* az, struct auth_zone* z)
7018 struct auth_xfer* xfr;
7021 xfr = auth_xfer_new(z);
7023 log_err("malloc failure");
7026 /* insert in tree */
7027 (void)rbtree_insert(&az->xtree, &xfr->node);
7031 /** create new auth_master structure */
7032 static struct auth_master*
7033 auth_master_new(struct auth_master*** list)
7035 struct auth_master *m;
7036 m = (struct auth_master*)calloc(1, sizeof(*m));
7038 log_err("malloc failure");
7041 /* set first pointer to m, or next pointer of previous element to m */
7043 /* store m's next pointer as future point to store at */
7044 (*list) = &(m->next);
7048 /** dup_prefix : create string from initial part of other string, malloced */
7050 dup_prefix(char* str, size_t num)
7053 size_t len = strlen(str);
7054 if(len < num) num = len; /* not more than strlen */
7055 result = (char*)malloc(num+1);
7057 log_err("malloc failure");
7060 memmove(result, str, num);
7065 /** dup string and print error on error */
7069 char* result = strdup(str);
7071 log_err("malloc failure");
7077 /** find first of two characters */
7079 str_find_first_of_chars(char* s, char a, char b)
7081 char* ra = strchr(s, a);
7082 char* rb = strchr(s, b);
7085 if(ra < rb) return ra;
7089 /** parse URL into host and file parts, false on malloc or parse error */
7091 parse_url(char* url, char** host, char** file, int* port, int* ssl)
7094 /* parse http://www.example.com/file.htm
7095 * or http://127.0.0.1 (index.html)
7096 * or https://[::1@1234]/a/b/c/d */
7098 *port = AUTH_HTTPS_PORT;
7100 /* parse http:// or https:// */
7101 if(strncmp(p, "http://", 7) == 0) {
7104 *port = AUTH_HTTP_PORT;
7105 } else if(strncmp(p, "https://", 8) == 0) {
7107 } else if(strstr(p, "://") && strchr(p, '/') > strstr(p, "://") &&
7108 strchr(p, ':') >= strstr(p, "://")) {
7109 char* uri = dup_prefix(p, (size_t)(strstr(p, "://")-p));
7110 log_err("protocol %s:// not supported (for url %s)",
7116 /* parse hostname part */
7118 char* end = strchr(p, ']');
7119 p++; /* skip over [ */
7121 *host = dup_prefix(p, (size_t)(end-p));
7122 if(!*host) return 0;
7123 p = end+1; /* skip over ] */
7126 if(!*host) return 0;
7130 char* end = str_find_first_of_chars(p, ':', '/');
7132 *host = dup_prefix(p, (size_t)(end-p));
7133 if(!*host) return 0;
7136 if(!*host) return 0;
7138 p = end; /* at next : or / or NULL */
7141 /* parse port number */
7142 if(p && p[0] == ':') {
7144 *port = strtol(p+1, &end, 10);
7148 /* parse filename part */
7149 while(p && *p == '/')
7152 *file = strdup("index.html");
7153 else *file = strdup(p);
7155 log_err("malloc failure");
7162 xfer_set_masters(struct auth_master** list, struct config_auth* c,
7165 struct auth_master* m;
7166 struct config_strlist* p;
7167 /* list points to the first, or next pointer for the new element */
7169 list = &( (*list)->next );
7172 for(p = c->urls; p; p = p->next) {
7173 m = auth_master_new(&list);
7176 if(!parse_url(p->str, &m->host, &m->file, &m->port, &m->ssl))
7179 for(p = c->masters; p; p = p->next) {
7180 m = auth_master_new(&list);
7182 m->ixfr = 1; /* this flag is not configurable */
7183 m->host = strdup(p->str);
7185 log_err("malloc failure");
7189 for(p = c->allow_notify; p; p = p->next) {
7190 m = auth_master_new(&list);
7192 m->allow_notify = 1;
7193 m->host = strdup(p->str);
7195 log_err("malloc failure");
7202 #define SERIAL_BITS 32
7204 compare_serial(uint32_t a, uint32_t b)
7206 const uint32_t cutoff = ((uint32_t) 1 << (SERIAL_BITS - 1));
7210 } else if ((a < b && b - a < cutoff) || (a > b && a - b > cutoff)) {
7217 int zonemd_hashalgo_supported(int hashalgo)
7219 if(hashalgo == ZONEMD_ALGO_SHA384) return 1;
7220 if(hashalgo == ZONEMD_ALGO_SHA512) return 1;
7224 int zonemd_scheme_supported(int scheme)
7226 if(scheme == ZONEMD_SCHEME_SIMPLE) return 1;
7230 /** initialize hash for hashing with zonemd hash algo */
7231 static struct secalgo_hash* zonemd_digest_init(int hashalgo, char** reason)
7233 struct secalgo_hash *h;
7234 if(hashalgo == ZONEMD_ALGO_SHA384) {
7236 h = secalgo_hash_create_sha384();
7238 *reason = "digest sha384 could not be created";
7240 } else if(hashalgo == ZONEMD_ALGO_SHA512) {
7242 h = secalgo_hash_create_sha512();
7244 *reason = "digest sha512 could not be created";
7247 /* unknown hash algo */
7248 *reason = "unsupported algorithm";
7252 /** update the hash for zonemd */
7253 static int zonemd_digest_update(int hashalgo, struct secalgo_hash* h,
7254 uint8_t* data, size_t len, char** reason)
7256 if(hashalgo == ZONEMD_ALGO_SHA384) {
7257 if(!secalgo_hash_update(h, data, len)) {
7258 *reason = "digest sha384 failed";
7262 } else if(hashalgo == ZONEMD_ALGO_SHA512) {
7263 if(!secalgo_hash_update(h, data, len)) {
7264 *reason = "digest sha512 failed";
7269 /* unknown hash algo */
7270 *reason = "unsupported algorithm";
7274 /** finish the hash for zonemd */
7275 static int zonemd_digest_finish(int hashalgo, struct secalgo_hash* h,
7276 uint8_t* result, size_t hashlen, size_t* resultlen, char** reason)
7278 if(hashalgo == ZONEMD_ALGO_SHA384) {
7279 if(hashlen < 384/8) {
7280 *reason = "digest buffer too small for sha384";
7283 if(!secalgo_hash_final(h, result, hashlen, resultlen)) {
7284 *reason = "digest sha384 finish failed";
7288 } else if(hashalgo == ZONEMD_ALGO_SHA512) {
7289 if(hashlen < 512/8) {
7290 *reason = "digest buffer too small for sha512";
7293 if(!secalgo_hash_final(h, result, hashlen, resultlen)) {
7294 *reason = "digest sha512 finish failed";
7300 *reason = "unsupported algorithm";
7304 /** add rrsets from node to the list */
7305 static size_t authdata_rrsets_to_list(struct auth_rrset** array,
7306 size_t arraysize, struct auth_rrset* first)
7308 struct auth_rrset* rrset = first;
7311 if(num >= arraysize)
7315 rrset = rrset->next;
7320 /** compare rr list entries */
7321 static int rrlist_compare(const void* arg1, const void* arg2)
7323 struct auth_rrset* r1 = *(struct auth_rrset**)arg1;
7324 struct auth_rrset* r2 = *(struct auth_rrset**)arg2;
7326 if(r1 == NULL) t1 = LDNS_RR_TYPE_RRSIG;
7328 if(r2 == NULL) t2 = LDNS_RR_TYPE_RRSIG;
7337 /** add type RRSIG to rr list if not one there already,
7338 * this is to perform RRSIG collate processing at that point. */
7339 static void addrrsigtype_if_needed(struct auth_rrset** array,
7340 size_t arraysize, size_t* rrnum, struct auth_data* node)
7342 if(az_domain_rrset(node, LDNS_RR_TYPE_RRSIG))
7343 return; /* already one there */
7344 if((*rrnum) >= arraysize)
7345 return; /* array too small? */
7346 array[*rrnum] = NULL; /* nothing there, but need entry in list */
7350 /** collate the RRs in an RRset using the simple scheme */
7351 static int zonemd_simple_rrset(struct auth_zone* z, int hashalgo,
7352 struct secalgo_hash* h, struct auth_data* node,
7353 struct auth_rrset* rrset, struct regional* region,
7354 struct sldns_buffer* buf, char** reason)
7357 struct ub_packed_rrset_key key;
7358 memset(&key, 0, sizeof(key));
7359 key.entry.key = &key;
7360 key.entry.data = rrset->data;
7361 key.rk.dname = node->name;
7362 key.rk.dname_len = node->namelen;
7363 key.rk.type = htons(rrset->type);
7364 key.rk.rrset_class = htons(z->dclass);
7365 if(!rrset_canonicalize_to_buffer(region, buf, &key)) {
7366 *reason = "out of memory";
7369 regional_free_all(region);
7372 if(!zonemd_digest_update(hashalgo, h, sldns_buffer_begin(buf),
7373 sldns_buffer_limit(buf), reason)) {
7379 /** count number of RRSIGs in a domain name rrset list */
7380 static size_t zonemd_simple_count_rrsig(struct auth_rrset* rrset,
7381 struct auth_rrset** rrlist, size_t rrnum,
7382 struct auth_zone* z, struct auth_data* node)
7384 size_t i, count = 0;
7387 for(j = 0; j<rrset->data->count; j++) {
7388 if(rrsig_rdata_get_type_covered(rrset->data->
7389 rr_data[j], rrset->data->rr_len[j]) ==
7390 LDNS_RR_TYPE_ZONEMD &&
7391 query_dname_compare(z->name, node->name)==0) {
7392 /* omit RRSIGs over type ZONEMD at apex */
7398 for(i=0; i<rrnum; i++) {
7399 if(rrlist[i] && rrlist[i]->type == LDNS_RR_TYPE_ZONEMD &&
7400 query_dname_compare(z->name, node->name)==0) {
7401 /* omit RRSIGs over type ZONEMD at apex */
7404 count += (rrlist[i]?rrlist[i]->data->rrsig_count:0);
7409 /** allocate sparse rrset data for the number of entries in tepm region */
7410 static int zonemd_simple_rrsig_allocs(struct regional* region,
7411 struct packed_rrset_data* data, size_t count)
7413 data->rr_len = regional_alloc(region, sizeof(*data->rr_len) * count);
7417 data->rr_ttl = regional_alloc(region, sizeof(*data->rr_ttl) * count);
7421 data->rr_data = regional_alloc(region, sizeof(*data->rr_data) * count);
7422 if(!data->rr_data) {
7428 /** add the RRSIGs from the rrs in the domain into the data */
7429 static void add_rrlist_rrsigs_into_data(struct packed_rrset_data* data,
7430 size_t* done, struct auth_rrset** rrlist, size_t rrnum,
7431 struct auth_zone* z, struct auth_data* node)
7434 for(i=0; i<rrnum; i++) {
7438 if(rrlist[i] && rrlist[i]->type == LDNS_RR_TYPE_ZONEMD &&
7439 query_dname_compare(z->name, node->name)==0) {
7440 /* omit RRSIGs over type ZONEMD at apex */
7443 for(j = 0; j<rrlist[i]->data->rrsig_count; j++) {
7444 data->rr_len[*done] = rrlist[i]->data->rr_len[rrlist[i]->data->count + j];
7445 data->rr_ttl[*done] = rrlist[i]->data->rr_ttl[rrlist[i]->data->count + j];
7446 /* reference the rdata in the rrset, no need to
7447 * copy it, it is no longer needed at the end of
7449 data->rr_data[*done] = rrlist[i]->data->rr_data[rrlist[i]->data->count + j];
7455 static void add_rrset_into_data(struct packed_rrset_data* data,
7456 size_t* done, struct auth_rrset* rrset,
7457 struct auth_zone* z, struct auth_data* node)
7461 for(j = 0; j<rrset->data->count; j++) {
7462 if(rrsig_rdata_get_type_covered(rrset->data->
7463 rr_data[j], rrset->data->rr_len[j]) ==
7464 LDNS_RR_TYPE_ZONEMD &&
7465 query_dname_compare(z->name, node->name)==0) {
7466 /* omit RRSIGs over type ZONEMD at apex */
7469 data->rr_len[*done] = rrset->data->rr_len[j];
7470 data->rr_ttl[*done] = rrset->data->rr_ttl[j];
7471 /* reference the rdata in the rrset, no need to
7472 * copy it, it is no longer need at the end of
7474 data->rr_data[*done] = rrset->data->rr_data[j];
7480 /** collate the RRSIGs using the simple scheme */
7481 static int zonemd_simple_rrsig(struct auth_zone* z, int hashalgo,
7482 struct secalgo_hash* h, struct auth_data* node,
7483 struct auth_rrset* rrset, struct auth_rrset** rrlist, size_t rrnum,
7484 struct regional* region, struct sldns_buffer* buf, char** reason)
7486 /* the rrset pointer can be NULL, this means it is type RRSIG and
7487 * there is no ordinary type RRSIG there. The RRSIGs are stored
7488 * with the RRsets in their data.
7490 * The RRset pointer can be nonNULL. This happens if there is
7491 * no RR that is covered by the RRSIG for the domain. Then this
7492 * RRSIG RR is stored in an rrset of type RRSIG. The other RRSIGs
7493 * are stored in the rrset entries for the RRs in the rr list for
7494 * the domain node. We need to collate the rrset's data, if any, and
7495 * the rrlist's rrsigs */
7496 /* if this is the apex, omit RRSIGs that cover type ZONEMD */
7497 /* build rrsig rrset */
7499 struct ub_packed_rrset_key key;
7500 struct packed_rrset_data data;
7501 memset(&key, 0, sizeof(key));
7502 memset(&data, 0, sizeof(data));
7503 key.entry.key = &key;
7504 key.entry.data = &data;
7505 key.rk.dname = node->name;
7506 key.rk.dname_len = node->namelen;
7507 key.rk.type = htons(LDNS_RR_TYPE_RRSIG);
7508 key.rk.rrset_class = htons(z->dclass);
7509 data.count = zonemd_simple_count_rrsig(rrset, rrlist, rrnum, z, node);
7510 if(!zonemd_simple_rrsig_allocs(region, &data, data.count)) {
7511 *reason = "out of memory";
7512 regional_free_all(region);
7515 /* all the RRSIGs stored in the other rrsets for this domain node */
7516 add_rrlist_rrsigs_into_data(&data, &done, rrlist, rrnum, z, node);
7517 /* plus the RRSIGs stored in an rrset of type RRSIG for this node */
7518 add_rrset_into_data(&data, &done, rrset, z, node);
7521 if(!rrset_canonicalize_to_buffer(region, buf, &key)) {
7522 *reason = "out of memory";
7523 regional_free_all(region);
7526 regional_free_all(region);
7529 if(!zonemd_digest_update(hashalgo, h, sldns_buffer_begin(buf),
7530 sldns_buffer_limit(buf), reason)) {
7536 /** collate a domain's rrsets using the simple scheme */
7537 static int zonemd_simple_domain(struct auth_zone* z, int hashalgo,
7538 struct secalgo_hash* h, struct auth_data* node,
7539 struct regional* region, struct sldns_buffer* buf, char** reason)
7541 const size_t rrlistsize = 65536;
7542 struct auth_rrset* rrlist[rrlistsize];
7543 size_t i, rrnum = 0;
7544 /* see if the domain is out of scope, the zone origin,
7545 * that would be omitted */
7546 if(!dname_subdomain_c(node->name, z->name))
7547 return 1; /* continue */
7548 /* loop over the rrsets in ascending order. */
7549 rrnum = authdata_rrsets_to_list(rrlist, rrlistsize, node->rrsets);
7550 addrrsigtype_if_needed(rrlist, rrlistsize, &rrnum, node);
7551 qsort(rrlist, rrnum, sizeof(*rrlist), rrlist_compare);
7552 for(i=0; i<rrnum; i++) {
7553 if(rrlist[i] && rrlist[i]->type == LDNS_RR_TYPE_ZONEMD &&
7554 query_dname_compare(z->name, node->name) == 0) {
7555 /* omit type ZONEMD at apex */
7558 if(rrlist[i] == NULL || rrlist[i]->type ==
7559 LDNS_RR_TYPE_RRSIG) {
7560 if(!zonemd_simple_rrsig(z, hashalgo, h, node,
7561 rrlist[i], rrlist, rrnum, region, buf, reason))
7563 } else if(!zonemd_simple_rrset(z, hashalgo, h, node,
7564 rrlist[i], region, buf, reason)) {
7571 /** collate the zone using the simple scheme */
7572 static int zonemd_simple_collate(struct auth_zone* z, int hashalgo,
7573 struct secalgo_hash* h, struct regional* region,
7574 struct sldns_buffer* buf, char** reason)
7576 /* our tree is sorted in canonical order, so we can just loop over
7578 struct auth_data* n;
7579 RBTREE_FOR(n, struct auth_data*, &z->data) {
7580 if(!zonemd_simple_domain(z, hashalgo, h, n, region, buf,
7587 int auth_zone_generate_zonemd_hash(struct auth_zone* z, int scheme,
7588 int hashalgo, uint8_t* hash, size_t hashlen, size_t* resultlen,
7589 struct regional* region, struct sldns_buffer* buf, char** reason)
7591 struct secalgo_hash* h = zonemd_digest_init(hashalgo, reason);
7594 *reason = "digest init fail";
7597 if(scheme == ZONEMD_SCHEME_SIMPLE) {
7598 if(!zonemd_simple_collate(z, hashalgo, h, region, buf, reason)) {
7599 if(!*reason) *reason = "scheme simple collate fail";
7600 secalgo_hash_delete(h);
7604 if(!zonemd_digest_finish(hashalgo, h, hash, hashlen, resultlen,
7606 secalgo_hash_delete(h);
7607 *reason = "digest finish fail";
7610 secalgo_hash_delete(h);
7614 int auth_zone_generate_zonemd_check(struct auth_zone* z, int scheme,
7615 int hashalgo, uint8_t* hash, size_t hashlen, struct regional* region,
7616 struct sldns_buffer* buf, char** reason)
7620 if(!zonemd_hashalgo_supported(hashalgo)) {
7621 *reason = "unsupported algorithm";
7624 if(!zonemd_scheme_supported(scheme)) {
7625 *reason = "unsupported scheme";
7629 /* the ZONEMD draft requires digests to fail if too small */
7630 *reason = "digest length too small, less than 12";
7633 /* generate digest */
7634 if(!auth_zone_generate_zonemd_hash(z, scheme, hashalgo, gen,
7635 sizeof(gen), &genlen, region, buf, reason)) {
7636 /* reason filled in by zonemd hash routine */
7639 /* check digest length */
7640 if(hashlen != genlen) {
7641 *reason = "incorrect digest length";
7642 if(verbosity >= VERB_ALGO) {
7643 verbose(VERB_ALGO, "zonemd scheme=%d hashalgo=%d",
7645 log_hex("ZONEMD should be ", gen, genlen);
7646 log_hex("ZONEMD to check is", hash, hashlen);
7651 if(memcmp(hash, gen, genlen) != 0) {
7652 *reason = "incorrect digest";
7653 if(verbosity >= VERB_ALGO) {
7654 verbose(VERB_ALGO, "zonemd scheme=%d hashalgo=%d",
7656 log_hex("ZONEMD should be ", gen, genlen);
7657 log_hex("ZONEMD to check is", hash, hashlen);
7664 /** log auth zone message with zone name in front. */
7665 static void auth_zone_log(uint8_t* name, enum verbosity_value level,
7666 const char* format, ...) ATTR_FORMAT(printf, 3, 4);
7667 static void auth_zone_log(uint8_t* name, enum verbosity_value level,
7668 const char* format, ...)
7671 va_start(args, format);
7672 if(verbosity >= level) {
7674 char msg[MAXSYSLOGMSGLEN];
7675 dname_str(name, str);
7676 vsnprintf(msg, sizeof(msg), format, args);
7677 verbose(level, "auth zone %s %s", str, msg);
7682 /** ZONEMD, dnssec verify the rrset with the dnskey */
7683 static int zonemd_dnssec_verify_rrset(struct auth_zone* z,
7684 struct module_env* env, struct module_stack* mods,
7685 struct ub_packed_rrset_key* dnskey, struct auth_data* node,
7686 struct auth_rrset* rrset, char** why_bogus)
7688 struct ub_packed_rrset_key pk;
7689 enum sec_status sec;
7692 m = modstack_find(mods, "validator");
7694 auth_zone_log(z->name, VERB_ALGO, "zonemd dnssec verify: have "
7695 "DNSKEY chain of trust, but no validator module");
7698 ve = (struct val_env*)env->modinfo[m];
7700 memset(&pk, 0, sizeof(pk));
7702 pk.entry.data = rrset->data;
7703 pk.rk.dname = node->name;
7704 pk.rk.dname_len = node->namelen;
7705 pk.rk.type = htons(rrset->type);
7706 pk.rk.rrset_class = htons(z->dclass);
7707 if(verbosity >= VERB_ALGO) {
7710 sldns_wire2str_type_buf(rrset->type, typestr, sizeof(typestr));
7711 auth_zone_log(z->name, VERB_ALGO,
7712 "zonemd: verify %s RRset with DNSKEY", typestr);
7714 sec = dnskeyset_verify_rrset(env, ve, &pk, dnskey, NULL, why_bogus,
7715 LDNS_SECTION_ANSWER, NULL);
7716 if(sec == sec_status_secure) {
7720 auth_zone_log(z->name, VERB_ALGO, "DNSSEC verify was bogus: %s", *why_bogus);
7724 /** check for nsec3, the RR with params equal, if bitmap has the type */
7725 static int nsec3_of_param_has_type(struct auth_rrset* nsec3, int algo,
7726 size_t iter, uint8_t* salt, size_t saltlen, uint16_t rrtype)
7728 int i, count = (int)nsec3->data->count;
7729 struct ub_packed_rrset_key pk;
7730 memset(&pk, 0, sizeof(pk));
7731 pk.entry.data = nsec3->data;
7732 for(i=0; i<count; i++) {
7734 size_t rriter, rrsaltlen;
7736 if(!nsec3_get_params(&pk, i, &rralgo, &rriter, &rrsalt,
7738 continue; /* no parameters, malformed */
7739 if(rralgo != algo || rriter != iter || rrsaltlen != saltlen)
7740 continue; /* different parameters */
7742 if(rrsalt == NULL || salt == NULL)
7744 if(memcmp(rrsalt, salt, saltlen) != 0)
7745 continue; /* different salt parameters */
7747 if(nsec3_has_type(&pk, i, rrtype))
7753 /** Verify the absence of ZONEMD with DNSSEC by checking NSEC, NSEC3 type flag.
7754 * return false on failure, reason contains description of failure. */
7755 static int zonemd_check_dnssec_absence(struct auth_zone* z,
7756 struct module_env* env, struct module_stack* mods,
7757 struct ub_packed_rrset_key* dnskey, struct auth_data* apex,
7758 char** reason, char** why_bogus)
7760 struct auth_rrset* nsec = NULL;
7762 *reason = "zone has no apex domain but ZONEMD missing";
7765 nsec = az_domain_rrset(apex, LDNS_RR_TYPE_NSEC);
7767 struct ub_packed_rrset_key pk;
7768 /* dnssec verify the NSEC */
7769 if(!zonemd_dnssec_verify_rrset(z, env, mods, dnskey, apex,
7771 *reason = "DNSSEC verify failed for NSEC RRset";
7774 /* check type bitmap */
7775 memset(&pk, 0, sizeof(pk));
7776 pk.entry.data = nsec->data;
7777 if(nsec_has_type(&pk, LDNS_RR_TYPE_ZONEMD)) {
7778 *reason = "DNSSEC NSEC bitmap says type ZONEMD exists";
7781 auth_zone_log(z->name, VERB_ALGO, "zonemd DNSSEC NSEC verification of absence of ZONEMD secure");
7783 /* NSEC3 perhaps ? */
7785 size_t iter, saltlen;
7787 struct auth_rrset* nsec3param = az_domain_rrset(apex,
7788 LDNS_RR_TYPE_NSEC3PARAM);
7789 struct auth_data* match;
7790 struct auth_rrset* nsec3;
7792 *reason = "zone has no NSEC information but ZONEMD missing";
7795 if(!az_nsec3_param(z, &algo, &iter, &salt, &saltlen)) {
7796 *reason = "zone has no NSEC information but ZONEMD missing";
7799 /* find the NSEC3 record */
7800 match = az_nsec3_find_exact(z, z->name, z->namelen, algo,
7801 iter, salt, saltlen);
7803 *reason = "zone has no NSEC3 domain for the apex but ZONEMD missing";
7806 nsec3 = az_domain_rrset(match, LDNS_RR_TYPE_NSEC3);
7808 *reason = "zone has no NSEC3 RRset for the apex but ZONEMD missing";
7811 /* dnssec verify the NSEC3 */
7812 if(!zonemd_dnssec_verify_rrset(z, env, mods, dnskey, match,
7813 nsec3, why_bogus)) {
7814 *reason = "DNSSEC verify failed for NSEC3 RRset";
7817 /* check type bitmap */
7818 if(nsec3_of_param_has_type(nsec3, algo, iter, salt, saltlen,
7819 LDNS_RR_TYPE_ZONEMD)) {
7820 *reason = "DNSSEC NSEC3 bitmap says type ZONEMD exists";
7823 auth_zone_log(z->name, VERB_ALGO, "zonemd DNSSEC NSEC3 verification of absence of ZONEMD secure");
7829 /** Verify the SOA and ZONEMD DNSSEC signatures.
7830 * return false on failure, reason contains description of failure. */
7831 static int zonemd_check_dnssec_soazonemd(struct auth_zone* z,
7832 struct module_env* env, struct module_stack* mods,
7833 struct ub_packed_rrset_key* dnskey, struct auth_data* apex,
7834 struct auth_rrset* zonemd_rrset, char** reason, char** why_bogus)
7836 struct auth_rrset* soa;
7838 *reason = "zone has no apex domain";
7841 soa = az_domain_rrset(apex, LDNS_RR_TYPE_SOA);
7843 *reason = "zone has no SOA RRset";
7846 if(!zonemd_dnssec_verify_rrset(z, env, mods, dnskey, apex, soa,
7848 *reason = "DNSSEC verify failed for SOA RRset";
7851 if(!zonemd_dnssec_verify_rrset(z, env, mods, dnskey, apex,
7852 zonemd_rrset, why_bogus)) {
7853 *reason = "DNSSEC verify failed for ZONEMD RRset";
7856 auth_zone_log(z->name, VERB_ALGO, "zonemd DNSSEC verification of SOA and ZONEMD RRsets secure");
7861 * Fail the ZONEMD verification.
7862 * @param z: auth zone that fails.
7863 * @param env: environment with config, to ignore failure or not.
7864 * @param reason: failure string description.
7865 * @param why_bogus: failure string for DNSSEC verification failure.
7866 * @param result: strdup result in here if not NULL.
7868 static void auth_zone_zonemd_fail(struct auth_zone* z, struct module_env* env,
7869 char* reason, char* why_bogus, char** result)
7872 /* if fail: log reason, and depending on config also take action
7873 * and drop the zone, eg. it is gone from memory, set zone_expired */
7874 dname_str(z->name, zstr);
7875 if(!reason) reason = "verification failed";
7879 snprintf(res, sizeof(res), "%s: %s", reason,
7881 *result = strdup(res);
7883 *result = strdup(reason);
7885 if(!*result) log_err("out of memory");
7887 log_warn("auth zone %s: ZONEMD verification failed: %s", zstr, reason);
7890 if(env->cfg->zonemd_permissive_mode) {
7891 verbose(VERB_ALGO, "zonemd-permissive-mode enabled, "
7892 "not blocking zone %s", zstr);
7896 /* expired means the zone gives servfail and is not used by
7897 * lookup if fallback_enabled*/
7898 z->zone_expired = 1;
7902 * Verify the zonemd with DNSSEC and hash check, with given key.
7903 * @param z: auth zone.
7904 * @param env: environment with config and temp buffers.
7905 * @param mods: module stack with validator env for verification.
7906 * @param dnskey: dnskey that we can use, or NULL. If nonnull, the key
7907 * has been verified and is the start of the chain of trust.
7908 * @param is_insecure: if true, the dnskey is not used, the zone is insecure.
7909 * And dnssec is not used. It is DNSSEC secure insecure or not under
7911 * @param result: if not NULL result reason copied here.
7914 auth_zone_verify_zonemd_with_key(struct auth_zone* z, struct module_env* env,
7915 struct module_stack* mods, struct ub_packed_rrset_key* dnskey,
7916 int is_insecure, char** result)
7918 char* reason = NULL, *why_bogus = NULL;
7919 struct auth_data* apex = NULL;
7920 struct auth_rrset* zonemd_rrset = NULL;
7921 int zonemd_absent = 0, zonemd_absence_dnssecok = 0;
7923 /* see if ZONEMD is present or absent. */
7924 apex = az_find_name(z, z->name, z->namelen);
7928 zonemd_rrset = az_domain_rrset(apex, LDNS_RR_TYPE_ZONEMD);
7929 if(!zonemd_rrset || zonemd_rrset->data->count==0) {
7931 zonemd_rrset = NULL;
7935 /* if no DNSSEC, done. */
7936 /* if no ZONEMD, and DNSSEC, use DNSKEY to verify NSEC or NSEC3 for
7937 * zone apex. Check ZONEMD bit is turned off or else fail */
7938 /* if ZONEMD, and DNSSEC, check DNSSEC signature on SOA and ZONEMD,
7940 if(!dnskey && !is_insecure) {
7941 auth_zone_zonemd_fail(z, env, "DNSKEY missing", NULL, result);
7943 } else if(!zonemd_rrset && dnskey && !is_insecure) {
7944 /* fetch, DNSSEC verify, and check NSEC/NSEC3 */
7945 if(!zonemd_check_dnssec_absence(z, env, mods, dnskey, apex,
7946 &reason, &why_bogus)) {
7947 auth_zone_zonemd_fail(z, env, reason, why_bogus, result);
7950 zonemd_absence_dnssecok = 1;
7951 } else if(zonemd_rrset && dnskey && !is_insecure) {
7952 /* check DNSSEC verify of SOA and ZONEMD */
7953 if(!zonemd_check_dnssec_soazonemd(z, env, mods, dnskey, apex,
7954 zonemd_rrset, &reason, &why_bogus)) {
7955 auth_zone_zonemd_fail(z, env, reason, why_bogus, result);
7960 if(zonemd_absent && z->zonemd_reject_absence) {
7961 auth_zone_zonemd_fail(z, env, "ZONEMD absent and that is not allowed by config", NULL, result);
7964 if(zonemd_absent && zonemd_absence_dnssecok) {
7965 auth_zone_log(z->name, VERB_ALGO, "DNSSEC verified nonexistence of ZONEMD");
7967 *result = strdup("DNSSEC verified nonexistence of ZONEMD");
7968 if(!*result) log_err("out of memory");
7973 auth_zone_log(z->name, VERB_ALGO, "no ZONEMD present");
7975 *result = strdup("no ZONEMD present");
7976 if(!*result) log_err("out of memory");
7981 /* check ZONEMD checksum and report or else fail. */
7982 if(!auth_zone_zonemd_check_hash(z, env, &reason)) {
7983 auth_zone_zonemd_fail(z, env, reason, NULL, result);
7987 /* success! log the success */
7988 auth_zone_log(z->name, VERB_ALGO, "ZONEMD verification successful");
7990 *result = strdup("ZONEMD verification successful");
7991 if(!*result) log_err("out of memory");
7996 * verify the zone DNSKEY rrset from the trust anchor
7997 * This is possible because the anchor is for the zone itself, and can
7998 * thus apply straight to the zone DNSKEY set.
7999 * @param z: the auth zone.
8000 * @param env: environment with time and temp buffers.
8001 * @param mods: module stack for validator environment for dnssec validation.
8002 * @param anchor: trust anchor to use
8003 * @param is_insecure: returned, true if the zone is securely insecure.
8004 * @param why_bogus: if the routine fails, returns the failure reason.
8005 * @param keystorage: where to store the ub_packed_rrset_key that is created
8006 * on success. A pointer to it is returned on success.
8007 * @return the dnskey RRset, reference to zone data and keystorage, or
8010 static struct ub_packed_rrset_key*
8011 zonemd_get_dnskey_from_anchor(struct auth_zone* z, struct module_env* env,
8012 struct module_stack* mods, struct trust_anchor* anchor,
8013 int* is_insecure, char** why_bogus,
8014 struct ub_packed_rrset_key* keystorage)
8016 struct auth_data* apex;
8017 struct auth_rrset* dnskey_rrset;
8018 enum sec_status sec;
8022 apex = az_find_name(z, z->name, z->namelen);
8024 *why_bogus = "have trust anchor, but zone has no apex domain for DNSKEY";
8027 dnskey_rrset = az_domain_rrset(apex, LDNS_RR_TYPE_DNSKEY);
8028 if(!dnskey_rrset || dnskey_rrset->data->count==0) {
8029 *why_bogus = "have trust anchor, but zone has no DNSKEY";
8033 m = modstack_find(mods, "validator");
8035 *why_bogus = "have trust anchor, but no validator module";
8038 ve = (struct val_env*)env->modinfo[m];
8040 memset(keystorage, 0, sizeof(*keystorage));
8041 keystorage->entry.key = keystorage;
8042 keystorage->entry.data = dnskey_rrset->data;
8043 keystorage->rk.dname = apex->name;
8044 keystorage->rk.dname_len = apex->namelen;
8045 keystorage->rk.type = htons(LDNS_RR_TYPE_DNSKEY);
8046 keystorage->rk.rrset_class = htons(z->dclass);
8047 auth_zone_log(z->name, VERB_QUERY,
8048 "zonemd: verify DNSKEY RRset with trust anchor");
8049 sec = val_verify_DNSKEY_with_TA(env, ve, keystorage, anchor->ds_rrset,
8050 anchor->dnskey_rrset, NULL, why_bogus, NULL);
8051 regional_free_all(env->scratch);
8052 if(sec == sec_status_secure) {
8056 } else if(sec == sec_status_insecure) {
8062 auth_zone_log(z->name, VERB_ALGO,
8063 "zonemd: verify DNSKEY RRset with trust anchor failed: %s", *why_bogus);
8068 /** callback for ZONEMD lookup of DNSKEY */
8069 void auth_zonemd_dnskey_lookup_callback(void* arg, int rcode, sldns_buffer* buf,
8070 enum sec_status sec, char* why_bogus, int ATTR_UNUSED(was_ratelimited))
8072 struct auth_zone* z = (struct auth_zone*)arg;
8073 struct module_env* env;
8074 char* reason = NULL;
8075 struct ub_packed_rrset_key* dnskey = NULL;
8076 int is_insecure = 0;
8078 lock_rw_wrlock(&z->lock);
8079 env = z->zonemd_callback_env;
8080 /* release the env variable so another worker can pick up the
8081 * ZONEMD verification task if it wants to */
8082 z->zonemd_callback_env = NULL;
8083 if(!env || env->outnet->want_to_quit || z->zone_deleted) {
8084 lock_rw_unlock(&z->lock);
8085 return; /* stop on quit */
8088 /* process result */
8089 if(sec == sec_status_bogus) {
8092 reason = "lookup of DNSKEY was bogus";
8093 auth_zone_log(z->name, VERB_ALGO,
8094 "zonemd lookup of DNSKEY was bogus: %s", reason);
8095 } else if(rcode == LDNS_RCODE_NOERROR) {
8096 uint16_t wanted_qtype = LDNS_RR_TYPE_DNSKEY;
8097 struct regional* temp = env->scratch;
8098 struct query_info rq;
8099 struct reply_info* rep;
8100 memset(&rq, 0, sizeof(rq));
8101 rep = parse_reply_in_temp_region(buf, temp, &rq);
8102 if(rep && rq.qtype == wanted_qtype &&
8103 query_dname_compare(z->name, rq.qname) == 0 &&
8104 FLAGS_GET_RCODE(rep->flags) == LDNS_RCODE_NOERROR) {
8105 /* parsed successfully */
8106 struct ub_packed_rrset_key* answer =
8107 reply_find_answer_rrset(&rq, rep);
8108 if(answer && sec == sec_status_secure) {
8110 auth_zone_log(z->name, VERB_ALGO,
8111 "zonemd lookup of DNSKEY was secure");
8112 } else if(sec == sec_status_secure && !answer) {
8114 auth_zone_log(z->name, VERB_ALGO,
8115 "zonemd lookup of DNSKEY has no content, but is secure, treat as insecure");
8116 } else if(sec == sec_status_insecure) {
8118 auth_zone_log(z->name, VERB_ALGO,
8119 "zonemd lookup of DNSKEY was insecure");
8120 } else if(sec == sec_status_indeterminate) {
8122 auth_zone_log(z->name, VERB_ALGO,
8123 "zonemd lookup of DNSKEY was indeterminate, treat as insecure");
8125 auth_zone_log(z->name, VERB_ALGO,
8126 "zonemd lookup of DNSKEY has nodata");
8127 reason = "lookup of DNSKEY has nodata";
8129 } else if(rep && rq.qtype == wanted_qtype &&
8130 query_dname_compare(z->name, rq.qname) == 0 &&
8131 FLAGS_GET_RCODE(rep->flags) == LDNS_RCODE_NXDOMAIN &&
8132 sec == sec_status_secure) {
8133 /* secure nxdomain, so the zone is like some RPZ zone
8134 * that does not exist in the wider internet, with
8135 * a secure nxdomain answer outside of it. So we
8136 * treat the zonemd zone without a dnssec chain of
8137 * trust, as insecure. */
8139 auth_zone_log(z->name, VERB_ALGO,
8140 "zonemd lookup of DNSKEY was secure NXDOMAIN, treat as insecure");
8141 } else if(rep && rq.qtype == wanted_qtype &&
8142 query_dname_compare(z->name, rq.qname) == 0 &&
8143 FLAGS_GET_RCODE(rep->flags) == LDNS_RCODE_NXDOMAIN &&
8144 sec == sec_status_insecure) {
8146 auth_zone_log(z->name, VERB_ALGO,
8147 "zonemd lookup of DNSKEY was insecure NXDOMAIN, treat as insecure");
8148 } else if(rep && rq.qtype == wanted_qtype &&
8149 query_dname_compare(z->name, rq.qname) == 0 &&
8150 FLAGS_GET_RCODE(rep->flags) == LDNS_RCODE_NXDOMAIN &&
8151 sec == sec_status_indeterminate) {
8153 auth_zone_log(z->name, VERB_ALGO,
8154 "zonemd lookup of DNSKEY was indeterminate NXDOMAIN, treat as insecure");
8156 auth_zone_log(z->name, VERB_ALGO,
8157 "zonemd lookup of DNSKEY has no answer");
8158 reason = "lookup of DNSKEY has no answer";
8161 auth_zone_log(z->name, VERB_ALGO,
8162 "zonemd lookup of DNSKEY failed");
8163 reason = "lookup of DNSKEY failed";
8167 auth_zone_zonemd_fail(z, env, reason, NULL, NULL);
8168 lock_rw_unlock(&z->lock);
8172 auth_zone_verify_zonemd_with_key(z, env, &env->mesh->mods, dnskey,
8174 regional_free_all(env->scratch);
8175 lock_rw_unlock(&z->lock);
8178 /** lookup DNSKEY for ZONEMD verification */
8180 zonemd_lookup_dnskey(struct auth_zone* z, struct module_env* env)
8182 struct query_info qinfo;
8183 uint16_t qflags = BIT_RD;
8184 struct edns_data edns;
8185 sldns_buffer* buf = env->scratch_buffer;
8187 if(z->zonemd_callback_env) {
8188 /* another worker is already working on the callback
8189 * for the DNSKEY lookup for ZONEMD verification.
8190 * We do not also have to do ZONEMD verification, let that
8192 auth_zone_log(z->name, VERB_ALGO,
8193 "zonemd needs lookup of DNSKEY and that already worked on by another worker");
8197 /* use mesh_new_callback to lookup the DNSKEY,
8198 * and then wait for them to be looked up (in cache, or query) */
8199 qinfo.qname_len = z->namelen;
8200 qinfo.qname = z->name;
8201 qinfo.qclass = z->dclass;
8202 qinfo.qtype = LDNS_RR_TYPE_DNSKEY;
8203 qinfo.local_alias = NULL;
8204 if(verbosity >= VERB_ALGO) {
8206 char buf2[LDNS_MAX_DOMAINLEN+1];
8207 dname_str(z->name, buf2);
8208 snprintf(buf1, sizeof(buf1), "auth zone %s: lookup DNSKEY "
8209 "for zonemd verification", buf2);
8210 log_query_info(VERB_ALGO, buf1, &qinfo);
8212 edns.edns_present = 1;
8214 edns.edns_version = 0;
8215 edns.bits = EDNS_DO;
8216 edns.opt_list = NULL;
8217 if(sldns_buffer_capacity(buf) < 65535)
8218 edns.udp_size = (uint16_t)sldns_buffer_capacity(buf);
8219 else edns.udp_size = 65535;
8221 /* store the worker-specific module env for the callback.
8222 * We can then reference this when the callback executes */
8223 z->zonemd_callback_env = env;
8224 /* the callback can be called straight away */
8225 lock_rw_unlock(&z->lock);
8226 if(!mesh_new_callback(env->mesh, &qinfo, qflags, &edns, buf, 0,
8227 &auth_zonemd_dnskey_lookup_callback, z)) {
8228 lock_rw_wrlock(&z->lock);
8229 log_err("out of memory lookup up dnskey for zonemd");
8232 lock_rw_wrlock(&z->lock);
8236 void auth_zone_verify_zonemd(struct auth_zone* z, struct module_env* env,
8237 struct module_stack* mods, char** result, int offline, int only_online)
8239 char* reason = NULL, *why_bogus = NULL;
8240 struct trust_anchor* anchor = NULL;
8241 struct ub_packed_rrset_key* dnskey = NULL;
8242 struct ub_packed_rrset_key keystorage;
8243 int is_insecure = 0;
8244 /* verify the ZONEMD if present.
8245 * If not present check if absence is allowed by DNSSEC */
8246 if(!z->zonemd_check)
8249 /* if zone is under a trustanchor */
8250 /* is it equal to trustanchor - get dnskey's verified */
8251 /* else, find chain of trust by fetching DNSKEYs lookup for zone */
8252 /* result if that, if insecure, means no DNSSEC for the ZONEMD,
8253 * otherwise we have the zone DNSKEY for the DNSSEC verification. */
8255 anchor = anchors_lookup(env->anchors, z->name, z->namelen,
8257 if(anchor && anchor->numDS == 0 && anchor->numDNSKEY == 0) {
8258 /* domain-insecure trust anchor for unsigned zones */
8259 lock_basic_unlock(&anchor->lock);
8264 } else if(anchor && query_dname_compare(z->name, anchor->name) == 0) {
8266 lock_basic_unlock(&anchor->lock);
8269 /* equal to trustanchor, no need for online lookups */
8270 dnskey = zonemd_get_dnskey_from_anchor(z, env, mods, anchor,
8271 &is_insecure, &why_bogus, &keystorage);
8272 lock_basic_unlock(&anchor->lock);
8273 if(!dnskey && !reason && !is_insecure) {
8274 reason = "verify DNSKEY RRset with trust anchor failed";
8277 lock_basic_unlock(&anchor->lock);
8278 /* perform online lookups */
8281 /* setup online lookups, and wait for them */
8282 if(zonemd_lookup_dnskey(z, env)) {
8283 /* wait for the lookup */
8286 reason = "could not lookup DNSKEY for chain of trust";
8288 /* the zone is not under a trust anchor */
8296 auth_zone_zonemd_fail(z, env, reason, why_bogus, result);
8300 auth_zone_verify_zonemd_with_key(z, env, mods, dnskey, is_insecure,
8302 regional_free_all(env->scratch);
8305 void auth_zones_pickup_zonemd_verify(struct auth_zones* az,
8306 struct module_env* env)
8308 struct auth_zone key;
8309 uint8_t savezname[255+1];
8310 size_t savezname_len;
8311 struct auth_zone* z;
8312 key.node.key = &key;
8313 lock_rw_rdlock(&az->lock);
8314 RBTREE_FOR(z, struct auth_zone*, &az->ztree) {
8315 lock_rw_wrlock(&z->lock);
8316 if(!z->zonemd_check) {
8317 lock_rw_unlock(&z->lock);
8320 key.dclass = z->dclass;
8321 key.namelabs = z->namelabs;
8322 if(z->namelen > sizeof(savezname)) {
8323 lock_rw_unlock(&z->lock);
8324 log_err("auth_zones_pickup_zonemd_verify: zone name too long");
8327 savezname_len = z->namelen;
8328 memmove(savezname, z->name, z->namelen);
8329 lock_rw_unlock(&az->lock);
8330 auth_zone_verify_zonemd(z, env, &env->mesh->mods, NULL, 0, 1);
8331 lock_rw_unlock(&z->lock);
8332 lock_rw_rdlock(&az->lock);
8333 /* find the zone we had before, it is not deleted,
8334 * because we have a flag for that that is processed at
8336 key.namelen = savezname_len;
8337 key.name = savezname;
8338 z = (struct auth_zone*)rbtree_search(&az->ztree, &key);
8342 lock_rw_unlock(&az->lock);