2 * services/authzone.c - authoritative zone that is locally hosted.
4 * Copyright (c) 2017, NLnet Labs. All rights reserved.
6 * This software is open source.
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
12 * Redistributions of source code must retain the above copyright notice,
13 * this list of conditions and the following disclaimer.
15 * Redistributions in binary form must reproduce the above copyright notice,
16 * this list of conditions and the following disclaimer in the documentation
17 * and/or other materials provided with the distribution.
19 * Neither the name of the NLNET LABS nor the names of its contributors may
20 * be used to endorse or promote products derived from this software without
21 * specific prior written permission.
23 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
24 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
25 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
26 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
27 * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
28 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
29 * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
30 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
31 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
32 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
33 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
39 * This file contains the functions for an authority zone. This zone
40 * is queried by the iterator, just like a stub or forward zone, but then
41 * the data is locally held.
45 #include "services/authzone.h"
46 #include "util/data/dname.h"
47 #include "util/data/msgparse.h"
48 #include "util/data/msgreply.h"
49 #include "util/data/msgencode.h"
50 #include "util/data/packed_rrset.h"
51 #include "util/regional.h"
52 #include "util/net_help.h"
53 #include "util/netevent.h"
54 #include "util/config_file.h"
56 #include "util/module.h"
57 #include "util/random.h"
58 #include "services/cache/dns.h"
59 #include "services/outside_network.h"
60 #include "services/listen_dnsport.h"
61 #include "services/mesh.h"
62 #include "sldns/rrdef.h"
63 #include "sldns/pkthdr.h"
64 #include "sldns/sbuffer.h"
65 #include "sldns/str2wire.h"
66 #include "sldns/wire2str.h"
67 #include "sldns/parseutil.h"
68 #include "sldns/keyraw.h"
69 #include "validator/val_nsec3.h"
70 #include "validator/val_nsec.h"
71 #include "validator/val_secalgo.h"
72 #include "validator/val_sigcrypt.h"
73 #include "validator/val_anchor.h"
74 #include "validator/val_utils.h"
77 /** bytes to use for NSEC3 hash buffer. 20 for sha1 */
78 #define N3HASHBUFLEN 32
79 /** max number of CNAMEs we are willing to follow (in one answer) */
80 #define MAX_CNAME_CHAIN 8
81 /** timeout for probe packets for SOA */
82 #define AUTH_PROBE_TIMEOUT 100 /* msec */
83 /** when to stop with SOA probes (when exponential timeouts exceed this) */
84 #define AUTH_PROBE_TIMEOUT_STOP 1000 /* msec */
85 /* auth transfer timeout for TCP connections, in msec */
86 #define AUTH_TRANSFER_TIMEOUT 10000 /* msec */
87 /* auth transfer max backoff for failed transfers and probes */
88 #define AUTH_TRANSFER_MAX_BACKOFF 86400 /* sec */
89 /* auth http port number */
90 #define AUTH_HTTP_PORT 80
91 /* auth https port number */
92 #define AUTH_HTTPS_PORT 443
93 /* max depth for nested $INCLUDEs */
94 #define MAX_INCLUDE_DEPTH 10
95 /** number of timeouts before we fallback from IXFR to AXFR,
96 * because some versions of servers (eg. dnsmasq) drop IXFR packets. */
97 #define NUM_TIMEOUTS_FALLBACK_IXFR 3
99 /** pick up nextprobe task to start waiting to perform transfer actions */
100 static void xfr_set_timeout(struct auth_xfer* xfr, struct module_env* env,
101 int failure, int lookup_only);
102 /** move to sending the probe packets, next if fails. task_probe */
103 static void xfr_probe_send_or_end(struct auth_xfer* xfr,
104 struct module_env* env);
105 /** pick up probe task with specified(or NULL) destination first,
106 * or transfer task if nothing to probe, or false if already in progress */
107 static int xfr_start_probe(struct auth_xfer* xfr, struct module_env* env,
108 struct auth_master* spec);
109 /** delete xfer structure (not its tree entry) */
110 void auth_xfer_delete(struct auth_xfer* xfr);
112 /** create new dns_msg */
113 static struct dns_msg*
114 msg_create(struct regional* region, struct query_info* qinfo)
116 struct dns_msg* msg = (struct dns_msg*)regional_alloc(region,
117 sizeof(struct dns_msg));
120 msg->qinfo.qname = regional_alloc_init(region, qinfo->qname,
122 if(!msg->qinfo.qname)
124 msg->qinfo.qname_len = qinfo->qname_len;
125 msg->qinfo.qtype = qinfo->qtype;
126 msg->qinfo.qclass = qinfo->qclass;
127 msg->qinfo.local_alias = NULL;
128 /* non-packed reply_info, because it needs to grow the array */
129 msg->rep = (struct reply_info*)regional_alloc_zero(region,
130 sizeof(struct reply_info)-sizeof(struct rrset_ref));
133 msg->rep->flags = (uint16_t)(BIT_QR | BIT_AA);
134 msg->rep->authoritative = 1;
135 msg->rep->reason_bogus = LDNS_EDE_NONE;
136 msg->rep->qdcount = 1;
137 /* rrsets is NULL, no rrsets yet */
141 /** grow rrset array by one in msg */
143 msg_grow_array(struct regional* region, struct dns_msg* msg)
145 if(msg->rep->rrsets == NULL) {
146 msg->rep->rrsets = regional_alloc_zero(region,
147 sizeof(struct ub_packed_rrset_key*)*(msg->rep->rrset_count+1));
148 if(!msg->rep->rrsets)
151 struct ub_packed_rrset_key** rrsets_old = msg->rep->rrsets;
152 msg->rep->rrsets = regional_alloc_zero(region,
153 sizeof(struct ub_packed_rrset_key*)*(msg->rep->rrset_count+1));
154 if(!msg->rep->rrsets)
156 memmove(msg->rep->rrsets, rrsets_old,
157 sizeof(struct ub_packed_rrset_key*)*msg->rep->rrset_count);
162 /** get ttl of rrset */
164 get_rrset_ttl(struct ub_packed_rrset_key* k)
166 struct packed_rrset_data* d = (struct packed_rrset_data*)
171 /** Copy rrset into region from domain-datanode and packet rrset */
172 static struct ub_packed_rrset_key*
173 auth_packed_rrset_copy_region(struct auth_zone* z, struct auth_data* node,
174 struct auth_rrset* rrset, struct regional* region, time_t adjust)
176 struct ub_packed_rrset_key key;
177 memset(&key, 0, sizeof(key));
178 key.entry.key = &key;
179 key.entry.data = rrset->data;
180 key.rk.dname = node->name;
181 key.rk.dname_len = node->namelen;
182 key.rk.type = htons(rrset->type);
183 key.rk.rrset_class = htons(z->dclass);
184 key.entry.hash = rrset_key_hash(&key.rk);
185 return packed_rrset_copy_region(&key, region, adjust);
188 /** fix up msg->rep TTL and prefetch ttl */
190 msg_ttl(struct dns_msg* msg)
192 if(msg->rep->rrset_count == 0) return;
193 if(msg->rep->rrset_count == 1) {
194 msg->rep->ttl = get_rrset_ttl(msg->rep->rrsets[0]);
195 msg->rep->prefetch_ttl = PREFETCH_TTL_CALC(msg->rep->ttl);
196 msg->rep->serve_expired_ttl = msg->rep->ttl + SERVE_EXPIRED_TTL;
197 } else if(get_rrset_ttl(msg->rep->rrsets[msg->rep->rrset_count-1]) <
199 msg->rep->ttl = get_rrset_ttl(msg->rep->rrsets[
200 msg->rep->rrset_count-1]);
201 msg->rep->prefetch_ttl = PREFETCH_TTL_CALC(msg->rep->ttl);
202 msg->rep->serve_expired_ttl = msg->rep->ttl + SERVE_EXPIRED_TTL;
206 /** see if rrset is a duplicate in the answer message */
208 msg_rrset_duplicate(struct dns_msg* msg, uint8_t* nm, size_t nmlen,
209 uint16_t type, uint16_t dclass)
212 for(i=0; i<msg->rep->rrset_count; i++) {
213 struct ub_packed_rrset_key* k = msg->rep->rrsets[i];
214 if(ntohs(k->rk.type) == type && k->rk.dname_len == nmlen &&
215 ntohs(k->rk.rrset_class) == dclass &&
216 query_dname_compare(k->rk.dname, nm) == 0)
222 /** add rrset to answer section (no auth, add rrsets yet) */
224 msg_add_rrset_an(struct auth_zone* z, struct regional* region,
225 struct dns_msg* msg, struct auth_data* node, struct auth_rrset* rrset)
227 log_assert(msg->rep->ns_numrrsets == 0);
228 log_assert(msg->rep->ar_numrrsets == 0);
231 if(msg_rrset_duplicate(msg, node->name, node->namelen, rrset->type,
235 if(!msg_grow_array(region, msg))
238 if(!(msg->rep->rrsets[msg->rep->rrset_count] =
239 auth_packed_rrset_copy_region(z, node, rrset, region, 0)))
241 msg->rep->rrset_count++;
242 msg->rep->an_numrrsets++;
247 /** add rrset to authority section (no additional section rrsets yet) */
249 msg_add_rrset_ns(struct auth_zone* z, struct regional* region,
250 struct dns_msg* msg, struct auth_data* node, struct auth_rrset* rrset)
252 log_assert(msg->rep->ar_numrrsets == 0);
255 if(msg_rrset_duplicate(msg, node->name, node->namelen, rrset->type,
259 if(!msg_grow_array(region, msg))
262 if(!(msg->rep->rrsets[msg->rep->rrset_count] =
263 auth_packed_rrset_copy_region(z, node, rrset, region, 0)))
265 msg->rep->rrset_count++;
266 msg->rep->ns_numrrsets++;
271 /** add rrset to additional section */
273 msg_add_rrset_ar(struct auth_zone* z, struct regional* region,
274 struct dns_msg* msg, struct auth_data* node, struct auth_rrset* rrset)
278 if(msg_rrset_duplicate(msg, node->name, node->namelen, rrset->type,
282 if(!msg_grow_array(region, msg))
285 if(!(msg->rep->rrsets[msg->rep->rrset_count] =
286 auth_packed_rrset_copy_region(z, node, rrset, region, 0)))
288 msg->rep->rrset_count++;
289 msg->rep->ar_numrrsets++;
294 struct auth_zones* auth_zones_create(void)
296 struct auth_zones* az = (struct auth_zones*)calloc(1, sizeof(*az));
298 log_err("out of memory");
301 rbtree_init(&az->ztree, &auth_zone_cmp);
302 rbtree_init(&az->xtree, &auth_xfer_cmp);
303 lock_rw_init(&az->lock);
304 lock_protect(&az->lock, &az->ztree, sizeof(az->ztree));
305 lock_protect(&az->lock, &az->xtree, sizeof(az->xtree));
306 /* also lock protects the rbnode's in struct auth_zone, auth_xfer */
307 lock_rw_init(&az->rpz_lock);
308 lock_protect(&az->rpz_lock, &az->rpz_first, sizeof(az->rpz_first));
312 int auth_zone_cmp(const void* z1, const void* z2)
314 /* first sort on class, so that hierarchy can be maintained within
316 struct auth_zone* a = (struct auth_zone*)z1;
317 struct auth_zone* b = (struct auth_zone*)z2;
319 if(a->dclass != b->dclass) {
320 if(a->dclass < b->dclass)
324 /* sorted such that higher zones sort before lower zones (their
326 return dname_lab_cmp(a->name, a->namelabs, b->name, b->namelabs, &m);
329 int auth_data_cmp(const void* z1, const void* z2)
331 struct auth_data* a = (struct auth_data*)z1;
332 struct auth_data* b = (struct auth_data*)z2;
334 /* canonical sort, because DNSSEC needs that */
335 return dname_canon_lab_cmp(a->name, a->namelabs, b->name,
339 int auth_xfer_cmp(const void* z1, const void* z2)
341 /* first sort on class, so that hierarchy can be maintained within
343 struct auth_xfer* a = (struct auth_xfer*)z1;
344 struct auth_xfer* b = (struct auth_xfer*)z2;
346 if(a->dclass != b->dclass) {
347 if(a->dclass < b->dclass)
351 /* sorted such that higher zones sort before lower zones (their
353 return dname_lab_cmp(a->name, a->namelabs, b->name, b->namelabs, &m);
356 /** delete auth rrset node */
358 auth_rrset_delete(struct auth_rrset* rrset)
365 /** delete auth data domain node */
367 auth_data_delete(struct auth_data* n)
369 struct auth_rrset* p, *np;
374 auth_rrset_delete(p);
381 /** helper traverse to delete zones */
383 auth_data_del(rbnode_type* n, void* ATTR_UNUSED(arg))
385 struct auth_data* z = (struct auth_data*)n->key;
389 /** delete an auth zone structure (tree remove must be done elsewhere) */
391 auth_zone_delete(struct auth_zone* z, struct auth_zones* az)
394 lock_rw_destroy(&z->lock);
395 traverse_postorder(&z->data, auth_data_del, NULL);
398 /* keep RPZ linked list intact */
399 lock_rw_wrlock(&az->rpz_lock);
401 z->rpz_az_prev->rpz_az_next = z->rpz_az_next;
403 az->rpz_first = z->rpz_az_next;
405 z->rpz_az_next->rpz_az_prev = z->rpz_az_prev;
406 lock_rw_unlock(&az->rpz_lock);
416 auth_zone_create(struct auth_zones* az, uint8_t* nm, size_t nmlen,
419 struct auth_zone* z = (struct auth_zone*)calloc(1, sizeof(*z));
426 z->namelabs = dname_count_labels(nm);
427 z->name = memdup(nm, nmlen);
432 rbtree_init(&z->data, &auth_data_cmp);
433 lock_rw_init(&z->lock);
434 lock_protect(&z->lock, &z->name, sizeof(*z)-sizeof(rbnode_type)-
435 sizeof(&z->rpz_az_next)-sizeof(&z->rpz_az_prev));
436 lock_rw_wrlock(&z->lock);
437 /* z lock protects all, except rbtree itself and the rpz linked list
438 * pointers, which are protected using az->lock */
439 if(!rbtree_insert(&az->ztree, &z->node)) {
440 lock_rw_unlock(&z->lock);
441 auth_zone_delete(z, NULL);
442 log_warn("duplicate auth zone");
449 auth_zone_find(struct auth_zones* az, uint8_t* nm, size_t nmlen,
452 struct auth_zone key;
457 key.namelabs = dname_count_labels(nm);
458 return (struct auth_zone*)rbtree_search(&az->ztree, &key);
462 auth_xfer_find(struct auth_zones* az, uint8_t* nm, size_t nmlen,
465 struct auth_xfer key;
470 key.namelabs = dname_count_labels(nm);
471 return (struct auth_xfer*)rbtree_search(&az->xtree, &key);
474 /** find an auth zone or sorted less-or-equal, return true if exact */
476 auth_zone_find_less_equal(struct auth_zones* az, uint8_t* nm, size_t nmlen,
477 uint16_t dclass, struct auth_zone** z)
479 struct auth_zone key;
484 key.namelabs = dname_count_labels(nm);
485 return rbtree_find_less_equal(&az->ztree, &key, (rbnode_type**)z);
489 /** find the auth zone that is above the given name */
491 auth_zones_find_zone(struct auth_zones* az, uint8_t* name, size_t name_len,
495 size_t nmlen = name_len;
497 if(auth_zone_find_less_equal(az, nm, nmlen, dclass, &z)) {
501 /* less-or-nothing */
502 if(!z) return NULL; /* nothing smaller, nothing above it */
503 /* we found smaller name; smaller may be above the name,
504 * but not below it. */
505 nm = dname_get_shared_topdomain(z->name, name);
506 dname_count_size_labels(nm, &nmlen);
512 z = auth_zone_find(az, nm, nmlen, dclass);
514 if(dname_is_root(nm)) break;
515 dname_remove_label(&nm, &nmlen);
520 /** find or create zone with name str. caller must have lock on az.
521 * returns a wrlocked zone */
522 static struct auth_zone*
523 auth_zones_find_or_add_zone(struct auth_zones* az, char* name)
525 uint8_t nm[LDNS_MAX_DOMAINLEN+1];
526 size_t nmlen = sizeof(nm);
529 if(sldns_str2wire_dname_buf(name, nm, &nmlen) != 0) {
530 log_err("cannot parse auth zone name: %s", name);
533 z = auth_zone_find(az, nm, nmlen, LDNS_RR_CLASS_IN);
535 /* not found, create the zone */
536 z = auth_zone_create(az, nm, nmlen, LDNS_RR_CLASS_IN);
538 lock_rw_wrlock(&z->lock);
543 /** find or create xfer zone with name str. caller must have lock on az.
544 * returns a locked xfer */
545 static struct auth_xfer*
546 auth_zones_find_or_add_xfer(struct auth_zones* az, struct auth_zone* z)
549 x = auth_xfer_find(az, z->name, z->namelen, z->dclass);
551 /* not found, create the zone */
552 x = auth_xfer_create(az, z);
554 lock_basic_lock(&x->lock);
560 auth_zone_set_zonefile(struct auth_zone* z, char* zonefile)
562 if(z->zonefile) free(z->zonefile);
563 if(zonefile == NULL) {
566 z->zonefile = strdup(zonefile);
568 log_err("malloc failure");
575 /** set auth zone fallback. caller must have lock on zone */
577 auth_zone_set_fallback(struct auth_zone* z, char* fallbackstr)
579 if(strcmp(fallbackstr, "yes") != 0 && strcmp(fallbackstr, "no") != 0){
580 log_err("auth zone fallback, expected yes or no, got %s",
584 z->fallback_enabled = (strcmp(fallbackstr, "yes")==0);
588 /** create domain with the given name */
589 static struct auth_data*
590 az_domain_create(struct auth_zone* z, uint8_t* nm, size_t nmlen)
592 struct auth_data* n = (struct auth_data*)malloc(sizeof(*n));
594 memset(n, 0, sizeof(*n));
596 n->name = memdup(nm, nmlen);
602 n->namelabs = dname_count_labels(nm);
603 if(!rbtree_insert(&z->data, &n->node)) {
604 log_warn("duplicate auth domain name");
612 /** find domain with exactly the given name */
613 static struct auth_data*
614 az_find_name(struct auth_zone* z, uint8_t* nm, size_t nmlen)
616 struct auth_zone key;
620 key.namelabs = dname_count_labels(nm);
621 return (struct auth_data*)rbtree_search(&z->data, &key);
624 /** Find domain name (or closest match) */
626 az_find_domain(struct auth_zone* z, struct query_info* qinfo, int* node_exact,
627 struct auth_data** node)
629 struct auth_zone key;
631 key.name = qinfo->qname;
632 key.namelen = qinfo->qname_len;
633 key.namelabs = dname_count_labels(key.name);
634 *node_exact = rbtree_find_less_equal(&z->data, &key,
635 (rbnode_type**)node);
638 /** find or create domain with name in zone */
639 static struct auth_data*
640 az_domain_find_or_create(struct auth_zone* z, uint8_t* dname,
643 struct auth_data* n = az_find_name(z, dname, dname_len);
645 n = az_domain_create(z, dname, dname_len);
650 /** find rrset of given type in the domain */
651 static struct auth_rrset*
652 az_domain_rrset(struct auth_data* n, uint16_t t)
654 struct auth_rrset* rrset;
665 /** remove rrset of this type from domain */
667 domain_remove_rrset(struct auth_data* node, uint16_t rr_type)
669 struct auth_rrset* rrset, *prev;
672 rrset = node->rrsets;
674 if(rrset->type == rr_type) {
675 /* found it, now delete it */
676 if(prev) prev->next = rrset->next;
677 else node->rrsets = rrset->next;
678 auth_rrset_delete(rrset);
686 /** find an rrsig index in the rrset. returns true if found */
688 az_rrset_find_rrsig(struct packed_rrset_data* d, uint8_t* rdata, size_t len,
692 for(i=d->count; i<d->count + d->rrsig_count; i++) {
693 if(d->rr_len[i] != len)
695 if(memcmp(d->rr_data[i], rdata, len) == 0) {
703 /** see if rdata is duplicate */
705 rdata_duplicate(struct packed_rrset_data* d, uint8_t* rdata, size_t len)
708 for(i=0; i<d->count + d->rrsig_count; i++) {
709 if(d->rr_len[i] != len)
711 if(memcmp(d->rr_data[i], rdata, len) == 0)
717 /** get rrsig type covered from rdata.
718 * @param rdata: rdata in wireformat, starting with 16bit rdlength.
719 * @param rdatalen: length of rdata buffer.
720 * @return type covered (or 0).
723 rrsig_rdata_get_type_covered(uint8_t* rdata, size_t rdatalen)
727 return sldns_read_uint16(rdata+2);
730 /** remove RR from existing RRset. Also sig, if it is a signature.
731 * reallocates the packed rrset for a new one, false on alloc failure */
733 rrset_remove_rr(struct auth_rrset* rrset, size_t index)
735 struct packed_rrset_data* d, *old = rrset->data;
737 if(index >= old->count + old->rrsig_count)
738 return 0; /* index out of bounds */
739 d = (struct packed_rrset_data*)calloc(1, packed_rrset_sizeof(old) - (
740 sizeof(size_t) + sizeof(uint8_t*) + sizeof(time_t) +
741 old->rr_len[index]));
743 log_err("malloc failure");
747 d->count = old->count;
748 d->rrsig_count = old->rrsig_count;
749 if(index < d->count) d->count--;
750 else d->rrsig_count--;
751 d->trust = old->trust;
752 d->security = old->security;
754 /* set rr_len, needed for ptr_fixup */
755 d->rr_len = (size_t*)((uint8_t*)d +
756 sizeof(struct packed_rrset_data));
758 memmove(d->rr_len, old->rr_len, (index)*sizeof(size_t));
759 if(index+1 < old->count+old->rrsig_count)
760 memmove(&d->rr_len[index], &old->rr_len[index+1],
761 (old->count+old->rrsig_count - (index+1))*sizeof(size_t));
762 packed_rrset_ptr_fixup(d);
766 memmove(d->rr_ttl, old->rr_ttl, (index)*sizeof(time_t));
767 if(index+1 < old->count+old->rrsig_count)
768 memmove(&d->rr_ttl[index], &old->rr_ttl[index+1],
769 (old->count+old->rrsig_count - (index+1))*sizeof(time_t));
771 /* move over rr_data */
772 for(i=0; i<d->count+d->rrsig_count; i++) {
774 if(i < index) oldi = i;
776 memmove(d->rr_data[i], old->rr_data[oldi], d->rr_len[i]);
779 /* recalc ttl (lowest of remaining RR ttls) */
780 if(d->count + d->rrsig_count > 0)
781 d->ttl = d->rr_ttl[0];
782 for(i=0; i<d->count+d->rrsig_count; i++) {
783 if(d->rr_ttl[i] < d->ttl)
784 d->ttl = d->rr_ttl[i];
792 /** add RR to existing RRset. If insert_sig is true, add to rrsigs.
793 * This reallocates the packed rrset for a new one */
795 rrset_add_rr(struct auth_rrset* rrset, uint32_t rr_ttl, uint8_t* rdata,
796 size_t rdatalen, int insert_sig)
798 struct packed_rrset_data* d, *old = rrset->data;
799 size_t total, old_total;
801 d = (struct packed_rrset_data*)calloc(1, packed_rrset_sizeof(old)
802 + sizeof(size_t) + sizeof(uint8_t*) + sizeof(time_t)
805 log_err("out of memory");
808 /* copy base values */
809 memcpy(d, old, sizeof(struct packed_rrset_data));
815 old_total = old->count + old->rrsig_count;
816 total = d->count + d->rrsig_count;
817 /* set rr_len, needed for ptr_fixup */
818 d->rr_len = (size_t*)((uint8_t*)d +
819 sizeof(struct packed_rrset_data));
821 memmove(d->rr_len, old->rr_len, old->count*sizeof(size_t));
822 if(old->rrsig_count != 0)
823 memmove(d->rr_len+d->count, old->rr_len+old->count,
824 old->rrsig_count*sizeof(size_t));
826 d->rr_len[d->count-1] = rdatalen;
827 else d->rr_len[total-1] = rdatalen;
828 packed_rrset_ptr_fixup(d);
829 if((time_t)rr_ttl < d->ttl)
832 /* copy old values into new array */
833 if(old->count != 0) {
834 memmove(d->rr_ttl, old->rr_ttl, old->count*sizeof(time_t));
835 /* all the old rr pieces are allocated sequential, so we
836 * can copy them in one go */
837 memmove(d->rr_data[0], old->rr_data[0],
838 (old->rr_data[old->count-1] - old->rr_data[0]) +
839 old->rr_len[old->count-1]);
841 if(old->rrsig_count != 0) {
842 memmove(d->rr_ttl+d->count, old->rr_ttl+old->count,
843 old->rrsig_count*sizeof(time_t));
844 memmove(d->rr_data[d->count], old->rr_data[old->count],
845 (old->rr_data[old_total-1] - old->rr_data[old->count]) +
846 old->rr_len[old_total-1]);
849 /* insert new value */
851 d->rr_ttl[d->count-1] = rr_ttl;
852 memmove(d->rr_data[d->count-1], rdata, rdatalen);
854 d->rr_ttl[total-1] = rr_ttl;
855 memmove(d->rr_data[total-1], rdata, rdatalen);
863 /** Create new rrset for node with packed rrset with one RR element */
864 static struct auth_rrset*
865 rrset_create(struct auth_data* node, uint16_t rr_type, uint32_t rr_ttl,
866 uint8_t* rdata, size_t rdatalen)
868 struct auth_rrset* rrset = (struct auth_rrset*)calloc(1,
870 struct auth_rrset* p, *prev;
871 struct packed_rrset_data* d;
873 log_err("out of memory");
876 rrset->type = rr_type;
878 /* the rrset data structure, with one RR */
879 d = (struct packed_rrset_data*)calloc(1,
880 sizeof(struct packed_rrset_data) + sizeof(size_t) +
881 sizeof(uint8_t*) + sizeof(time_t) + rdatalen);
884 log_err("out of memory");
889 d->trust = rrset_trust_prim_noglue;
890 d->rr_len = (size_t*)((uint8_t*)d + sizeof(struct packed_rrset_data));
891 d->rr_data = (uint8_t**)&(d->rr_len[1]);
892 d->rr_ttl = (time_t*)&(d->rr_data[1]);
893 d->rr_data[0] = (uint8_t*)&(d->rr_ttl[1]);
896 d->rr_len[0] = rdatalen;
897 d->rr_ttl[0] = rr_ttl;
898 memmove(d->rr_data[0], rdata, rdatalen);
901 /* insert rrset into linked list for domain */
902 /* find sorted place to link the rrset into the list */
905 while(p && p->type<=rr_type) {
909 /* so, prev is smaller, and p is larger than rr_type */
911 if(prev) prev->next = rrset;
912 else node->rrsets = rrset;
916 /** count number (and size) of rrsigs that cover a type */
918 rrsig_num_that_cover(struct auth_rrset* rrsig, uint16_t rr_type, size_t* sigsz)
920 struct packed_rrset_data* d = rrsig->data;
923 log_assert(d && rrsig->type == LDNS_RR_TYPE_RRSIG);
924 for(i=0; i<d->count+d->rrsig_count; i++) {
925 if(rrsig_rdata_get_type_covered(d->rr_data[i],
926 d->rr_len[i]) == rr_type) {
928 (*sigsz) += d->rr_len[i];
934 /** See if rrsig set has covered sigs for rrset and move them over */
936 rrset_moveover_rrsigs(struct auth_data* node, uint16_t rr_type,
937 struct auth_rrset* rrset, struct auth_rrset* rrsig)
939 size_t sigs, sigsz, i, j, total;
940 struct packed_rrset_data* sigold = rrsig->data;
941 struct packed_rrset_data* old = rrset->data;
942 struct packed_rrset_data* d, *sigd;
944 log_assert(rrset->type == rr_type);
945 log_assert(rrsig->type == LDNS_RR_TYPE_RRSIG);
946 sigs = rrsig_num_that_cover(rrsig, rr_type, &sigsz);
948 /* 0 rrsigs to move over, done */
952 /* allocate rrset sigsz larger for extra sigs elements, and
953 * allocate rrsig sigsz smaller for less sigs elements. */
954 d = (struct packed_rrset_data*)calloc(1, packed_rrset_sizeof(old)
955 + sigs*(sizeof(size_t) + sizeof(uint8_t*) + sizeof(time_t))
958 log_err("out of memory");
961 /* copy base values */
962 total = old->count + old->rrsig_count;
963 memcpy(d, old, sizeof(struct packed_rrset_data));
964 d->rrsig_count += sigs;
966 d->rr_len = (size_t*)((uint8_t*)d +
967 sizeof(struct packed_rrset_data));
969 memmove(d->rr_len, old->rr_len, total*sizeof(size_t));
970 j = d->count+d->rrsig_count-sigs;
971 for(i=0; i<sigold->count+sigold->rrsig_count; i++) {
972 if(rrsig_rdata_get_type_covered(sigold->rr_data[i],
973 sigold->rr_len[i]) == rr_type) {
974 d->rr_len[j] = sigold->rr_len[i];
978 packed_rrset_ptr_fixup(d);
980 /* copy old values into new array */
982 memmove(d->rr_ttl, old->rr_ttl, total*sizeof(time_t));
983 /* all the old rr pieces are allocated sequential, so we
984 * can copy them in one go */
985 memmove(d->rr_data[0], old->rr_data[0],
986 (old->rr_data[total-1] - old->rr_data[0]) +
987 old->rr_len[total-1]);
990 /* move over the rrsigs to the larger rrset*/
991 j = d->count+d->rrsig_count-sigs;
992 for(i=0; i<sigold->count+sigold->rrsig_count; i++) {
993 if(rrsig_rdata_get_type_covered(sigold->rr_data[i],
994 sigold->rr_len[i]) == rr_type) {
995 /* move this one over to location j */
996 d->rr_ttl[j] = sigold->rr_ttl[i];
997 memmove(d->rr_data[j], sigold->rr_data[i],
999 if(d->rr_ttl[j] < d->ttl)
1000 d->ttl = d->rr_ttl[j];
1005 /* put it in and deallocate the old rrset */
1009 /* now make rrsig set smaller */
1010 if(sigold->count+sigold->rrsig_count == sigs) {
1011 /* remove all sigs from rrsig, remove it entirely */
1012 domain_remove_rrset(node, LDNS_RR_TYPE_RRSIG);
1015 log_assert(packed_rrset_sizeof(sigold) > sigs*(sizeof(size_t) +
1016 sizeof(uint8_t*) + sizeof(time_t)) + sigsz);
1017 sigd = (struct packed_rrset_data*)calloc(1, packed_rrset_sizeof(sigold)
1018 - sigs*(sizeof(size_t) + sizeof(uint8_t*) + sizeof(time_t))
1021 /* no need to free up d, it has already been placed in the
1022 * node->rrset structure */
1023 log_err("out of memory");
1026 /* copy base values */
1027 memcpy(sigd, sigold, sizeof(struct packed_rrset_data));
1028 /* in sigd the RRSIGs are stored in the base of the RR, in count */
1029 sigd->count -= sigs;
1031 sigd->rr_len = (size_t*)((uint8_t*)sigd +
1032 sizeof(struct packed_rrset_data));
1034 for(i=0; i<sigold->count+sigold->rrsig_count; i++) {
1035 if(rrsig_rdata_get_type_covered(sigold->rr_data[i],
1036 sigold->rr_len[i]) != rr_type) {
1037 sigd->rr_len[j] = sigold->rr_len[i];
1041 packed_rrset_ptr_fixup(sigd);
1043 /* copy old values into new rrsig array */
1045 for(i=0; i<sigold->count+sigold->rrsig_count; i++) {
1046 if(rrsig_rdata_get_type_covered(sigold->rr_data[i],
1047 sigold->rr_len[i]) != rr_type) {
1048 /* move this one over to location j */
1049 sigd->rr_ttl[j] = sigold->rr_ttl[i];
1050 memmove(sigd->rr_data[j], sigold->rr_data[i],
1052 if(j==0) sigd->ttl = sigd->rr_ttl[j];
1054 if(sigd->rr_ttl[j] < sigd->ttl)
1055 sigd->ttl = sigd->rr_ttl[j];
1061 /* put it in and deallocate the old rrset */
1068 /** copy the rrsigs from the rrset to the rrsig rrset, because the rrset
1069 * is going to be deleted. reallocates the RRSIG rrset data. */
1071 rrsigs_copy_from_rrset_to_rrsigset(struct auth_rrset* rrset,
1072 struct auth_rrset* rrsigset)
1075 if(rrset->data->rrsig_count == 0)
1078 /* move them over one by one, because there might be duplicates,
1079 * duplicates are ignored */
1080 for(i=rrset->data->count;
1081 i<rrset->data->count+rrset->data->rrsig_count; i++) {
1082 uint8_t* rdata = rrset->data->rr_data[i];
1083 size_t rdatalen = rrset->data->rr_len[i];
1084 time_t rr_ttl = rrset->data->rr_ttl[i];
1086 if(rdata_duplicate(rrsigset->data, rdata, rdatalen)) {
1089 if(!rrset_add_rr(rrsigset, rr_ttl, rdata, rdatalen, 0))
1095 /** Add rr to node, ignores duplicate RRs,
1096 * rdata points to buffer with rdatalen octets, starts with 2bytelength. */
1098 az_domain_add_rr(struct auth_data* node, uint16_t rr_type, uint32_t rr_ttl,
1099 uint8_t* rdata, size_t rdatalen, int* duplicate)
1101 struct auth_rrset* rrset;
1102 /* packed rrsets have their rrsigs along with them, sort them out */
1103 if(rr_type == LDNS_RR_TYPE_RRSIG) {
1104 uint16_t ctype = rrsig_rdata_get_type_covered(rdata, rdatalen);
1105 if((rrset=az_domain_rrset(node, ctype))!= NULL) {
1106 /* a node of the correct type exists, add the RRSIG
1107 * to the rrset of the covered data type */
1108 if(rdata_duplicate(rrset->data, rdata, rdatalen)) {
1109 if(duplicate) *duplicate = 1;
1112 if(!rrset_add_rr(rrset, rr_ttl, rdata, rdatalen, 1))
1114 } else if((rrset=az_domain_rrset(node, rr_type))!= NULL) {
1115 /* add RRSIG to rrset of type RRSIG */
1116 if(rdata_duplicate(rrset->data, rdata, rdatalen)) {
1117 if(duplicate) *duplicate = 1;
1120 if(!rrset_add_rr(rrset, rr_ttl, rdata, rdatalen, 0))
1123 /* create rrset of type RRSIG */
1124 if(!rrset_create(node, rr_type, rr_ttl, rdata,
1129 /* normal RR type */
1130 if((rrset=az_domain_rrset(node, rr_type))!= NULL) {
1131 /* add data to existing node with data type */
1132 if(rdata_duplicate(rrset->data, rdata, rdatalen)) {
1133 if(duplicate) *duplicate = 1;
1136 if(!rrset_add_rr(rrset, rr_ttl, rdata, rdatalen, 0))
1139 struct auth_rrset* rrsig;
1140 /* create new node with data type */
1141 if(!(rrset=rrset_create(node, rr_type, rr_ttl, rdata,
1145 /* see if node of type RRSIG has signatures that
1146 * cover the data type, and move them over */
1147 /* and then make the RRSIG type smaller */
1148 if((rrsig=az_domain_rrset(node, LDNS_RR_TYPE_RRSIG))
1150 if(!rrset_moveover_rrsigs(node, rr_type,
1159 /** insert RR into zone, ignore duplicates */
1161 az_insert_rr(struct auth_zone* z, uint8_t* rr, size_t rr_len,
1162 size_t dname_len, int* duplicate)
1164 struct auth_data* node;
1165 uint8_t* dname = rr;
1166 uint16_t rr_type = sldns_wirerr_get_type(rr, rr_len, dname_len);
1167 uint16_t rr_class = sldns_wirerr_get_class(rr, rr_len, dname_len);
1168 uint32_t rr_ttl = sldns_wirerr_get_ttl(rr, rr_len, dname_len);
1169 size_t rdatalen = ((size_t)sldns_wirerr_get_rdatalen(rr, rr_len,
1171 /* rdata points to rdata prefixed with uint16 rdatalength */
1172 uint8_t* rdata = sldns_wirerr_get_rdatawl(rr, rr_len, dname_len);
1174 if(rr_class != z->dclass) {
1175 log_err("wrong class for RR");
1178 if(!(node=az_domain_find_or_create(z, dname, dname_len))) {
1179 log_err("cannot create domain");
1182 if(!az_domain_add_rr(node, rr_type, rr_ttl, rdata, rdatalen,
1184 log_err("cannot add RR to domain");
1188 if(!(rpz_insert_rr(z->rpz, z->name, z->namelen, dname,
1189 dname_len, rr_type, rr_class, rr_ttl, rdata, rdatalen,
1196 /** Remove rr from node, ignores nonexisting RRs,
1197 * rdata points to buffer with rdatalen octets, starts with 2bytelength. */
1199 az_domain_remove_rr(struct auth_data* node, uint16_t rr_type,
1200 uint8_t* rdata, size_t rdatalen, int* nonexist)
1202 struct auth_rrset* rrset;
1205 /* find the plain RR of the given type */
1206 if((rrset=az_domain_rrset(node, rr_type))!= NULL) {
1207 if(packed_rrset_find_rr(rrset->data, rdata, rdatalen, &index)) {
1208 if(rrset->data->count == 1 &&
1209 rrset->data->rrsig_count == 0) {
1210 /* last RR, delete the rrset */
1211 domain_remove_rrset(node, rr_type);
1212 } else if(rrset->data->count == 1 &&
1213 rrset->data->rrsig_count != 0) {
1214 /* move RRSIGs to the RRSIG rrset, or
1215 * this one becomes that RRset */
1216 struct auth_rrset* rrsigset = az_domain_rrset(
1217 node, LDNS_RR_TYPE_RRSIG);
1219 /* move left over rrsigs to the
1220 * existing rrset of type RRSIG */
1221 rrsigs_copy_from_rrset_to_rrsigset(
1223 /* and then delete the rrset */
1224 domain_remove_rrset(node, rr_type);
1226 /* no rrset of type RRSIG, this
1227 * set is now of that type,
1228 * just remove the rr */
1229 if(!rrset_remove_rr(rrset, index))
1231 rrset->type = LDNS_RR_TYPE_RRSIG;
1232 rrset->data->count = rrset->data->rrsig_count;
1233 rrset->data->rrsig_count = 0;
1236 /* remove the RR from the rrset */
1237 if(!rrset_remove_rr(rrset, index))
1242 /* rr not found in rrset */
1245 /* is it a type RRSIG, look under the covered type */
1246 if(rr_type == LDNS_RR_TYPE_RRSIG) {
1247 uint16_t ctype = rrsig_rdata_get_type_covered(rdata, rdatalen);
1248 if((rrset=az_domain_rrset(node, ctype))!= NULL) {
1249 if(az_rrset_find_rrsig(rrset->data, rdata, rdatalen,
1251 /* rrsig should have d->count > 0, be
1252 * over some rr of that type */
1253 /* remove the rrsig from the rrsigs list of the
1255 if(!rrset_remove_rr(rrset, index))
1260 /* also RRSIG not found */
1263 /* nothing found to delete */
1264 if(nonexist) *nonexist = 1;
1268 /** remove RR from zone, ignore if it does not exist, false on alloc failure*/
1270 az_remove_rr(struct auth_zone* z, uint8_t* rr, size_t rr_len,
1271 size_t dname_len, int* nonexist)
1273 struct auth_data* node;
1274 uint8_t* dname = rr;
1275 uint16_t rr_type = sldns_wirerr_get_type(rr, rr_len, dname_len);
1276 uint16_t rr_class = sldns_wirerr_get_class(rr, rr_len, dname_len);
1277 size_t rdatalen = ((size_t)sldns_wirerr_get_rdatalen(rr, rr_len,
1279 /* rdata points to rdata prefixed with uint16 rdatalength */
1280 uint8_t* rdata = sldns_wirerr_get_rdatawl(rr, rr_len, dname_len);
1282 if(rr_class != z->dclass) {
1283 log_err("wrong class for RR");
1284 /* really also a nonexisting entry, because no records
1285 * of that class in the zone, but return an error because
1286 * getting records of the wrong class is a failure of the
1290 node = az_find_name(z, dname, dname_len);
1292 /* node with that name does not exist */
1293 /* nonexisting entry, because no such name */
1297 if(!az_domain_remove_rr(node, rr_type, rdata, rdatalen, nonexist)) {
1298 /* alloc failure or so */
1301 /* remove the node, if necessary */
1302 /* an rrsets==NULL entry is not kept around for empty nonterminals,
1303 * and also parent nodes are not kept around, so we just delete it */
1304 if(node->rrsets == NULL) {
1305 (void)rbtree_delete(&z->data, node);
1306 auth_data_delete(node);
1309 rpz_remove_rr(z->rpz, z->name, z->namelen, dname, dname_len,
1310 rr_type, rr_class, rdata, rdatalen);
1315 /** decompress an RR into the buffer where it'll be an uncompressed RR
1316 * with uncompressed dname and uncompressed rdata (dnames) */
1318 decompress_rr_into_buffer(struct sldns_buffer* buf, uint8_t* pkt,
1319 size_t pktlen, uint8_t* dname, uint16_t rr_type, uint16_t rr_class,
1320 uint32_t rr_ttl, uint8_t* rr_data, uint16_t rr_rdlen)
1322 sldns_buffer pktbuf;
1323 size_t dname_len = 0;
1327 const sldns_rr_descriptor* desc;
1328 sldns_buffer_init_frm_data(&pktbuf, pkt, pktlen);
1329 sldns_buffer_clear(buf);
1331 /* decompress dname */
1332 sldns_buffer_set_position(&pktbuf,
1333 (size_t)(dname - sldns_buffer_current(&pktbuf)));
1334 dname_len = pkt_dname_len(&pktbuf);
1335 if(dname_len == 0) return 0; /* parse fail on dname */
1336 if(!sldns_buffer_available(buf, dname_len)) return 0;
1337 dname_pkt_copy(&pktbuf, sldns_buffer_current(buf), dname);
1338 sldns_buffer_skip(buf, (ssize_t)dname_len);
1340 /* type, class, ttl and rdatalength fields */
1341 if(!sldns_buffer_available(buf, 10)) return 0;
1342 sldns_buffer_write_u16(buf, rr_type);
1343 sldns_buffer_write_u16(buf, rr_class);
1344 sldns_buffer_write_u32(buf, rr_ttl);
1345 rdlenpos = sldns_buffer_position(buf);
1346 sldns_buffer_write_u16(buf, 0); /* rd length position */
1348 /* decompress rdata */
1349 desc = sldns_rr_descript(rr_type);
1352 if(rdlen > 0 && desc && desc->_dname_count > 0) {
1353 int count = (int)desc->_dname_count;
1355 size_t len; /* how much rdata to plain copy */
1356 size_t uncompressed_len, compressed_len;
1358 /* decompress dnames. */
1359 while(rdlen > 0 && count) {
1360 switch(desc->_wireformat[rdf]) {
1361 case LDNS_RDF_TYPE_DNAME:
1362 sldns_buffer_set_position(&pktbuf,
1364 sldns_buffer_begin(&pktbuf)));
1365 oldpos = sldns_buffer_position(&pktbuf);
1366 /* moves pktbuf to right after the
1367 * compressed dname, and returns uncompressed
1369 uncompressed_len = pkt_dname_len(&pktbuf);
1370 if(!uncompressed_len)
1371 return 0; /* parse error in dname */
1372 if(!sldns_buffer_available(buf,
1374 /* dname too long for buffer */
1376 dname_pkt_copy(&pktbuf,
1377 sldns_buffer_current(buf), rd);
1378 sldns_buffer_skip(buf, (ssize_t)uncompressed_len);
1379 compressed_len = sldns_buffer_position(
1381 rd += compressed_len;
1382 rdlen -= compressed_len;
1386 case LDNS_RDF_TYPE_STR:
1390 len = get_rdf_size(desc->_wireformat[rdf]);
1394 if(!sldns_buffer_available(buf, len))
1395 return 0; /* too long for buffer */
1396 sldns_buffer_write(buf, rd, len);
1403 /* copy remaining data */
1405 if(!sldns_buffer_available(buf, rdlen)) return 0;
1406 sldns_buffer_write(buf, rd, rdlen);
1408 /* fixup rdlength */
1409 sldns_buffer_write_u16_at(buf, rdlenpos,
1410 sldns_buffer_position(buf)-rdlenpos-2);
1411 sldns_buffer_flip(buf);
1415 /** insert RR into zone, from packet, decompress RR,
1416 * if duplicate is nonNULL set the flag but otherwise ignore duplicates */
1418 az_insert_rr_decompress(struct auth_zone* z, uint8_t* pkt, size_t pktlen,
1419 struct sldns_buffer* scratch_buffer, uint8_t* dname, uint16_t rr_type,
1420 uint16_t rr_class, uint32_t rr_ttl, uint8_t* rr_data,
1421 uint16_t rr_rdlen, int* duplicate)
1426 if(!decompress_rr_into_buffer(scratch_buffer, pkt, pktlen, dname,
1427 rr_type, rr_class, rr_ttl, rr_data, rr_rdlen)) {
1428 log_err("could not decompress RR");
1431 rr = sldns_buffer_begin(scratch_buffer);
1432 rr_len = sldns_buffer_limit(scratch_buffer);
1433 dname_len = dname_valid(rr, rr_len);
1434 return az_insert_rr(z, rr, rr_len, dname_len, duplicate);
1437 /** remove RR from zone, from packet, decompress RR,
1438 * if nonexist is nonNULL set the flag but otherwise ignore nonexisting entries*/
1440 az_remove_rr_decompress(struct auth_zone* z, uint8_t* pkt, size_t pktlen,
1441 struct sldns_buffer* scratch_buffer, uint8_t* dname, uint16_t rr_type,
1442 uint16_t rr_class, uint32_t rr_ttl, uint8_t* rr_data,
1443 uint16_t rr_rdlen, int* nonexist)
1448 if(!decompress_rr_into_buffer(scratch_buffer, pkt, pktlen, dname,
1449 rr_type, rr_class, rr_ttl, rr_data, rr_rdlen)) {
1450 log_err("could not decompress RR");
1453 rr = sldns_buffer_begin(scratch_buffer);
1454 rr_len = sldns_buffer_limit(scratch_buffer);
1455 dname_len = dname_valid(rr, rr_len);
1456 return az_remove_rr(z, rr, rr_len, dname_len, nonexist);
1461 * @param z: zone to read in.
1462 * @param in: file to read from (just opened).
1463 * @param rr: buffer to use for RRs, 64k.
1464 * passed so that recursive includes can use the same buffer and do
1465 * not grow the stack too much.
1466 * @param rrbuflen: sizeof rr buffer.
1467 * @param state: parse state with $ORIGIN, $TTL and 'prev-dname' and so on,
1468 * that is kept between includes.
1469 * The lineno is set at 1 and then increased by the function.
1470 * @param fname: file name.
1471 * @param depth: recursion depth for includes
1472 * @param cfg: config for chroot.
1473 * returns false on failure, has printed an error message
1476 az_parse_file(struct auth_zone* z, FILE* in, uint8_t* rr, size_t rrbuflen,
1477 struct sldns_file_parse_state* state, char* fname, int depth,
1478 struct config_file* cfg)
1480 size_t rr_len, dname_len;
1487 status = sldns_fp2wire_rr_buf(in, rr, &rr_len, &dname_len,
1489 if(status == LDNS_WIREPARSE_ERR_INCLUDE && rr_len == 0) {
1490 /* we have $INCLUDE or $something */
1491 if(strncmp((char*)rr, "$INCLUDE ", 9) == 0 ||
1492 strncmp((char*)rr, "$INCLUDE\t", 9) == 0) {
1494 int lineno_orig = state->lineno;
1495 char* incfile = (char*)rr + 8;
1496 if(depth > MAX_INCLUDE_DEPTH) {
1497 log_err("%s:%d max include depth"
1498 "exceeded", fname, state->lineno);
1502 while(*incfile == ' ' || *incfile == '\t')
1504 /* adjust for chroot on include file */
1505 if(cfg->chrootdir && cfg->chrootdir[0] &&
1506 strncmp(incfile, cfg->chrootdir,
1507 strlen(cfg->chrootdir)) == 0)
1508 incfile += strlen(cfg->chrootdir);
1509 incfile = strdup(incfile);
1511 log_err("malloc failure");
1514 verbose(VERB_ALGO, "opening $INCLUDE %s",
1516 inc = fopen(incfile, "r");
1518 log_err("%s:%d cannot open include "
1519 "file %s: %s", fname,
1520 lineno_orig, incfile,
1525 /* recurse read that file now */
1526 if(!az_parse_file(z, inc, rr, rrbuflen,
1527 state, incfile, depth+1, cfg)) {
1528 log_err("%s:%d cannot parse include "
1530 lineno_orig, incfile);
1536 verbose(VERB_ALGO, "done with $INCLUDE %s",
1539 state->lineno = lineno_orig;
1544 log_err("parse error %s %d:%d: %s", fname,
1545 state->lineno, LDNS_WIREPARSE_OFFSET(status),
1546 sldns_get_errorstr_parse(status));
1550 /* EMPTY line, TTL or ORIGIN */
1553 /* insert wirerr in rrbuf */
1554 if(!az_insert_rr(z, rr, rr_len, dname_len, NULL)) {
1556 sldns_wire2str_type_buf(sldns_wirerr_get_type(rr,
1557 rr_len, dname_len), buf, sizeof(buf));
1558 log_err("%s:%d cannot insert RR of type %s",
1559 fname, state->lineno, buf);
1567 auth_zone_read_zonefile(struct auth_zone* z, struct config_file* cfg)
1569 uint8_t rr[LDNS_RR_BUF_SIZE];
1570 struct sldns_file_parse_state state;
1573 if(!z || !z->zonefile || z->zonefile[0]==0)
1574 return 1; /* no file, or "", nothing to read */
1576 zfilename = z->zonefile;
1577 if(cfg->chrootdir && cfg->chrootdir[0] && strncmp(zfilename,
1578 cfg->chrootdir, strlen(cfg->chrootdir)) == 0)
1579 zfilename += strlen(cfg->chrootdir);
1580 if(verbosity >= VERB_ALGO) {
1582 dname_str(z->name, nm);
1583 verbose(VERB_ALGO, "read zonefile %s for %s", zfilename, nm);
1585 in = fopen(zfilename, "r");
1587 char* n = sldns_wire2str_dname(z->name, z->namelen);
1588 if(z->zone_is_slave && errno == ENOENT) {
1589 /* we fetch the zone contents later, no file yet */
1590 verbose(VERB_ALGO, "no zonefile %s for %s",
1591 zfilename, n?n:"error");
1595 log_err("cannot open zonefile %s for %s: %s",
1596 zfilename, n?n:"error", strerror(errno));
1601 /* clear the data tree */
1602 traverse_postorder(&z->data, auth_data_del, NULL);
1603 rbtree_init(&z->data, &auth_data_cmp);
1604 /* clear the RPZ policies */
1608 memset(&state, 0, sizeof(state));
1609 /* default TTL to 3600 */
1610 state.default_ttl = 3600;
1611 /* set $ORIGIN to the zone name */
1612 if(z->namelen <= sizeof(state.origin)) {
1613 memcpy(state.origin, z->name, z->namelen);
1614 state.origin_len = z->namelen;
1616 /* parse the (toplevel) file */
1617 if(!az_parse_file(z, in, rr, sizeof(rr), &state, zfilename, 0, cfg)) {
1618 char* n = sldns_wire2str_dname(z->name, z->namelen);
1619 log_err("error parsing zonefile %s for %s",
1620 zfilename, n?n:"error");
1628 rpz_finish_config(z->rpz);
1632 /** write buffer to file and check return codes */
1634 write_out(FILE* out, const char* str, size_t len)
1639 r = fwrite(str, 1, len, out);
1641 log_err("write failed: %s", strerror(errno));
1643 } else if(r < len) {
1644 log_err("write failed: too short (disk full?)");
1650 /** convert auth rr to string */
1652 auth_rr_to_string(uint8_t* nm, size_t nmlen, uint16_t tp, uint16_t cl,
1653 struct packed_rrset_data* data, size_t i, char* s, size_t buflen)
1656 size_t slen = buflen, datlen;
1658 if(i >= data->count) tp = LDNS_RR_TYPE_RRSIG;
1661 w += sldns_wire2str_dname_scan(&dat, &datlen, &s, &slen, NULL, 0, NULL);
1662 w += sldns_str_print(&s, &slen, "\t");
1663 w += sldns_str_print(&s, &slen, "%lu\t", (unsigned long)data->rr_ttl[i]);
1664 w += sldns_wire2str_class_print(&s, &slen, cl);
1665 w += sldns_str_print(&s, &slen, "\t");
1666 w += sldns_wire2str_type_print(&s, &slen, tp);
1667 w += sldns_str_print(&s, &slen, "\t");
1668 datlen = data->rr_len[i]-2;
1669 dat = data->rr_data[i]+2;
1670 w += sldns_wire2str_rdata_scan(&dat, &datlen, &s, &slen, tp, NULL, 0, NULL);
1672 if(tp == LDNS_RR_TYPE_DNSKEY) {
1673 w += sldns_str_print(&s, &slen, " ;{id = %u}",
1674 sldns_calc_keytag_raw(data->rr_data[i]+2,
1675 data->rr_len[i]-2));
1677 w += sldns_str_print(&s, &slen, "\n");
1679 if(w >= (int)buflen) {
1680 log_nametypeclass(NO_VERBOSE, "RR too long to print", nm, tp, cl);
1686 /** write rrset to file */
1688 auth_zone_write_rrset(struct auth_zone* z, struct auth_data* node,
1689 struct auth_rrset* r, FILE* out)
1691 size_t i, count = r->data->count + r->data->rrsig_count;
1692 char buf[LDNS_RR_BUF_SIZE];
1693 for(i=0; i<count; i++) {
1694 if(!auth_rr_to_string(node->name, node->namelen, r->type,
1695 z->dclass, r->data, i, buf, sizeof(buf))) {
1696 verbose(VERB_ALGO, "failed to rr2str rr %d", (int)i);
1699 if(!write_out(out, buf, strlen(buf)))
1705 /** write domain to file */
1707 auth_zone_write_domain(struct auth_zone* z, struct auth_data* n, FILE* out)
1709 struct auth_rrset* r;
1710 /* if this is zone apex, write SOA first */
1711 if(z->namelen == n->namelen) {
1712 struct auth_rrset* soa = az_domain_rrset(n, LDNS_RR_TYPE_SOA);
1714 if(!auth_zone_write_rrset(z, n, soa, out))
1718 /* write all the RRsets for this domain */
1719 for(r = n->rrsets; r; r = r->next) {
1720 if(z->namelen == n->namelen &&
1721 r->type == LDNS_RR_TYPE_SOA)
1722 continue; /* skip SOA here */
1723 if(!auth_zone_write_rrset(z, n, r, out))
1729 int auth_zone_write_file(struct auth_zone* z, const char* fname)
1732 struct auth_data* n;
1733 out = fopen(fname, "w");
1735 log_err("could not open %s: %s", fname, strerror(errno));
1738 RBTREE_FOR(n, struct auth_data*, &z->data) {
1739 if(!auth_zone_write_domain(z, n, out)) {
1740 log_err("could not write domain to %s", fname);
1749 /** offline verify for zonemd, while reading a zone file to immediately
1750 * spot bad hashes in zonefile as they are read.
1751 * Creates temp buffers, but uses anchors and validation environment
1752 * from the module_env. */
1754 zonemd_offline_verify(struct auth_zone* z, struct module_env* env_for_val,
1755 struct module_stack* mods)
1757 struct module_env env;
1759 if(!z->zonemd_check)
1762 env.scratch_buffer = sldns_buffer_new(env.cfg->msg_buffer_size);
1763 if(!env.scratch_buffer) {
1764 log_err("out of memory");
1767 env.scratch = regional_create();
1773 log_err("out of memory");
1776 auth_zone_verify_zonemd(z, &env, mods, NULL, 1, 0);
1779 /* clean up and exit */
1780 sldns_buffer_free(env.scratch_buffer);
1781 regional_destroy(env.scratch);
1784 /** read all auth zones from file (if they have) */
1786 auth_zones_read_zones(struct auth_zones* az, struct config_file* cfg,
1787 struct module_env* env, struct module_stack* mods)
1789 struct auth_zone* z;
1790 lock_rw_wrlock(&az->lock);
1791 RBTREE_FOR(z, struct auth_zone*, &az->ztree) {
1792 lock_rw_wrlock(&z->lock);
1793 if(!auth_zone_read_zonefile(z, cfg)) {
1794 lock_rw_unlock(&z->lock);
1795 lock_rw_unlock(&az->lock);
1798 if(z->zonefile && z->zonefile[0]!=0 && env)
1799 zonemd_offline_verify(z, env, mods);
1800 lock_rw_unlock(&z->lock);
1802 lock_rw_unlock(&az->lock);
1806 /** fetch the content of a ZONEMD RR from the rdata */
1807 static int zonemd_fetch_parameters(struct auth_rrset* zonemd_rrset, size_t i,
1808 uint32_t* serial, int* scheme, int* hashalgo, uint8_t** hash,
1813 if(i >= zonemd_rrset->data->count)
1815 rr_len = zonemd_rrset->data->rr_len[i];
1816 if(rr_len < 2+4+1+1)
1817 return 0; /* too short, for rdlen+serial+scheme+algo */
1818 rdata = zonemd_rrset->data->rr_data[i];
1819 *serial = sldns_read_uint32(rdata+2);
1821 *hashalgo = rdata[7];
1822 *hashlen = rr_len - 8;
1825 else *hash = rdata+8;
1830 * See if the ZONEMD scheme, hash occurs more than once.
1831 * @param zonemd_rrset: the zonemd rrset to check with the RRs in it.
1832 * @param index: index of the original, this is allowed to have that
1833 * scheme and hashalgo, but other RRs should not have it.
1834 * @param scheme: the scheme to check for.
1835 * @param hashalgo: the hash algorithm to check for.
1836 * @return true if it occurs more than once.
1838 static int zonemd_is_duplicate_scheme_hash(struct auth_rrset* zonemd_rrset,
1839 size_t index, int scheme, int hashalgo)
1842 for(j=0; j<zonemd_rrset->data->count; j++) {
1843 uint32_t serial2 = 0;
1844 int scheme2 = 0, hashalgo2 = 0;
1845 uint8_t* hash2 = NULL;
1846 size_t hashlen2 = 0;
1848 /* this is the original */
1851 if(!zonemd_fetch_parameters(zonemd_rrset, j, &serial2,
1852 &scheme2, &hashalgo2, &hash2, &hashlen2)) {
1853 /* malformed, skip it */
1856 if(scheme == scheme2 && hashalgo == hashalgo2) {
1857 /* duplicate scheme, hash */
1858 verbose(VERB_ALGO, "zonemd duplicate for scheme %d "
1859 "and hash %d", scheme, hashalgo);
1867 * Check ZONEMDs if present for the auth zone. Depending on config
1868 * it can warn or fail on that. Checks the hash of the ZONEMD.
1869 * @param z: auth zone to check for.
1870 * caller must hold lock on zone.
1871 * @param env: module env for temp buffers.
1872 * @param reason: returned on failure.
1873 * @return false on failure, true if hash checks out.
1875 static int auth_zone_zonemd_check_hash(struct auth_zone* z,
1876 struct module_env* env, char** reason)
1878 /* loop over ZONEMDs and see which one is valid. if not print
1879 * failure (depending on config) */
1880 struct auth_data* apex;
1881 struct auth_rrset* zonemd_rrset;
1883 struct regional* region = NULL;
1884 struct sldns_buffer* buf = NULL;
1885 uint32_t soa_serial = 0;
1886 char* unsupported_reason = NULL;
1887 int only_unsupported = 1;
1888 region = env->scratch;
1889 regional_free_all(region);
1890 buf = env->scratch_buffer;
1891 if(!auth_zone_get_serial(z, &soa_serial)) {
1892 *reason = "zone has no SOA serial";
1896 apex = az_find_name(z, z->name, z->namelen);
1898 *reason = "zone has no apex";
1901 zonemd_rrset = az_domain_rrset(apex, LDNS_RR_TYPE_ZONEMD);
1902 if(!zonemd_rrset || zonemd_rrset->data->count==0) {
1903 *reason = "zone has no ZONEMD";
1904 return 0; /* no RRset or no RRs in rrset */
1907 /* we have a ZONEMD, check if it is correct */
1908 for(i=0; i<zonemd_rrset->data->count; i++) {
1909 uint32_t serial = 0;
1910 int scheme = 0, hashalgo = 0;
1911 uint8_t* hash = NULL;
1913 if(!zonemd_fetch_parameters(zonemd_rrset, i, &serial, &scheme,
1914 &hashalgo, &hash, &hashlen)) {
1916 *reason = "ZONEMD rdata malformed";
1917 only_unsupported = 0;
1920 /* check for duplicates */
1921 if(zonemd_is_duplicate_scheme_hash(zonemd_rrset, i, scheme,
1923 /* duplicate hash of the same scheme,hash
1924 * is not allowed. */
1925 *reason = "ZONEMD RRSet contains more than one RR "
1926 "with the same scheme and hash algorithm";
1927 only_unsupported = 0;
1930 regional_free_all(region);
1931 if(serial != soa_serial) {
1932 *reason = "ZONEMD serial is wrong";
1933 only_unsupported = 0;
1937 if(auth_zone_generate_zonemd_check(z, scheme, hashalgo,
1938 hash, hashlen, region, buf, reason)) {
1941 if(!unsupported_reason)
1942 unsupported_reason = *reason;
1943 /* continue to check for valid ZONEMD */
1944 if(verbosity >= VERB_ALGO) {
1946 dname_str(z->name, zstr);
1947 verbose(VERB_ALGO, "auth-zone %s ZONEMD %d %d is unsupported: %s", zstr, (int)scheme, (int)hashalgo, *reason);
1952 if(verbosity >= VERB_ALGO) {
1954 dname_str(z->name, zstr);
1956 verbose(VERB_ALGO, "auth-zone %s ZONEMD hash is correct", zstr);
1960 only_unsupported = 0;
1963 /* have we seen no failures but only unsupported algo,
1964 * and one unsupported algorithm, or more. */
1965 if(only_unsupported && unsupported_reason) {
1966 /* only unsupported algorithms, with valid serial, not
1967 * malformed. Did not see supported algorithms, failed or
1968 * successful ones. */
1969 *reason = unsupported_reason;
1972 /* fail, we may have reason */
1974 *reason = "no ZONEMD records found";
1975 if(verbosity >= VERB_ALGO) {
1977 dname_str(z->name, zstr);
1978 verbose(VERB_ALGO, "auth-zone %s ZONEMD failed: %s", zstr, *reason);
1983 /** find the apex SOA RRset, if it exists */
1984 struct auth_rrset* auth_zone_get_soa_rrset(struct auth_zone* z)
1986 struct auth_data* apex;
1987 struct auth_rrset* soa;
1988 apex = az_find_name(z, z->name, z->namelen);
1989 if(!apex) return NULL;
1990 soa = az_domain_rrset(apex, LDNS_RR_TYPE_SOA);
1994 /** find serial number of zone or false if none */
1996 auth_zone_get_serial(struct auth_zone* z, uint32_t* serial)
1998 struct auth_data* apex;
1999 struct auth_rrset* soa;
2000 struct packed_rrset_data* d;
2001 apex = az_find_name(z, z->name, z->namelen);
2003 soa = az_domain_rrset(apex, LDNS_RR_TYPE_SOA);
2004 if(!soa || soa->data->count==0)
2005 return 0; /* no RRset or no RRs in rrset */
2006 if(soa->data->rr_len[0] < 2+4*5) return 0; /* SOA too short */
2008 *serial = sldns_read_uint32(d->rr_data[0]+(d->rr_len[0]-20));
2012 /** Find auth_zone SOA and populate the values in xfr(soa values). */
2014 xfr_find_soa(struct auth_zone* z, struct auth_xfer* xfr)
2016 struct auth_data* apex;
2017 struct auth_rrset* soa;
2018 struct packed_rrset_data* d;
2019 apex = az_find_name(z, z->name, z->namelen);
2021 soa = az_domain_rrset(apex, LDNS_RR_TYPE_SOA);
2022 if(!soa || soa->data->count==0)
2023 return 0; /* no RRset or no RRs in rrset */
2024 if(soa->data->rr_len[0] < 2+4*5) return 0; /* SOA too short */
2025 /* SOA record ends with serial, refresh, retry, expiry, minimum,
2026 * as 4 byte fields */
2029 xfr->serial = sldns_read_uint32(d->rr_data[0]+(d->rr_len[0]-20));
2030 xfr->refresh = sldns_read_uint32(d->rr_data[0]+(d->rr_len[0]-16));
2031 xfr->retry = sldns_read_uint32(d->rr_data[0]+(d->rr_len[0]-12));
2032 xfr->expiry = sldns_read_uint32(d->rr_data[0]+(d->rr_len[0]-8));
2033 /* soa minimum at d->rr_len[0]-4 */
2038 * Setup auth_xfer zone
2039 * This populates the have_zone, soa values, and so on times.
2040 * Doesn't do network traffic yet, can set option flags.
2041 * @param z: locked by caller, and modified for setup
2042 * @param x: locked by caller, and modified.
2043 * @return false on failure.
2046 auth_xfer_setup(struct auth_zone* z, struct auth_xfer* x)
2048 /* for a zone without zone transfers, x==NULL, so skip them,
2049 * i.e. the zone config is fixed with no masters or urls */
2050 if(!z || !x) return 1;
2051 if(!xfr_find_soa(z, x)) {
2054 /* nothing for probe, nextprobe and transfer tasks */
2060 * @param az: auth zones structure
2061 * @return false on failure.
2064 auth_zones_setup_zones(struct auth_zones* az)
2066 struct auth_zone* z;
2067 struct auth_xfer* x;
2068 lock_rw_wrlock(&az->lock);
2069 RBTREE_FOR(z, struct auth_zone*, &az->ztree) {
2070 lock_rw_wrlock(&z->lock);
2071 x = auth_xfer_find(az, z->name, z->namelen, z->dclass);
2073 lock_basic_lock(&x->lock);
2075 if(!auth_xfer_setup(z, x)) {
2077 lock_basic_unlock(&x->lock);
2079 lock_rw_unlock(&z->lock);
2080 lock_rw_unlock(&az->lock);
2084 lock_basic_unlock(&x->lock);
2086 lock_rw_unlock(&z->lock);
2088 lock_rw_unlock(&az->lock);
2092 /** set config items and create zones */
2094 auth_zones_cfg(struct auth_zones* az, struct config_auth* c)
2096 struct auth_zone* z;
2097 struct auth_xfer* x = NULL;
2101 /* if the rpz lock is needed, grab it before the other
2102 * locks to avoid a lock dependency cycle */
2103 lock_rw_wrlock(&az->rpz_lock);
2105 lock_rw_wrlock(&az->lock);
2106 if(!(z=auth_zones_find_or_add_zone(az, c->name))) {
2107 lock_rw_unlock(&az->lock);
2109 lock_rw_unlock(&az->rpz_lock);
2113 if(c->masters || c->urls) {
2114 if(!(x=auth_zones_find_or_add_xfer(az, z))) {
2115 lock_rw_unlock(&az->lock);
2116 lock_rw_unlock(&z->lock);
2118 lock_rw_unlock(&az->rpz_lock);
2123 if(c->for_downstream)
2124 az->have_downstream = 1;
2125 lock_rw_unlock(&az->lock);
2128 z->zone_deleted = 0;
2129 if(!auth_zone_set_zonefile(z, c->zonefile)) {
2131 lock_basic_unlock(&x->lock);
2133 lock_rw_unlock(&z->lock);
2135 lock_rw_unlock(&az->rpz_lock);
2139 z->for_downstream = c->for_downstream;
2140 z->for_upstream = c->for_upstream;
2141 z->fallback_enabled = c->fallback_enabled;
2142 z->zonemd_check = c->zonemd_check;
2143 z->zonemd_reject_absence = c->zonemd_reject_absence;
2144 if(c->isrpz && !z->rpz){
2145 if(!(z->rpz = rpz_create(c))){
2146 fatal_exit("Could not setup RPZ zones");
2149 lock_protect(&z->lock, &z->rpz->local_zones, sizeof(*z->rpz));
2150 /* the az->rpz_lock is locked above */
2151 z->rpz_az_next = az->rpz_first;
2153 az->rpz_first->rpz_az_prev = z;
2157 lock_rw_unlock(&az->rpz_lock);
2162 z->zone_is_slave = 1;
2163 /* set options on xfer zone */
2164 if(!xfer_set_masters(&x->task_probe->masters, c, 0)) {
2165 lock_basic_unlock(&x->lock);
2166 lock_rw_unlock(&z->lock);
2169 if(!xfer_set_masters(&x->task_transfer->masters, c, 1)) {
2170 lock_basic_unlock(&x->lock);
2171 lock_rw_unlock(&z->lock);
2174 lock_basic_unlock(&x->lock);
2177 lock_rw_unlock(&z->lock);
2181 /** set all auth zones deleted, then in auth_zones_cfg, it marks them
2182 * as nondeleted (if they are still in the config), and then later
2183 * we can find deleted zones */
2185 az_setall_deleted(struct auth_zones* az)
2187 struct auth_zone* z;
2188 lock_rw_wrlock(&az->lock);
2189 RBTREE_FOR(z, struct auth_zone*, &az->ztree) {
2190 lock_rw_wrlock(&z->lock);
2191 z->zone_deleted = 1;
2192 lock_rw_unlock(&z->lock);
2194 lock_rw_unlock(&az->lock);
2197 /** find zones that are marked deleted and delete them.
2198 * This is called from apply_cfg, and there are no threads and no
2199 * workers, so the xfr can just be deleted. */
2201 az_delete_deleted_zones(struct auth_zones* az)
2203 struct auth_zone* z;
2204 struct auth_zone* delete_list = NULL, *next;
2205 struct auth_xfer* xfr;
2206 lock_rw_wrlock(&az->lock);
2207 RBTREE_FOR(z, struct auth_zone*, &az->ztree) {
2208 lock_rw_wrlock(&z->lock);
2209 if(z->zone_deleted) {
2210 /* we cannot alter the rbtree right now, but
2211 * we can put it on a linked list and then
2213 z->delete_next = delete_list;
2216 lock_rw_unlock(&z->lock);
2218 /* now we are out of the tree loop and we can loop and delete
2222 next = z->delete_next;
2223 xfr = auth_xfer_find(az, z->name, z->namelen, z->dclass);
2225 (void)rbtree_delete(&az->xtree, &xfr->node);
2226 auth_xfer_delete(xfr);
2228 (void)rbtree_delete(&az->ztree, &z->node);
2229 auth_zone_delete(z, az);
2232 lock_rw_unlock(&az->lock);
2235 int auth_zones_apply_cfg(struct auth_zones* az, struct config_file* cfg,
2236 int setup, int* is_rpz, struct module_env* env,
2237 struct module_stack* mods)
2239 struct config_auth* p;
2240 az_setall_deleted(az);
2241 for(p = cfg->auths; p; p = p->next) {
2242 if(!p->name || p->name[0] == 0) {
2243 log_warn("auth-zone without a name, skipped");
2246 *is_rpz = (*is_rpz || p->isrpz);
2247 if(!auth_zones_cfg(az, p)) {
2248 log_err("cannot config auth zone %s", p->name);
2252 az_delete_deleted_zones(az);
2253 if(!auth_zones_read_zones(az, cfg, env, mods))
2256 if(!auth_zones_setup_zones(az))
2263 * @param at: transfer structure with chunks list. The chunks and their
2267 auth_chunks_delete(struct auth_transfer* at)
2269 if(at->chunks_first) {
2270 struct auth_chunk* c, *cn;
2271 c = at->chunks_first;
2279 at->chunks_first = NULL;
2280 at->chunks_last = NULL;
2283 /** free master addr list */
2285 auth_free_master_addrs(struct auth_addr* list)
2287 struct auth_addr *n;
2295 /** free the masters list */
2297 auth_free_masters(struct auth_master* list)
2299 struct auth_master* n;
2302 auth_free_master_addrs(list->list);
2310 /** delete auth xfer structure
2311 * @param xfr: delete this xfer and its tasks.
2314 auth_xfer_delete(struct auth_xfer* xfr)
2317 lock_basic_destroy(&xfr->lock);
2319 if(xfr->task_nextprobe) {
2320 comm_timer_delete(xfr->task_nextprobe->timer);
2321 free(xfr->task_nextprobe);
2323 if(xfr->task_probe) {
2324 auth_free_masters(xfr->task_probe->masters);
2325 comm_point_delete(xfr->task_probe->cp);
2326 comm_timer_delete(xfr->task_probe->timer);
2327 free(xfr->task_probe);
2329 if(xfr->task_transfer) {
2330 auth_free_masters(xfr->task_transfer->masters);
2331 comm_point_delete(xfr->task_transfer->cp);
2332 comm_timer_delete(xfr->task_transfer->timer);
2333 if(xfr->task_transfer->chunks_first) {
2334 auth_chunks_delete(xfr->task_transfer);
2336 free(xfr->task_transfer);
2338 auth_free_masters(xfr->allow_notify_list);
2342 /** helper traverse to delete zones */
2344 auth_zone_del(rbnode_type* n, void* ATTR_UNUSED(arg))
2346 struct auth_zone* z = (struct auth_zone*)n->key;
2347 auth_zone_delete(z, NULL);
2350 /** helper traverse to delete xfer zones */
2352 auth_xfer_del(rbnode_type* n, void* ATTR_UNUSED(arg))
2354 struct auth_xfer* z = (struct auth_xfer*)n->key;
2355 auth_xfer_delete(z);
2358 void auth_zones_delete(struct auth_zones* az)
2361 lock_rw_destroy(&az->lock);
2362 lock_rw_destroy(&az->rpz_lock);
2363 traverse_postorder(&az->ztree, auth_zone_del, NULL);
2364 traverse_postorder(&az->xtree, auth_xfer_del, NULL);
2368 /** true if domain has only nsec3 */
2370 domain_has_only_nsec3(struct auth_data* n)
2372 struct auth_rrset* rrset = n->rrsets;
2375 if(rrset->type == LDNS_RR_TYPE_NSEC3) {
2377 } else if(rrset->type != LDNS_RR_TYPE_RRSIG) {
2380 rrset = rrset->next;
2385 /** see if the domain has a wildcard child '*.domain' */
2386 static struct auth_data*
2387 az_find_wildcard_domain(struct auth_zone* z, uint8_t* nm, size_t nmlen)
2389 uint8_t wc[LDNS_MAX_DOMAINLEN];
2390 if(nmlen+2 > sizeof(wc))
2391 return NULL; /* result would be too long */
2392 wc[0] = 1; /* length of wildcard label */
2393 wc[1] = (uint8_t)'*'; /* wildcard label */
2394 memmove(wc+2, nm, nmlen);
2395 return az_find_name(z, wc, nmlen+2);
2398 /** find wildcard between qname and cename */
2399 static struct auth_data*
2400 az_find_wildcard(struct auth_zone* z, struct query_info* qinfo,
2401 struct auth_data* ce)
2403 uint8_t* nm = qinfo->qname;
2404 size_t nmlen = qinfo->qname_len;
2405 struct auth_data* node;
2406 if(!dname_subdomain_c(nm, z->name))
2407 return NULL; /* out of zone */
2408 while((node=az_find_wildcard_domain(z, nm, nmlen))==NULL) {
2409 /* see if we can go up to find the wildcard */
2410 if(nmlen == z->namelen)
2411 return NULL; /* top of zone reached */
2412 if(ce && nmlen == ce->namelen)
2413 return NULL; /* ce reached */
2414 if(dname_is_root(nm))
2415 return NULL; /* cannot go up */
2416 dname_remove_label(&nm, &nmlen);
2421 /** domain is not exact, find first candidate ce (name that matches
2422 * a part of qname) in tree */
2423 static struct auth_data*
2424 az_find_candidate_ce(struct auth_zone* z, struct query_info* qinfo,
2425 struct auth_data* n)
2430 nm = dname_get_shared_topdomain(qinfo->qname, n->name);
2434 dname_count_size_labels(nm, &nmlen);
2435 n = az_find_name(z, nm, nmlen);
2436 /* delete labels and go up on name */
2438 if(dname_is_root(nm))
2439 return NULL; /* cannot go up */
2440 dname_remove_label(&nm, &nmlen);
2441 n = az_find_name(z, nm, nmlen);
2446 /** go up the auth tree to next existing name. */
2447 static struct auth_data*
2448 az_domain_go_up(struct auth_zone* z, struct auth_data* n)
2450 uint8_t* nm = n->name;
2451 size_t nmlen = n->namelen;
2452 while(!dname_is_root(nm)) {
2453 dname_remove_label(&nm, &nmlen);
2454 if((n=az_find_name(z, nm, nmlen)) != NULL)
2460 /** Find the closest encloser, an name that exists and is above the
2462 * return true if the node (param node) is existing, nonobscured and
2463 * can be used to generate answers from. It is then also node_exact.
2464 * returns false if the node is not good enough (or it wasn't node_exact)
2465 * in this case the ce can be filled.
2466 * if ce is NULL, no ce exists, and likely the zone is completely empty,
2467 * not even with a zone apex.
2468 * if ce is nonNULL it is the closest enclosing upper name (that exists
2469 * itself for answer purposes). That name may have DNAME, NS or wildcard
2470 * rrset is the closest DNAME or NS rrset that was found.
2473 az_find_ce(struct auth_zone* z, struct query_info* qinfo,
2474 struct auth_data* node, int node_exact, struct auth_data** ce,
2475 struct auth_rrset** rrset)
2477 struct auth_data* n = node;
2478 struct auth_rrset* lookrrset;
2482 /* if not exact, lookup closest exact match */
2483 n = az_find_candidate_ce(z, qinfo, n);
2485 /* if exact, the node itself is the first candidate ce */
2489 /* no direct answer from nsec3-only domains */
2490 if(n && domain_has_only_nsec3(n)) {
2495 /* with exact matches, walk up the labels until we find the
2496 * delegation, or DNAME or zone end */
2498 /* see if the current candidate has issues */
2499 /* not zone apex and has type NS */
2500 if(n->namelen != z->namelen &&
2501 (lookrrset=az_domain_rrset(n, LDNS_RR_TYPE_NS)) &&
2502 /* delegate here, but DS at exact the dp has notype */
2503 (qinfo->qtype != LDNS_RR_TYPE_DS ||
2504 n->namelen != qinfo->qname_len)) {
2506 /* this is ce and the lowernode is nonexisting */
2511 /* not equal to qname and has type DNAME */
2512 if(n->namelen != qinfo->qname_len &&
2513 (lookrrset=az_domain_rrset(n, LDNS_RR_TYPE_DNAME))) {
2514 /* this is ce and the lowernode is nonexisting */
2520 if(*ce == NULL && !domain_has_only_nsec3(n)) {
2521 /* if not found yet, this exact name must be
2522 * our lowest match (but not nsec3onlydomain) */
2526 /* walk up the tree by removing labels from name and lookup */
2527 n = az_domain_go_up(z, n);
2529 /* found no problems, if it was an exact node, it is fine to use */
2533 /** add additional A/AAAA from domain names in rrset rdata (+offset)
2534 * offset is number of bytes in rdata where the dname is located. */
2536 az_add_additionals_from(struct auth_zone* z, struct regional* region,
2537 struct dns_msg* msg, struct auth_rrset* rrset, size_t offset)
2539 struct packed_rrset_data* d = rrset->data;
2542 for(i=0; i<d->count; i++) {
2544 struct auth_data* domain;
2545 struct auth_rrset* ref;
2546 if(d->rr_len[i] < 2+offset)
2547 continue; /* too short */
2548 if(!(dlen = dname_valid(d->rr_data[i]+2+offset,
2549 d->rr_len[i]-2-offset)))
2550 continue; /* malformed */
2551 domain = az_find_name(z, d->rr_data[i]+2+offset, dlen);
2554 if((ref=az_domain_rrset(domain, LDNS_RR_TYPE_A)) != NULL) {
2555 if(!msg_add_rrset_ar(z, region, msg, domain, ref))
2558 if((ref=az_domain_rrset(domain, LDNS_RR_TYPE_AAAA)) != NULL) {
2559 if(!msg_add_rrset_ar(z, region, msg, domain, ref))
2566 /** add negative SOA record (with negative TTL) */
2568 az_add_negative_soa(struct auth_zone* z, struct regional* region,
2569 struct dns_msg* msg)
2573 struct packed_rrset_data* d;
2574 struct auth_rrset* soa;
2575 struct auth_data* apex = az_find_name(z, z->name, z->namelen);
2577 soa = az_domain_rrset(apex, LDNS_RR_TYPE_SOA);
2579 /* must be first to put in message; we want to fix the TTL with
2580 * one RRset here, otherwise we'd need to loop over the RRs to get
2581 * the resulting lower TTL */
2582 log_assert(msg->rep->rrset_count == 0);
2583 if(!msg_add_rrset_ns(z, region, msg, apex, soa)) return 0;
2585 d = (struct packed_rrset_data*)msg->rep->rrsets[msg->rep->rrset_count-1]->entry.data;
2586 /* last 4 bytes are minimum ttl in network format */
2587 if(d->count == 0) return 0;
2588 if(d->rr_len[0] < 2+4) return 0;
2589 minimum = (time_t)sldns_read_uint32(d->rr_data[0]+(d->rr_len[0]-4));
2590 minimum = d->ttl<minimum?d->ttl:minimum;
2592 for(i=0; i < d->count + d->rrsig_count; i++)
2593 d->rr_ttl[i] = minimum;
2594 msg->rep->ttl = get_rrset_ttl(msg->rep->rrsets[0]);
2595 msg->rep->prefetch_ttl = PREFETCH_TTL_CALC(msg->rep->ttl);
2596 msg->rep->serve_expired_ttl = msg->rep->ttl + SERVE_EXPIRED_TTL;
2600 /** See if the query goes to empty nonterminal (that has no auth_data,
2601 * but there are nodes underneath. We already checked that there are
2602 * not NS, or DNAME above, so that we only need to check if some node
2603 * exists below (with nonempty rr list), return true if emptynonterminal */
2605 az_empty_nonterminal(struct auth_zone* z, struct query_info* qinfo,
2606 struct auth_data* node)
2608 struct auth_data* next;
2610 /* no smaller was found, use first (smallest) node as the
2612 next = (struct auth_data*)rbtree_first(&z->data);
2614 next = (struct auth_data*)rbtree_next(&node->node);
2616 while(next && (rbnode_type*)next != RBTREE_NULL && next->rrsets == NULL) {
2617 /* the next name has empty rrsets, is an empty nonterminal
2618 * itself, see if there exists something below it */
2619 next = (struct auth_data*)rbtree_next(&node->node);
2621 if((rbnode_type*)next == RBTREE_NULL || !next) {
2622 /* there is no next node, so something below it cannot
2626 /* a next node exists, if there was something below the query,
2627 * this node has to be it. See if it is below the query name */
2628 if(dname_strict_subdomain_c(next->name, qinfo->qname))
2633 /** create synth cname target name in buffer, or fail if too long */
2635 synth_cname_buf(uint8_t* qname, size_t qname_len, size_t dname_len,
2636 uint8_t* dtarg, size_t dtarglen, uint8_t* buf, size_t buflen)
2638 size_t newlen = qname_len + dtarglen - dname_len;
2639 if(newlen > buflen) {
2640 /* YXDOMAIN error */
2643 /* new name is concatenation of qname front (without DNAME owner)
2644 * and DNAME target name */
2645 memcpy(buf, qname, qname_len-dname_len);
2646 memmove(buf+(qname_len-dname_len), dtarg, dtarglen);
2650 /** create synthetic CNAME rrset for in a DNAME answer in region,
2651 * false on alloc failure, cname==NULL when name too long. */
2653 create_synth_cname(uint8_t* qname, size_t qname_len, struct regional* region,
2654 struct auth_data* node, struct auth_rrset* dname, uint16_t dclass,
2655 struct ub_packed_rrset_key** cname)
2657 uint8_t buf[LDNS_MAX_DOMAINLEN];
2659 size_t dtarglen, newlen;
2660 struct packed_rrset_data* d;
2662 /* get DNAME target name */
2663 if(dname->data->count < 1) return 0;
2664 if(dname->data->rr_len[0] < 3) return 0; /* at least rdatalen +1 */
2665 dtarg = dname->data->rr_data[0]+2;
2666 dtarglen = dname->data->rr_len[0]-2;
2667 if(sldns_read_uint16(dname->data->rr_data[0]) != dtarglen)
2668 return 0; /* rdatalen in DNAME rdata is malformed */
2669 if(dname_valid(dtarg, dtarglen) != dtarglen)
2670 return 0; /* DNAME RR has malformed rdata */
2672 return 0; /* too short */
2673 if(qname_len <= node->namelen)
2674 return 0; /* qname too short for dname removal */
2676 /* synthesize a CNAME */
2677 newlen = synth_cname_buf(qname, qname_len, node->namelen,
2678 dtarg, dtarglen, buf, sizeof(buf));
2680 /* YXDOMAIN error */
2684 *cname = (struct ub_packed_rrset_key*)regional_alloc(region,
2685 sizeof(struct ub_packed_rrset_key));
2687 return 0; /* out of memory */
2688 memset(&(*cname)->entry, 0, sizeof((*cname)->entry));
2689 (*cname)->entry.key = (*cname);
2690 (*cname)->rk.type = htons(LDNS_RR_TYPE_CNAME);
2691 (*cname)->rk.rrset_class = htons(dclass);
2692 (*cname)->rk.flags = 0;
2693 (*cname)->rk.dname = regional_alloc_init(region, qname, qname_len);
2694 if(!(*cname)->rk.dname)
2695 return 0; /* out of memory */
2696 (*cname)->rk.dname_len = qname_len;
2697 (*cname)->entry.hash = rrset_key_hash(&(*cname)->rk);
2698 d = (struct packed_rrset_data*)regional_alloc_zero(region,
2699 sizeof(struct packed_rrset_data) + sizeof(size_t) +
2700 sizeof(uint8_t*) + sizeof(time_t) + sizeof(uint16_t)
2703 return 0; /* out of memory */
2704 (*cname)->entry.data = d;
2705 d->ttl = 0; /* 0 for synthesized CNAME TTL */
2708 d->trust = rrset_trust_ans_noAA;
2709 d->rr_len = (size_t*)((uint8_t*)d +
2710 sizeof(struct packed_rrset_data));
2711 d->rr_len[0] = newlen + sizeof(uint16_t);
2712 packed_rrset_ptr_fixup(d);
2713 d->rr_ttl[0] = d->ttl;
2714 sldns_write_uint16(d->rr_data[0], newlen);
2715 memmove(d->rr_data[0] + sizeof(uint16_t), buf, newlen);
2719 /** add a synthesized CNAME to the answer section */
2721 add_synth_cname(struct auth_zone* z, uint8_t* qname, size_t qname_len,
2722 struct regional* region, struct dns_msg* msg, struct auth_data* dname,
2723 struct auth_rrset* rrset)
2725 struct ub_packed_rrset_key* cname;
2726 /* synthesize a CNAME */
2727 if(!create_synth_cname(qname, qname_len, region, dname, rrset,
2728 z->dclass, &cname)) {
2733 /* cname cannot be create because of YXDOMAIN */
2734 msg->rep->flags |= LDNS_RCODE_YXDOMAIN;
2737 /* add cname to message */
2738 if(!msg_grow_array(region, msg))
2740 msg->rep->rrsets[msg->rep->rrset_count] = cname;
2741 msg->rep->rrset_count++;
2742 msg->rep->an_numrrsets++;
2747 /** Change a dname to a different one, for wildcard namechange */
2749 az_change_dnames(struct dns_msg* msg, uint8_t* oldname, uint8_t* newname,
2750 size_t newlen, int an_only)
2753 size_t start = 0, end = msg->rep->rrset_count;
2754 if(!an_only) start = msg->rep->an_numrrsets;
2755 if(an_only) end = msg->rep->an_numrrsets;
2756 for(i=start; i<end; i++) {
2757 /* allocated in region so we can change the ptrs */
2758 if(query_dname_compare(msg->rep->rrsets[i]->rk.dname, oldname)
2760 msg->rep->rrsets[i]->rk.dname = newname;
2761 msg->rep->rrsets[i]->rk.dname_len = newlen;
2762 msg->rep->rrsets[i]->entry.hash = rrset_key_hash(&msg->rep->rrsets[i]->rk);
2767 /** find NSEC record covering the query */
2768 static struct auth_rrset*
2769 az_find_nsec_cover(struct auth_zone* z, struct auth_data** node)
2771 uint8_t* nm = (*node)->name;
2772 size_t nmlen = (*node)->namelen;
2773 struct auth_rrset* rrset;
2774 /* find the NSEC for the smallest-or-equal node */
2775 /* if node == NULL, we did not find a smaller name. But the zone
2776 * name is the smallest name and should have an NSEC. So there is
2777 * no NSEC to return (for a properly signed zone) */
2778 /* for empty nonterminals, the auth-data node should not exist,
2779 * and thus we don't need to go rbtree_previous here to find
2780 * a domain with an NSEC record */
2781 /* but there could be glue, and if this is node, then it has no NSEC.
2782 * Go up to find nonglue (previous) NSEC-holding nodes */
2783 while((rrset=az_domain_rrset(*node, LDNS_RR_TYPE_NSEC)) == NULL) {
2784 if(dname_is_root(nm)) return NULL;
2785 if(nmlen == z->namelen) return NULL;
2786 dname_remove_label(&nm, &nmlen);
2787 /* adjust *node for the nsec rrset to find in */
2788 *node = az_find_name(z, nm, nmlen);
2793 /** Find NSEC and add for wildcard denial */
2795 az_nsec_wildcard_denial(struct auth_zone* z, struct regional* region,
2796 struct dns_msg* msg, uint8_t* cenm, size_t cenmlen)
2798 struct query_info qinfo;
2800 struct auth_data* node;
2801 struct auth_rrset* nsec;
2802 uint8_t wc[LDNS_MAX_DOMAINLEN];
2803 if(cenmlen+2 > sizeof(wc))
2804 return 0; /* result would be too long */
2805 wc[0] = 1; /* length of wildcard label */
2806 wc[1] = (uint8_t)'*'; /* wildcard label */
2807 memmove(wc+2, cenm, cenmlen);
2809 /* we have '*.ce' in wc wildcard name buffer */
2810 /* get nsec cover for that */
2812 qinfo.qname_len = cenmlen+2;
2815 az_find_domain(z, &qinfo, &node_exact, &node);
2816 if((nsec=az_find_nsec_cover(z, &node)) != NULL) {
2817 if(!msg_add_rrset_ns(z, region, msg, node, nsec)) return 0;
2822 /** Find the NSEC3PARAM rrset (if any) and if true you have the parameters */
2824 az_nsec3_param(struct auth_zone* z, int* algo, size_t* iter, uint8_t** salt,
2827 struct auth_data* apex;
2828 struct auth_rrset* param;
2830 apex = az_find_name(z, z->name, z->namelen);
2832 param = az_domain_rrset(apex, LDNS_RR_TYPE_NSEC3PARAM);
2833 if(!param || param->data->count==0)
2834 return 0; /* no RRset or no RRs in rrset */
2835 /* find out which NSEC3PARAM RR has supported parameters */
2836 /* skip unknown flags (dynamic signer is recalculating nsec3 chain) */
2837 for(i=0; i<param->data->count; i++) {
2838 uint8_t* rdata = param->data->rr_data[i]+2;
2839 size_t rdatalen = param->data->rr_len[i];
2841 continue; /* too short */
2842 if(!nsec3_hash_algo_size_supported((int)(rdata[0])))
2843 continue; /* unsupported algo */
2844 if(rdatalen < (size_t)(2+5+(size_t)rdata[4]))
2845 continue; /* salt missing */
2846 if((rdata[1]&NSEC3_UNKNOWN_FLAGS)!=0)
2847 continue; /* unknown flags */
2848 *algo = (int)(rdata[0]);
2849 *iter = sldns_read_uint16(rdata+2);
2850 *saltlen = rdata[4];
2853 else *salt = rdata+5;
2856 /* no supported params */
2860 /** Hash a name with nsec3param into buffer, it has zone name appended.
2861 * return length of hash */
2863 az_nsec3_hash(uint8_t* buf, size_t buflen, uint8_t* nm, size_t nmlen,
2864 int algo, size_t iter, uint8_t* salt, size_t saltlen)
2866 size_t hlen = nsec3_hash_algo_size_supported(algo);
2867 /* buffer has domain name, nsec3hash, and 256 is for max saltlen
2868 * (salt has 0-255 length) */
2869 unsigned char p[LDNS_MAX_DOMAINLEN+1+N3HASHBUFLEN+256];
2871 if(nmlen+saltlen > sizeof(p) || hlen+saltlen > sizeof(p))
2874 return 0; /* somehow too large for destination buffer */
2875 /* hashfunc(name, salt) */
2876 memmove(p, nm, nmlen);
2877 query_dname_tolower(p);
2878 if(salt && saltlen > 0)
2879 memmove(p+nmlen, salt, saltlen);
2880 (void)secalgo_nsec3_hash(algo, p, nmlen+saltlen, (unsigned char*)buf);
2881 for(i=0; i<iter; i++) {
2882 /* hashfunc(hash, salt) */
2883 memmove(p, buf, hlen);
2884 if(salt && saltlen > 0)
2885 memmove(p+hlen, salt, saltlen);
2886 (void)secalgo_nsec3_hash(algo, p, hlen+saltlen,
2887 (unsigned char*)buf);
2892 /** Hash name and return b32encoded hashname for lookup, zone name appended */
2894 az_nsec3_hashname(struct auth_zone* z, uint8_t* hashname, size_t* hashnmlen,
2895 uint8_t* nm, size_t nmlen, int algo, size_t iter, uint8_t* salt,
2898 uint8_t hash[N3HASHBUFLEN];
2901 hlen = az_nsec3_hash(hash, sizeof(hash), nm, nmlen, algo, iter,
2905 if(*hashnmlen < hlen*2+1+z->namelen) /* approx b32 as hexb16 */
2907 ret = sldns_b32_ntop_extended_hex(hash, hlen, (char*)(hashname+1),
2911 hashname[0] = (uint8_t)ret;
2913 if((*hashnmlen) - ret < z->namelen)
2915 memmove(hashname+ret, z->name, z->namelen);
2916 *hashnmlen = z->namelen+(size_t)ret;
2920 /** Find the datanode that covers the nsec3hash-name */
2921 static struct auth_data*
2922 az_nsec3_findnode(struct auth_zone* z, uint8_t* hashnm, size_t hashnmlen)
2924 struct query_info qinfo;
2925 struct auth_data* node;
2929 qinfo.qname = hashnm;
2930 qinfo.qname_len = hashnmlen;
2931 /* because canonical ordering and b32 nsec3 ordering are the same.
2932 * this is a good lookup to find the nsec3 name. */
2933 az_find_domain(z, &qinfo, &node_exact, &node);
2934 /* but we may have to skip non-nsec3 nodes */
2935 /* this may be a lot, the way to speed that up is to have a
2936 * separate nsec3 tree with nsec3 nodes */
2937 while(node && (rbnode_type*)node != RBTREE_NULL &&
2938 !az_domain_rrset(node, LDNS_RR_TYPE_NSEC3)) {
2939 node = (struct auth_data*)rbtree_previous(&node->node);
2941 if((rbnode_type*)node == RBTREE_NULL)
2946 /** Find cover for hashed(nm, nmlen) (or NULL) */
2947 static struct auth_data*
2948 az_nsec3_find_cover(struct auth_zone* z, uint8_t* nm, size_t nmlen,
2949 int algo, size_t iter, uint8_t* salt, size_t saltlen)
2951 struct auth_data* node;
2952 uint8_t hname[LDNS_MAX_DOMAINLEN];
2953 size_t hlen = sizeof(hname);
2954 if(!az_nsec3_hashname(z, hname, &hlen, nm, nmlen, algo, iter,
2957 node = az_nsec3_findnode(z, hname, hlen);
2960 /* we did not find any, perhaps because the NSEC3 hash is before
2961 * the first hash, we have to find the 'last hash' in the zone */
2962 node = (struct auth_data*)rbtree_last(&z->data);
2963 while(node && (rbnode_type*)node != RBTREE_NULL &&
2964 !az_domain_rrset(node, LDNS_RR_TYPE_NSEC3)) {
2965 node = (struct auth_data*)rbtree_previous(&node->node);
2967 if((rbnode_type*)node == RBTREE_NULL)
2972 /** Find exact match for hashed(nm, nmlen) NSEC3 record or NULL */
2973 static struct auth_data*
2974 az_nsec3_find_exact(struct auth_zone* z, uint8_t* nm, size_t nmlen,
2975 int algo, size_t iter, uint8_t* salt, size_t saltlen)
2977 struct auth_data* node;
2978 uint8_t hname[LDNS_MAX_DOMAINLEN];
2979 size_t hlen = sizeof(hname);
2980 if(!az_nsec3_hashname(z, hname, &hlen, nm, nmlen, algo, iter,
2983 node = az_find_name(z, hname, hlen);
2984 if(az_domain_rrset(node, LDNS_RR_TYPE_NSEC3))
2989 /** Return nextcloser name (as a ref into the qname). This is one label
2990 * more than the cenm (cename must be a suffix of qname) */
2992 az_nsec3_get_nextcloser(uint8_t* cenm, uint8_t* qname, size_t qname_len,
2993 uint8_t** nx, size_t* nxlen)
2995 int celabs = dname_count_labels(cenm);
2996 int qlabs = dname_count_labels(qname);
2997 int strip = qlabs - celabs -1;
2998 log_assert(dname_strict_subdomain(qname, qlabs, cenm, celabs));
3002 dname_remove_labels(nx, nxlen, strip);
3005 /** Find the closest encloser that has exact NSEC3.
3006 * updated cenm to the new name. If it went up no-exact-ce is true. */
3007 static struct auth_data*
3008 az_nsec3_find_ce(struct auth_zone* z, uint8_t** cenm, size_t* cenmlen,
3009 int* no_exact_ce, int algo, size_t iter, uint8_t* salt, size_t saltlen)
3011 struct auth_data* node;
3012 while((node = az_nsec3_find_exact(z, *cenm, *cenmlen,
3013 algo, iter, salt, saltlen)) == NULL) {
3014 if(*cenmlen == z->namelen) {
3015 /* next step up would take us out of the zone. fail */
3019 dname_remove_label(cenm, cenmlen);
3024 /* Insert NSEC3 record in authority section, if NULL does nothing */
3026 az_nsec3_insert(struct auth_zone* z, struct regional* region,
3027 struct dns_msg* msg, struct auth_data* node)
3029 struct auth_rrset* nsec3;
3030 if(!node) return 1; /* no node, skip this */
3031 nsec3 = az_domain_rrset(node, LDNS_RR_TYPE_NSEC3);
3032 if(!nsec3) return 1; /* if no nsec3 RR, skip it */
3033 if(!msg_add_rrset_ns(z, region, msg, node, nsec3)) return 0;
3037 /** add NSEC3 records to the zone for the nsec3 proof.
3038 * Specify with the flags with parts of the proof are required.
3039 * the ce is the exact matching name (for notype) but also delegation points.
3040 * qname is the one where the nextcloser name can be derived from.
3041 * If NSEC3 is not properly there (in the zone) nothing is added.
3042 * always enabled: include nsec3 proving about the Closest Encloser.
3043 * that is an exact match that should exist for it.
3044 * If that does not exist, a higher exact match + nxproof is enabled
3045 * (for some sort of opt-out empty nonterminal cases).
3046 * nodataproof: search for exact match and include that instead.
3047 * ceproof: include ce proof NSEC3 (omitted for wildcard replies).
3048 * nxproof: include denial of the qname.
3049 * wcproof: include denial of wildcard (wildcard.ce).
3052 az_add_nsec3_proof(struct auth_zone* z, struct regional* region,
3053 struct dns_msg* msg, uint8_t* cenm, size_t cenmlen, uint8_t* qname,
3054 size_t qname_len, int nodataproof, int ceproof, int nxproof,
3058 size_t iter, saltlen;
3060 int no_exact_ce = 0;
3061 struct auth_data* node;
3063 /* find parameters of nsec3 proof */
3064 if(!az_nsec3_param(z, &algo, &iter, &salt, &saltlen))
3065 return 1; /* no nsec3 */
3067 /* see if the node has a hash of itself for the nodata
3068 * proof nsec3, this has to be an exact match nsec3. */
3069 struct auth_data* match;
3070 match = az_nsec3_find_exact(z, qname, qname_len, algo,
3071 iter, salt, saltlen);
3073 if(!az_nsec3_insert(z, region, msg, match))
3075 /* only nodata NSEC3 needed, no CE or others. */
3079 /* find ce that has an NSEC3 */
3081 node = az_nsec3_find_ce(z, &cenm, &cenmlen, &no_exact_ce,
3082 algo, iter, salt, saltlen);
3083 if(no_exact_ce) nxproof = 1;
3084 if(!az_nsec3_insert(z, region, msg, node))
3091 /* create nextcloser domain name */
3092 az_nsec3_get_nextcloser(cenm, qname, qname_len, &nx, &nxlen);
3093 /* find nsec3 that matches or covers it */
3094 node = az_nsec3_find_cover(z, nx, nxlen, algo, iter, salt,
3096 if(!az_nsec3_insert(z, region, msg, node))
3100 /* create wildcard name *.ce */
3101 uint8_t wc[LDNS_MAX_DOMAINLEN];
3103 if(cenmlen+2 > sizeof(wc))
3104 return 0; /* result would be too long */
3105 wc[0] = 1; /* length of wildcard label */
3106 wc[1] = (uint8_t)'*'; /* wildcard label */
3107 memmove(wc+2, cenm, cenmlen);
3109 /* find nsec3 that matches or covers it */
3110 node = az_nsec3_find_cover(z, wc, wclen, algo, iter, salt,
3112 if(!az_nsec3_insert(z, region, msg, node))
3118 /** generate answer for positive answer */
3120 az_generate_positive_answer(struct auth_zone* z, struct regional* region,
3121 struct dns_msg* msg, struct auth_data* node, struct auth_rrset* rrset)
3123 if(!msg_add_rrset_an(z, region, msg, node, rrset)) return 0;
3124 /* see if we want additional rrs */
3125 if(rrset->type == LDNS_RR_TYPE_MX) {
3126 if(!az_add_additionals_from(z, region, msg, rrset, 2))
3128 } else if(rrset->type == LDNS_RR_TYPE_SRV) {
3129 if(!az_add_additionals_from(z, region, msg, rrset, 6))
3131 } else if(rrset->type == LDNS_RR_TYPE_NS) {
3132 if(!az_add_additionals_from(z, region, msg, rrset, 0))
3138 /** generate answer for type ANY answer */
3140 az_generate_any_answer(struct auth_zone* z, struct regional* region,
3141 struct dns_msg* msg, struct auth_data* node)
3143 struct auth_rrset* rrset;
3145 /* add a couple (at least one) RRs */
3146 if((rrset=az_domain_rrset(node, LDNS_RR_TYPE_SOA)) != NULL) {
3147 if(!msg_add_rrset_an(z, region, msg, node, rrset)) return 0;
3150 if((rrset=az_domain_rrset(node, LDNS_RR_TYPE_MX)) != NULL) {
3151 if(!msg_add_rrset_an(z, region, msg, node, rrset)) return 0;
3154 if((rrset=az_domain_rrset(node, LDNS_RR_TYPE_A)) != NULL) {
3155 if(!msg_add_rrset_an(z, region, msg, node, rrset)) return 0;
3158 if((rrset=az_domain_rrset(node, LDNS_RR_TYPE_AAAA)) != NULL) {
3159 if(!msg_add_rrset_an(z, region, msg, node, rrset)) return 0;
3162 if(added == 0 && node && node->rrsets) {
3163 if(!msg_add_rrset_an(z, region, msg, node,
3164 node->rrsets)) return 0;
3169 /** follow cname chain and add more data to the answer section */
3171 follow_cname_chain(struct auth_zone* z, uint16_t qtype,
3172 struct regional* region, struct dns_msg* msg,
3173 struct packed_rrset_data* d)
3176 /* see if we can add the target of the CNAME into the answer */
3177 while(maxchain++ < MAX_CNAME_CHAIN) {
3178 struct auth_data* node;
3179 struct auth_rrset* rrset;
3181 /* d has cname rdata */
3182 if(d->count == 0) break; /* no CNAME */
3183 if(d->rr_len[0] < 2+1) break; /* too small */
3184 if((clen=dname_valid(d->rr_data[0]+2, d->rr_len[0]-2))==0)
3185 break; /* malformed */
3186 if(!dname_subdomain_c(d->rr_data[0]+2, z->name))
3187 break; /* target out of zone */
3188 if((node = az_find_name(z, d->rr_data[0]+2, clen))==NULL)
3189 break; /* no such target name */
3190 if((rrset=az_domain_rrset(node, qtype))!=NULL) {
3191 /* done we found the target */
3192 if(!msg_add_rrset_an(z, region, msg, node, rrset))
3196 if((rrset=az_domain_rrset(node, LDNS_RR_TYPE_CNAME))==NULL)
3197 break; /* no further CNAME chain, notype */
3198 if(!msg_add_rrset_an(z, region, msg, node, rrset)) return 0;
3204 /** generate answer for cname answer */
3206 az_generate_cname_answer(struct auth_zone* z, struct query_info* qinfo,
3207 struct regional* region, struct dns_msg* msg,
3208 struct auth_data* node, struct auth_rrset* rrset)
3210 if(!msg_add_rrset_an(z, region, msg, node, rrset)) return 0;
3211 if(!rrset) return 1;
3212 if(!follow_cname_chain(z, qinfo->qtype, region, msg, rrset->data))
3217 /** generate answer for notype answer */
3219 az_generate_notype_answer(struct auth_zone* z, struct regional* region,
3220 struct dns_msg* msg, struct auth_data* node)
3222 struct auth_rrset* rrset;
3223 if(!az_add_negative_soa(z, region, msg)) return 0;
3224 /* DNSSEC denial NSEC */
3225 if((rrset=az_domain_rrset(node, LDNS_RR_TYPE_NSEC))!=NULL) {
3226 if(!msg_add_rrset_ns(z, region, msg, node, rrset)) return 0;
3228 /* DNSSEC denial NSEC3 */
3229 if(!az_add_nsec3_proof(z, region, msg, node->name,
3230 node->namelen, msg->qinfo.qname,
3231 msg->qinfo.qname_len, 1, 1, 0, 0))
3237 /** generate answer for referral answer */
3239 az_generate_referral_answer(struct auth_zone* z, struct regional* region,
3240 struct dns_msg* msg, struct auth_data* ce, struct auth_rrset* rrset)
3242 struct auth_rrset* ds, *nsec;
3243 /* turn off AA flag, referral is nonAA because it leaves the zone */
3245 msg->rep->flags &= ~BIT_AA;
3246 if(!msg_add_rrset_ns(z, region, msg, ce, rrset)) return 0;
3247 /* add DS or deny it */
3248 if((ds=az_domain_rrset(ce, LDNS_RR_TYPE_DS))!=NULL) {
3249 if(!msg_add_rrset_ns(z, region, msg, ce, ds)) return 0;
3252 if((nsec=az_domain_rrset(ce, LDNS_RR_TYPE_NSEC))!=NULL) {
3253 if(!msg_add_rrset_ns(z, region, msg, ce, nsec))
3256 if(!az_add_nsec3_proof(z, region, msg, ce->name,
3257 ce->namelen, msg->qinfo.qname,
3258 msg->qinfo.qname_len, 1, 1, 0, 0))
3262 /* add additional rrs for type NS */
3263 if(!az_add_additionals_from(z, region, msg, rrset, 0)) return 0;
3267 /** generate answer for DNAME answer */
3269 az_generate_dname_answer(struct auth_zone* z, struct query_info* qinfo,
3270 struct regional* region, struct dns_msg* msg, struct auth_data* ce,
3271 struct auth_rrset* rrset)
3274 /* add the DNAME and then a CNAME */
3275 if(!msg_add_rrset_an(z, region, msg, ce, rrset)) return 0;
3276 if(!add_synth_cname(z, qinfo->qname, qinfo->qname_len, region,
3277 msg, ce, rrset)) return 0;
3278 if(FLAGS_GET_RCODE(msg->rep->flags) == LDNS_RCODE_YXDOMAIN)
3280 if(msg->rep->rrset_count == 0 ||
3281 !msg->rep->rrsets[msg->rep->rrset_count-1])
3283 if(!follow_cname_chain(z, qinfo->qtype, region, msg,
3284 (struct packed_rrset_data*)msg->rep->rrsets[
3285 msg->rep->rrset_count-1]->entry.data))
3290 /** generate answer for wildcard answer */
3292 az_generate_wildcard_answer(struct auth_zone* z, struct query_info* qinfo,
3293 struct regional* region, struct dns_msg* msg, struct auth_data* ce,
3294 struct auth_data* wildcard, struct auth_data* node)
3296 struct auth_rrset* rrset, *nsec;
3298 if((rrset=az_domain_rrset(wildcard, qinfo->qtype)) != NULL) {
3299 /* wildcard has type, add it */
3300 if(!msg_add_rrset_an(z, region, msg, wildcard, rrset))
3302 az_change_dnames(msg, wildcard->name, msg->qinfo.qname,
3303 msg->qinfo.qname_len, 1);
3304 } else if((rrset=az_domain_rrset(wildcard, LDNS_RR_TYPE_CNAME))!=NULL) {
3305 /* wildcard has cname instead, do that */
3306 if(!msg_add_rrset_an(z, region, msg, wildcard, rrset))
3308 az_change_dnames(msg, wildcard->name, msg->qinfo.qname,
3309 msg->qinfo.qname_len, 1);
3310 if(!follow_cname_chain(z, qinfo->qtype, region, msg,
3313 } else if(qinfo->qtype == LDNS_RR_TYPE_ANY && wildcard->rrsets) {
3314 /* add ANY rrsets from wildcard node */
3315 if(!az_generate_any_answer(z, region, msg, wildcard))
3317 az_change_dnames(msg, wildcard->name, msg->qinfo.qname,
3318 msg->qinfo.qname_len, 1);
3320 /* wildcard has nodata, notype answer */
3321 /* call other notype routine for dnssec notype denials */
3322 if(!az_generate_notype_answer(z, region, msg, wildcard))
3324 /* because the notype, there is no positive data with an
3325 * RRSIG that indicates the wildcard position. Thus the
3326 * wildcard qname denial needs to have a CE nsec3. */
3330 /* ce and node for dnssec denial of wildcard original name */
3331 if((nsec=az_find_nsec_cover(z, &node)) != NULL) {
3332 if(!msg_add_rrset_ns(z, region, msg, node, nsec)) return 0;
3334 uint8_t* wildup = wildcard->name;
3335 size_t wilduplen= wildcard->namelen;
3336 dname_remove_label(&wildup, &wilduplen);
3337 if(!az_add_nsec3_proof(z, region, msg, wildup,
3338 wilduplen, msg->qinfo.qname,
3339 msg->qinfo.qname_len, 0, insert_ce, 1, 0))
3343 /* fixup name of wildcard from *.zone to qname, use already allocated
3344 * pointer to msg qname */
3345 az_change_dnames(msg, wildcard->name, msg->qinfo.qname,
3346 msg->qinfo.qname_len, 0);
3350 /** generate answer for nxdomain answer */
3352 az_generate_nxdomain_answer(struct auth_zone* z, struct regional* region,
3353 struct dns_msg* msg, struct auth_data* ce, struct auth_data* node)
3355 struct auth_rrset* nsec;
3356 msg->rep->flags |= LDNS_RCODE_NXDOMAIN;
3357 if(!az_add_negative_soa(z, region, msg)) return 0;
3358 if((nsec=az_find_nsec_cover(z, &node)) != NULL) {
3359 if(!msg_add_rrset_ns(z, region, msg, node, nsec)) return 0;
3360 if(ce && !az_nsec_wildcard_denial(z, region, msg, ce->name,
3361 ce->namelen)) return 0;
3363 if(!az_add_nsec3_proof(z, region, msg, ce->name,
3364 ce->namelen, msg->qinfo.qname,
3365 msg->qinfo.qname_len, 0, 1, 1, 1))
3371 /** Create answers when an exact match exists for the domain name */
3373 az_generate_answer_with_node(struct auth_zone* z, struct query_info* qinfo,
3374 struct regional* region, struct dns_msg* msg, struct auth_data* node)
3376 struct auth_rrset* rrset;
3377 /* positive answer, rrset we are looking for exists */
3378 if((rrset=az_domain_rrset(node, qinfo->qtype)) != NULL) {
3379 return az_generate_positive_answer(z, region, msg, node, rrset);
3382 if((rrset=az_domain_rrset(node, LDNS_RR_TYPE_CNAME)) != NULL) {
3383 return az_generate_cname_answer(z, qinfo, region, msg,
3387 if(qinfo->qtype == LDNS_RR_TYPE_ANY) {
3388 return az_generate_any_answer(z, region, msg, node);
3390 /* NOERROR/NODATA (no such type at domain name) */
3391 return az_generate_notype_answer(z, region, msg, node);
3394 /** Generate answer without an existing-node that we can use.
3395 * So it'll be a referral, DNAME or nxdomain */
3397 az_generate_answer_nonexistnode(struct auth_zone* z, struct query_info* qinfo,
3398 struct regional* region, struct dns_msg* msg, struct auth_data* ce,
3399 struct auth_rrset* rrset, struct auth_data* node)
3401 struct auth_data* wildcard;
3403 /* we do not have an exact matching name (that exists) */
3404 /* see if we have a NS or DNAME in the ce */
3405 if(ce && rrset && rrset->type == LDNS_RR_TYPE_NS) {
3406 return az_generate_referral_answer(z, region, msg, ce, rrset);
3408 if(ce && rrset && rrset->type == LDNS_RR_TYPE_DNAME) {
3409 return az_generate_dname_answer(z, qinfo, region, msg, ce,
3412 /* if there is an empty nonterminal, wildcard and nxdomain don't
3413 * happen, it is a notype answer */
3414 if(az_empty_nonterminal(z, qinfo, node)) {
3415 return az_generate_notype_answer(z, region, msg, node);
3417 /* see if we have a wildcard under the ce */
3418 if((wildcard=az_find_wildcard(z, qinfo, ce)) != NULL) {
3419 return az_generate_wildcard_answer(z, qinfo, region, msg,
3420 ce, wildcard, node);
3422 /* generate nxdomain answer */
3423 return az_generate_nxdomain_answer(z, region, msg, ce, node);
3426 /** Lookup answer in a zone. */
3428 auth_zone_generate_answer(struct auth_zone* z, struct query_info* qinfo,
3429 struct regional* region, struct dns_msg** msg, int* fallback)
3431 struct auth_data* node, *ce;
3432 struct auth_rrset* rrset;
3433 int node_exact, node_exists;
3434 /* does the zone want fallback in case of failure? */
3435 *fallback = z->fallback_enabled;
3436 if(!(*msg=msg_create(region, qinfo))) return 0;
3438 /* lookup if there is a matching domain name for the query */
3439 az_find_domain(z, qinfo, &node_exact, &node);
3441 /* see if node exists for generating answers from (i.e. not glue and
3442 * obscured by NS or DNAME or NSEC3-only), and also return the
3443 * closest-encloser from that, closest node that should be used
3444 * to generate answers from that is above the query */
3445 node_exists = az_find_ce(z, qinfo, node, node_exact, &ce, &rrset);
3447 if(verbosity >= VERB_ALGO) {
3448 char zname[256], qname[256], nname[256], cename[256],
3449 tpstr[32], rrstr[32];
3450 sldns_wire2str_dname_buf(qinfo->qname, qinfo->qname_len, qname,
3452 sldns_wire2str_type_buf(qinfo->qtype, tpstr, sizeof(tpstr));
3453 sldns_wire2str_dname_buf(z->name, z->namelen, zname,
3456 sldns_wire2str_dname_buf(node->name, node->namelen,
3457 nname, sizeof(nname));
3458 else snprintf(nname, sizeof(nname), "NULL");
3460 sldns_wire2str_dname_buf(ce->name, ce->namelen,
3461 cename, sizeof(cename));
3462 else snprintf(cename, sizeof(cename), "NULL");
3463 if(rrset) sldns_wire2str_type_buf(rrset->type, rrstr,
3465 else snprintf(rrstr, sizeof(rrstr), "NULL");
3466 log_info("auth_zone %s query %s %s, domain %s %s %s, "
3467 "ce %s, rrset %s", zname, qname, tpstr, nname,
3468 (node_exact?"exact":"notexact"),
3469 (node_exists?"exist":"notexist"), cename, rrstr);
3473 /* the node is fine, generate answer from node */
3474 return az_generate_answer_with_node(z, qinfo, region, *msg,
3477 return az_generate_answer_nonexistnode(z, qinfo, region, *msg,
3481 int auth_zones_lookup(struct auth_zones* az, struct query_info* qinfo,
3482 struct regional* region, struct dns_msg** msg, int* fallback,
3483 uint8_t* dp_nm, size_t dp_nmlen)
3486 struct auth_zone* z;
3487 /* find the zone that should contain the answer. */
3488 lock_rw_rdlock(&az->lock);
3489 z = auth_zone_find(az, dp_nm, dp_nmlen, qinfo->qclass);
3491 lock_rw_unlock(&az->lock);
3492 /* no auth zone, fallback to internet */
3496 lock_rw_rdlock(&z->lock);
3497 lock_rw_unlock(&az->lock);
3499 /* if not for upstream queries, fallback */
3500 if(!z->for_upstream) {
3501 lock_rw_unlock(&z->lock);
3505 if(z->zone_expired) {
3506 *fallback = z->fallback_enabled;
3507 lock_rw_unlock(&z->lock);
3510 /* see what answer that zone would generate */
3511 r = auth_zone_generate_answer(z, qinfo, region, msg, fallback);
3512 lock_rw_unlock(&z->lock);
3516 /** encode auth answer */
3518 auth_answer_encode(struct query_info* qinfo, struct module_env* env,
3519 struct edns_data* edns, struct comm_reply* repinfo, sldns_buffer* buf,
3520 struct regional* temp, struct dns_msg* msg)
3523 udpsize = edns->udp_size;
3524 edns->edns_version = EDNS_ADVERTISED_VERSION;
3525 edns->udp_size = EDNS_ADVERTISED_SIZE;
3526 edns->ext_rcode = 0;
3527 edns->bits &= EDNS_DO;
3529 if(!inplace_cb_reply_local_call(env, qinfo, NULL, msg->rep,
3530 (int)FLAGS_GET_RCODE(msg->rep->flags), edns, repinfo, temp, env->now_tv)
3531 || !reply_info_answer_encode(qinfo, msg->rep,
3532 *(uint16_t*)sldns_buffer_begin(buf),
3533 sldns_buffer_read_u16_at(buf, 2),
3534 buf, 0, 0, temp, udpsize, edns,
3535 (int)(edns->bits&EDNS_DO), 0)) {
3536 error_encode(buf, (LDNS_RCODE_SERVFAIL|BIT_AA), qinfo,
3537 *(uint16_t*)sldns_buffer_begin(buf),
3538 sldns_buffer_read_u16_at(buf, 2), edns);
3542 /** encode auth error answer */
3544 auth_error_encode(struct query_info* qinfo, struct module_env* env,
3545 struct edns_data* edns, struct comm_reply* repinfo, sldns_buffer* buf,
3546 struct regional* temp, int rcode)
3548 edns->edns_version = EDNS_ADVERTISED_VERSION;
3549 edns->udp_size = EDNS_ADVERTISED_SIZE;
3550 edns->ext_rcode = 0;
3551 edns->bits &= EDNS_DO;
3553 if(!inplace_cb_reply_local_call(env, qinfo, NULL, NULL,
3554 rcode, edns, repinfo, temp, env->now_tv))
3555 edns->opt_list_inplace_cb_out = NULL;
3556 error_encode(buf, rcode|BIT_AA, qinfo,
3557 *(uint16_t*)sldns_buffer_begin(buf),
3558 sldns_buffer_read_u16_at(buf, 2), edns);
3561 int auth_zones_answer(struct auth_zones* az, struct module_env* env,
3562 struct query_info* qinfo, struct edns_data* edns,
3563 struct comm_reply* repinfo, struct sldns_buffer* buf, struct regional* temp)
3565 struct dns_msg* msg = NULL;
3566 struct auth_zone* z;
3570 lock_rw_rdlock(&az->lock);
3571 if(!az->have_downstream) {
3572 /* no downstream auth zones */
3573 lock_rw_unlock(&az->lock);
3576 if(qinfo->qtype == LDNS_RR_TYPE_DS) {
3577 uint8_t* delname = qinfo->qname;
3578 size_t delnamelen = qinfo->qname_len;
3579 dname_remove_label(&delname, &delnamelen);
3580 z = auth_zones_find_zone(az, delname, delnamelen,
3583 z = auth_zones_find_zone(az, qinfo->qname, qinfo->qname_len,
3587 /* no zone above it */
3588 lock_rw_unlock(&az->lock);
3591 lock_rw_rdlock(&z->lock);
3592 lock_rw_unlock(&az->lock);
3593 if(!z->for_downstream) {
3594 lock_rw_unlock(&z->lock);
3597 if(z->zone_expired) {
3598 if(z->fallback_enabled) {
3599 lock_rw_unlock(&z->lock);
3602 lock_rw_unlock(&z->lock);
3603 lock_rw_wrlock(&az->lock);
3604 az->num_query_down++;
3605 lock_rw_unlock(&az->lock);
3606 auth_error_encode(qinfo, env, edns, repinfo, buf, temp,
3607 LDNS_RCODE_SERVFAIL);
3611 /* answer it from zone z */
3612 r = auth_zone_generate_answer(z, qinfo, temp, &msg, &fallback);
3613 lock_rw_unlock(&z->lock);
3614 if(!r && fallback) {
3615 /* fallback to regular answering (recursive) */
3618 lock_rw_wrlock(&az->lock);
3619 az->num_query_down++;
3620 lock_rw_unlock(&az->lock);
3624 auth_error_encode(qinfo, env, edns, repinfo, buf, temp,
3625 LDNS_RCODE_SERVFAIL);
3626 else auth_answer_encode(qinfo, env, edns, repinfo, buf, temp, msg);
3631 int auth_zones_can_fallback(struct auth_zones* az, uint8_t* nm, size_t nmlen,
3635 struct auth_zone* z;
3636 lock_rw_rdlock(&az->lock);
3637 z = auth_zone_find(az, nm, nmlen, dclass);
3639 lock_rw_unlock(&az->lock);
3640 /* no such auth zone, fallback */
3643 lock_rw_rdlock(&z->lock);
3644 lock_rw_unlock(&az->lock);
3645 r = z->fallback_enabled || (!z->for_upstream);
3646 lock_rw_unlock(&z->lock);
3651 auth_zone_parse_notify_serial(sldns_buffer* pkt, uint32_t *serial)
3653 struct query_info q;
3655 memset(&q, 0, sizeof(q));
3656 sldns_buffer_set_position(pkt, 0);
3657 if(!query_info_parse(&q, pkt)) return 0;
3658 if(LDNS_ANCOUNT(sldns_buffer_begin(pkt)) == 0) return 0;
3659 /* skip name of RR in answer section */
3660 if(sldns_buffer_remaining(pkt) < 1) return 0;
3661 if(pkt_dname_len(pkt) == 0) return 0;
3663 if(sldns_buffer_remaining(pkt) < 10 /* type,class,ttl,rdatalen*/)
3665 if(sldns_buffer_read_u16(pkt) != LDNS_RR_TYPE_SOA) return 0;
3666 sldns_buffer_skip(pkt, 2); /* class */
3667 sldns_buffer_skip(pkt, 4); /* ttl */
3668 rdlen = sldns_buffer_read_u16(pkt); /* rdatalen */
3669 if(sldns_buffer_remaining(pkt) < rdlen) return 0;
3670 if(rdlen < 22) return 0; /* bad soa length */
3671 sldns_buffer_skip(pkt, (ssize_t)(rdlen-20));
3672 *serial = sldns_buffer_read_u32(pkt);
3673 /* return true when has serial in answer section */
3677 /** see if addr appears in the list */
3679 addr_in_list(struct auth_addr* list, struct sockaddr_storage* addr,
3682 struct auth_addr* p;
3683 for(p=list; p; p=p->next) {
3684 if(sockaddr_cmp_addr(addr, addrlen, &p->addr, p->addrlen)==0)
3690 /** check if an address matches a master specification (or one of its
3691 * addresses in the addr list) */
3693 addr_matches_master(struct auth_master* master, struct sockaddr_storage* addr,
3694 socklen_t addrlen, struct auth_master** fromhost)
3696 struct sockaddr_storage a;
3699 if(addr_in_list(master->list, addr, addrlen)) {
3703 /* compare address (but not port number, that is the destination
3704 * port of the master, the port number of the received notify is
3705 * allowed to by any port on that master) */
3706 if(extstrtoaddr(master->host, &a, &alen, UNBOUND_DNS_PORT) &&
3707 sockaddr_cmp_addr(addr, addrlen, &a, alen)==0) {
3711 /* prefixes, addr/len, like 10.0.0.0/8 */
3712 /* not http and has a / and there is one / */
3713 if(master->allow_notify && !master->http &&
3714 strchr(master->host, '/') != NULL &&
3715 strchr(master->host, '/') == strrchr(master->host, '/') &&
3716 netblockstrtoaddr(master->host, UNBOUND_DNS_PORT, &a, &alen,
3717 &net) && alen == addrlen) {
3718 if(addr_in_common(addr, (addr_is_ip6(addr, addrlen)?128:32),
3719 &a, net, alen) >= net) {
3720 *fromhost = NULL; /* prefix does not have destination
3721 to send the probe or transfer with */
3722 return 1; /* matches the netblock */
3728 /** check access list for notifies */
3730 az_xfr_allowed_notify(struct auth_xfer* xfr, struct sockaddr_storage* addr,
3731 socklen_t addrlen, struct auth_master** fromhost)
3733 struct auth_master* p;
3734 for(p=xfr->allow_notify_list; p; p=p->next) {
3735 if(addr_matches_master(p, addr, addrlen, fromhost)) {
3742 /** see if the serial means the zone has to be updated, i.e. the serial
3743 * is newer than the zone serial, or we have no zone */
3745 xfr_serial_means_update(struct auth_xfer* xfr, uint32_t serial)
3748 return 1; /* no zone, anything is better */
3749 if(xfr->zone_expired)
3750 return 1; /* expired, the sent serial is better than expired
3752 if(compare_serial(xfr->serial, serial) < 0)
3753 return 1; /* our serial is smaller than the sent serial,
3754 the data is newer, fetch it */
3758 /** note notify serial, updates the notify information in the xfr struct */
3760 xfr_note_notify_serial(struct auth_xfer* xfr, int has_serial, uint32_t serial)
3762 if(xfr->notify_received && xfr->notify_has_serial && has_serial) {
3763 /* see if this serial is newer */
3764 if(compare_serial(xfr->notify_serial, serial) < 0)
3765 xfr->notify_serial = serial;
3766 } else if(xfr->notify_received && xfr->notify_has_serial &&
3768 /* remove serial, we have notify without serial */
3769 xfr->notify_has_serial = 0;
3770 xfr->notify_serial = 0;
3771 } else if(xfr->notify_received && !xfr->notify_has_serial) {
3772 /* we already have notify without serial, keep it
3773 * that way; no serial check when current operation
3776 xfr->notify_received = 1;
3777 xfr->notify_has_serial = has_serial;
3778 xfr->notify_serial = serial;
3782 /** process a notify serial, start new probe or note serial. xfr is locked */
3784 xfr_process_notify(struct auth_xfer* xfr, struct module_env* env,
3785 int has_serial, uint32_t serial, struct auth_master* fromhost)
3787 /* if the serial of notify is older than we have, don't fetch
3788 * a zone, we already have it */
3789 if(has_serial && !xfr_serial_means_update(xfr, serial)) {
3790 lock_basic_unlock(&xfr->lock);
3793 /* start new probe with this addr src, or note serial */
3794 if(!xfr_start_probe(xfr, env, fromhost)) {
3795 /* not started because already in progress, note the serial */
3796 xfr_note_notify_serial(xfr, has_serial, serial);
3797 lock_basic_unlock(&xfr->lock);
3799 /* successful end of start_probe unlocked xfr->lock */
3802 int auth_zones_notify(struct auth_zones* az, struct module_env* env,
3803 uint8_t* nm, size_t nmlen, uint16_t dclass,
3804 struct sockaddr_storage* addr, socklen_t addrlen, int has_serial,
3805 uint32_t serial, int* refused)
3807 struct auth_xfer* xfr;
3808 struct auth_master* fromhost = NULL;
3809 /* see which zone this is */
3810 lock_rw_rdlock(&az->lock);
3811 xfr = auth_xfer_find(az, nm, nmlen, dclass);
3813 lock_rw_unlock(&az->lock);
3814 /* no such zone, refuse the notify */
3818 lock_basic_lock(&xfr->lock);
3819 lock_rw_unlock(&az->lock);
3821 /* check access list for notifies */
3822 if(!az_xfr_allowed_notify(xfr, addr, addrlen, &fromhost)) {
3823 lock_basic_unlock(&xfr->lock);
3824 /* notify not allowed, refuse the notify */
3829 /* process the notify */
3830 xfr_process_notify(xfr, env, has_serial, serial, fromhost);
3834 int auth_zones_startprobesequence(struct auth_zones* az,
3835 struct module_env* env, uint8_t* nm, size_t nmlen, uint16_t dclass)
3837 struct auth_xfer* xfr;
3838 lock_rw_rdlock(&az->lock);
3839 xfr = auth_xfer_find(az, nm, nmlen, dclass);
3841 lock_rw_unlock(&az->lock);
3844 lock_basic_lock(&xfr->lock);
3845 lock_rw_unlock(&az->lock);
3847 xfr_process_notify(xfr, env, 0, 0, NULL);
3851 /** set a zone expired */
3853 auth_xfer_set_expired(struct auth_xfer* xfr, struct module_env* env,
3856 struct auth_zone* z;
3859 lock_basic_lock(&xfr->lock);
3860 xfr->zone_expired = expired;
3861 lock_basic_unlock(&xfr->lock);
3863 /* find auth_zone */
3864 lock_rw_rdlock(&env->auth_zones->lock);
3865 z = auth_zone_find(env->auth_zones, xfr->name, xfr->namelen,
3868 lock_rw_unlock(&env->auth_zones->lock);
3871 lock_rw_wrlock(&z->lock);
3872 lock_rw_unlock(&env->auth_zones->lock);
3874 /* expire auth_zone */
3875 z->zone_expired = expired;
3876 lock_rw_unlock(&z->lock);
3879 /** find master (from notify or probe) in list of masters */
3880 static struct auth_master*
3881 find_master_by_host(struct auth_master* list, char* host)
3883 struct auth_master* p;
3884 for(p=list; p; p=p->next) {
3885 if(strcmp(p->host, host) == 0)
3891 /** delete the looked up auth_addrs for all the masters in the list */
3893 xfr_masterlist_free_addrs(struct auth_master* list)
3895 struct auth_master* m;
3896 for(m=list; m; m=m->next) {
3898 auth_free_master_addrs(m->list);
3904 /** copy a list of auth_addrs */
3905 static struct auth_addr*
3906 auth_addr_list_copy(struct auth_addr* source)
3908 struct auth_addr* list = NULL, *last = NULL;
3909 struct auth_addr* p;
3910 for(p=source; p; p=p->next) {
3911 struct auth_addr* a = (struct auth_addr*)memdup(p, sizeof(*p));
3913 log_err("malloc failure");
3914 auth_free_master_addrs(list);
3918 if(last) last->next = a;
3925 /** copy a master to a new structure, NULL on alloc failure */
3926 static struct auth_master*
3927 auth_master_copy(struct auth_master* o)
3929 struct auth_master* m;
3931 m = (struct auth_master*)memdup(o, sizeof(*o));
3933 log_err("malloc failure");
3938 m->host = strdup(m->host);
3941 log_err("malloc failure");
3946 m->file = strdup(m->file);
3950 log_err("malloc failure");
3955 m->list = auth_addr_list_copy(m->list);
3966 /** copy the master addresses from the task_probe lookups to the allow_notify
3967 * list of masters */
3969 probe_copy_masters_for_allow_notify(struct auth_xfer* xfr)
3971 struct auth_master* list = NULL, *last = NULL;
3972 struct auth_master* p;
3973 /* build up new list with copies */
3974 for(p = xfr->task_transfer->masters; p; p=p->next) {
3975 struct auth_master* m = auth_master_copy(p);
3977 auth_free_masters(list);
3978 /* failed because of malloc failure, use old list */
3982 if(last) last->next = m;
3986 /* success, replace list */
3987 auth_free_masters(xfr->allow_notify_list);
3988 xfr->allow_notify_list = list;
3991 /** start the lookups for task_transfer */
3993 xfr_transfer_start_lookups(struct auth_xfer* xfr)
3995 /* delete all the looked up addresses in the list */
3996 xfr->task_transfer->scan_addr = NULL;
3997 xfr_masterlist_free_addrs(xfr->task_transfer->masters);
3999 /* start lookup at the first master */
4000 xfr->task_transfer->lookup_target = xfr->task_transfer->masters;
4001 xfr->task_transfer->lookup_aaaa = 0;
4004 /** move to the next lookup of hostname for task_transfer */
4006 xfr_transfer_move_to_next_lookup(struct auth_xfer* xfr, struct module_env* env)
4008 if(!xfr->task_transfer->lookup_target)
4009 return; /* already at end of list */
4010 if(!xfr->task_transfer->lookup_aaaa && env->cfg->do_ip6) {
4011 /* move to lookup AAAA */
4012 xfr->task_transfer->lookup_aaaa = 1;
4015 xfr->task_transfer->lookup_target =
4016 xfr->task_transfer->lookup_target->next;
4017 xfr->task_transfer->lookup_aaaa = 0;
4018 if(!env->cfg->do_ip4 && xfr->task_transfer->lookup_target!=NULL)
4019 xfr->task_transfer->lookup_aaaa = 1;
4022 /** start the lookups for task_probe */
4024 xfr_probe_start_lookups(struct auth_xfer* xfr)
4026 /* delete all the looked up addresses in the list */
4027 xfr->task_probe->scan_addr = NULL;
4028 xfr_masterlist_free_addrs(xfr->task_probe->masters);
4030 /* start lookup at the first master */
4031 xfr->task_probe->lookup_target = xfr->task_probe->masters;
4032 xfr->task_probe->lookup_aaaa = 0;
4035 /** move to the next lookup of hostname for task_probe */
4037 xfr_probe_move_to_next_lookup(struct auth_xfer* xfr, struct module_env* env)
4039 if(!xfr->task_probe->lookup_target)
4040 return; /* already at end of list */
4041 if(!xfr->task_probe->lookup_aaaa && env->cfg->do_ip6) {
4042 /* move to lookup AAAA */
4043 xfr->task_probe->lookup_aaaa = 1;
4046 xfr->task_probe->lookup_target = xfr->task_probe->lookup_target->next;
4047 xfr->task_probe->lookup_aaaa = 0;
4048 if(!env->cfg->do_ip4 && xfr->task_probe->lookup_target!=NULL)
4049 xfr->task_probe->lookup_aaaa = 1;
4052 /** start the iteration of the task_transfer list of masters */
4054 xfr_transfer_start_list(struct auth_xfer* xfr, struct auth_master* spec)
4057 xfr->task_transfer->scan_specific = find_master_by_host(
4058 xfr->task_transfer->masters, spec->host);
4059 if(xfr->task_transfer->scan_specific) {
4060 xfr->task_transfer->scan_target = NULL;
4061 xfr->task_transfer->scan_addr = NULL;
4062 if(xfr->task_transfer->scan_specific->list)
4063 xfr->task_transfer->scan_addr =
4064 xfr->task_transfer->scan_specific->list;
4068 /* no specific (notified) host to scan */
4069 xfr->task_transfer->scan_specific = NULL;
4070 xfr->task_transfer->scan_addr = NULL;
4071 /* pick up first scan target */
4072 xfr->task_transfer->scan_target = xfr->task_transfer->masters;
4073 if(xfr->task_transfer->scan_target && xfr->task_transfer->
4075 xfr->task_transfer->scan_addr =
4076 xfr->task_transfer->scan_target->list;
4079 /** start the iteration of the task_probe list of masters */
4081 xfr_probe_start_list(struct auth_xfer* xfr, struct auth_master* spec)
4084 xfr->task_probe->scan_specific = find_master_by_host(
4085 xfr->task_probe->masters, spec->host);
4086 if(xfr->task_probe->scan_specific) {
4087 xfr->task_probe->scan_target = NULL;
4088 xfr->task_probe->scan_addr = NULL;
4089 if(xfr->task_probe->scan_specific->list)
4090 xfr->task_probe->scan_addr =
4091 xfr->task_probe->scan_specific->list;
4095 /* no specific (notified) host to scan */
4096 xfr->task_probe->scan_specific = NULL;
4097 xfr->task_probe->scan_addr = NULL;
4098 /* pick up first scan target */
4099 xfr->task_probe->scan_target = xfr->task_probe->masters;
4100 if(xfr->task_probe->scan_target && xfr->task_probe->scan_target->list)
4101 xfr->task_probe->scan_addr =
4102 xfr->task_probe->scan_target->list;
4105 /** pick up the master that is being scanned right now, task_transfer */
4106 static struct auth_master*
4107 xfr_transfer_current_master(struct auth_xfer* xfr)
4109 if(xfr->task_transfer->scan_specific)
4110 return xfr->task_transfer->scan_specific;
4111 return xfr->task_transfer->scan_target;
4114 /** pick up the master that is being scanned right now, task_probe */
4115 static struct auth_master*
4116 xfr_probe_current_master(struct auth_xfer* xfr)
4118 if(xfr->task_probe->scan_specific)
4119 return xfr->task_probe->scan_specific;
4120 return xfr->task_probe->scan_target;
4123 /** true if at end of list, task_transfer */
4125 xfr_transfer_end_of_list(struct auth_xfer* xfr)
4127 return !xfr->task_transfer->scan_specific &&
4128 !xfr->task_transfer->scan_target;
4131 /** true if at end of list, task_probe */
4133 xfr_probe_end_of_list(struct auth_xfer* xfr)
4135 return !xfr->task_probe->scan_specific && !xfr->task_probe->scan_target;
4138 /** move to next master in list, task_transfer */
4140 xfr_transfer_nextmaster(struct auth_xfer* xfr)
4142 if(!xfr->task_transfer->scan_specific &&
4143 !xfr->task_transfer->scan_target)
4145 if(xfr->task_transfer->scan_addr) {
4146 xfr->task_transfer->scan_addr =
4147 xfr->task_transfer->scan_addr->next;
4148 if(xfr->task_transfer->scan_addr)
4151 if(xfr->task_transfer->scan_specific) {
4152 xfr->task_transfer->scan_specific = NULL;
4153 xfr->task_transfer->scan_target = xfr->task_transfer->masters;
4154 if(xfr->task_transfer->scan_target && xfr->task_transfer->
4156 xfr->task_transfer->scan_addr =
4157 xfr->task_transfer->scan_target->list;
4160 if(!xfr->task_transfer->scan_target)
4162 xfr->task_transfer->scan_target = xfr->task_transfer->scan_target->next;
4163 if(xfr->task_transfer->scan_target && xfr->task_transfer->
4165 xfr->task_transfer->scan_addr =
4166 xfr->task_transfer->scan_target->list;
4170 /** move to next master in list, task_probe */
4172 xfr_probe_nextmaster(struct auth_xfer* xfr)
4174 if(!xfr->task_probe->scan_specific && !xfr->task_probe->scan_target)
4176 if(xfr->task_probe->scan_addr) {
4177 xfr->task_probe->scan_addr = xfr->task_probe->scan_addr->next;
4178 if(xfr->task_probe->scan_addr)
4181 if(xfr->task_probe->scan_specific) {
4182 xfr->task_probe->scan_specific = NULL;
4183 xfr->task_probe->scan_target = xfr->task_probe->masters;
4184 if(xfr->task_probe->scan_target && xfr->task_probe->
4186 xfr->task_probe->scan_addr =
4187 xfr->task_probe->scan_target->list;
4190 if(!xfr->task_probe->scan_target)
4192 xfr->task_probe->scan_target = xfr->task_probe->scan_target->next;
4193 if(xfr->task_probe->scan_target && xfr->task_probe->
4195 xfr->task_probe->scan_addr =
4196 xfr->task_probe->scan_target->list;
4200 /** create SOA probe packet for xfr */
4202 xfr_create_soa_probe_packet(struct auth_xfer* xfr, sldns_buffer* buf,
4205 struct query_info qinfo;
4207 memset(&qinfo, 0, sizeof(qinfo));
4208 qinfo.qname = xfr->name;
4209 qinfo.qname_len = xfr->namelen;
4210 qinfo.qtype = LDNS_RR_TYPE_SOA;
4211 qinfo.qclass = xfr->dclass;
4212 qinfo_query_encode(buf, &qinfo);
4213 sldns_buffer_write_u16_at(buf, 0, id);
4216 /** create IXFR/AXFR packet for xfr */
4218 xfr_create_ixfr_packet(struct auth_xfer* xfr, sldns_buffer* buf, uint16_t id,
4219 struct auth_master* master)
4221 struct query_info qinfo;
4224 have_zone = xfr->have_zone;
4225 serial = xfr->serial;
4227 memset(&qinfo, 0, sizeof(qinfo));
4228 qinfo.qname = xfr->name;
4229 qinfo.qname_len = xfr->namelen;
4230 xfr->task_transfer->got_xfr_serial = 0;
4231 xfr->task_transfer->rr_scan_num = 0;
4232 xfr->task_transfer->incoming_xfr_serial = 0;
4233 xfr->task_transfer->on_ixfr_is_axfr = 0;
4234 xfr->task_transfer->on_ixfr = 1;
4235 qinfo.qtype = LDNS_RR_TYPE_IXFR;
4236 if(!have_zone || xfr->task_transfer->ixfr_fail || !master->ixfr) {
4237 qinfo.qtype = LDNS_RR_TYPE_AXFR;
4238 xfr->task_transfer->ixfr_fail = 0;
4239 xfr->task_transfer->on_ixfr = 0;
4242 qinfo.qclass = xfr->dclass;
4243 qinfo_query_encode(buf, &qinfo);
4244 sldns_buffer_write_u16_at(buf, 0, id);
4246 /* append serial for IXFR */
4247 if(qinfo.qtype == LDNS_RR_TYPE_IXFR) {
4248 size_t end = sldns_buffer_limit(buf);
4249 sldns_buffer_clear(buf);
4250 sldns_buffer_set_position(buf, end);
4251 /* auth section count 1 */
4252 sldns_buffer_write_u16_at(buf, LDNS_NSCOUNT_OFF, 1);
4254 sldns_buffer_write_u8(buf, 0xC0); /* compressed ptr to qname */
4255 sldns_buffer_write_u8(buf, 0x0C);
4256 sldns_buffer_write_u16(buf, LDNS_RR_TYPE_SOA);
4257 sldns_buffer_write_u16(buf, qinfo.qclass);
4258 sldns_buffer_write_u32(buf, 0); /* ttl */
4259 sldns_buffer_write_u16(buf, 22); /* rdata length */
4260 sldns_buffer_write_u8(buf, 0); /* . */
4261 sldns_buffer_write_u8(buf, 0); /* . */
4262 sldns_buffer_write_u32(buf, serial); /* serial */
4263 sldns_buffer_write_u32(buf, 0); /* refresh */
4264 sldns_buffer_write_u32(buf, 0); /* retry */
4265 sldns_buffer_write_u32(buf, 0); /* expire */
4266 sldns_buffer_write_u32(buf, 0); /* minimum */
4267 sldns_buffer_flip(buf);
4271 /** check if returned packet is OK */
4273 check_packet_ok(sldns_buffer* pkt, uint16_t qtype, struct auth_xfer* xfr,
4276 /* parse to see if packet worked, valid reply */
4278 /* check serial number of SOA */
4279 if(sldns_buffer_limit(pkt) < LDNS_HEADER_SIZE)
4283 if(LDNS_ID_WIRE(sldns_buffer_begin(pkt)) != xfr->task_probe->id)
4286 /* check flag bits and rcode */
4287 if(!LDNS_QR_WIRE(sldns_buffer_begin(pkt)))
4289 if(LDNS_OPCODE_WIRE(sldns_buffer_begin(pkt)) != LDNS_PACKET_QUERY)
4291 if(LDNS_RCODE_WIRE(sldns_buffer_begin(pkt)) != LDNS_RCODE_NOERROR)
4295 if(LDNS_QDCOUNT(sldns_buffer_begin(pkt)) != 1)
4297 sldns_buffer_skip(pkt, LDNS_HEADER_SIZE);
4298 if(sldns_buffer_remaining(pkt) < xfr->namelen)
4300 if(query_dname_compare(sldns_buffer_current(pkt), xfr->name) != 0)
4302 sldns_buffer_skip(pkt, (ssize_t)xfr->namelen);
4304 /* check qtype, qclass */
4305 if(sldns_buffer_remaining(pkt) < 4)
4307 if(sldns_buffer_read_u16(pkt) != qtype)
4309 if(sldns_buffer_read_u16(pkt) != xfr->dclass)
4314 /* read serial number, from answer section SOA */
4315 if(LDNS_ANCOUNT(sldns_buffer_begin(pkt)) == 0)
4317 /* read from first record SOA record */
4318 if(sldns_buffer_remaining(pkt) < 1)
4320 if(dname_pkt_compare(pkt, sldns_buffer_current(pkt),
4323 if(!pkt_dname_len(pkt))
4325 /* type, class, ttl, rdatalen */
4326 if(sldns_buffer_remaining(pkt) < 4+4+2)
4328 if(sldns_buffer_read_u16(pkt) != qtype)
4330 if(sldns_buffer_read_u16(pkt) != xfr->dclass)
4332 sldns_buffer_skip(pkt, 4); /* ttl */
4333 rdlen = sldns_buffer_read_u16(pkt);
4334 if(sldns_buffer_remaining(pkt) < rdlen)
4336 if(sldns_buffer_remaining(pkt) < 1)
4338 if(!pkt_dname_len(pkt)) /* soa name */
4340 if(sldns_buffer_remaining(pkt) < 1)
4342 if(!pkt_dname_len(pkt)) /* soa name */
4344 if(sldns_buffer_remaining(pkt) < 20)
4346 *serial = sldns_buffer_read_u32(pkt);
4351 /** read one line from chunks into buffer at current position */
4353 chunkline_get_line(struct auth_chunk** chunk, size_t* chunk_pos,
4358 /* more text in this chunk? */
4359 if(*chunk_pos < (*chunk)->len) {
4361 while(*chunk_pos < (*chunk)->len) {
4362 char c = (char)((*chunk)->data[*chunk_pos]);
4364 if(sldns_buffer_remaining(buf) < 2) {
4365 /* buffer too short */
4366 verbose(VERB_ALGO, "http chunkline, "
4370 sldns_buffer_write_u8(buf, (uint8_t)c);
4377 /* move to next chunk */
4378 *chunk = (*chunk)->next;
4382 if(readsome) return 1;
4386 /** count number of open and closed parenthesis in a chunkline */
4388 chunkline_count_parens(sldns_buffer* buf, size_t start)
4390 size_t end = sldns_buffer_position(buf);
4393 int squote = 0, dquote = 0;
4394 for(i=start; i<end; i++) {
4395 char c = (char)sldns_buffer_read_u8_at(buf, i);
4396 if(squote && c != '\'') continue;
4397 if(dquote && c != '"') continue;
4399 dquote = !dquote; /* skip quoted part */
4401 squote = !squote; /* skip quoted part */
4407 /* rest is a comment */
4414 /** remove trailing ;... comment from a line in the chunkline buffer */
4416 chunkline_remove_trailcomment(sldns_buffer* buf, size_t start)
4418 size_t end = sldns_buffer_position(buf);
4420 int squote = 0, dquote = 0;
4421 for(i=start; i<end; i++) {
4422 char c = (char)sldns_buffer_read_u8_at(buf, i);
4423 if(squote && c != '\'') continue;
4424 if(dquote && c != '"') continue;
4426 dquote = !dquote; /* skip quoted part */
4428 squote = !squote; /* skip quoted part */
4430 /* rest is a comment */
4431 sldns_buffer_set_position(buf, i);
4435 /* nothing to remove */
4438 /** see if a chunkline is a comment line (or empty line) */
4440 chunkline_is_comment_line_or_empty(sldns_buffer* buf)
4442 size_t i, end = sldns_buffer_limit(buf);
4443 for(i=0; i<end; i++) {
4444 char c = (char)sldns_buffer_read_u8_at(buf, i);
4446 return 1; /* comment */
4447 else if(c != ' ' && c != '\t' && c != '\r' && c != '\n')
4448 return 0; /* not a comment */
4450 return 1; /* empty */
4453 /** find a line with ( ) collated */
4455 chunkline_get_line_collated(struct auth_chunk** chunk, size_t* chunk_pos,
4460 sldns_buffer_clear(buf);
4461 pos = sldns_buffer_position(buf);
4462 if(!chunkline_get_line(chunk, chunk_pos, buf)) {
4463 if(sldns_buffer_position(buf) < sldns_buffer_limit(buf))
4464 sldns_buffer_write_u8_at(buf, sldns_buffer_position(buf), 0);
4465 else sldns_buffer_write_u8_at(buf, sldns_buffer_position(buf)-1, 0);
4466 sldns_buffer_flip(buf);
4469 parens += chunkline_count_parens(buf, pos);
4471 chunkline_remove_trailcomment(buf, pos);
4472 pos = sldns_buffer_position(buf);
4473 if(!chunkline_get_line(chunk, chunk_pos, buf)) {
4474 if(sldns_buffer_position(buf) < sldns_buffer_limit(buf))
4475 sldns_buffer_write_u8_at(buf, sldns_buffer_position(buf), 0);
4476 else sldns_buffer_write_u8_at(buf, sldns_buffer_position(buf)-1, 0);
4477 sldns_buffer_flip(buf);
4480 parens += chunkline_count_parens(buf, pos);
4483 if(sldns_buffer_remaining(buf) < 1) {
4484 verbose(VERB_ALGO, "http chunkline: "
4488 sldns_buffer_write_u8_at(buf, sldns_buffer_position(buf), 0);
4489 sldns_buffer_flip(buf);
4493 /** process $ORIGIN for http, 0 nothing, 1 done, 2 error */
4495 http_parse_origin(sldns_buffer* buf, struct sldns_file_parse_state* pstate)
4497 char* line = (char*)sldns_buffer_begin(buf);
4498 if(strncmp(line, "$ORIGIN", 7) == 0 &&
4499 isspace((unsigned char)line[7])) {
4501 pstate->origin_len = sizeof(pstate->origin);
4502 s = sldns_str2wire_dname_buf(sldns_strip_ws(line+8),
4503 pstate->origin, &pstate->origin_len);
4505 pstate->origin_len = 0;
4513 /** process $TTL for http, 0 nothing, 1 done, 2 error */
4515 http_parse_ttl(sldns_buffer* buf, struct sldns_file_parse_state* pstate)
4517 char* line = (char*)sldns_buffer_begin(buf);
4518 if(strncmp(line, "$TTL", 4) == 0 &&
4519 isspace((unsigned char)line[4])) {
4520 const char* end = NULL;
4522 pstate->default_ttl = sldns_str2period(
4523 sldns_strip_ws(line+5), &end, &overflow);
4532 /** find noncomment RR line in chunks, collates lines if ( ) format */
4534 chunkline_non_comment_RR(struct auth_chunk** chunk, size_t* chunk_pos,
4535 sldns_buffer* buf, struct sldns_file_parse_state* pstate)
4538 while(chunkline_get_line_collated(chunk, chunk_pos, buf)) {
4539 if(chunkline_is_comment_line_or_empty(buf)) {
4540 /* a comment, go to next line */
4543 if((ret=http_parse_origin(buf, pstate))!=0) {
4546 continue; /* $ORIGIN has been handled */
4548 if((ret=http_parse_ttl(buf, pstate))!=0) {
4551 continue; /* $TTL has been handled */
4555 /* no noncomments, fail */
4559 /** check syntax of chunklist zonefile, parse first RR, return false on
4560 * failure and return a string in the scratch buffer (first RR string)
4563 http_zonefile_syntax_check(struct auth_xfer* xfr, sldns_buffer* buf)
4565 uint8_t rr[LDNS_RR_BUF_SIZE];
4566 size_t rr_len, dname_len = 0;
4567 struct sldns_file_parse_state pstate;
4568 struct auth_chunk* chunk;
4571 memset(&pstate, 0, sizeof(pstate));
4572 pstate.default_ttl = 3600;
4573 if(xfr->namelen < sizeof(pstate.origin)) {
4574 pstate.origin_len = xfr->namelen;
4575 memmove(pstate.origin, xfr->name, xfr->namelen);
4577 chunk = xfr->task_transfer->chunks_first;
4579 if(!chunkline_non_comment_RR(&chunk, &chunk_pos, buf, &pstate)) {
4582 rr_len = sizeof(rr);
4583 e=sldns_str2wire_rr_buf((char*)sldns_buffer_begin(buf), rr, &rr_len,
4584 &dname_len, pstate.default_ttl,
4585 pstate.origin_len?pstate.origin:NULL, pstate.origin_len,
4586 pstate.prev_rr_len?pstate.prev_rr:NULL, pstate.prev_rr_len);
4588 log_err("parse failure on first RR[%d]: %s",
4589 LDNS_WIREPARSE_OFFSET(e),
4590 sldns_get_errorstr_parse(LDNS_WIREPARSE_ERROR(e)));
4593 /* check that class is correct */
4594 if(sldns_wirerr_get_class(rr, rr_len, dname_len) != xfr->dclass) {
4595 log_err("parse failure: first record in downloaded zonefile "
4596 "from wrong RR class");
4602 /** sum sizes of chunklist */
4604 chunklist_sum(struct auth_chunk* list)
4606 struct auth_chunk* p;
4608 for(p=list; p; p=p->next) {
4614 /** remove newlines from collated line */
4616 chunkline_newline_removal(sldns_buffer* buf)
4618 size_t i, end=sldns_buffer_limit(buf);
4619 for(i=0; i<end; i++) {
4620 char c = (char)sldns_buffer_read_u8_at(buf, i);
4621 if(c == '\n' && i==end-1) {
4622 sldns_buffer_write_u8_at(buf, i, 0);
4623 sldns_buffer_set_limit(buf, end-1);
4627 sldns_buffer_write_u8_at(buf, i, (uint8_t)' ');
4631 /** for http download, parse and add RR to zone */
4633 http_parse_add_rr(struct auth_xfer* xfr, struct auth_zone* z,
4634 sldns_buffer* buf, struct sldns_file_parse_state* pstate)
4636 uint8_t rr[LDNS_RR_BUF_SIZE];
4637 size_t rr_len, dname_len = 0;
4639 char* line = (char*)sldns_buffer_begin(buf);
4640 rr_len = sizeof(rr);
4641 e = sldns_str2wire_rr_buf(line, rr, &rr_len, &dname_len,
4642 pstate->default_ttl,
4643 pstate->origin_len?pstate->origin:NULL, pstate->origin_len,
4644 pstate->prev_rr_len?pstate->prev_rr:NULL, pstate->prev_rr_len);
4646 log_err("%s/%s parse failure RR[%d]: %s in '%s'",
4647 xfr->task_transfer->master->host,
4648 xfr->task_transfer->master->file,
4649 LDNS_WIREPARSE_OFFSET(e),
4650 sldns_get_errorstr_parse(LDNS_WIREPARSE_ERROR(e)),
4655 return 1; /* empty line or so */
4658 if(dname_len < sizeof(pstate->prev_rr)) {
4659 memmove(pstate->prev_rr, rr, dname_len);
4660 pstate->prev_rr_len = dname_len;
4663 return az_insert_rr(z, rr, rr_len, dname_len, NULL);
4666 /** RR list iterator, returns RRs from answer section one by one from the
4667 * dns packets in the chunklist */
4669 chunk_rrlist_start(struct auth_xfer* xfr, struct auth_chunk** rr_chunk,
4670 int* rr_num, size_t* rr_pos)
4672 *rr_chunk = xfr->task_transfer->chunks_first;
4677 /** RR list iterator, see if we are at the end of the list */
4679 chunk_rrlist_end(struct auth_chunk* rr_chunk, int rr_num)
4682 if(rr_chunk->len < LDNS_HEADER_SIZE)
4684 if(rr_num < (int)LDNS_ANCOUNT(rr_chunk->data))
4686 /* no more RRs in this chunk */
4687 /* continue with next chunk, see if it has RRs */
4688 rr_chunk = rr_chunk->next;
4694 /** RR list iterator, move to next RR */
4696 chunk_rrlist_gonext(struct auth_chunk** rr_chunk, int* rr_num,
4697 size_t* rr_pos, size_t rr_nextpos)
4699 /* already at end of chunks? */
4702 /* move within this chunk */
4703 if((*rr_chunk)->len >= LDNS_HEADER_SIZE &&
4704 (*rr_num)+1 < (int)LDNS_ANCOUNT((*rr_chunk)->data)) {
4706 *rr_pos = rr_nextpos;
4709 /* no more RRs in this chunk */
4710 /* continue with next chunk, see if it has RRs */
4712 *rr_chunk = (*rr_chunk)->next;
4716 if((*rr_chunk)->len >= LDNS_HEADER_SIZE &&
4717 LDNS_ANCOUNT((*rr_chunk)->data) > 0) {
4720 *rr_chunk = (*rr_chunk)->next;
4724 /** RR iterator, get current RR information, false on parse error */
4726 chunk_rrlist_get_current(struct auth_chunk* rr_chunk, int rr_num,
4727 size_t rr_pos, uint8_t** rr_dname, uint16_t* rr_type,
4728 uint16_t* rr_class, uint32_t* rr_ttl, uint16_t* rr_rdlen,
4729 uint8_t** rr_rdata, size_t* rr_nextpos)
4732 /* integrity checks on position */
4733 if(!rr_chunk) return 0;
4734 if(rr_chunk->len < LDNS_HEADER_SIZE) return 0;
4735 if(rr_num >= (int)LDNS_ANCOUNT(rr_chunk->data)) return 0;
4736 if(rr_pos >= rr_chunk->len) return 0;
4738 /* fetch rr information */
4739 sldns_buffer_init_frm_data(&pkt, rr_chunk->data, rr_chunk->len);
4742 /* skip question section */
4743 sldns_buffer_set_position(&pkt, LDNS_HEADER_SIZE);
4744 for(i=0; i<LDNS_QDCOUNT(rr_chunk->data); i++) {
4745 if(pkt_dname_len(&pkt) == 0) return 0;
4746 if(sldns_buffer_remaining(&pkt) < 4) return 0;
4747 sldns_buffer_skip(&pkt, 4); /* type and class */
4750 sldns_buffer_set_position(&pkt, rr_pos);
4752 *rr_dname = sldns_buffer_current(&pkt);
4753 if(pkt_dname_len(&pkt) == 0) return 0;
4754 if(sldns_buffer_remaining(&pkt) < 10) return 0;
4755 *rr_type = sldns_buffer_read_u16(&pkt);
4756 *rr_class = sldns_buffer_read_u16(&pkt);
4757 *rr_ttl = sldns_buffer_read_u32(&pkt);
4758 *rr_rdlen = sldns_buffer_read_u16(&pkt);
4759 if(sldns_buffer_remaining(&pkt) < (*rr_rdlen)) return 0;
4760 *rr_rdata = sldns_buffer_current(&pkt);
4761 sldns_buffer_skip(&pkt, (ssize_t)(*rr_rdlen));
4762 *rr_nextpos = sldns_buffer_position(&pkt);
4766 /** print log message where we are in parsing the zone transfer */
4768 log_rrlist_position(const char* label, struct auth_chunk* rr_chunk,
4769 uint8_t* rr_dname, uint16_t rr_type, size_t rr_counter)
4776 sldns_buffer_init_frm_data(&pkt, rr_chunk->data, rr_chunk->len);
4777 sldns_buffer_set_position(&pkt, (size_t)(rr_dname -
4778 sldns_buffer_begin(&pkt)));
4779 if((dlen=pkt_dname_len(&pkt)) == 0) return;
4780 if(dlen >= sizeof(buf)) return;
4781 dname_pkt_copy(&pkt, buf, rr_dname);
4782 dname_str(buf, str);
4783 (void)sldns_wire2str_type_buf(rr_type, typestr, sizeof(typestr));
4784 verbose(VERB_ALGO, "%s at[%d] %s %s", label, (int)rr_counter,
4788 /** check that start serial is OK for ixfr. we are at rr_counter == 0,
4789 * and we are going to check rr_counter == 1 (has to be type SOA) serial */
4791 ixfr_start_serial(struct auth_chunk* rr_chunk, int rr_num, size_t rr_pos,
4792 uint8_t* rr_dname, uint16_t rr_type, uint16_t rr_class,
4793 uint32_t rr_ttl, uint16_t rr_rdlen, uint8_t* rr_rdata,
4794 size_t rr_nextpos, uint32_t transfer_serial, uint32_t xfr_serial)
4796 uint32_t startserial;
4797 /* move forward on RR */
4798 chunk_rrlist_gonext(&rr_chunk, &rr_num, &rr_pos, rr_nextpos);
4799 if(chunk_rrlist_end(rr_chunk, rr_num)) {
4801 verbose(VERB_OPS, "IXFR has no second SOA record");
4804 if(!chunk_rrlist_get_current(rr_chunk, rr_num, rr_pos,
4805 &rr_dname, &rr_type, &rr_class, &rr_ttl, &rr_rdlen,
4806 &rr_rdata, &rr_nextpos)) {
4807 verbose(VERB_OPS, "IXFR cannot parse second SOA record");
4808 /* failed to parse RR */
4811 if(rr_type != LDNS_RR_TYPE_SOA) {
4812 verbose(VERB_OPS, "IXFR second record is not type SOA");
4816 verbose(VERB_OPS, "IXFR, second SOA has short rdlength");
4817 return 0; /* bad SOA rdlen */
4819 startserial = sldns_read_uint32(rr_rdata+rr_rdlen-20);
4820 if(startserial == transfer_serial) {
4821 /* empty AXFR, not an IXFR */
4822 verbose(VERB_OPS, "IXFR second serial same as first");
4825 if(startserial != xfr_serial) {
4826 /* wrong start serial, it does not match the serial in
4828 verbose(VERB_OPS, "IXFR is from serial %u to %u but %u "
4829 "in memory, rejecting the zone transfer",
4830 (unsigned)startserial, (unsigned)transfer_serial,
4831 (unsigned)xfr_serial);
4834 /* everything OK in second SOA serial */
4838 /** apply IXFR to zone in memory. z is locked. false on failure(mallocfail) */
4840 apply_ixfr(struct auth_xfer* xfr, struct auth_zone* z,
4841 struct sldns_buffer* scratch_buffer)
4843 struct auth_chunk* rr_chunk;
4846 uint8_t* rr_dname, *rr_rdata;
4847 uint16_t rr_type, rr_class, rr_rdlen;
4850 int have_transfer_serial = 0;
4851 uint32_t transfer_serial = 0;
4852 size_t rr_counter = 0;
4856 /* start RR iterator over chunklist of packets */
4857 chunk_rrlist_start(xfr, &rr_chunk, &rr_num, &rr_pos);
4858 while(!chunk_rrlist_end(rr_chunk, rr_num)) {
4859 if(!chunk_rrlist_get_current(rr_chunk, rr_num, rr_pos,
4860 &rr_dname, &rr_type, &rr_class, &rr_ttl, &rr_rdlen,
4861 &rr_rdata, &rr_nextpos)) {
4862 /* failed to parse RR */
4865 if(verbosity>=7) log_rrlist_position("apply ixfr",
4866 rr_chunk, rr_dname, rr_type, rr_counter);
4867 /* twiddle add/del mode and check for start and end */
4868 if(rr_counter == 0 && rr_type != LDNS_RR_TYPE_SOA)
4870 if(rr_counter == 1 && rr_type != LDNS_RR_TYPE_SOA) {
4871 /* this is an AXFR returned from the IXFR master */
4872 /* but that should already have been detected, by
4873 * on_ixfr_is_axfr */
4876 if(rr_type == LDNS_RR_TYPE_SOA) {
4878 if(rr_rdlen < 22) return 0; /* bad SOA rdlen */
4879 serial = sldns_read_uint32(rr_rdata+rr_rdlen-20);
4880 if(have_transfer_serial == 0) {
4881 have_transfer_serial = 1;
4882 transfer_serial = serial;
4883 delmode = 1; /* gets negated below */
4884 /* check second RR before going any further */
4885 if(!ixfr_start_serial(rr_chunk, rr_num, rr_pos,
4886 rr_dname, rr_type, rr_class, rr_ttl,
4887 rr_rdlen, rr_rdata, rr_nextpos,
4888 transfer_serial, xfr->serial)) {
4891 } else if(transfer_serial == serial) {
4892 have_transfer_serial++;
4893 if(rr_counter == 1) {
4894 /* empty AXFR, with SOA; SOA; */
4895 /* should have been detected by
4896 * on_ixfr_is_axfr */
4899 if(have_transfer_serial == 3) {
4900 /* see serial three times for end */
4903 * SOA 1 second RR, followed by del
4904 * SOA 2 followed by add
4905 * SOA 2 followed by del
4906 * SOA 3 followed by add
4908 /* ended by SOA record */
4909 xfr->serial = transfer_serial;
4913 /* twiddle add/del mode */
4914 /* switch from delete part to add part and back again
4915 * just before the soa, it gets deleted and added too
4916 * this means we switch to delete mode for the final
4917 * SOA(so skip that one) */
4920 /* process this RR */
4921 /* if the RR is deleted twice or added twice, then we
4922 * softfail, and continue with the rest of the IXFR, so
4923 * that we serve something fairly nice during the refetch */
4924 if(verbosity>=7) log_rrlist_position((delmode?"del":"add"),
4925 rr_chunk, rr_dname, rr_type, rr_counter);
4927 /* delete this RR */
4929 if(!az_remove_rr_decompress(z, rr_chunk->data,
4930 rr_chunk->len, scratch_buffer, rr_dname,
4931 rr_type, rr_class, rr_ttl, rr_rdata, rr_rdlen,
4933 /* failed, malloc error or so */
4937 /* it was removal of a nonexisting RR */
4938 if(verbosity>=4) log_rrlist_position(
4939 "IXFR error nonexistent RR",
4940 rr_chunk, rr_dname, rr_type, rr_counter);
4943 } else if(rr_counter != 0) {
4944 /* skip first SOA RR for addition, it is added in
4945 * the addition part near the end of the ixfr, when
4946 * that serial is seen the second time. */
4949 if(!az_insert_rr_decompress(z, rr_chunk->data,
4950 rr_chunk->len, scratch_buffer, rr_dname,
4951 rr_type, rr_class, rr_ttl, rr_rdata, rr_rdlen,
4953 /* failed, malloc error or so */
4957 /* it was a duplicate */
4958 if(verbosity>=4) log_rrlist_position(
4959 "IXFR error duplicate RR",
4960 rr_chunk, rr_dname, rr_type, rr_counter);
4966 chunk_rrlist_gonext(&rr_chunk, &rr_num, &rr_pos, rr_nextpos);
4969 verbose(VERB_ALGO, "IXFR did not apply cleanly, fetching full zone");
4975 /** apply AXFR to zone in memory. z is locked. false on failure(mallocfail) */
4977 apply_axfr(struct auth_xfer* xfr, struct auth_zone* z,
4978 struct sldns_buffer* scratch_buffer)
4980 struct auth_chunk* rr_chunk;
4983 uint8_t* rr_dname, *rr_rdata;
4984 uint16_t rr_type, rr_class, rr_rdlen;
4986 uint32_t serial = 0;
4988 size_t rr_counter = 0;
4989 int have_end_soa = 0;
4991 /* clear the data tree */
4992 traverse_postorder(&z->data, auth_data_del, NULL);
4993 rbtree_init(&z->data, &auth_data_cmp);
4994 /* clear the RPZ policies */
5001 /* insert all RRs in to the zone */
5002 /* insert the SOA only once, skip the last one */
5003 /* start RR iterator over chunklist of packets */
5004 chunk_rrlist_start(xfr, &rr_chunk, &rr_num, &rr_pos);
5005 while(!chunk_rrlist_end(rr_chunk, rr_num)) {
5006 if(!chunk_rrlist_get_current(rr_chunk, rr_num, rr_pos,
5007 &rr_dname, &rr_type, &rr_class, &rr_ttl, &rr_rdlen,
5008 &rr_rdata, &rr_nextpos)) {
5009 /* failed to parse RR */
5012 if(verbosity>=7) log_rrlist_position("apply_axfr",
5013 rr_chunk, rr_dname, rr_type, rr_counter);
5014 if(rr_type == LDNS_RR_TYPE_SOA) {
5015 if(rr_counter != 0) {
5016 /* end of the axfr */
5020 if(rr_rdlen < 22) return 0; /* bad SOA rdlen */
5021 serial = sldns_read_uint32(rr_rdata+rr_rdlen-20);
5025 if(!az_insert_rr_decompress(z, rr_chunk->data, rr_chunk->len,
5026 scratch_buffer, rr_dname, rr_type, rr_class, rr_ttl,
5027 rr_rdata, rr_rdlen, NULL)) {
5028 /* failed, malloc error or so */
5033 chunk_rrlist_gonext(&rr_chunk, &rr_num, &rr_pos, rr_nextpos);
5036 log_err("no end SOA record for AXFR");
5040 xfr->serial = serial;
5045 /** apply HTTP to zone in memory. z is locked. false on failure(mallocfail) */
5047 apply_http(struct auth_xfer* xfr, struct auth_zone* z,
5048 struct sldns_buffer* scratch_buffer)
5050 /* parse data in chunks */
5051 /* parse RR's and read into memory. ignore $INCLUDE from the
5053 struct sldns_file_parse_state pstate;
5054 struct auth_chunk* chunk;
5057 memset(&pstate, 0, sizeof(pstate));
5058 pstate.default_ttl = 3600;
5059 if(xfr->namelen < sizeof(pstate.origin)) {
5060 pstate.origin_len = xfr->namelen;
5061 memmove(pstate.origin, xfr->name, xfr->namelen);
5064 if(verbosity >= VERB_ALGO)
5065 verbose(VERB_ALGO, "http download %s of size %d",
5066 xfr->task_transfer->master->file,
5067 (int)chunklist_sum(xfr->task_transfer->chunks_first));
5068 if(xfr->task_transfer->chunks_first && verbosity >= VERB_ALGO) {
5070 if(xfr->task_transfer->chunks_first->len+1 > sizeof(preview)) {
5071 memmove(preview, xfr->task_transfer->chunks_first->data,
5073 preview[sizeof(preview)-1]=0;
5075 memmove(preview, xfr->task_transfer->chunks_first->data,
5076 xfr->task_transfer->chunks_first->len);
5077 preview[xfr->task_transfer->chunks_first->len]=0;
5079 log_info("auth zone http downloaded content preview: %s",
5083 /* perhaps a little syntax check before we try to apply the data? */
5084 if(!http_zonefile_syntax_check(xfr, scratch_buffer)) {
5085 log_err("http download %s/%s does not contain a zonefile, "
5086 "but got '%s'", xfr->task_transfer->master->host,
5087 xfr->task_transfer->master->file,
5088 sldns_buffer_begin(scratch_buffer));
5092 /* clear the data tree */
5093 traverse_postorder(&z->data, auth_data_del, NULL);
5094 rbtree_init(&z->data, &auth_data_cmp);
5095 /* clear the RPZ policies */
5102 chunk = xfr->task_transfer->chunks_first;
5105 while(chunkline_get_line_collated(&chunk, &chunk_pos, scratch_buffer)) {
5106 /* process this line */
5108 chunkline_newline_removal(scratch_buffer);
5109 if(chunkline_is_comment_line_or_empty(scratch_buffer)) {
5112 /* parse line and add RR */
5113 if((ret=http_parse_origin(scratch_buffer, &pstate))!=0) {
5115 verbose(VERB_ALGO, "error parsing ORIGIN on line [%s:%d] %s",
5116 xfr->task_transfer->master->file,
5118 sldns_buffer_begin(scratch_buffer));
5121 continue; /* $ORIGIN has been handled */
5123 if((ret=http_parse_ttl(scratch_buffer, &pstate))!=0) {
5125 verbose(VERB_ALGO, "error parsing TTL on line [%s:%d] %s",
5126 xfr->task_transfer->master->file,
5128 sldns_buffer_begin(scratch_buffer));
5131 continue; /* $TTL has been handled */
5133 if(!http_parse_add_rr(xfr, z, scratch_buffer, &pstate)) {
5134 verbose(VERB_ALGO, "error parsing line [%s:%d] %s",
5135 xfr->task_transfer->master->file,
5137 sldns_buffer_begin(scratch_buffer));
5144 /** write http chunks to zonefile to create downloaded file */
5146 auth_zone_write_chunks(struct auth_xfer* xfr, const char* fname)
5149 struct auth_chunk* p;
5150 out = fopen(fname, "w");
5152 log_err("could not open %s: %s", fname, strerror(errno));
5155 for(p = xfr->task_transfer->chunks_first; p ; p = p->next) {
5156 if(!write_out(out, (char*)p->data, p->len)) {
5157 log_err("could not write http download to %s", fname);
5166 /** write to zonefile after zone has been updated */
5168 xfr_write_after_update(struct auth_xfer* xfr, struct module_env* env)
5170 struct config_file* cfg = env->cfg;
5171 struct auth_zone* z;
5174 lock_basic_unlock(&xfr->lock);
5176 /* get lock again, so it is a readlock and concurrently queries
5177 * can be answered */
5178 lock_rw_rdlock(&env->auth_zones->lock);
5179 z = auth_zone_find(env->auth_zones, xfr->name, xfr->namelen,
5182 lock_rw_unlock(&env->auth_zones->lock);
5183 /* the zone is gone, ignore xfr results */
5184 lock_basic_lock(&xfr->lock);
5187 lock_rw_rdlock(&z->lock);
5188 lock_basic_lock(&xfr->lock);
5189 lock_rw_unlock(&env->auth_zones->lock);
5191 if(z->zonefile == NULL || z->zonefile[0] == 0) {
5192 lock_rw_unlock(&z->lock);
5193 /* no write needed, no zonefile set */
5196 zfilename = z->zonefile;
5197 if(cfg->chrootdir && cfg->chrootdir[0] && strncmp(zfilename,
5198 cfg->chrootdir, strlen(cfg->chrootdir)) == 0)
5199 zfilename += strlen(cfg->chrootdir);
5200 if(verbosity >= VERB_ALGO) {
5202 dname_str(z->name, nm);
5203 verbose(VERB_ALGO, "write zonefile %s for %s", zfilename, nm);
5206 /* write to tempfile first */
5207 if((size_t)strlen(zfilename) + 16 > sizeof(tmpfile)) {
5208 verbose(VERB_ALGO, "tmpfilename too long, cannot update "
5209 " zonefile %s", zfilename);
5210 lock_rw_unlock(&z->lock);
5213 snprintf(tmpfile, sizeof(tmpfile), "%s.tmp%u", zfilename,
5214 (unsigned)getpid());
5215 if(xfr->task_transfer->master->http) {
5216 /* use the stored chunk list to write them */
5217 if(!auth_zone_write_chunks(xfr, tmpfile)) {
5219 lock_rw_unlock(&z->lock);
5222 } else if(!auth_zone_write_file(z, tmpfile)) {
5224 lock_rw_unlock(&z->lock);
5227 #ifdef UB_ON_WINDOWS
5228 (void)unlink(zfilename); /* windows does not replace file with rename() */
5230 if(rename(tmpfile, zfilename) < 0) {
5231 log_err("could not rename(%s, %s): %s", tmpfile, zfilename,
5234 lock_rw_unlock(&z->lock);
5237 lock_rw_unlock(&z->lock);
5240 /** reacquire locks and structures. Starts with no locks, ends
5241 * with xfr and z locks, if fail, no z lock */
5242 static int xfr_process_reacquire_locks(struct auth_xfer* xfr,
5243 struct module_env* env, struct auth_zone** z)
5245 /* release xfr lock, then, while holding az->lock grab both
5246 * z->lock and xfr->lock */
5247 lock_rw_rdlock(&env->auth_zones->lock);
5248 *z = auth_zone_find(env->auth_zones, xfr->name, xfr->namelen,
5251 lock_rw_unlock(&env->auth_zones->lock);
5252 lock_basic_lock(&xfr->lock);
5256 lock_rw_wrlock(&(*z)->lock);
5257 lock_basic_lock(&xfr->lock);
5258 lock_rw_unlock(&env->auth_zones->lock);
5262 /** process chunk list and update zone in memory,
5263 * return false if it did not work */
5265 xfr_process_chunk_list(struct auth_xfer* xfr, struct module_env* env,
5268 struct auth_zone* z;
5270 /* obtain locks and structures */
5271 lock_basic_unlock(&xfr->lock);
5272 if(!xfr_process_reacquire_locks(xfr, env, &z)) {
5273 /* the zone is gone, ignore xfr results */
5276 /* holding xfr and z locks */
5279 if(xfr->task_transfer->master->http) {
5280 if(!apply_http(xfr, z, env->scratch_buffer)) {
5281 lock_rw_unlock(&z->lock);
5282 verbose(VERB_ALGO, "http from %s: could not store data",
5283 xfr->task_transfer->master->host);
5286 } else if(xfr->task_transfer->on_ixfr &&
5287 !xfr->task_transfer->on_ixfr_is_axfr) {
5288 if(!apply_ixfr(xfr, z, env->scratch_buffer)) {
5289 lock_rw_unlock(&z->lock);
5290 verbose(VERB_ALGO, "xfr from %s: could not store IXFR"
5291 " data", xfr->task_transfer->master->host);
5296 if(!apply_axfr(xfr, z, env->scratch_buffer)) {
5297 lock_rw_unlock(&z->lock);
5298 verbose(VERB_ALGO, "xfr from %s: could not store AXFR"
5299 " data", xfr->task_transfer->master->host);
5303 xfr->zone_expired = 0;
5304 z->zone_expired = 0;
5305 if(!xfr_find_soa(z, xfr)) {
5306 lock_rw_unlock(&z->lock);
5307 verbose(VERB_ALGO, "xfr from %s: no SOA in zone after update"
5308 " (or malformed RR)", xfr->task_transfer->master->host);
5312 /* release xfr lock while verifying zonemd because it may have
5313 * to spawn lookups in the state machines */
5314 lock_basic_unlock(&xfr->lock);
5315 /* holding z lock */
5316 auth_zone_verify_zonemd(z, env, &env->mesh->mods, NULL, 0, 0);
5317 if(z->zone_expired) {
5319 /* ZONEMD must have failed */
5320 /* reacquire locks, so we hold xfr lock on exit of routine,
5321 * and both xfr and z again after releasing xfr for potential
5322 * state machine mesh callbacks */
5323 lock_rw_unlock(&z->lock);
5324 if(!xfr_process_reacquire_locks(xfr, env, &z))
5326 dname_str(xfr->name, zname);
5327 verbose(VERB_ALGO, "xfr from %s: ZONEMD failed for %s, transfer is failed", xfr->task_transfer->master->host, zname);
5328 xfr->zone_expired = 1;
5329 lock_rw_unlock(&z->lock);
5332 /* reacquire locks, so we hold xfr lock on exit of routine,
5333 * and both xfr and z again after releasing xfr for potential
5334 * state machine mesh callbacks */
5335 lock_rw_unlock(&z->lock);
5336 if(!xfr_process_reacquire_locks(xfr, env, &z))
5338 /* holding xfr and z locks */
5341 xfr->lease_time = *env->now;
5344 rpz_finish_config(z->rpz);
5347 lock_rw_unlock(&z->lock);
5349 if(verbosity >= VERB_QUERY && xfr->have_zone) {
5351 dname_str(xfr->name, zname);
5352 verbose(VERB_QUERY, "auth zone %s updated to serial %u", zname,
5353 (unsigned)xfr->serial);
5355 /* see if we need to write to a zonefile */
5356 xfr_write_after_update(xfr, env);
5360 /** disown task_transfer. caller must hold xfr.lock */
5362 xfr_transfer_disown(struct auth_xfer* xfr)
5364 /* remove timer (from this worker's event base) */
5365 comm_timer_delete(xfr->task_transfer->timer);
5366 xfr->task_transfer->timer = NULL;
5367 /* remove the commpoint */
5368 comm_point_delete(xfr->task_transfer->cp);
5369 xfr->task_transfer->cp = NULL;
5370 /* we don't own this item anymore */
5371 xfr->task_transfer->worker = NULL;
5372 xfr->task_transfer->env = NULL;
5375 /** lookup a host name for its addresses, if needed */
5377 xfr_transfer_lookup_host(struct auth_xfer* xfr, struct module_env* env)
5379 struct sockaddr_storage addr;
5380 socklen_t addrlen = 0;
5381 struct auth_master* master = xfr->task_transfer->lookup_target;
5382 struct query_info qinfo;
5383 uint16_t qflags = BIT_RD;
5384 uint8_t dname[LDNS_MAX_DOMAINLEN+1];
5385 struct edns_data edns;
5386 sldns_buffer* buf = env->scratch_buffer;
5387 if(!master) return 0;
5388 if(extstrtoaddr(master->host, &addr, &addrlen, UNBOUND_DNS_PORT)) {
5389 /* not needed, host is in IP addr format */
5392 if(master->allow_notify)
5393 return 0; /* allow-notifies are not transferred from, no
5396 /* use mesh_new_callback to probe for non-addr hosts,
5397 * and then wait for them to be looked up (in cache, or query) */
5398 qinfo.qname_len = sizeof(dname);
5399 if(sldns_str2wire_dname_buf(master->host, dname, &qinfo.qname_len)
5401 log_err("cannot parse host name of master %s", master->host);
5404 qinfo.qname = dname;
5405 qinfo.qclass = xfr->dclass;
5406 qinfo.qtype = LDNS_RR_TYPE_A;
5407 if(xfr->task_transfer->lookup_aaaa)
5408 qinfo.qtype = LDNS_RR_TYPE_AAAA;
5409 qinfo.local_alias = NULL;
5410 if(verbosity >= VERB_ALGO) {
5412 char buf2[LDNS_MAX_DOMAINLEN+1];
5413 dname_str(xfr->name, buf2);
5414 snprintf(buf1, sizeof(buf1), "auth zone %s: master lookup"
5415 " for task_transfer", buf2);
5416 log_query_info(VERB_ALGO, buf1, &qinfo);
5418 edns.edns_present = 1;
5420 edns.edns_version = 0;
5421 edns.bits = EDNS_DO;
5422 edns.opt_list_in = NULL;
5423 edns.opt_list_out = NULL;
5424 edns.opt_list_inplace_cb_out = NULL;
5425 edns.padding_block_size = 0;
5426 edns.cookie_present = 0;
5427 edns.cookie_valid = 0;
5428 if(sldns_buffer_capacity(buf) < 65535)
5429 edns.udp_size = (uint16_t)sldns_buffer_capacity(buf);
5430 else edns.udp_size = 65535;
5432 /* unlock xfr during mesh_new_callback() because the callback can be
5433 * called straight away */
5434 lock_basic_unlock(&xfr->lock);
5435 if(!mesh_new_callback(env->mesh, &qinfo, qflags, &edns, buf, 0,
5436 &auth_xfer_transfer_lookup_callback, xfr, 0)) {
5437 lock_basic_lock(&xfr->lock);
5438 log_err("out of memory lookup up master %s", master->host);
5441 lock_basic_lock(&xfr->lock);
5445 /** initiate TCP to the target and fetch zone.
5446 * returns true if that was successfully started, and timeout setup. */
5448 xfr_transfer_init_fetch(struct auth_xfer* xfr, struct module_env* env)
5450 struct sockaddr_storage addr;
5451 socklen_t addrlen = 0;
5452 struct auth_master* master = xfr->task_transfer->master;
5453 char *auth_name = NULL;
5456 if(!master) return 0;
5457 if(master->allow_notify) return 0; /* only for notify */
5459 /* get master addr */
5460 if(xfr->task_transfer->scan_addr) {
5461 addrlen = xfr->task_transfer->scan_addr->addrlen;
5462 memmove(&addr, &xfr->task_transfer->scan_addr->addr, addrlen);
5464 if(!authextstrtoaddr(master->host, &addr, &addrlen, &auth_name)) {
5465 /* the ones that are not in addr format are supposed
5466 * to be looked up. The lookup has failed however,
5469 dname_str(xfr->name, zname);
5470 log_err("%s: failed lookup, cannot transfer from master %s",
5471 zname, master->host);
5476 /* remove previous TCP connection (if any) */
5477 if(xfr->task_transfer->cp) {
5478 comm_point_delete(xfr->task_transfer->cp);
5479 xfr->task_transfer->cp = NULL;
5481 if(!xfr->task_transfer->timer) {
5482 xfr->task_transfer->timer = comm_timer_create(env->worker_base,
5483 auth_xfer_transfer_timer_callback, xfr);
5484 if(!xfr->task_transfer->timer) {
5485 log_err("malloc failure");
5489 timeout = AUTH_TRANSFER_TIMEOUT;
5491 t.tv_sec = timeout/1000;
5492 t.tv_usec = (timeout%1000)*1000;
5496 /* perform http fetch */
5497 /* store http port number into sockaddr,
5498 * unless someone used unbound's host@port notation */
5499 xfr->task_transfer->on_ixfr = 0;
5500 if(strchr(master->host, '@') == NULL)
5501 sockaddr_store_port(&addr, addrlen, master->port);
5502 xfr->task_transfer->cp = outnet_comm_point_for_http(
5503 env->outnet, auth_xfer_transfer_http_callback, xfr,
5504 &addr, addrlen, -1, master->ssl, master->host,
5505 master->file, env->cfg);
5506 if(!xfr->task_transfer->cp) {
5507 char zname[255+1], as[256];
5508 dname_str(xfr->name, zname);
5509 addr_to_str(&addr, addrlen, as, sizeof(as));
5510 verbose(VERB_ALGO, "cannot create http cp "
5511 "connection for %s to %s", zname, as);
5514 comm_timer_set(xfr->task_transfer->timer, &t);
5515 if(verbosity >= VERB_ALGO) {
5516 char zname[255+1], as[256];
5517 dname_str(xfr->name, zname);
5518 addr_to_str(&addr, addrlen, as, sizeof(as));
5519 verbose(VERB_ALGO, "auth zone %s transfer next HTTP fetch from %s started", zname, as);
5521 /* Create or refresh the list of allow_notify addrs */
5522 probe_copy_masters_for_allow_notify(xfr);
5526 /* perform AXFR/IXFR */
5527 /* set the packet to be written */
5529 xfr->task_transfer->id = GET_RANDOM_ID(env->rnd);
5530 xfr_create_ixfr_packet(xfr, env->scratch_buffer,
5531 xfr->task_transfer->id, master);
5534 xfr->task_transfer->cp = outnet_comm_point_for_tcp(env->outnet,
5535 auth_xfer_transfer_tcp_callback, xfr, &addr, addrlen,
5536 env->scratch_buffer, -1,
5537 auth_name != NULL, auth_name);
5538 if(!xfr->task_transfer->cp) {
5539 char zname[255+1], as[256];
5540 dname_str(xfr->name, zname);
5541 addr_to_str(&addr, addrlen, as, sizeof(as));
5542 verbose(VERB_ALGO, "cannot create tcp cp connection for "
5543 "xfr %s to %s", zname, as);
5546 comm_timer_set(xfr->task_transfer->timer, &t);
5547 if(verbosity >= VERB_ALGO) {
5548 char zname[255+1], as[256];
5549 dname_str(xfr->name, zname);
5550 addr_to_str(&addr, addrlen, as, sizeof(as));
5551 verbose(VERB_ALGO, "auth zone %s transfer next %s fetch from %s started", zname,
5552 (xfr->task_transfer->on_ixfr?"IXFR":"AXFR"), as);
5557 /** perform next lookup, next transfer TCP, or end and resume wait time task */
5559 xfr_transfer_nexttarget_or_end(struct auth_xfer* xfr, struct module_env* env)
5561 log_assert(xfr->task_transfer->worker == env->worker);
5563 /* are we performing lookups? */
5564 while(xfr->task_transfer->lookup_target) {
5565 if(xfr_transfer_lookup_host(xfr, env)) {
5566 /* wait for lookup to finish,
5567 * note that the hostname may be in unbound's cache
5568 * and we may then get an instant cache response,
5569 * and that calls the callback just like a full
5570 * lookup and lookup failures also call callback */
5571 if(verbosity >= VERB_ALGO) {
5573 dname_str(xfr->name, zname);
5574 verbose(VERB_ALGO, "auth zone %s transfer next target lookup", zname);
5576 lock_basic_unlock(&xfr->lock);
5579 xfr_transfer_move_to_next_lookup(xfr, env);
5582 /* initiate TCP and fetch the zone from the master */
5583 /* and set timeout on it */
5584 while(!xfr_transfer_end_of_list(xfr)) {
5585 xfr->task_transfer->master = xfr_transfer_current_master(xfr);
5586 if(xfr_transfer_init_fetch(xfr, env)) {
5587 /* successfully started, wait for callback */
5588 lock_basic_unlock(&xfr->lock);
5591 /* failed to fetch, next master */
5592 xfr_transfer_nextmaster(xfr);
5594 if(verbosity >= VERB_ALGO) {
5596 dname_str(xfr->name, zname);
5597 verbose(VERB_ALGO, "auth zone %s transfer failed, wait", zname);
5600 /* we failed to fetch the zone, move to wait task
5601 * use the shorter retry timeout */
5602 xfr_transfer_disown(xfr);
5604 /* pick up the nextprobe task and wait */
5605 if(xfr->task_nextprobe->worker == NULL)
5606 xfr_set_timeout(xfr, env, 1, 0);
5607 lock_basic_unlock(&xfr->lock);
5610 /** add addrs from A or AAAA rrset to the master */
5612 xfr_master_add_addrs(struct auth_master* m, struct ub_packed_rrset_key* rrset,
5616 struct packed_rrset_data* data;
5617 if(!m || !rrset) return;
5618 if(rrtype != LDNS_RR_TYPE_A && rrtype != LDNS_RR_TYPE_AAAA)
5620 data = (struct packed_rrset_data*)rrset->entry.data;
5621 for(i=0; i<data->count; i++) {
5622 struct auth_addr* a;
5623 size_t len = data->rr_len[i] - 2;
5624 uint8_t* rdata = data->rr_data[i]+2;
5625 if(rrtype == LDNS_RR_TYPE_A && len != INET_SIZE)
5626 continue; /* wrong length for A */
5627 if(rrtype == LDNS_RR_TYPE_AAAA && len != INET6_SIZE)
5628 continue; /* wrong length for AAAA */
5630 /* add and alloc it */
5631 a = (struct auth_addr*)calloc(1, sizeof(*a));
5633 log_err("out of memory");
5636 if(rrtype == LDNS_RR_TYPE_A) {
5637 struct sockaddr_in* sa;
5638 a->addrlen = (socklen_t)sizeof(*sa);
5639 sa = (struct sockaddr_in*)&a->addr;
5640 sa->sin_family = AF_INET;
5641 sa->sin_port = (in_port_t)htons(UNBOUND_DNS_PORT);
5642 memmove(&sa->sin_addr, rdata, INET_SIZE);
5644 struct sockaddr_in6* sa;
5645 a->addrlen = (socklen_t)sizeof(*sa);
5646 sa = (struct sockaddr_in6*)&a->addr;
5647 sa->sin6_family = AF_INET6;
5648 sa->sin6_port = (in_port_t)htons(UNBOUND_DNS_PORT);
5649 memmove(&sa->sin6_addr, rdata, INET6_SIZE);
5651 if(verbosity >= VERB_ALGO) {
5653 addr_to_str(&a->addr, a->addrlen, s, sizeof(s));
5654 verbose(VERB_ALGO, "auth host %s lookup %s",
5657 /* append to list */
5663 /** callback for task_transfer lookup of host name, of A or AAAA */
5664 void auth_xfer_transfer_lookup_callback(void* arg, int rcode, sldns_buffer* buf,
5665 enum sec_status ATTR_UNUSED(sec), char* ATTR_UNUSED(why_bogus),
5666 int ATTR_UNUSED(was_ratelimited))
5668 struct auth_xfer* xfr = (struct auth_xfer*)arg;
5669 struct module_env* env;
5670 log_assert(xfr->task_transfer);
5671 lock_basic_lock(&xfr->lock);
5672 env = xfr->task_transfer->env;
5673 if(!env || env->outnet->want_to_quit) {
5674 lock_basic_unlock(&xfr->lock);
5675 return; /* stop on quit */
5678 /* process result */
5679 if(rcode == LDNS_RCODE_NOERROR) {
5680 uint16_t wanted_qtype = LDNS_RR_TYPE_A;
5681 struct regional* temp = env->scratch;
5682 struct query_info rq;
5683 struct reply_info* rep;
5684 if(xfr->task_transfer->lookup_aaaa)
5685 wanted_qtype = LDNS_RR_TYPE_AAAA;
5686 memset(&rq, 0, sizeof(rq));
5687 rep = parse_reply_in_temp_region(buf, temp, &rq);
5688 if(rep && rq.qtype == wanted_qtype &&
5689 FLAGS_GET_RCODE(rep->flags) == LDNS_RCODE_NOERROR) {
5690 /* parsed successfully */
5691 struct ub_packed_rrset_key* answer =
5692 reply_find_answer_rrset(&rq, rep);
5694 xfr_master_add_addrs(xfr->task_transfer->
5695 lookup_target, answer, wanted_qtype);
5697 if(verbosity >= VERB_ALGO) {
5699 dname_str(xfr->name, zname);
5700 verbose(VERB_ALGO, "auth zone %s host %s type %s transfer lookup has nodata", zname, xfr->task_transfer->lookup_target->host, (xfr->task_transfer->lookup_aaaa?"AAAA":"A"));
5704 if(verbosity >= VERB_ALGO) {
5706 dname_str(xfr->name, zname);
5707 verbose(VERB_ALGO, "auth zone %s host %s type %s transfer lookup has no answer", zname, xfr->task_transfer->lookup_target->host, (xfr->task_transfer->lookup_aaaa?"AAAA":"A"));
5710 regional_free_all(temp);
5712 if(verbosity >= VERB_ALGO) {
5714 dname_str(xfr->name, zname);
5715 verbose(VERB_ALGO, "auth zone %s host %s type %s transfer lookup failed", zname, xfr->task_transfer->lookup_target->host, (xfr->task_transfer->lookup_aaaa?"AAAA":"A"));
5718 if(xfr->task_transfer->lookup_target->list &&
5719 xfr->task_transfer->lookup_target == xfr_transfer_current_master(xfr))
5720 xfr->task_transfer->scan_addr = xfr->task_transfer->lookup_target->list;
5722 /* move to lookup AAAA after A lookup, move to next hostname lookup,
5723 * or move to fetch the zone, or, if nothing to do, end task_transfer */
5724 xfr_transfer_move_to_next_lookup(xfr, env);
5725 xfr_transfer_nexttarget_or_end(xfr, env);
5728 /** check if xfer (AXFR or IXFR) packet is OK.
5729 * return false if we lost connection (SERVFAIL, or unreadable).
5730 * return false if we need to move from IXFR to AXFR, with gonextonfail
5731 * set to false, so the same master is tried again, but with AXFR.
5732 * return true if fine to link into data.
5733 * return true with transferdone=true when the transfer has ended.
5736 check_xfer_packet(sldns_buffer* pkt, struct auth_xfer* xfr,
5737 int* gonextonfail, int* transferdone)
5739 uint8_t* wire = sldns_buffer_begin(pkt);
5741 if(sldns_buffer_limit(pkt) < LDNS_HEADER_SIZE) {
5742 verbose(VERB_ALGO, "xfr to %s failed, packet too small",
5743 xfr->task_transfer->master->host);
5746 if(!LDNS_QR_WIRE(wire)) {
5747 verbose(VERB_ALGO, "xfr to %s failed, packet has no QR flag",
5748 xfr->task_transfer->master->host);
5751 if(LDNS_TC_WIRE(wire)) {
5752 verbose(VERB_ALGO, "xfr to %s failed, packet has TC flag",
5753 xfr->task_transfer->master->host);
5757 if(LDNS_ID_WIRE(wire) != xfr->task_transfer->id) {
5758 verbose(VERB_ALGO, "xfr to %s failed, packet wrong ID",
5759 xfr->task_transfer->master->host);
5762 if(LDNS_RCODE_WIRE(wire) != LDNS_RCODE_NOERROR) {
5764 sldns_wire2str_rcode_buf((int)LDNS_RCODE_WIRE(wire), rcode,
5766 /* if we are doing IXFR, check for fallback */
5767 if(xfr->task_transfer->on_ixfr) {
5768 if(LDNS_RCODE_WIRE(wire) == LDNS_RCODE_NOTIMPL ||
5769 LDNS_RCODE_WIRE(wire) == LDNS_RCODE_SERVFAIL ||
5770 LDNS_RCODE_WIRE(wire) == LDNS_RCODE_REFUSED ||
5771 LDNS_RCODE_WIRE(wire) == LDNS_RCODE_FORMERR) {
5772 verbose(VERB_ALGO, "xfr to %s, fallback "
5773 "from IXFR to AXFR (with rcode %s)",
5774 xfr->task_transfer->master->host,
5776 xfr->task_transfer->ixfr_fail = 1;
5781 verbose(VERB_ALGO, "xfr to %s failed, packet with rcode %s",
5782 xfr->task_transfer->master->host, rcode);
5785 if(LDNS_OPCODE_WIRE(wire) != LDNS_PACKET_QUERY) {
5786 verbose(VERB_ALGO, "xfr to %s failed, packet with bad opcode",
5787 xfr->task_transfer->master->host);
5790 if(LDNS_QDCOUNT(wire) > 1) {
5791 verbose(VERB_ALGO, "xfr to %s failed, packet has qdcount %d",
5792 xfr->task_transfer->master->host,
5793 (int)LDNS_QDCOUNT(wire));
5798 sldns_buffer_set_position(pkt, LDNS_HEADER_SIZE);
5799 for(i=0; i<(int)LDNS_QDCOUNT(wire); i++) {
5800 size_t pos = sldns_buffer_position(pkt);
5801 uint16_t qtype, qclass;
5802 if(pkt_dname_len(pkt) == 0) {
5803 verbose(VERB_ALGO, "xfr to %s failed, packet with "
5805 xfr->task_transfer->master->host);
5808 if(dname_pkt_compare(pkt, sldns_buffer_at(pkt, pos),
5810 verbose(VERB_ALGO, "xfr to %s failed, packet with "
5812 xfr->task_transfer->master->host);
5815 if(sldns_buffer_remaining(pkt) < 4) {
5816 verbose(VERB_ALGO, "xfr to %s failed, packet with "
5817 "truncated query RR",
5818 xfr->task_transfer->master->host);
5821 qtype = sldns_buffer_read_u16(pkt);
5822 qclass = sldns_buffer_read_u16(pkt);
5823 if(qclass != xfr->dclass) {
5824 verbose(VERB_ALGO, "xfr to %s failed, packet with "
5826 xfr->task_transfer->master->host);
5829 if(xfr->task_transfer->on_ixfr) {
5830 if(qtype != LDNS_RR_TYPE_IXFR) {
5831 verbose(VERB_ALGO, "xfr to %s failed, packet "
5832 "with wrong qtype, expected IXFR",
5833 xfr->task_transfer->master->host);
5837 if(qtype != LDNS_RR_TYPE_AXFR) {
5838 verbose(VERB_ALGO, "xfr to %s failed, packet "
5839 "with wrong qtype, expected AXFR",
5840 xfr->task_transfer->master->host);
5846 /* check parse of RRs in packet, store first SOA serial
5847 * to be able to detect last SOA (with that serial) to see if done */
5848 /* also check for IXFR 'zone up to date' reply */
5849 for(i=0; i<(int)LDNS_ANCOUNT(wire); i++) {
5850 size_t pos = sldns_buffer_position(pkt);
5852 if(pkt_dname_len(pkt) == 0) {
5853 verbose(VERB_ALGO, "xfr to %s failed, packet with "
5854 "malformed dname in answer section",
5855 xfr->task_transfer->master->host);
5858 if(sldns_buffer_remaining(pkt) < 10) {
5859 verbose(VERB_ALGO, "xfr to %s failed, packet with "
5861 xfr->task_transfer->master->host);
5864 tp = sldns_buffer_read_u16(pkt);
5865 (void)sldns_buffer_read_u16(pkt); /* class */
5866 (void)sldns_buffer_read_u32(pkt); /* ttl */
5867 rdlen = sldns_buffer_read_u16(pkt);
5868 if(sldns_buffer_remaining(pkt) < rdlen) {
5869 verbose(VERB_ALGO, "xfr to %s failed, packet with "
5870 "truncated RR rdata",
5871 xfr->task_transfer->master->host);
5875 /* RR parses (haven't checked rdata itself), now look at
5876 * SOA records to see serial number */
5877 if(xfr->task_transfer->rr_scan_num == 0 &&
5878 tp != LDNS_RR_TYPE_SOA) {
5879 verbose(VERB_ALGO, "xfr to %s failed, packet with "
5880 "malformed zone transfer, no start SOA",
5881 xfr->task_transfer->master->host);
5884 if(xfr->task_transfer->rr_scan_num == 1 &&
5885 tp != LDNS_RR_TYPE_SOA) {
5886 /* second RR is not a SOA record, this is not an IXFR
5887 * the master is replying with an AXFR */
5888 xfr->task_transfer->on_ixfr_is_axfr = 1;
5890 if(tp == LDNS_RR_TYPE_SOA) {
5893 verbose(VERB_ALGO, "xfr to %s failed, packet "
5894 "with SOA with malformed rdata",
5895 xfr->task_transfer->master->host);
5898 if(dname_pkt_compare(pkt, sldns_buffer_at(pkt, pos),
5900 verbose(VERB_ALGO, "xfr to %s failed, packet "
5901 "with SOA with wrong dname",
5902 xfr->task_transfer->master->host);
5906 /* read serial number of SOA */
5907 serial = sldns_buffer_read_u32_at(pkt,
5908 sldns_buffer_position(pkt)+rdlen-20);
5910 /* check for IXFR 'zone has SOA x' reply */
5911 if(xfr->task_transfer->on_ixfr &&
5912 xfr->task_transfer->rr_scan_num == 0 &&
5913 LDNS_ANCOUNT(wire)==1) {
5914 verbose(VERB_ALGO, "xfr to %s ended, "
5915 "IXFR reply that zone has serial %u,"
5916 " fallback from IXFR to AXFR",
5917 xfr->task_transfer->master->host,
5919 xfr->task_transfer->ixfr_fail = 1;
5924 /* if first SOA, store serial number */
5925 if(xfr->task_transfer->got_xfr_serial == 0) {
5926 xfr->task_transfer->got_xfr_serial = 1;
5927 xfr->task_transfer->incoming_xfr_serial =
5929 verbose(VERB_ALGO, "xfr %s: contains "
5931 xfr->task_transfer->master->host,
5933 /* see if end of AXFR */
5934 } else if(!xfr->task_transfer->on_ixfr ||
5935 xfr->task_transfer->on_ixfr_is_axfr) {
5936 /* second SOA with serial is the end
5939 verbose(VERB_ALGO, "xfr %s: last AXFR packet",
5940 xfr->task_transfer->master->host);
5941 /* for IXFR, count SOA records with that serial */
5942 } else if(xfr->task_transfer->incoming_xfr_serial ==
5943 serial && xfr->task_transfer->got_xfr_serial
5945 xfr->task_transfer->got_xfr_serial++;
5946 /* if not first soa, if serial==firstserial, the
5947 * third time we are at the end, for IXFR */
5948 } else if(xfr->task_transfer->incoming_xfr_serial ==
5949 serial && xfr->task_transfer->got_xfr_serial
5951 verbose(VERB_ALGO, "xfr %s: last IXFR packet",
5952 xfr->task_transfer->master->host);
5954 /* continue parse check, if that succeeds,
5955 * transfer is done */
5958 xfr->task_transfer->rr_scan_num++;
5960 /* skip over RR rdata to go to the next RR */
5961 sldns_buffer_skip(pkt, (ssize_t)rdlen);
5964 /* check authority section */
5965 /* we skip over the RRs checking packet format */
5966 for(i=0; i<(int)LDNS_NSCOUNT(wire); i++) {
5968 if(pkt_dname_len(pkt) == 0) {
5969 verbose(VERB_ALGO, "xfr to %s failed, packet with "
5970 "malformed dname in authority section",
5971 xfr->task_transfer->master->host);
5974 if(sldns_buffer_remaining(pkt) < 10) {
5975 verbose(VERB_ALGO, "xfr to %s failed, packet with "
5977 xfr->task_transfer->master->host);
5980 (void)sldns_buffer_read_u16(pkt); /* type */
5981 (void)sldns_buffer_read_u16(pkt); /* class */
5982 (void)sldns_buffer_read_u32(pkt); /* ttl */
5983 rdlen = sldns_buffer_read_u16(pkt);
5984 if(sldns_buffer_remaining(pkt) < rdlen) {
5985 verbose(VERB_ALGO, "xfr to %s failed, packet with "
5986 "truncated RR rdata",
5987 xfr->task_transfer->master->host);
5990 /* skip over RR rdata to go to the next RR */
5991 sldns_buffer_skip(pkt, (ssize_t)rdlen);
5994 /* check additional section */
5995 for(i=0; i<(int)LDNS_ARCOUNT(wire); i++) {
5997 if(pkt_dname_len(pkt) == 0) {
5998 verbose(VERB_ALGO, "xfr to %s failed, packet with "
5999 "malformed dname in additional section",
6000 xfr->task_transfer->master->host);
6003 if(sldns_buffer_remaining(pkt) < 10) {
6004 verbose(VERB_ALGO, "xfr to %s failed, packet with "
6006 xfr->task_transfer->master->host);
6009 (void)sldns_buffer_read_u16(pkt); /* type */
6010 (void)sldns_buffer_read_u16(pkt); /* class */
6011 (void)sldns_buffer_read_u32(pkt); /* ttl */
6012 rdlen = sldns_buffer_read_u16(pkt);
6013 if(sldns_buffer_remaining(pkt) < rdlen) {
6014 verbose(VERB_ALGO, "xfr to %s failed, packet with "
6015 "truncated RR rdata",
6016 xfr->task_transfer->master->host);
6019 /* skip over RR rdata to go to the next RR */
6020 sldns_buffer_skip(pkt, (ssize_t)rdlen);
6026 /** Link the data from this packet into the worklist of transferred data */
6028 xfer_link_data(sldns_buffer* pkt, struct auth_xfer* xfr)
6031 struct auth_chunk* e;
6032 e = (struct auth_chunk*)calloc(1, sizeof(*e));
6035 e->len = sldns_buffer_limit(pkt);
6036 e->data = memdup(sldns_buffer_begin(pkt), e->len);
6042 /* alloc succeeded, link into list */
6043 if(!xfr->task_transfer->chunks_first)
6044 xfr->task_transfer->chunks_first = e;
6045 if(xfr->task_transfer->chunks_last)
6046 xfr->task_transfer->chunks_last->next = e;
6047 xfr->task_transfer->chunks_last = e;
6051 /** task transfer. the list of data is complete. process it and if failed
6052 * move to next master, if succeeded, end the task transfer */
6054 process_list_end_transfer(struct auth_xfer* xfr, struct module_env* env)
6057 if(xfr_process_chunk_list(xfr, env, &ixfr_fail)) {
6059 auth_chunks_delete(xfr->task_transfer);
6061 /* we fetched the zone, move to wait task */
6062 xfr_transfer_disown(xfr);
6064 if(xfr->notify_received && (!xfr->notify_has_serial ||
6065 (xfr->notify_has_serial &&
6066 xfr_serial_means_update(xfr, xfr->notify_serial)))) {
6067 uint32_t sr = xfr->notify_serial;
6068 int has_sr = xfr->notify_has_serial;
6069 /* we received a notify while probe/transfer was
6070 * in progress. start a new probe and transfer */
6071 xfr->notify_received = 0;
6072 xfr->notify_has_serial = 0;
6073 xfr->notify_serial = 0;
6074 if(!xfr_start_probe(xfr, env, NULL)) {
6075 /* if we couldn't start it, already in
6076 * progress; restore notify serial,
6077 * while xfr still locked */
6078 xfr->notify_received = 1;
6079 xfr->notify_has_serial = has_sr;
6080 xfr->notify_serial = sr;
6081 lock_basic_unlock(&xfr->lock);
6085 /* pick up the nextprobe task and wait (normail wait time) */
6086 if(xfr->task_nextprobe->worker == NULL)
6087 xfr_set_timeout(xfr, env, 0, 0);
6089 lock_basic_unlock(&xfr->lock);
6092 /* processing failed */
6093 /* when done, delete data from list */
6094 auth_chunks_delete(xfr->task_transfer);
6096 xfr->task_transfer->ixfr_fail = 1;
6098 xfr_transfer_nextmaster(xfr);
6100 xfr_transfer_nexttarget_or_end(xfr, env);
6103 /** callback for the task_transfer timer */
6105 auth_xfer_transfer_timer_callback(void* arg)
6107 struct auth_xfer* xfr = (struct auth_xfer*)arg;
6108 struct module_env* env;
6109 int gonextonfail = 1;
6110 log_assert(xfr->task_transfer);
6111 lock_basic_lock(&xfr->lock);
6112 env = xfr->task_transfer->env;
6113 if(!env || env->outnet->want_to_quit) {
6114 lock_basic_unlock(&xfr->lock);
6115 return; /* stop on quit */
6118 verbose(VERB_ALGO, "xfr stopped, connection timeout to %s",
6119 xfr->task_transfer->master->host);
6121 /* see if IXFR caused the failure, if so, try AXFR */
6122 if(xfr->task_transfer->on_ixfr) {
6123 xfr->task_transfer->ixfr_possible_timeout_count++;
6124 if(xfr->task_transfer->ixfr_possible_timeout_count >=
6125 NUM_TIMEOUTS_FALLBACK_IXFR) {
6126 verbose(VERB_ALGO, "xfr to %s, fallback "
6127 "from IXFR to AXFR (because of timeouts)",
6128 xfr->task_transfer->master->host);
6129 xfr->task_transfer->ixfr_fail = 1;
6134 /* delete transferred data from list */
6135 auth_chunks_delete(xfr->task_transfer);
6136 comm_point_delete(xfr->task_transfer->cp);
6137 xfr->task_transfer->cp = NULL;
6139 xfr_transfer_nextmaster(xfr);
6140 xfr_transfer_nexttarget_or_end(xfr, env);
6143 /** callback for task_transfer tcp connections */
6145 auth_xfer_transfer_tcp_callback(struct comm_point* c, void* arg, int err,
6146 struct comm_reply* ATTR_UNUSED(repinfo))
6148 struct auth_xfer* xfr = (struct auth_xfer*)arg;
6149 struct module_env* env;
6150 int gonextonfail = 1;
6151 int transferdone = 0;
6152 log_assert(xfr->task_transfer);
6153 lock_basic_lock(&xfr->lock);
6154 env = xfr->task_transfer->env;
6155 if(!env || env->outnet->want_to_quit) {
6156 lock_basic_unlock(&xfr->lock);
6157 return 0; /* stop on quit */
6159 /* stop the timer */
6160 comm_timer_disable(xfr->task_transfer->timer);
6162 if(err != NETEVENT_NOERROR) {
6163 /* connection failed, closed, or timeout */
6164 /* stop this transfer, cleanup
6165 * and continue task_transfer*/
6166 verbose(VERB_ALGO, "xfr stopped, connection lost to %s",
6167 xfr->task_transfer->master->host);
6169 /* see if IXFR caused the failure, if so, try AXFR */
6170 if(xfr->task_transfer->on_ixfr) {
6171 xfr->task_transfer->ixfr_possible_timeout_count++;
6172 if(xfr->task_transfer->ixfr_possible_timeout_count >=
6173 NUM_TIMEOUTS_FALLBACK_IXFR) {
6174 verbose(VERB_ALGO, "xfr to %s, fallback "
6175 "from IXFR to AXFR (because of timeouts)",
6176 xfr->task_transfer->master->host);
6177 xfr->task_transfer->ixfr_fail = 1;
6183 /* delete transferred data from list */
6184 auth_chunks_delete(xfr->task_transfer);
6185 comm_point_delete(xfr->task_transfer->cp);
6186 xfr->task_transfer->cp = NULL;
6188 xfr_transfer_nextmaster(xfr);
6189 xfr_transfer_nexttarget_or_end(xfr, env);
6192 /* note that IXFR worked without timeout */
6193 if(xfr->task_transfer->on_ixfr)
6194 xfr->task_transfer->ixfr_possible_timeout_count = 0;
6196 /* handle returned packet */
6197 /* if it fails, cleanup and end this transfer */
6198 /* if it needs to fallback from IXFR to AXFR, do that */
6199 if(!check_xfer_packet(c->buffer, xfr, &gonextonfail, &transferdone)) {
6202 /* if it is good, link it into the list of data */
6203 /* if the link into list of data fails (malloc fail) cleanup and end */
6204 if(!xfer_link_data(c->buffer, xfr)) {
6205 verbose(VERB_ALGO, "xfr stopped to %s, malloc failed",
6206 xfr->task_transfer->master->host);
6209 /* if the transfer is done now, disconnect and process the list */
6211 comm_point_delete(xfr->task_transfer->cp);
6212 xfr->task_transfer->cp = NULL;
6213 process_list_end_transfer(xfr, env);
6217 /* if we want to read more messages, setup the commpoint to read
6218 * a DNS packet, and the timeout */
6219 lock_basic_unlock(&xfr->lock);
6220 c->tcp_is_reading = 1;
6221 sldns_buffer_clear(c->buffer);
6222 comm_point_start_listening(c, -1, AUTH_TRANSFER_TIMEOUT);
6226 /** callback for task_transfer http connections */
6228 auth_xfer_transfer_http_callback(struct comm_point* c, void* arg, int err,
6229 struct comm_reply* repinfo)
6231 struct auth_xfer* xfr = (struct auth_xfer*)arg;
6232 struct module_env* env;
6233 log_assert(xfr->task_transfer);
6234 lock_basic_lock(&xfr->lock);
6235 env = xfr->task_transfer->env;
6236 if(!env || env->outnet->want_to_quit) {
6237 lock_basic_unlock(&xfr->lock);
6238 return 0; /* stop on quit */
6240 verbose(VERB_ALGO, "auth zone transfer http callback");
6241 /* stop the timer */
6242 comm_timer_disable(xfr->task_transfer->timer);
6244 if(err != NETEVENT_NOERROR && err != NETEVENT_DONE) {
6245 /* connection failed, closed, or timeout */
6246 /* stop this transfer, cleanup
6247 * and continue task_transfer*/
6248 verbose(VERB_ALGO, "http stopped, connection lost to %s",
6249 xfr->task_transfer->master->host);
6251 /* delete transferred data from list */
6252 auth_chunks_delete(xfr->task_transfer);
6253 if(repinfo) repinfo->c = NULL; /* signal cp deleted to
6254 the routine calling this callback */
6255 comm_point_delete(xfr->task_transfer->cp);
6256 xfr->task_transfer->cp = NULL;
6257 xfr_transfer_nextmaster(xfr);
6258 xfr_transfer_nexttarget_or_end(xfr, env);
6262 /* if it is good, link it into the list of data */
6263 /* if the link into list of data fails (malloc fail) cleanup and end */
6264 if(sldns_buffer_limit(c->buffer) > 0) {
6265 verbose(VERB_ALGO, "auth zone http queued up %d bytes",
6266 (int)sldns_buffer_limit(c->buffer));
6267 if(!xfer_link_data(c->buffer, xfr)) {
6268 verbose(VERB_ALGO, "http stopped to %s, malloc failed",
6269 xfr->task_transfer->master->host);
6273 /* if the transfer is done now, disconnect and process the list */
6274 if(err == NETEVENT_DONE) {
6275 if(repinfo) repinfo->c = NULL; /* signal cp deleted to
6276 the routine calling this callback */
6277 comm_point_delete(xfr->task_transfer->cp);
6278 xfr->task_transfer->cp = NULL;
6279 process_list_end_transfer(xfr, env);
6283 /* if we want to read more messages, setup the commpoint to read
6284 * a DNS packet, and the timeout */
6285 lock_basic_unlock(&xfr->lock);
6286 c->tcp_is_reading = 1;
6287 sldns_buffer_clear(c->buffer);
6288 comm_point_start_listening(c, -1, AUTH_TRANSFER_TIMEOUT);
6293 /** start transfer task by this worker , xfr is locked. */
6295 xfr_start_transfer(struct auth_xfer* xfr, struct module_env* env,
6296 struct auth_master* master)
6298 log_assert(xfr->task_transfer != NULL);
6299 log_assert(xfr->task_transfer->worker == NULL);
6300 log_assert(xfr->task_transfer->chunks_first == NULL);
6301 log_assert(xfr->task_transfer->chunks_last == NULL);
6302 xfr->task_transfer->worker = env->worker;
6303 xfr->task_transfer->env = env;
6305 /* init transfer process */
6306 /* find that master in the transfer's list of masters? */
6307 xfr_transfer_start_list(xfr, master);
6308 /* start lookup for hostnames in transfer master list */
6309 xfr_transfer_start_lookups(xfr);
6311 /* initiate TCP, and set timeout on it */
6312 xfr_transfer_nexttarget_or_end(xfr, env);
6315 /** disown task_probe. caller must hold xfr.lock */
6317 xfr_probe_disown(struct auth_xfer* xfr)
6319 /* remove timer (from this worker's event base) */
6320 comm_timer_delete(xfr->task_probe->timer);
6321 xfr->task_probe->timer = NULL;
6322 /* remove the commpoint */
6323 comm_point_delete(xfr->task_probe->cp);
6324 xfr->task_probe->cp = NULL;
6325 /* we don't own this item anymore */
6326 xfr->task_probe->worker = NULL;
6327 xfr->task_probe->env = NULL;
6330 /** send the UDP probe to the master, this is part of task_probe */
6332 xfr_probe_send_probe(struct auth_xfer* xfr, struct module_env* env,
6335 struct sockaddr_storage addr;
6336 socklen_t addrlen = 0;
6339 struct auth_master* master = xfr_probe_current_master(xfr);
6340 char *auth_name = NULL;
6341 if(!master) return 0;
6342 if(master->allow_notify) return 0; /* only for notify */
6343 if(master->http) return 0; /* only masters get SOA UDP probe,
6344 not urls, if those are in this list */
6346 /* get master addr */
6347 if(xfr->task_probe->scan_addr) {
6348 addrlen = xfr->task_probe->scan_addr->addrlen;
6349 memmove(&addr, &xfr->task_probe->scan_addr->addr, addrlen);
6351 if(!authextstrtoaddr(master->host, &addr, &addrlen, &auth_name)) {
6352 /* the ones that are not in addr format are supposed
6353 * to be looked up. The lookup has failed however,
6356 dname_str(xfr->name, zname);
6357 log_err("%s: failed lookup, cannot probe to master %s",
6358 zname, master->host);
6361 if (auth_name != NULL) {
6362 if (addr.ss_family == AF_INET
6363 && (int)ntohs(((struct sockaddr_in *)&addr)->sin_port)
6364 == env->cfg->ssl_port)
6365 ((struct sockaddr_in *)&addr)->sin_port
6366 = htons((uint16_t)env->cfg->port);
6367 else if (addr.ss_family == AF_INET6
6368 && (int)ntohs(((struct sockaddr_in6 *)&addr)->sin6_port)
6369 == env->cfg->ssl_port)
6370 ((struct sockaddr_in6 *)&addr)->sin6_port
6371 = htons((uint16_t)env->cfg->port);
6376 /* create new ID for new probes, but not on timeout retries,
6377 * this means we'll accept replies to previous retries to same ip */
6378 if(timeout == AUTH_PROBE_TIMEOUT)
6379 xfr->task_probe->id = GET_RANDOM_ID(env->rnd);
6380 xfr_create_soa_probe_packet(xfr, env->scratch_buffer,
6381 xfr->task_probe->id);
6382 /* we need to remove the cp if we have a different ip4/ip6 type now */
6383 if(xfr->task_probe->cp &&
6384 ((xfr->task_probe->cp_is_ip6 && !addr_is_ip6(&addr, addrlen)) ||
6385 (!xfr->task_probe->cp_is_ip6 && addr_is_ip6(&addr, addrlen)))
6387 comm_point_delete(xfr->task_probe->cp);
6388 xfr->task_probe->cp = NULL;
6390 if(!xfr->task_probe->cp) {
6391 if(addr_is_ip6(&addr, addrlen))
6392 xfr->task_probe->cp_is_ip6 = 1;
6393 else xfr->task_probe->cp_is_ip6 = 0;
6394 xfr->task_probe->cp = outnet_comm_point_for_udp(env->outnet,
6395 auth_xfer_probe_udp_callback, xfr, &addr, addrlen);
6396 if(!xfr->task_probe->cp) {
6397 char zname[255+1], as[256];
6398 dname_str(xfr->name, zname);
6399 addr_to_str(&addr, addrlen, as, sizeof(as));
6400 verbose(VERB_ALGO, "cannot create udp cp for "
6401 "probe %s to %s", zname, as);
6405 if(!xfr->task_probe->timer) {
6406 xfr->task_probe->timer = comm_timer_create(env->worker_base,
6407 auth_xfer_probe_timer_callback, xfr);
6408 if(!xfr->task_probe->timer) {
6409 log_err("malloc failure");
6414 /* send udp packet */
6415 if(!comm_point_send_udp_msg(xfr->task_probe->cp, env->scratch_buffer,
6416 (struct sockaddr*)&addr, addrlen, 0)) {
6417 char zname[255+1], as[256];
6418 dname_str(xfr->name, zname);
6419 addr_to_str(&addr, addrlen, as, sizeof(as));
6420 verbose(VERB_ALGO, "failed to send soa probe for %s to %s",
6424 if(verbosity >= VERB_ALGO) {
6425 char zname[255+1], as[256];
6426 dname_str(xfr->name, zname);
6427 addr_to_str(&addr, addrlen, as, sizeof(as));
6428 verbose(VERB_ALGO, "auth zone %s soa probe sent to %s", zname,
6431 xfr->task_probe->timeout = timeout;
6433 t.tv_sec = timeout/1000;
6434 t.tv_usec = (timeout%1000)*1000;
6436 comm_timer_set(xfr->task_probe->timer, &t);
6441 /** callback for task_probe timer */
6443 auth_xfer_probe_timer_callback(void* arg)
6445 struct auth_xfer* xfr = (struct auth_xfer*)arg;
6446 struct module_env* env;
6447 log_assert(xfr->task_probe);
6448 lock_basic_lock(&xfr->lock);
6449 env = xfr->task_probe->env;
6450 if(!env || env->outnet->want_to_quit) {
6451 lock_basic_unlock(&xfr->lock);
6452 return; /* stop on quit */
6455 if(verbosity >= VERB_ALGO) {
6457 dname_str(xfr->name, zname);
6458 verbose(VERB_ALGO, "auth zone %s soa probe timeout", zname);
6460 if(xfr->task_probe->timeout <= AUTH_PROBE_TIMEOUT_STOP) {
6461 /* try again with bigger timeout */
6462 if(xfr_probe_send_probe(xfr, env, xfr->task_probe->timeout*2)) {
6463 lock_basic_unlock(&xfr->lock);
6467 /* delete commpoint so a new one is created, with a fresh port nr */
6468 comm_point_delete(xfr->task_probe->cp);
6469 xfr->task_probe->cp = NULL;
6471 /* too many timeouts (or fail to send), move to next or end */
6472 xfr_probe_nextmaster(xfr);
6473 xfr_probe_send_or_end(xfr, env);
6476 /** callback for task_probe udp packets */
6478 auth_xfer_probe_udp_callback(struct comm_point* c, void* arg, int err,
6479 struct comm_reply* repinfo)
6481 struct auth_xfer* xfr = (struct auth_xfer*)arg;
6482 struct module_env* env;
6483 log_assert(xfr->task_probe);
6484 lock_basic_lock(&xfr->lock);
6485 env = xfr->task_probe->env;
6486 if(!env || env->outnet->want_to_quit) {
6487 lock_basic_unlock(&xfr->lock);
6488 return 0; /* stop on quit */
6491 /* the comm_point_udp_callback is in a for loop for NUM_UDP_PER_SELECT
6492 * and we set rep.c=NULL to stop if from looking inside the commpoint*/
6494 /* stop the timer */
6495 comm_timer_disable(xfr->task_probe->timer);
6497 /* see if we got a packet and what that means */
6498 if(err == NETEVENT_NOERROR) {
6499 uint32_t serial = 0;
6500 if(check_packet_ok(c->buffer, LDNS_RR_TYPE_SOA, xfr,
6502 /* successful lookup */
6503 if(verbosity >= VERB_ALGO) {
6505 dname_str(xfr->name, buf);
6506 verbose(VERB_ALGO, "auth zone %s: soa probe "
6507 "serial is %u", buf, (unsigned)serial);
6509 /* see if this serial indicates that the zone has
6511 if(xfr_serial_means_update(xfr, serial)) {
6512 /* if updated, start the transfer task, if needed */
6513 verbose(VERB_ALGO, "auth_zone updated, start transfer");
6514 if(xfr->task_transfer->worker == NULL) {
6515 struct auth_master* master =
6516 xfr_probe_current_master(xfr);
6517 /* if we have download URLs use them
6518 * in preference to this master we
6519 * just probed the SOA from */
6520 if(xfr->task_transfer->masters &&
6521 xfr->task_transfer->masters->http)
6523 xfr_probe_disown(xfr);
6524 xfr_start_transfer(xfr, env, master);
6528 /* other tasks are running, we don't do this anymore */
6529 xfr_probe_disown(xfr);
6530 lock_basic_unlock(&xfr->lock);
6531 /* return, we don't sent a reply to this udp packet,
6532 * and we setup the tasks to do next */
6535 verbose(VERB_ALGO, "auth_zone master reports unchanged soa serial");
6536 /* we if cannot find updates amongst the
6537 * masters, this means we then have a new lease
6539 xfr->task_probe->have_new_lease = 1;
6542 if(verbosity >= VERB_ALGO) {
6544 dname_str(xfr->name, buf);
6545 verbose(VERB_ALGO, "auth zone %s: bad reply to soa probe", buf);
6549 if(verbosity >= VERB_ALGO) {
6551 dname_str(xfr->name, buf);
6552 verbose(VERB_ALGO, "auth zone %s: soa probe failed", buf);
6556 /* failed lookup or not an update */
6557 /* delete commpoint so a new one is created, with a fresh port nr */
6558 comm_point_delete(xfr->task_probe->cp);
6559 xfr->task_probe->cp = NULL;
6561 /* if the result was not a successful probe, we need
6562 * to send the next one */
6563 xfr_probe_nextmaster(xfr);
6564 xfr_probe_send_or_end(xfr, env);
6568 /** lookup a host name for its addresses, if needed */
6570 xfr_probe_lookup_host(struct auth_xfer* xfr, struct module_env* env)
6572 struct sockaddr_storage addr;
6573 socklen_t addrlen = 0;
6574 struct auth_master* master = xfr->task_probe->lookup_target;
6575 struct query_info qinfo;
6576 uint16_t qflags = BIT_RD;
6577 uint8_t dname[LDNS_MAX_DOMAINLEN+1];
6578 struct edns_data edns;
6579 sldns_buffer* buf = env->scratch_buffer;
6580 if(!master) return 0;
6581 if(extstrtoaddr(master->host, &addr, &addrlen, UNBOUND_DNS_PORT)) {
6582 /* not needed, host is in IP addr format */
6585 if(master->allow_notify && !master->http &&
6586 strchr(master->host, '/') != NULL &&
6587 strchr(master->host, '/') == strrchr(master->host, '/')) {
6588 return 0; /* is IP/prefix format, not something to look up */
6591 /* use mesh_new_callback to probe for non-addr hosts,
6592 * and then wait for them to be looked up (in cache, or query) */
6593 qinfo.qname_len = sizeof(dname);
6594 if(sldns_str2wire_dname_buf(master->host, dname, &qinfo.qname_len)
6596 log_err("cannot parse host name of master %s", master->host);
6599 qinfo.qname = dname;
6600 qinfo.qclass = xfr->dclass;
6601 qinfo.qtype = LDNS_RR_TYPE_A;
6602 if(xfr->task_probe->lookup_aaaa)
6603 qinfo.qtype = LDNS_RR_TYPE_AAAA;
6604 qinfo.local_alias = NULL;
6605 if(verbosity >= VERB_ALGO) {
6607 char buf2[LDNS_MAX_DOMAINLEN+1];
6608 dname_str(xfr->name, buf2);
6609 snprintf(buf1, sizeof(buf1), "auth zone %s: master lookup"
6610 " for task_probe", buf2);
6611 log_query_info(VERB_ALGO, buf1, &qinfo);
6613 edns.edns_present = 1;
6615 edns.edns_version = 0;
6616 edns.bits = EDNS_DO;
6617 edns.opt_list_in = NULL;
6618 edns.opt_list_out = NULL;
6619 edns.opt_list_inplace_cb_out = NULL;
6620 edns.padding_block_size = 0;
6621 edns.cookie_present = 0;
6622 edns.cookie_valid = 0;
6623 if(sldns_buffer_capacity(buf) < 65535)
6624 edns.udp_size = (uint16_t)sldns_buffer_capacity(buf);
6625 else edns.udp_size = 65535;
6627 /* unlock xfr during mesh_new_callback() because the callback can be
6628 * called straight away */
6629 lock_basic_unlock(&xfr->lock);
6630 if(!mesh_new_callback(env->mesh, &qinfo, qflags, &edns, buf, 0,
6631 &auth_xfer_probe_lookup_callback, xfr, 0)) {
6632 lock_basic_lock(&xfr->lock);
6633 log_err("out of memory lookup up master %s", master->host);
6636 lock_basic_lock(&xfr->lock);
6640 /** move to sending the probe packets, next if fails. task_probe */
6642 xfr_probe_send_or_end(struct auth_xfer* xfr, struct module_env* env)
6644 /* are we doing hostname lookups? */
6645 while(xfr->task_probe->lookup_target) {
6646 if(xfr_probe_lookup_host(xfr, env)) {
6647 /* wait for lookup to finish,
6648 * note that the hostname may be in unbound's cache
6649 * and we may then get an instant cache response,
6650 * and that calls the callback just like a full
6651 * lookup and lookup failures also call callback */
6652 if(verbosity >= VERB_ALGO) {
6654 dname_str(xfr->name, zname);
6655 verbose(VERB_ALGO, "auth zone %s probe next target lookup", zname);
6657 lock_basic_unlock(&xfr->lock);
6660 xfr_probe_move_to_next_lookup(xfr, env);
6662 /* probe of list has ended. Create or refresh the list of of
6663 * allow_notify addrs */
6664 probe_copy_masters_for_allow_notify(xfr);
6665 if(verbosity >= VERB_ALGO) {
6667 dname_str(xfr->name, zname);
6668 verbose(VERB_ALGO, "auth zone %s probe: notify addrs updated", zname);
6670 if(xfr->task_probe->only_lookup) {
6671 /* only wanted lookups for copy, stop probe and start wait */
6672 xfr->task_probe->only_lookup = 0;
6673 if(verbosity >= VERB_ALGO) {
6675 dname_str(xfr->name, zname);
6676 verbose(VERB_ALGO, "auth zone %s probe: finished only_lookup", zname);
6678 xfr_probe_disown(xfr);
6679 if(xfr->task_nextprobe->worker == NULL)
6680 xfr_set_timeout(xfr, env, 0, 0);
6681 lock_basic_unlock(&xfr->lock);
6685 /* send probe packets */
6686 while(!xfr_probe_end_of_list(xfr)) {
6687 if(xfr_probe_send_probe(xfr, env, AUTH_PROBE_TIMEOUT)) {
6688 /* successfully sent probe, wait for callback */
6689 lock_basic_unlock(&xfr->lock);
6692 /* failed to send probe, next master */
6693 xfr_probe_nextmaster(xfr);
6696 /* done with probe sequence, wait */
6697 if(xfr->task_probe->have_new_lease) {
6698 /* if zone not updated, start the wait timer again */
6699 if(verbosity >= VERB_ALGO) {
6701 dname_str(xfr->name, zname);
6702 verbose(VERB_ALGO, "auth_zone %s unchanged, new lease, wait", zname);
6704 xfr_probe_disown(xfr);
6706 xfr->lease_time = *env->now;
6707 if(xfr->task_nextprobe->worker == NULL)
6708 xfr_set_timeout(xfr, env, 0, 0);
6710 if(verbosity >= VERB_ALGO) {
6712 dname_str(xfr->name, zname);
6713 verbose(VERB_ALGO, "auth zone %s soa probe failed, wait to retry", zname);
6715 /* we failed to send this as well, move to the wait task,
6716 * use the shorter retry timeout */
6717 xfr_probe_disown(xfr);
6718 /* pick up the nextprobe task and wait */
6719 if(xfr->task_nextprobe->worker == NULL)
6720 xfr_set_timeout(xfr, env, 1, 0);
6723 lock_basic_unlock(&xfr->lock);
6726 /** callback for task_probe lookup of host name, of A or AAAA */
6727 void auth_xfer_probe_lookup_callback(void* arg, int rcode, sldns_buffer* buf,
6728 enum sec_status ATTR_UNUSED(sec), char* ATTR_UNUSED(why_bogus),
6729 int ATTR_UNUSED(was_ratelimited))
6731 struct auth_xfer* xfr = (struct auth_xfer*)arg;
6732 struct module_env* env;
6733 log_assert(xfr->task_probe);
6734 lock_basic_lock(&xfr->lock);
6735 env = xfr->task_probe->env;
6736 if(!env || env->outnet->want_to_quit) {
6737 lock_basic_unlock(&xfr->lock);
6738 return; /* stop on quit */
6741 /* process result */
6742 if(rcode == LDNS_RCODE_NOERROR) {
6743 uint16_t wanted_qtype = LDNS_RR_TYPE_A;
6744 struct regional* temp = env->scratch;
6745 struct query_info rq;
6746 struct reply_info* rep;
6747 if(xfr->task_probe->lookup_aaaa)
6748 wanted_qtype = LDNS_RR_TYPE_AAAA;
6749 memset(&rq, 0, sizeof(rq));
6750 rep = parse_reply_in_temp_region(buf, temp, &rq);
6751 if(rep && rq.qtype == wanted_qtype &&
6752 FLAGS_GET_RCODE(rep->flags) == LDNS_RCODE_NOERROR) {
6753 /* parsed successfully */
6754 struct ub_packed_rrset_key* answer =
6755 reply_find_answer_rrset(&rq, rep);
6757 xfr_master_add_addrs(xfr->task_probe->
6758 lookup_target, answer, wanted_qtype);
6760 if(verbosity >= VERB_ALGO) {
6762 dname_str(xfr->name, zname);
6763 verbose(VERB_ALGO, "auth zone %s host %s type %s probe lookup has nodata", zname, xfr->task_probe->lookup_target->host, (xfr->task_probe->lookup_aaaa?"AAAA":"A"));
6767 if(verbosity >= VERB_ALGO) {
6769 dname_str(xfr->name, zname);
6770 verbose(VERB_ALGO, "auth zone %s host %s type %s probe lookup has no address", zname, xfr->task_probe->lookup_target->host, (xfr->task_probe->lookup_aaaa?"AAAA":"A"));
6773 regional_free_all(temp);
6775 if(verbosity >= VERB_ALGO) {
6777 dname_str(xfr->name, zname);
6778 verbose(VERB_ALGO, "auth zone %s host %s type %s probe lookup failed", zname, xfr->task_probe->lookup_target->host, (xfr->task_probe->lookup_aaaa?"AAAA":"A"));
6781 if(xfr->task_probe->lookup_target->list &&
6782 xfr->task_probe->lookup_target == xfr_probe_current_master(xfr))
6783 xfr->task_probe->scan_addr = xfr->task_probe->lookup_target->list;
6785 /* move to lookup AAAA after A lookup, move to next hostname lookup,
6786 * or move to send the probes, or, if nothing to do, end task_probe */
6787 xfr_probe_move_to_next_lookup(xfr, env);
6788 xfr_probe_send_or_end(xfr, env);
6791 /** disown task_nextprobe. caller must hold xfr.lock */
6793 xfr_nextprobe_disown(struct auth_xfer* xfr)
6795 /* delete the timer, because the next worker to pick this up may
6796 * not have the same event base */
6797 comm_timer_delete(xfr->task_nextprobe->timer);
6798 xfr->task_nextprobe->timer = NULL;
6799 xfr->task_nextprobe->next_probe = 0;
6800 /* we don't own this item anymore */
6801 xfr->task_nextprobe->worker = NULL;
6802 xfr->task_nextprobe->env = NULL;
6805 /** xfer nextprobe timeout callback, this is part of task_nextprobe */
6807 auth_xfer_timer(void* arg)
6809 struct auth_xfer* xfr = (struct auth_xfer*)arg;
6810 struct module_env* env;
6811 log_assert(xfr->task_nextprobe);
6812 lock_basic_lock(&xfr->lock);
6813 env = xfr->task_nextprobe->env;
6814 if(!env || env->outnet->want_to_quit) {
6815 lock_basic_unlock(&xfr->lock);
6816 return; /* stop on quit */
6819 /* see if zone has expired, and if so, also set auth_zone expired */
6820 if(xfr->have_zone && !xfr->zone_expired &&
6821 *env->now >= xfr->lease_time + xfr->expiry) {
6822 lock_basic_unlock(&xfr->lock);
6823 auth_xfer_set_expired(xfr, env, 1);
6824 lock_basic_lock(&xfr->lock);
6827 xfr_nextprobe_disown(xfr);
6829 if(!xfr_start_probe(xfr, env, NULL)) {
6830 /* not started because already in progress */
6831 lock_basic_unlock(&xfr->lock);
6835 /** return true if there are probe (SOA UDP query) targets in the master list*/
6837 have_probe_targets(struct auth_master* list)
6839 struct auth_master* p;
6840 for(p=list; p; p = p->next) {
6841 if(!p->allow_notify && p->host)
6847 /** start task_probe if possible, if no masters for probe start task_transfer
6848 * returns true if task has been started, and false if the task is already
6851 xfr_start_probe(struct auth_xfer* xfr, struct module_env* env,
6852 struct auth_master* spec)
6854 /* see if we need to start a probe (or maybe it is already in
6855 * progress (due to notify)) */
6856 if(xfr->task_probe->worker == NULL) {
6857 if(!have_probe_targets(xfr->task_probe->masters) &&
6858 !(xfr->task_probe->only_lookup &&
6859 xfr->task_probe->masters != NULL)) {
6860 /* useless to pick up task_probe, no masters to
6861 * probe. Instead attempt to pick up task transfer */
6862 if(xfr->task_transfer->worker == NULL) {
6863 xfr_start_transfer(xfr, env, spec);
6866 /* task transfer already in progress */
6870 /* pick up the probe task ourselves */
6871 xfr->task_probe->worker = env->worker;
6872 xfr->task_probe->env = env;
6873 xfr->task_probe->cp = NULL;
6875 /* start the task */
6876 /* have not seen a new lease yet, this scan */
6877 xfr->task_probe->have_new_lease = 0;
6878 /* if this was a timeout, no specific first master to scan */
6879 /* otherwise, spec is nonNULL the notified master, scan
6880 * first and also transfer first from it */
6881 xfr_probe_start_list(xfr, spec);
6882 /* setup to start the lookup of hostnames of masters afresh */
6883 xfr_probe_start_lookups(xfr);
6884 /* send the probe packet or next send, or end task */
6885 xfr_probe_send_or_end(xfr, env);
6891 /** for task_nextprobe.
6892 * determine next timeout for auth_xfer. Also (re)sets timer.
6893 * @param xfr: task structure
6894 * @param env: module environment, with worker and time.
6895 * @param failure: set true if timer should be set for failure retry.
6896 * @param lookup_only: only perform lookups when timer done, 0 sec timeout
6899 xfr_set_timeout(struct auth_xfer* xfr, struct module_env* env,
6900 int failure, int lookup_only)
6903 log_assert(xfr->task_nextprobe != NULL);
6904 log_assert(xfr->task_nextprobe->worker == NULL ||
6905 xfr->task_nextprobe->worker == env->worker);
6906 /* normally, nextprobe = startoflease + refresh,
6907 * but if expiry is sooner, use that one.
6908 * after a failure, use the retry timer instead. */
6909 xfr->task_nextprobe->next_probe = *env->now;
6910 if(xfr->lease_time && !failure)
6911 xfr->task_nextprobe->next_probe = xfr->lease_time;
6914 xfr->task_nextprobe->backoff = 0;
6916 if(xfr->task_nextprobe->backoff == 0)
6917 xfr->task_nextprobe->backoff = 3;
6918 else xfr->task_nextprobe->backoff *= 2;
6919 if(xfr->task_nextprobe->backoff > AUTH_TRANSFER_MAX_BACKOFF)
6920 xfr->task_nextprobe->backoff =
6921 AUTH_TRANSFER_MAX_BACKOFF;
6924 if(xfr->have_zone) {
6925 time_t wait = xfr->refresh;
6926 if(failure) wait = xfr->retry;
6927 if(xfr->expiry < wait)
6928 xfr->task_nextprobe->next_probe += xfr->expiry;
6929 else xfr->task_nextprobe->next_probe += wait;
6931 xfr->task_nextprobe->next_probe +=
6932 xfr->task_nextprobe->backoff;
6933 /* put the timer exactly on expiry, if possible */
6934 if(xfr->lease_time && xfr->lease_time+xfr->expiry <
6935 xfr->task_nextprobe->next_probe &&
6936 xfr->lease_time+xfr->expiry > *env->now)
6937 xfr->task_nextprobe->next_probe =
6938 xfr->lease_time+xfr->expiry;
6940 xfr->task_nextprobe->next_probe +=
6941 xfr->task_nextprobe->backoff;
6944 if(!xfr->task_nextprobe->timer) {
6945 xfr->task_nextprobe->timer = comm_timer_create(
6946 env->worker_base, auth_xfer_timer, xfr);
6947 if(!xfr->task_nextprobe->timer) {
6948 /* failed to malloc memory. likely zone transfer
6949 * also fails for that. skip the timeout */
6951 dname_str(xfr->name, zname);
6952 log_err("cannot allocate timer, no refresh for %s",
6957 xfr->task_nextprobe->worker = env->worker;
6958 xfr->task_nextprobe->env = env;
6959 if(*(xfr->task_nextprobe->env->now) <= xfr->task_nextprobe->next_probe)
6960 tv.tv_sec = xfr->task_nextprobe->next_probe -
6961 *(xfr->task_nextprobe->env->now);
6963 if(tv.tv_sec != 0 && lookup_only && xfr->task_probe->masters) {
6964 /* don't lookup_only, if lookup timeout is 0 anyway,
6965 * or if we don't have masters to lookup */
6967 if(xfr->task_probe->worker == NULL)
6968 xfr->task_probe->only_lookup = 1;
6970 if(verbosity >= VERB_ALGO) {
6972 dname_str(xfr->name, zname);
6973 verbose(VERB_ALGO, "auth zone %s timeout in %d seconds",
6974 zname, (int)tv.tv_sec);
6977 comm_timer_set(xfr->task_nextprobe->timer, &tv);
6980 /** initial pick up of worker timeouts, ties events to worker event loop */
6982 auth_xfer_pickup_initial(struct auth_zones* az, struct module_env* env)
6984 struct auth_xfer* x;
6985 lock_rw_wrlock(&az->lock);
6986 RBTREE_FOR(x, struct auth_xfer*, &az->xtree) {
6987 lock_basic_lock(&x->lock);
6988 /* set lease_time, because we now have timestamp in env,
6989 * (not earlier during startup and apply_cfg), and this
6990 * notes the start time when the data was acquired */
6992 x->lease_time = *env->now;
6993 if(x->task_nextprobe && x->task_nextprobe->worker == NULL) {
6994 xfr_set_timeout(x, env, 0, 1);
6996 lock_basic_unlock(&x->lock);
6998 lock_rw_unlock(&az->lock);
7001 void auth_zones_cleanup(struct auth_zones* az)
7003 struct auth_xfer* x;
7004 lock_rw_wrlock(&az->lock);
7005 RBTREE_FOR(x, struct auth_xfer*, &az->xtree) {
7006 lock_basic_lock(&x->lock);
7007 if(x->task_nextprobe && x->task_nextprobe->worker != NULL) {
7008 xfr_nextprobe_disown(x);
7010 if(x->task_probe && x->task_probe->worker != NULL) {
7011 xfr_probe_disown(x);
7013 if(x->task_transfer && x->task_transfer->worker != NULL) {
7014 auth_chunks_delete(x->task_transfer);
7015 xfr_transfer_disown(x);
7017 lock_basic_unlock(&x->lock);
7019 lock_rw_unlock(&az->lock);
7023 * malloc the xfer and tasks
7024 * @param z: auth_zone with name of zone.
7026 static struct auth_xfer*
7027 auth_xfer_new(struct auth_zone* z)
7029 struct auth_xfer* xfr;
7030 xfr = (struct auth_xfer*)calloc(1, sizeof(*xfr));
7031 if(!xfr) return NULL;
7032 xfr->name = memdup(z->name, z->namelen);
7037 xfr->node.key = xfr;
7038 xfr->namelen = z->namelen;
7039 xfr->namelabs = z->namelabs;
7040 xfr->dclass = z->dclass;
7042 xfr->task_nextprobe = (struct auth_nextprobe*)calloc(1,
7043 sizeof(struct auth_nextprobe));
7044 if(!xfr->task_nextprobe) {
7049 xfr->task_probe = (struct auth_probe*)calloc(1,
7050 sizeof(struct auth_probe));
7051 if(!xfr->task_probe) {
7052 free(xfr->task_nextprobe);
7057 xfr->task_transfer = (struct auth_transfer*)calloc(1,
7058 sizeof(struct auth_transfer));
7059 if(!xfr->task_transfer) {
7060 free(xfr->task_probe);
7061 free(xfr->task_nextprobe);
7067 lock_basic_init(&xfr->lock);
7068 lock_protect(&xfr->lock, &xfr->name, sizeof(xfr->name));
7069 lock_protect(&xfr->lock, &xfr->namelen, sizeof(xfr->namelen));
7070 lock_protect(&xfr->lock, xfr->name, xfr->namelen);
7071 lock_protect(&xfr->lock, &xfr->namelabs, sizeof(xfr->namelabs));
7072 lock_protect(&xfr->lock, &xfr->dclass, sizeof(xfr->dclass));
7073 lock_protect(&xfr->lock, &xfr->notify_received, sizeof(xfr->notify_received));
7074 lock_protect(&xfr->lock, &xfr->notify_serial, sizeof(xfr->notify_serial));
7075 lock_protect(&xfr->lock, &xfr->zone_expired, sizeof(xfr->zone_expired));
7076 lock_protect(&xfr->lock, &xfr->have_zone, sizeof(xfr->have_zone));
7077 lock_protect(&xfr->lock, &xfr->serial, sizeof(xfr->serial));
7078 lock_protect(&xfr->lock, &xfr->retry, sizeof(xfr->retry));
7079 lock_protect(&xfr->lock, &xfr->refresh, sizeof(xfr->refresh));
7080 lock_protect(&xfr->lock, &xfr->expiry, sizeof(xfr->expiry));
7081 lock_protect(&xfr->lock, &xfr->lease_time, sizeof(xfr->lease_time));
7082 lock_protect(&xfr->lock, &xfr->task_nextprobe->worker,
7083 sizeof(xfr->task_nextprobe->worker));
7084 lock_protect(&xfr->lock, &xfr->task_probe->worker,
7085 sizeof(xfr->task_probe->worker));
7086 lock_protect(&xfr->lock, &xfr->task_transfer->worker,
7087 sizeof(xfr->task_transfer->worker));
7088 lock_basic_lock(&xfr->lock);
7092 /** Create auth_xfer structure.
7093 * This populates the have_zone, soa values, and so on times.
7094 * and sets the timeout, if a zone transfer is needed a short timeout is set.
7095 * For that the auth_zone itself must exist (and read in zonefile)
7096 * returns false on alloc failure. */
7098 auth_xfer_create(struct auth_zones* az, struct auth_zone* z)
7100 struct auth_xfer* xfr;
7103 xfr = auth_xfer_new(z);
7105 log_err("malloc failure");
7108 /* insert in tree */
7109 (void)rbtree_insert(&az->xtree, &xfr->node);
7113 /** create new auth_master structure */
7114 static struct auth_master*
7115 auth_master_new(struct auth_master*** list)
7117 struct auth_master *m;
7118 m = (struct auth_master*)calloc(1, sizeof(*m));
7120 log_err("malloc failure");
7123 /* set first pointer to m, or next pointer of previous element to m */
7125 /* store m's next pointer as future point to store at */
7126 (*list) = &(m->next);
7130 /** dup_prefix : create string from initial part of other string, malloced */
7132 dup_prefix(char* str, size_t num)
7135 size_t len = strlen(str);
7136 if(len < num) num = len; /* not more than strlen */
7137 result = (char*)malloc(num+1);
7139 log_err("malloc failure");
7142 memmove(result, str, num);
7147 /** dup string and print error on error */
7151 char* result = strdup(str);
7153 log_err("malloc failure");
7159 /** find first of two characters */
7161 str_find_first_of_chars(char* s, char a, char b)
7163 char* ra = strchr(s, a);
7164 char* rb = strchr(s, b);
7167 if(ra < rb) return ra;
7171 /** parse URL into host and file parts, false on malloc or parse error */
7173 parse_url(char* url, char** host, char** file, int* port, int* ssl)
7176 /* parse http://www.example.com/file.htm
7177 * or http://127.0.0.1 (index.html)
7178 * or https://[::1@1234]/a/b/c/d */
7180 *port = AUTH_HTTPS_PORT;
7182 /* parse http:// or https:// */
7183 if(strncmp(p, "http://", 7) == 0) {
7186 *port = AUTH_HTTP_PORT;
7187 } else if(strncmp(p, "https://", 8) == 0) {
7189 } else if(strstr(p, "://") && strchr(p, '/') > strstr(p, "://") &&
7190 strchr(p, ':') >= strstr(p, "://")) {
7191 char* uri = dup_prefix(p, (size_t)(strstr(p, "://")-p));
7192 log_err("protocol %s:// not supported (for url %s)",
7198 /* parse hostname part */
7200 char* end = strchr(p, ']');
7201 p++; /* skip over [ */
7203 *host = dup_prefix(p, (size_t)(end-p));
7204 if(!*host) return 0;
7205 p = end+1; /* skip over ] */
7208 if(!*host) return 0;
7212 char* end = str_find_first_of_chars(p, ':', '/');
7214 *host = dup_prefix(p, (size_t)(end-p));
7215 if(!*host) return 0;
7218 if(!*host) return 0;
7220 p = end; /* at next : or / or NULL */
7223 /* parse port number */
7224 if(p && p[0] == ':') {
7226 *port = strtol(p+1, &end, 10);
7230 /* parse filename part */
7231 while(p && *p == '/')
7234 *file = strdup("/");
7235 else *file = strdup(p);
7237 log_err("malloc failure");
7244 xfer_set_masters(struct auth_master** list, struct config_auth* c,
7247 struct auth_master* m;
7248 struct config_strlist* p;
7249 /* list points to the first, or next pointer for the new element */
7251 list = &( (*list)->next );
7254 for(p = c->urls; p; p = p->next) {
7255 m = auth_master_new(&list);
7258 if(!parse_url(p->str, &m->host, &m->file, &m->port, &m->ssl))
7261 for(p = c->masters; p; p = p->next) {
7262 m = auth_master_new(&list);
7264 m->ixfr = 1; /* this flag is not configurable */
7265 m->host = strdup(p->str);
7267 log_err("malloc failure");
7271 for(p = c->allow_notify; p; p = p->next) {
7272 m = auth_master_new(&list);
7274 m->allow_notify = 1;
7275 m->host = strdup(p->str);
7277 log_err("malloc failure");
7284 #define SERIAL_BITS 32
7286 compare_serial(uint32_t a, uint32_t b)
7288 const uint32_t cutoff = ((uint32_t) 1 << (SERIAL_BITS - 1));
7292 } else if ((a < b && b - a < cutoff) || (a > b && a - b > cutoff)) {
7299 int zonemd_hashalgo_supported(int hashalgo)
7301 if(hashalgo == ZONEMD_ALGO_SHA384) return 1;
7302 if(hashalgo == ZONEMD_ALGO_SHA512) return 1;
7306 int zonemd_scheme_supported(int scheme)
7308 if(scheme == ZONEMD_SCHEME_SIMPLE) return 1;
7312 /** initialize hash for hashing with zonemd hash algo */
7313 static struct secalgo_hash* zonemd_digest_init(int hashalgo, char** reason)
7315 struct secalgo_hash *h;
7316 if(hashalgo == ZONEMD_ALGO_SHA384) {
7318 h = secalgo_hash_create_sha384();
7320 *reason = "digest sha384 could not be created";
7322 } else if(hashalgo == ZONEMD_ALGO_SHA512) {
7324 h = secalgo_hash_create_sha512();
7326 *reason = "digest sha512 could not be created";
7329 /* unknown hash algo */
7330 *reason = "unsupported algorithm";
7334 /** update the hash for zonemd */
7335 static int zonemd_digest_update(int hashalgo, struct secalgo_hash* h,
7336 uint8_t* data, size_t len, char** reason)
7338 if(hashalgo == ZONEMD_ALGO_SHA384) {
7339 if(!secalgo_hash_update(h, data, len)) {
7340 *reason = "digest sha384 failed";
7344 } else if(hashalgo == ZONEMD_ALGO_SHA512) {
7345 if(!secalgo_hash_update(h, data, len)) {
7346 *reason = "digest sha512 failed";
7351 /* unknown hash algo */
7352 *reason = "unsupported algorithm";
7356 /** finish the hash for zonemd */
7357 static int zonemd_digest_finish(int hashalgo, struct secalgo_hash* h,
7358 uint8_t* result, size_t hashlen, size_t* resultlen, char** reason)
7360 if(hashalgo == ZONEMD_ALGO_SHA384) {
7361 if(hashlen < 384/8) {
7362 *reason = "digest buffer too small for sha384";
7365 if(!secalgo_hash_final(h, result, hashlen, resultlen)) {
7366 *reason = "digest sha384 finish failed";
7370 } else if(hashalgo == ZONEMD_ALGO_SHA512) {
7371 if(hashlen < 512/8) {
7372 *reason = "digest buffer too small for sha512";
7375 if(!secalgo_hash_final(h, result, hashlen, resultlen)) {
7376 *reason = "digest sha512 finish failed";
7382 *reason = "unsupported algorithm";
7386 /** add rrsets from node to the list */
7387 static size_t authdata_rrsets_to_list(struct auth_rrset** array,
7388 size_t arraysize, struct auth_rrset* first)
7390 struct auth_rrset* rrset = first;
7393 if(num >= arraysize)
7397 rrset = rrset->next;
7402 /** compare rr list entries */
7403 static int rrlist_compare(const void* arg1, const void* arg2)
7405 struct auth_rrset* r1 = *(struct auth_rrset**)arg1;
7406 struct auth_rrset* r2 = *(struct auth_rrset**)arg2;
7408 if(r1 == NULL) t1 = LDNS_RR_TYPE_RRSIG;
7410 if(r2 == NULL) t2 = LDNS_RR_TYPE_RRSIG;
7419 /** add type RRSIG to rr list if not one there already,
7420 * this is to perform RRSIG collate processing at that point. */
7421 static void addrrsigtype_if_needed(struct auth_rrset** array,
7422 size_t arraysize, size_t* rrnum, struct auth_data* node)
7424 if(az_domain_rrset(node, LDNS_RR_TYPE_RRSIG))
7425 return; /* already one there */
7426 if((*rrnum) >= arraysize)
7427 return; /* array too small? */
7428 array[*rrnum] = NULL; /* nothing there, but need entry in list */
7432 /** collate the RRs in an RRset using the simple scheme */
7433 static int zonemd_simple_rrset(struct auth_zone* z, int hashalgo,
7434 struct secalgo_hash* h, struct auth_data* node,
7435 struct auth_rrset* rrset, struct regional* region,
7436 struct sldns_buffer* buf, char** reason)
7439 struct ub_packed_rrset_key key;
7440 memset(&key, 0, sizeof(key));
7441 key.entry.key = &key;
7442 key.entry.data = rrset->data;
7443 key.rk.dname = node->name;
7444 key.rk.dname_len = node->namelen;
7445 key.rk.type = htons(rrset->type);
7446 key.rk.rrset_class = htons(z->dclass);
7447 if(!rrset_canonicalize_to_buffer(region, buf, &key)) {
7448 *reason = "out of memory";
7451 regional_free_all(region);
7454 if(!zonemd_digest_update(hashalgo, h, sldns_buffer_begin(buf),
7455 sldns_buffer_limit(buf), reason)) {
7461 /** count number of RRSIGs in a domain name rrset list */
7462 static size_t zonemd_simple_count_rrsig(struct auth_rrset* rrset,
7463 struct auth_rrset** rrlist, size_t rrnum,
7464 struct auth_zone* z, struct auth_data* node)
7466 size_t i, count = 0;
7469 for(j = 0; j<rrset->data->count; j++) {
7470 if(rrsig_rdata_get_type_covered(rrset->data->
7471 rr_data[j], rrset->data->rr_len[j]) ==
7472 LDNS_RR_TYPE_ZONEMD &&
7473 query_dname_compare(z->name, node->name)==0) {
7474 /* omit RRSIGs over type ZONEMD at apex */
7480 for(i=0; i<rrnum; i++) {
7481 if(rrlist[i] && rrlist[i]->type == LDNS_RR_TYPE_ZONEMD &&
7482 query_dname_compare(z->name, node->name)==0) {
7483 /* omit RRSIGs over type ZONEMD at apex */
7486 count += (rrlist[i]?rrlist[i]->data->rrsig_count:0);
7491 /** allocate sparse rrset data for the number of entries in tepm region */
7492 static int zonemd_simple_rrsig_allocs(struct regional* region,
7493 struct packed_rrset_data* data, size_t count)
7495 data->rr_len = regional_alloc(region, sizeof(*data->rr_len) * count);
7499 data->rr_ttl = regional_alloc(region, sizeof(*data->rr_ttl) * count);
7503 data->rr_data = regional_alloc(region, sizeof(*data->rr_data) * count);
7504 if(!data->rr_data) {
7510 /** add the RRSIGs from the rrs in the domain into the data */
7511 static void add_rrlist_rrsigs_into_data(struct packed_rrset_data* data,
7512 size_t* done, struct auth_rrset** rrlist, size_t rrnum,
7513 struct auth_zone* z, struct auth_data* node)
7516 for(i=0; i<rrnum; i++) {
7520 if(rrlist[i]->type == LDNS_RR_TYPE_ZONEMD &&
7521 query_dname_compare(z->name, node->name)==0) {
7522 /* omit RRSIGs over type ZONEMD at apex */
7525 for(j = 0; j<rrlist[i]->data->rrsig_count; j++) {
7526 data->rr_len[*done] = rrlist[i]->data->rr_len[rrlist[i]->data->count + j];
7527 data->rr_ttl[*done] = rrlist[i]->data->rr_ttl[rrlist[i]->data->count + j];
7528 /* reference the rdata in the rrset, no need to
7529 * copy it, it is no longer needed at the end of
7531 data->rr_data[*done] = rrlist[i]->data->rr_data[rrlist[i]->data->count + j];
7537 static void add_rrset_into_data(struct packed_rrset_data* data,
7538 size_t* done, struct auth_rrset* rrset,
7539 struct auth_zone* z, struct auth_data* node)
7543 for(j = 0; j<rrset->data->count; j++) {
7544 if(rrsig_rdata_get_type_covered(rrset->data->
7545 rr_data[j], rrset->data->rr_len[j]) ==
7546 LDNS_RR_TYPE_ZONEMD &&
7547 query_dname_compare(z->name, node->name)==0) {
7548 /* omit RRSIGs over type ZONEMD at apex */
7551 data->rr_len[*done] = rrset->data->rr_len[j];
7552 data->rr_ttl[*done] = rrset->data->rr_ttl[j];
7553 /* reference the rdata in the rrset, no need to
7554 * copy it, it is no longer need at the end of
7556 data->rr_data[*done] = rrset->data->rr_data[j];
7562 /** collate the RRSIGs using the simple scheme */
7563 static int zonemd_simple_rrsig(struct auth_zone* z, int hashalgo,
7564 struct secalgo_hash* h, struct auth_data* node,
7565 struct auth_rrset* rrset, struct auth_rrset** rrlist, size_t rrnum,
7566 struct regional* region, struct sldns_buffer* buf, char** reason)
7568 /* the rrset pointer can be NULL, this means it is type RRSIG and
7569 * there is no ordinary type RRSIG there. The RRSIGs are stored
7570 * with the RRsets in their data.
7572 * The RRset pointer can be nonNULL. This happens if there is
7573 * no RR that is covered by the RRSIG for the domain. Then this
7574 * RRSIG RR is stored in an rrset of type RRSIG. The other RRSIGs
7575 * are stored in the rrset entries for the RRs in the rr list for
7576 * the domain node. We need to collate the rrset's data, if any, and
7577 * the rrlist's rrsigs */
7578 /* if this is the apex, omit RRSIGs that cover type ZONEMD */
7579 /* build rrsig rrset */
7581 struct ub_packed_rrset_key key;
7582 struct packed_rrset_data data;
7583 memset(&key, 0, sizeof(key));
7584 memset(&data, 0, sizeof(data));
7585 key.entry.key = &key;
7586 key.entry.data = &data;
7587 key.rk.dname = node->name;
7588 key.rk.dname_len = node->namelen;
7589 key.rk.type = htons(LDNS_RR_TYPE_RRSIG);
7590 key.rk.rrset_class = htons(z->dclass);
7591 data.count = zonemd_simple_count_rrsig(rrset, rrlist, rrnum, z, node);
7592 if(!zonemd_simple_rrsig_allocs(region, &data, data.count)) {
7593 *reason = "out of memory";
7594 regional_free_all(region);
7597 /* all the RRSIGs stored in the other rrsets for this domain node */
7598 add_rrlist_rrsigs_into_data(&data, &done, rrlist, rrnum, z, node);
7599 /* plus the RRSIGs stored in an rrset of type RRSIG for this node */
7600 add_rrset_into_data(&data, &done, rrset, z, node);
7603 if(!rrset_canonicalize_to_buffer(region, buf, &key)) {
7604 *reason = "out of memory";
7605 regional_free_all(region);
7608 regional_free_all(region);
7611 if(!zonemd_digest_update(hashalgo, h, sldns_buffer_begin(buf),
7612 sldns_buffer_limit(buf), reason)) {
7618 /** collate a domain's rrsets using the simple scheme */
7619 static int zonemd_simple_domain(struct auth_zone* z, int hashalgo,
7620 struct secalgo_hash* h, struct auth_data* node,
7621 struct regional* region, struct sldns_buffer* buf, char** reason)
7623 const size_t rrlistsize = 65536;
7624 struct auth_rrset* rrlist[rrlistsize];
7625 size_t i, rrnum = 0;
7626 /* see if the domain is out of scope, the zone origin,
7627 * that would be omitted */
7628 if(!dname_subdomain_c(node->name, z->name))
7629 return 1; /* continue */
7630 /* loop over the rrsets in ascending order. */
7631 rrnum = authdata_rrsets_to_list(rrlist, rrlistsize, node->rrsets);
7632 addrrsigtype_if_needed(rrlist, rrlistsize, &rrnum, node);
7633 qsort(rrlist, rrnum, sizeof(*rrlist), rrlist_compare);
7634 for(i=0; i<rrnum; i++) {
7635 if(rrlist[i] && rrlist[i]->type == LDNS_RR_TYPE_ZONEMD &&
7636 query_dname_compare(z->name, node->name) == 0) {
7637 /* omit type ZONEMD at apex */
7640 if(rrlist[i] == NULL || rrlist[i]->type ==
7641 LDNS_RR_TYPE_RRSIG) {
7642 if(!zonemd_simple_rrsig(z, hashalgo, h, node,
7643 rrlist[i], rrlist, rrnum, region, buf, reason))
7645 } else if(!zonemd_simple_rrset(z, hashalgo, h, node,
7646 rrlist[i], region, buf, reason)) {
7653 /** collate the zone using the simple scheme */
7654 static int zonemd_simple_collate(struct auth_zone* z, int hashalgo,
7655 struct secalgo_hash* h, struct regional* region,
7656 struct sldns_buffer* buf, char** reason)
7658 /* our tree is sorted in canonical order, so we can just loop over
7660 struct auth_data* n;
7661 RBTREE_FOR(n, struct auth_data*, &z->data) {
7662 if(!zonemd_simple_domain(z, hashalgo, h, n, region, buf,
7669 int auth_zone_generate_zonemd_hash(struct auth_zone* z, int scheme,
7670 int hashalgo, uint8_t* hash, size_t hashlen, size_t* resultlen,
7671 struct regional* region, struct sldns_buffer* buf, char** reason)
7673 struct secalgo_hash* h = zonemd_digest_init(hashalgo, reason);
7676 *reason = "digest init fail";
7679 if(scheme == ZONEMD_SCHEME_SIMPLE) {
7680 if(!zonemd_simple_collate(z, hashalgo, h, region, buf, reason)) {
7681 if(!*reason) *reason = "scheme simple collate fail";
7682 secalgo_hash_delete(h);
7686 if(!zonemd_digest_finish(hashalgo, h, hash, hashlen, resultlen,
7688 secalgo_hash_delete(h);
7689 *reason = "digest finish fail";
7692 secalgo_hash_delete(h);
7696 int auth_zone_generate_zonemd_check(struct auth_zone* z, int scheme,
7697 int hashalgo, uint8_t* hash, size_t hashlen, struct regional* region,
7698 struct sldns_buffer* buf, char** reason)
7703 if(!zonemd_hashalgo_supported(hashalgo)) {
7705 *reason = "unsupported algorithm";
7708 if(!zonemd_scheme_supported(scheme)) {
7710 *reason = "unsupported scheme";
7714 /* the ZONEMD draft requires digests to fail if too small */
7715 *reason = "digest length too small, less than 12";
7718 /* generate digest */
7719 if(!auth_zone_generate_zonemd_hash(z, scheme, hashalgo, gen,
7720 sizeof(gen), &genlen, region, buf, reason)) {
7721 /* reason filled in by zonemd hash routine */
7724 /* check digest length */
7725 if(hashlen != genlen) {
7726 *reason = "incorrect digest length";
7727 if(verbosity >= VERB_ALGO) {
7728 verbose(VERB_ALGO, "zonemd scheme=%d hashalgo=%d",
7730 log_hex("ZONEMD should be ", gen, genlen);
7731 log_hex("ZONEMD to check is", hash, hashlen);
7736 if(memcmp(hash, gen, genlen) != 0) {
7737 *reason = "incorrect digest";
7738 if(verbosity >= VERB_ALGO) {
7739 verbose(VERB_ALGO, "zonemd scheme=%d hashalgo=%d",
7741 log_hex("ZONEMD should be ", gen, genlen);
7742 log_hex("ZONEMD to check is", hash, hashlen);
7749 /** log auth zone message with zone name in front. */
7750 static void auth_zone_log(uint8_t* name, enum verbosity_value level,
7751 const char* format, ...) ATTR_FORMAT(printf, 3, 4);
7752 static void auth_zone_log(uint8_t* name, enum verbosity_value level,
7753 const char* format, ...)
7756 va_start(args, format);
7757 if(verbosity >= level) {
7759 char msg[MAXSYSLOGMSGLEN];
7760 dname_str(name, str);
7761 vsnprintf(msg, sizeof(msg), format, args);
7762 verbose(level, "auth zone %s %s", str, msg);
7767 /** ZONEMD, dnssec verify the rrset with the dnskey */
7768 static int zonemd_dnssec_verify_rrset(struct auth_zone* z,
7769 struct module_env* env, struct module_stack* mods,
7770 struct ub_packed_rrset_key* dnskey, struct auth_data* node,
7771 struct auth_rrset* rrset, char** why_bogus, uint8_t* sigalg)
7773 struct ub_packed_rrset_key pk;
7774 enum sec_status sec;
7777 m = modstack_find(mods, "validator");
7779 auth_zone_log(z->name, VERB_ALGO, "zonemd dnssec verify: have "
7780 "DNSKEY chain of trust, but no validator module");
7783 ve = (struct val_env*)env->modinfo[m];
7785 memset(&pk, 0, sizeof(pk));
7787 pk.entry.data = rrset->data;
7788 pk.rk.dname = node->name;
7789 pk.rk.dname_len = node->namelen;
7790 pk.rk.type = htons(rrset->type);
7791 pk.rk.rrset_class = htons(z->dclass);
7792 if(verbosity >= VERB_ALGO) {
7795 sldns_wire2str_type_buf(rrset->type, typestr, sizeof(typestr));
7796 auth_zone_log(z->name, VERB_ALGO,
7797 "zonemd: verify %s RRset with DNSKEY", typestr);
7799 sec = dnskeyset_verify_rrset(env, ve, &pk, dnskey, sigalg, why_bogus, NULL,
7800 LDNS_SECTION_ANSWER, NULL);
7801 if(sec == sec_status_secure) {
7805 auth_zone_log(z->name, VERB_ALGO, "DNSSEC verify was bogus: %s", *why_bogus);
7809 /** check for nsec3, the RR with params equal, if bitmap has the type */
7810 static int nsec3_of_param_has_type(struct auth_rrset* nsec3, int algo,
7811 size_t iter, uint8_t* salt, size_t saltlen, uint16_t rrtype)
7813 int i, count = (int)nsec3->data->count;
7814 struct ub_packed_rrset_key pk;
7815 memset(&pk, 0, sizeof(pk));
7816 pk.entry.data = nsec3->data;
7817 for(i=0; i<count; i++) {
7819 size_t rriter, rrsaltlen;
7821 if(!nsec3_get_params(&pk, i, &rralgo, &rriter, &rrsalt,
7823 continue; /* no parameters, malformed */
7824 if(rralgo != algo || rriter != iter || rrsaltlen != saltlen)
7825 continue; /* different parameters */
7827 if(rrsalt == NULL || salt == NULL)
7829 if(memcmp(rrsalt, salt, saltlen) != 0)
7830 continue; /* different salt parameters */
7832 if(nsec3_has_type(&pk, i, rrtype))
7838 /** Verify the absence of ZONEMD with DNSSEC by checking NSEC, NSEC3 type flag.
7839 * return false on failure, reason contains description of failure. */
7840 static int zonemd_check_dnssec_absence(struct auth_zone* z,
7841 struct module_env* env, struct module_stack* mods,
7842 struct ub_packed_rrset_key* dnskey, struct auth_data* apex,
7843 char** reason, char** why_bogus, uint8_t* sigalg)
7845 struct auth_rrset* nsec = NULL;
7847 *reason = "zone has no apex domain but ZONEMD missing";
7850 nsec = az_domain_rrset(apex, LDNS_RR_TYPE_NSEC);
7852 struct ub_packed_rrset_key pk;
7853 /* dnssec verify the NSEC */
7854 if(!zonemd_dnssec_verify_rrset(z, env, mods, dnskey, apex,
7855 nsec, why_bogus, sigalg)) {
7856 *reason = "DNSSEC verify failed for NSEC RRset";
7859 /* check type bitmap */
7860 memset(&pk, 0, sizeof(pk));
7861 pk.entry.data = nsec->data;
7862 if(nsec_has_type(&pk, LDNS_RR_TYPE_ZONEMD)) {
7863 *reason = "DNSSEC NSEC bitmap says type ZONEMD exists";
7866 auth_zone_log(z->name, VERB_ALGO, "zonemd DNSSEC NSEC verification of absence of ZONEMD secure");
7868 /* NSEC3 perhaps ? */
7870 size_t iter, saltlen;
7872 struct auth_rrset* nsec3param = az_domain_rrset(apex,
7873 LDNS_RR_TYPE_NSEC3PARAM);
7874 struct auth_data* match;
7875 struct auth_rrset* nsec3;
7877 *reason = "zone has no NSEC information but ZONEMD missing";
7880 if(!az_nsec3_param(z, &algo, &iter, &salt, &saltlen)) {
7881 *reason = "zone has no NSEC information but ZONEMD missing";
7884 /* find the NSEC3 record */
7885 match = az_nsec3_find_exact(z, z->name, z->namelen, algo,
7886 iter, salt, saltlen);
7888 *reason = "zone has no NSEC3 domain for the apex but ZONEMD missing";
7891 nsec3 = az_domain_rrset(match, LDNS_RR_TYPE_NSEC3);
7893 *reason = "zone has no NSEC3 RRset for the apex but ZONEMD missing";
7896 /* dnssec verify the NSEC3 */
7897 if(!zonemd_dnssec_verify_rrset(z, env, mods, dnskey, match,
7898 nsec3, why_bogus, sigalg)) {
7899 *reason = "DNSSEC verify failed for NSEC3 RRset";
7902 /* check type bitmap */
7903 if(nsec3_of_param_has_type(nsec3, algo, iter, salt, saltlen,
7904 LDNS_RR_TYPE_ZONEMD)) {
7905 *reason = "DNSSEC NSEC3 bitmap says type ZONEMD exists";
7908 auth_zone_log(z->name, VERB_ALGO, "zonemd DNSSEC NSEC3 verification of absence of ZONEMD secure");
7914 /** Verify the SOA and ZONEMD DNSSEC signatures.
7915 * return false on failure, reason contains description of failure. */
7916 static int zonemd_check_dnssec_soazonemd(struct auth_zone* z,
7917 struct module_env* env, struct module_stack* mods,
7918 struct ub_packed_rrset_key* dnskey, struct auth_data* apex,
7919 struct auth_rrset* zonemd_rrset, char** reason, char** why_bogus,
7922 struct auth_rrset* soa;
7924 *reason = "zone has no apex domain";
7927 soa = az_domain_rrset(apex, LDNS_RR_TYPE_SOA);
7929 *reason = "zone has no SOA RRset";
7932 if(!zonemd_dnssec_verify_rrset(z, env, mods, dnskey, apex, soa,
7933 why_bogus, sigalg)) {
7934 *reason = "DNSSEC verify failed for SOA RRset";
7937 if(!zonemd_dnssec_verify_rrset(z, env, mods, dnskey, apex,
7938 zonemd_rrset, why_bogus, sigalg)) {
7939 *reason = "DNSSEC verify failed for ZONEMD RRset";
7942 auth_zone_log(z->name, VERB_ALGO, "zonemd DNSSEC verification of SOA and ZONEMD RRsets secure");
7947 * Fail the ZONEMD verification.
7948 * @param z: auth zone that fails.
7949 * @param env: environment with config, to ignore failure or not.
7950 * @param reason: failure string description.
7951 * @param why_bogus: failure string for DNSSEC verification failure.
7952 * @param result: strdup result in here if not NULL.
7954 static void auth_zone_zonemd_fail(struct auth_zone* z, struct module_env* env,
7955 char* reason, char* why_bogus, char** result)
7958 /* if fail: log reason, and depending on config also take action
7959 * and drop the zone, eg. it is gone from memory, set zone_expired */
7960 dname_str(z->name, zstr);
7961 if(!reason) reason = "verification failed";
7965 snprintf(res, sizeof(res), "%s: %s", reason,
7967 *result = strdup(res);
7969 *result = strdup(reason);
7971 if(!*result) log_err("out of memory");
7973 log_warn("auth zone %s: ZONEMD verification failed: %s", zstr, reason);
7976 if(env->cfg->zonemd_permissive_mode) {
7977 verbose(VERB_ALGO, "zonemd-permissive-mode enabled, "
7978 "not blocking zone %s", zstr);
7982 /* expired means the zone gives servfail and is not used by
7983 * lookup if fallback_enabled*/
7984 z->zone_expired = 1;
7988 * Verify the zonemd with DNSSEC and hash check, with given key.
7989 * @param z: auth zone.
7990 * @param env: environment with config and temp buffers.
7991 * @param mods: module stack with validator env for verification.
7992 * @param dnskey: dnskey that we can use, or NULL. If nonnull, the key
7993 * has been verified and is the start of the chain of trust.
7994 * @param is_insecure: if true, the dnskey is not used, the zone is insecure.
7995 * And dnssec is not used. It is DNSSEC secure insecure or not under
7997 * @param sigalg: if nonNULL provide algorithm downgrade protection.
7998 * Otherwise one algorithm is enough. Must have space of ALGO_NEEDS_MAX+1.
7999 * @param result: if not NULL result reason copied here.
8002 auth_zone_verify_zonemd_with_key(struct auth_zone* z, struct module_env* env,
8003 struct module_stack* mods, struct ub_packed_rrset_key* dnskey,
8004 int is_insecure, char** result, uint8_t* sigalg)
8006 char* reason = NULL, *why_bogus = NULL;
8007 struct auth_data* apex = NULL;
8008 struct auth_rrset* zonemd_rrset = NULL;
8009 int zonemd_absent = 0, zonemd_absence_dnssecok = 0;
8011 /* see if ZONEMD is present or absent. */
8012 apex = az_find_name(z, z->name, z->namelen);
8016 zonemd_rrset = az_domain_rrset(apex, LDNS_RR_TYPE_ZONEMD);
8017 if(!zonemd_rrset || zonemd_rrset->data->count==0) {
8019 zonemd_rrset = NULL;
8023 /* if no DNSSEC, done. */
8024 /* if no ZONEMD, and DNSSEC, use DNSKEY to verify NSEC or NSEC3 for
8025 * zone apex. Check ZONEMD bit is turned off or else fail */
8026 /* if ZONEMD, and DNSSEC, check DNSSEC signature on SOA and ZONEMD,
8028 if(!dnskey && !is_insecure) {
8029 auth_zone_zonemd_fail(z, env, "DNSKEY missing", NULL, result);
8031 } else if(!zonemd_rrset && dnskey && !is_insecure) {
8032 /* fetch, DNSSEC verify, and check NSEC/NSEC3 */
8033 if(!zonemd_check_dnssec_absence(z, env, mods, dnskey, apex,
8034 &reason, &why_bogus, sigalg)) {
8035 auth_zone_zonemd_fail(z, env, reason, why_bogus, result);
8038 zonemd_absence_dnssecok = 1;
8039 } else if(zonemd_rrset && dnskey && !is_insecure) {
8040 /* check DNSSEC verify of SOA and ZONEMD */
8041 if(!zonemd_check_dnssec_soazonemd(z, env, mods, dnskey, apex,
8042 zonemd_rrset, &reason, &why_bogus, sigalg)) {
8043 auth_zone_zonemd_fail(z, env, reason, why_bogus, result);
8048 if(zonemd_absent && z->zonemd_reject_absence) {
8049 auth_zone_zonemd_fail(z, env, "ZONEMD absent and that is not allowed by config", NULL, result);
8052 if(zonemd_absent && zonemd_absence_dnssecok) {
8053 auth_zone_log(z->name, VERB_ALGO, "DNSSEC verified nonexistence of ZONEMD");
8055 *result = strdup("DNSSEC verified nonexistence of ZONEMD");
8056 if(!*result) log_err("out of memory");
8061 auth_zone_log(z->name, VERB_ALGO, "no ZONEMD present");
8063 *result = strdup("no ZONEMD present");
8064 if(!*result) log_err("out of memory");
8069 /* check ZONEMD checksum and report or else fail. */
8070 if(!auth_zone_zonemd_check_hash(z, env, &reason)) {
8071 auth_zone_zonemd_fail(z, env, reason, NULL, result);
8075 /* success! log the success */
8077 auth_zone_log(z->name, VERB_ALGO, "ZONEMD %s", reason);
8078 else auth_zone_log(z->name, VERB_ALGO, "ZONEMD verification successful");
8081 *result = strdup(reason);
8082 else *result = strdup("ZONEMD verification successful");
8083 if(!*result) log_err("out of memory");
8088 * verify the zone DNSKEY rrset from the trust anchor
8089 * This is possible because the anchor is for the zone itself, and can
8090 * thus apply straight to the zone DNSKEY set.
8091 * @param z: the auth zone.
8092 * @param env: environment with time and temp buffers.
8093 * @param mods: module stack for validator environment for dnssec validation.
8094 * @param anchor: trust anchor to use
8095 * @param is_insecure: returned, true if the zone is securely insecure.
8096 * @param why_bogus: if the routine fails, returns the failure reason.
8097 * @param keystorage: where to store the ub_packed_rrset_key that is created
8098 * on success. A pointer to it is returned on success.
8099 * @return the dnskey RRset, reference to zone data and keystorage, or
8102 static struct ub_packed_rrset_key*
8103 zonemd_get_dnskey_from_anchor(struct auth_zone* z, struct module_env* env,
8104 struct module_stack* mods, struct trust_anchor* anchor,
8105 int* is_insecure, char** why_bogus,
8106 struct ub_packed_rrset_key* keystorage)
8108 struct auth_data* apex;
8109 struct auth_rrset* dnskey_rrset;
8110 enum sec_status sec;
8114 apex = az_find_name(z, z->name, z->namelen);
8116 *why_bogus = "have trust anchor, but zone has no apex domain for DNSKEY";
8119 dnskey_rrset = az_domain_rrset(apex, LDNS_RR_TYPE_DNSKEY);
8120 if(!dnskey_rrset || dnskey_rrset->data->count==0) {
8121 *why_bogus = "have trust anchor, but zone has no DNSKEY";
8125 m = modstack_find(mods, "validator");
8127 *why_bogus = "have trust anchor, but no validator module";
8130 ve = (struct val_env*)env->modinfo[m];
8132 memset(keystorage, 0, sizeof(*keystorage));
8133 keystorage->entry.key = keystorage;
8134 keystorage->entry.data = dnskey_rrset->data;
8135 keystorage->rk.dname = apex->name;
8136 keystorage->rk.dname_len = apex->namelen;
8137 keystorage->rk.type = htons(LDNS_RR_TYPE_DNSKEY);
8138 keystorage->rk.rrset_class = htons(z->dclass);
8139 auth_zone_log(z->name, VERB_QUERY,
8140 "zonemd: verify DNSKEY RRset with trust anchor");
8141 sec = val_verify_DNSKEY_with_TA(env, ve, keystorage, anchor->ds_rrset,
8142 anchor->dnskey_rrset, NULL, why_bogus, NULL, NULL);
8143 regional_free_all(env->scratch);
8144 if(sec == sec_status_secure) {
8148 } else if(sec == sec_status_insecure) {
8154 auth_zone_log(z->name, VERB_ALGO,
8155 "zonemd: verify DNSKEY RRset with trust anchor failed: %s", *why_bogus);
8160 /** verify the DNSKEY from the zone with looked up DS record */
8161 static struct ub_packed_rrset_key*
8162 auth_zone_verify_zonemd_key_with_ds(struct auth_zone* z,
8163 struct module_env* env, struct module_stack* mods,
8164 struct ub_packed_rrset_key* ds, int* is_insecure, char** why_bogus,
8165 struct ub_packed_rrset_key* keystorage, uint8_t* sigalg)
8167 struct auth_data* apex;
8168 struct auth_rrset* dnskey_rrset;
8169 enum sec_status sec;
8173 /* fetch DNSKEY from zone data */
8174 apex = az_find_name(z, z->name, z->namelen);
8176 *why_bogus = "in verifywithDS, zone has no apex";
8179 dnskey_rrset = az_domain_rrset(apex, LDNS_RR_TYPE_DNSKEY);
8180 if(!dnskey_rrset || dnskey_rrset->data->count==0) {
8181 *why_bogus = "in verifywithDS, zone has no DNSKEY";
8185 m = modstack_find(mods, "validator");
8187 *why_bogus = "in verifywithDS, have no validator module";
8190 ve = (struct val_env*)env->modinfo[m];
8192 memset(keystorage, 0, sizeof(*keystorage));
8193 keystorage->entry.key = keystorage;
8194 keystorage->entry.data = dnskey_rrset->data;
8195 keystorage->rk.dname = apex->name;
8196 keystorage->rk.dname_len = apex->namelen;
8197 keystorage->rk.type = htons(LDNS_RR_TYPE_DNSKEY);
8198 keystorage->rk.rrset_class = htons(z->dclass);
8199 auth_zone_log(z->name, VERB_QUERY, "zonemd: verify zone DNSKEY with DS");
8200 sec = val_verify_DNSKEY_with_DS(env, ve, keystorage, ds, sigalg,
8201 why_bogus, NULL, NULL);
8202 regional_free_all(env->scratch);
8203 if(sec == sec_status_secure) {
8206 } else if(sec == sec_status_insecure) {
8212 if(*why_bogus == NULL)
8213 *why_bogus = "verify failed";
8214 auth_zone_log(z->name, VERB_ALGO,
8215 "zonemd: verify DNSKEY RRset with DS failed: %s",
8221 /** callback for ZONEMD lookup of DNSKEY */
8222 void auth_zonemd_dnskey_lookup_callback(void* arg, int rcode, sldns_buffer* buf,
8223 enum sec_status sec, char* why_bogus, int ATTR_UNUSED(was_ratelimited))
8225 struct auth_zone* z = (struct auth_zone*)arg;
8226 struct module_env* env;
8227 char* reason = NULL, *ds_bogus = NULL, *typestr="DNSKEY";
8228 struct ub_packed_rrset_key* dnskey = NULL, *ds = NULL;
8229 int is_insecure = 0, downprot;
8230 struct ub_packed_rrset_key keystorage;
8231 uint8_t sigalg[ALGO_NEEDS_MAX+1];
8233 lock_rw_wrlock(&z->lock);
8234 env = z->zonemd_callback_env;
8235 /* release the env variable so another worker can pick up the
8236 * ZONEMD verification task if it wants to */
8237 z->zonemd_callback_env = NULL;
8238 if(!env || env->outnet->want_to_quit || z->zone_deleted) {
8239 lock_rw_unlock(&z->lock);
8240 return; /* stop on quit */
8242 if(z->zonemd_callback_qtype == LDNS_RR_TYPE_DS)
8244 downprot = env->cfg->harden_algo_downgrade;
8246 /* process result */
8247 if(sec == sec_status_bogus) {
8250 if(z->zonemd_callback_qtype == LDNS_RR_TYPE_DNSKEY)
8251 reason = "lookup of DNSKEY was bogus";
8252 else reason = "lookup of DS was bogus";
8254 auth_zone_log(z->name, VERB_ALGO,
8255 "zonemd lookup of %s was bogus: %s", typestr, reason);
8256 } else if(rcode == LDNS_RCODE_NOERROR) {
8257 uint16_t wanted_qtype = z->zonemd_callback_qtype;
8258 struct regional* temp = env->scratch;
8259 struct query_info rq;
8260 struct reply_info* rep;
8261 memset(&rq, 0, sizeof(rq));
8262 rep = parse_reply_in_temp_region(buf, temp, &rq);
8263 if(rep && rq.qtype == wanted_qtype &&
8264 query_dname_compare(z->name, rq.qname) == 0 &&
8265 FLAGS_GET_RCODE(rep->flags) == LDNS_RCODE_NOERROR) {
8266 /* parsed successfully */
8267 struct ub_packed_rrset_key* answer =
8268 reply_find_answer_rrset(&rq, rep);
8269 if(answer && sec == sec_status_secure) {
8270 if(z->zonemd_callback_qtype == LDNS_RR_TYPE_DNSKEY)
8273 auth_zone_log(z->name, VERB_ALGO,
8274 "zonemd lookup of %s was secure", typestr);
8275 } else if(sec == sec_status_secure && !answer) {
8277 auth_zone_log(z->name, VERB_ALGO,
8278 "zonemd lookup of %s has no content, but is secure, treat as insecure", typestr);
8279 } else if(sec == sec_status_insecure) {
8281 auth_zone_log(z->name, VERB_ALGO,
8282 "zonemd lookup of %s was insecure", typestr);
8283 } else if(sec == sec_status_indeterminate) {
8285 auth_zone_log(z->name, VERB_ALGO,
8286 "zonemd lookup of %s was indeterminate, treat as insecure", typestr);
8288 auth_zone_log(z->name, VERB_ALGO,
8289 "zonemd lookup of %s has nodata", typestr);
8290 if(z->zonemd_callback_qtype == LDNS_RR_TYPE_DNSKEY)
8291 reason = "lookup of DNSKEY has nodata";
8292 else reason = "lookup of DS has nodata";
8294 } else if(rep && rq.qtype == wanted_qtype &&
8295 query_dname_compare(z->name, rq.qname) == 0 &&
8296 FLAGS_GET_RCODE(rep->flags) == LDNS_RCODE_NXDOMAIN &&
8297 sec == sec_status_secure) {
8298 /* secure nxdomain, so the zone is like some RPZ zone
8299 * that does not exist in the wider internet, with
8300 * a secure nxdomain answer outside of it. So we
8301 * treat the zonemd zone without a dnssec chain of
8302 * trust, as insecure. */
8304 auth_zone_log(z->name, VERB_ALGO,
8305 "zonemd lookup of %s was secure NXDOMAIN, treat as insecure", typestr);
8306 } else if(rep && rq.qtype == wanted_qtype &&
8307 query_dname_compare(z->name, rq.qname) == 0 &&
8308 FLAGS_GET_RCODE(rep->flags) == LDNS_RCODE_NXDOMAIN &&
8309 sec == sec_status_insecure) {
8311 auth_zone_log(z->name, VERB_ALGO,
8312 "zonemd lookup of %s was insecure NXDOMAIN, treat as insecure", typestr);
8313 } else if(rep && rq.qtype == wanted_qtype &&
8314 query_dname_compare(z->name, rq.qname) == 0 &&
8315 FLAGS_GET_RCODE(rep->flags) == LDNS_RCODE_NXDOMAIN &&
8316 sec == sec_status_indeterminate) {
8318 auth_zone_log(z->name, VERB_ALGO,
8319 "zonemd lookup of %s was indeterminate NXDOMAIN, treat as insecure", typestr);
8321 auth_zone_log(z->name, VERB_ALGO,
8322 "zonemd lookup of %s has no answer", typestr);
8323 if(z->zonemd_callback_qtype == LDNS_RR_TYPE_DNSKEY)
8324 reason = "lookup of DNSKEY has no answer";
8325 else reason = "lookup of DS has no answer";
8328 auth_zone_log(z->name, VERB_ALGO,
8329 "zonemd lookup of %s failed", typestr);
8330 if(z->zonemd_callback_qtype == LDNS_RR_TYPE_DNSKEY)
8331 reason = "lookup of DNSKEY failed";
8332 else reason = "lookup of DS failed";
8335 if(!reason && !is_insecure && !dnskey && ds) {
8336 dnskey = auth_zone_verify_zonemd_key_with_ds(z, env,
8337 &env->mesh->mods, ds, &is_insecure, &ds_bogus,
8338 &keystorage, downprot?sigalg:NULL);
8339 if(!dnskey && !is_insecure && !reason)
8340 reason = "DNSKEY verify with DS failed";
8344 auth_zone_zonemd_fail(z, env, reason, ds_bogus, NULL);
8345 lock_rw_unlock(&z->lock);
8349 auth_zone_verify_zonemd_with_key(z, env, &env->mesh->mods, dnskey,
8350 is_insecure, NULL, downprot?sigalg:NULL);
8351 regional_free_all(env->scratch);
8352 lock_rw_unlock(&z->lock);
8355 /** lookup DNSKEY for ZONEMD verification */
8357 zonemd_lookup_dnskey(struct auth_zone* z, struct module_env* env)
8359 struct query_info qinfo;
8360 uint16_t qflags = BIT_RD;
8361 struct edns_data edns;
8362 sldns_buffer* buf = env->scratch_buffer;
8365 if(!z->fallback_enabled) {
8366 /* we cannot actually get the DNSKEY, because it is in the
8367 * zone we have ourselves, and it is not served yet
8368 * (possibly), so fetch type DS */
8371 if(z->zonemd_callback_env) {
8372 /* another worker is already working on the callback
8373 * for the DNSKEY lookup for ZONEMD verification.
8374 * We do not also have to do ZONEMD verification, let that
8376 auth_zone_log(z->name, VERB_ALGO,
8377 "zonemd needs lookup of %s and that already is worked on by another worker", (fetch_ds?"DS":"DNSKEY"));
8381 /* use mesh_new_callback to lookup the DNSKEY,
8382 * and then wait for them to be looked up (in cache, or query) */
8383 qinfo.qname_len = z->namelen;
8384 qinfo.qname = z->name;
8385 qinfo.qclass = z->dclass;
8387 qinfo.qtype = LDNS_RR_TYPE_DS;
8388 else qinfo.qtype = LDNS_RR_TYPE_DNSKEY;
8389 qinfo.local_alias = NULL;
8390 if(verbosity >= VERB_ALGO) {
8392 char buf2[LDNS_MAX_DOMAINLEN+1];
8393 dname_str(z->name, buf2);
8394 snprintf(buf1, sizeof(buf1), "auth zone %s: lookup %s "
8395 "for zonemd verification", buf2,
8396 (fetch_ds?"DS":"DNSKEY"));
8397 log_query_info(VERB_ALGO, buf1, &qinfo);
8399 edns.edns_present = 1;
8401 edns.edns_version = 0;
8402 edns.bits = EDNS_DO;
8403 edns.opt_list_in = NULL;
8404 edns.opt_list_out = NULL;
8405 edns.opt_list_inplace_cb_out = NULL;
8406 if(sldns_buffer_capacity(buf) < 65535)
8407 edns.udp_size = (uint16_t)sldns_buffer_capacity(buf);
8408 else edns.udp_size = 65535;
8410 /* store the worker-specific module env for the callback.
8411 * We can then reference this when the callback executes */
8412 z->zonemd_callback_env = env;
8413 z->zonemd_callback_qtype = qinfo.qtype;
8414 /* the callback can be called straight away */
8415 lock_rw_unlock(&z->lock);
8416 if(!mesh_new_callback(env->mesh, &qinfo, qflags, &edns, buf, 0,
8417 &auth_zonemd_dnskey_lookup_callback, z, 0)) {
8418 lock_rw_wrlock(&z->lock);
8419 log_err("out of memory lookup of %s for zonemd",
8420 (fetch_ds?"DS":"DNSKEY"));
8423 lock_rw_wrlock(&z->lock);
8427 void auth_zone_verify_zonemd(struct auth_zone* z, struct module_env* env,
8428 struct module_stack* mods, char** result, int offline, int only_online)
8430 char* reason = NULL, *why_bogus = NULL;
8431 struct trust_anchor* anchor = NULL;
8432 struct ub_packed_rrset_key* dnskey = NULL;
8433 struct ub_packed_rrset_key keystorage;
8434 int is_insecure = 0;
8435 /* verify the ZONEMD if present.
8436 * If not present check if absence is allowed by DNSSEC */
8437 if(!z->zonemd_check)
8439 if(z->data.count == 0)
8440 return; /* no data */
8442 /* if zone is under a trustanchor */
8443 /* is it equal to trustanchor - get dnskey's verified */
8444 /* else, find chain of trust by fetching DNSKEYs lookup for zone */
8445 /* result if that, if insecure, means no DNSSEC for the ZONEMD,
8446 * otherwise we have the zone DNSKEY for the DNSSEC verification. */
8448 anchor = anchors_lookup(env->anchors, z->name, z->namelen,
8450 if(anchor && anchor->numDS == 0 && anchor->numDNSKEY == 0) {
8451 /* domain-insecure trust anchor for unsigned zones */
8452 lock_basic_unlock(&anchor->lock);
8457 } else if(anchor && query_dname_compare(z->name, anchor->name) == 0) {
8459 lock_basic_unlock(&anchor->lock);
8462 /* equal to trustanchor, no need for online lookups */
8463 dnskey = zonemd_get_dnskey_from_anchor(z, env, mods, anchor,
8464 &is_insecure, &why_bogus, &keystorage);
8465 lock_basic_unlock(&anchor->lock);
8466 if(!dnskey && !reason && !is_insecure) {
8467 reason = "verify DNSKEY RRset with trust anchor failed";
8470 lock_basic_unlock(&anchor->lock);
8471 /* perform online lookups */
8474 /* setup online lookups, and wait for them */
8475 if(zonemd_lookup_dnskey(z, env)) {
8476 /* wait for the lookup */
8479 reason = "could not lookup DNSKEY for chain of trust";
8481 /* the zone is not under a trust anchor */
8489 auth_zone_zonemd_fail(z, env, reason, why_bogus, result);
8493 auth_zone_verify_zonemd_with_key(z, env, mods, dnskey, is_insecure,
8495 regional_free_all(env->scratch);
8498 void auth_zones_pickup_zonemd_verify(struct auth_zones* az,
8499 struct module_env* env)
8501 struct auth_zone key;
8502 uint8_t savezname[255+1];
8503 size_t savezname_len;
8504 struct auth_zone* z;
8505 key.node.key = &key;
8506 lock_rw_rdlock(&az->lock);
8507 RBTREE_FOR(z, struct auth_zone*, &az->ztree) {
8508 lock_rw_wrlock(&z->lock);
8509 if(!z->zonemd_check) {
8510 lock_rw_unlock(&z->lock);
8513 key.dclass = z->dclass;
8514 key.namelabs = z->namelabs;
8515 if(z->namelen > sizeof(savezname)) {
8516 lock_rw_unlock(&z->lock);
8517 log_err("auth_zones_pickup_zonemd_verify: zone name too long");
8520 savezname_len = z->namelen;
8521 memmove(savezname, z->name, z->namelen);
8522 lock_rw_unlock(&az->lock);
8523 auth_zone_verify_zonemd(z, env, &env->mesh->mods, NULL, 0, 1);
8524 lock_rw_unlock(&z->lock);
8525 lock_rw_rdlock(&az->lock);
8526 /* find the zone we had before, it is not deleted,
8527 * because we have a flag for that that is processed at
8529 key.namelen = savezname_len;
8530 key.name = savezname;
8531 z = (struct auth_zone*)rbtree_search(&az->ztree, &key);
8535 lock_rw_unlock(&az->lock);