2 * dns64/dns64.c - DNS64 module
4 * Copyright (c) 2009, Viagénie. All rights reserved.
6 * This software is open source.
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
12 * Redistributions of source code must retain the above copyright notice,
13 * this list of conditions and the following disclaimer.
15 * Redistributions in binary form must reproduce the above copyright notice,
16 * this list of conditions and the following disclaimer in the documentation
17 * and/or other materials provided with the distribution.
19 * Neither the name of Viagénie nor the names of its contributors may
20 * be used to endorse or promote products derived from this software without
21 * specific prior written permission.
23 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
24 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
25 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
26 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE
27 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
28 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
29 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
30 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
31 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
32 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
33 * POSSIBILITY OF SUCH DAMAGE.
39 * This file contains a module that performs DNS64 query processing.
43 #include "dns64/dns64.h"
44 #include "services/cache/dns.h"
45 #include "services/cache/rrset.h"
46 #include "util/config_file.h"
47 #include "util/data/msgreply.h"
48 #include "util/fptr_wlist.h"
49 #include "util/net_help.h"
50 #include "util/regional.h"
51 #include "util/storage/dnstree.h"
52 #include "util/data/dname.h"
53 #include "sldns/str2wire.h"
55 /******************************************************************************
59 ******************************************************************************/
62 * This is the default DNS64 prefix that is used whent he dns64 module is listed
63 * in module-config but when the dns64-prefix variable is not present.
65 static const char DEFAULT_DNS64_PREFIX[] = "64:ff9b::/96";
68 * Maximum length of a domain name in a PTR query in the .in-addr.arpa tree.
70 #define MAX_PTR_QNAME_IPV4 30
73 * State of DNS64 processing for a query.
76 DNS64_INTERNAL_QUERY, /**< Internally-generated query, no DNS64
78 DNS64_NEW_QUERY, /**< Query for which we're the first module in
80 DNS64_SUBQUERY_FINISHED /**< Query for which we generated a sub-query, and
81 for which this sub-query is finished. */
85 * Per-query module-specific state. For the DNS64 module.
88 /** State of the DNS64 module. */
89 enum dns64_state state;
90 /** If the dns64 module started with no_cache bool set in the qstate,
91 * a message to tell it to not modify the cache contents, then this
92 * is true. The dns64 module is then free to modify that flag for
94 * Otherwise, it is false, the dns64 module was not told to no_cache */
95 int started_no_cache_store;
98 /******************************************************************************
102 ******************************************************************************/
105 * This structure contains module configuration information. One instance of
106 * this structure exists per instance of the module. Normally there is only one
107 * instance of the module.
111 * DNS64 prefix address. We're using a full sockaddr instead of just an
112 * in6_addr because we can reuse Unbound's generic string parsing functions.
113 * It will always contain a sockaddr_in6, and only the sin6_addr member will
116 struct sockaddr_storage prefix_addr;
119 * This is always sizeof(sockaddr_in6).
121 socklen_t prefix_addrlen;
124 * This is the CIDR length of the prefix. It needs to be between 0 and 96.
129 * Tree of names for which AAAA is ignored. always synthesize from A.
131 rbtree_type ignore_aaaa;
135 /******************************************************************************
137 * UTILITY FUNCTIONS *
139 ******************************************************************************/
142 * Generic macro for swapping two variables.
144 * \param t Type of the variables. (e.g. int)
145 * \param a First variable.
146 * \param b Second variable.
148 * \warning Do not attempt something foolish such as swap(int,a++,b++)!
150 #define swap(t,a,b) do {t x = a; a = b; b = x;} while(0)
155 * \param begin Points to the first character of the string.
156 * \param end Points one past the last character of the string.
159 reverse(char* begin, char* end)
161 while ( begin < --end ) {
162 swap(char, *begin, *end);
168 * Convert an unsigned integer to a string. The point of this function is that
169 * of being faster than sprintf().
171 * \param n The number to be converted.
172 * \param s The result will be written here. Must be large enough, be careful!
174 * \return The number of characters written.
177 uitoa(unsigned n, char* s)
181 *ss++ = '0' + n % 10;
188 * Extract an IPv4 address embedded in the IPv6 address \a ipv6 at offset \a
189 * offset (in bits). Note that bits are not necessarily aligned on bytes so we
190 * need to be careful.
192 * \param ipv6 IPv6 address represented as a 128-bit array in big-endian
194 * \param ipv6_len length of the ipv6 byte array.
195 * \param offset Index of the MSB of the IPv4 address embedded in the IPv6
199 extract_ipv4(const uint8_t ipv6[], size_t ipv6_len, const int offset)
202 log_assert(ipv6_len == 16); (void)ipv6_len;
203 ipv4 = (uint32_t)ipv6[offset/8+0] << (24 + (offset%8))
204 | (uint32_t)ipv6[offset/8+1] << (16 + (offset%8))
205 | (uint32_t)ipv6[offset/8+2] << ( 8 + (offset%8))
206 | (uint32_t)ipv6[offset/8+3] << ( 0 + (offset%8));
208 ipv4 |= (uint32_t)ipv6[offset/8+4] >> (8 - offset%8);
213 * Builds the PTR query name corresponding to an IPv4 address. For example,
214 * given the number 3,464,175,361, this will build the string
215 * "\03206\03123\0231\011\07in-addr\04arpa".
217 * \param ipv4 IPv4 address represented as an unsigned 32-bit number.
218 * \param ptr The result will be written here. Must be large enough, be
220 * \param nm_len length of the ptr buffer.
222 * \return The number of characters written.
225 ipv4_to_ptr(uint32_t ipv4, char ptr[], size_t nm_len)
227 static const char IPV4_PTR_SUFFIX[] = "\07in-addr\04arpa";
230 log_assert(nm_len == MAX_PTR_QNAME_IPV4);
232 for (i = 0; i < 4; ++i) {
233 *c = uitoa((unsigned int)(ipv4 % 256), c + 1);
235 log_assert(c < ptr+nm_len);
239 log_assert(c + sizeof(IPV4_PTR_SUFFIX) <= ptr+nm_len);
240 memmove(c, IPV4_PTR_SUFFIX, sizeof(IPV4_PTR_SUFFIX));
242 return c + sizeof(IPV4_PTR_SUFFIX) - ptr;
246 * Converts an IPv6-related domain name string from a PTR query into an IPv6
247 * address represented as a 128-bit array.
249 * \param ptr The domain name. (e.g. "\011[...]\010\012\016\012\03ip6\04arpa")
250 * \param ipv6 The result will be written here, in network byte order.
251 * \param ipv6_len length of the ipv6 byte array.
253 * \return 1 on success, 0 on failure.
256 ptr_to_ipv6(const char* ptr, uint8_t ipv6[], size_t ipv6_len)
259 log_assert(ipv6_len == 16); (void)ipv6_len;
261 for (i = 0; i < 64; i++) {
267 if (ptr[i] >= '0' && ptr[i] <= '9') {
269 } else if (ptr[i] >= 'a' && ptr[i] <= 'f') {
270 x = ptr[i] - 'a' + 10;
271 } else if (ptr[i] >= 'A' && ptr[i] <= 'F') {
272 x = ptr[i] - 'A' + 10;
277 ipv6[15-i/4] |= x << (2 * ((i-1) % 4));
284 * Synthesize an IPv6 address based on an IPv4 address and the DNS64 prefix.
286 * \param prefix_addr DNS64 prefix address.
287 * \param prefix_addr_len length of the prefix_addr buffer.
288 * \param prefix_net CIDR length of the DNS64 prefix. Must be between 0 and 96.
289 * \param a IPv4 address.
290 * \param a_len length of the a buffer.
291 * \param aaaa IPv6 address. The result will be written here.
292 * \param aaaa_len length of the aaaa buffer.
295 synthesize_aaaa(const uint8_t prefix_addr[], size_t prefix_addr_len,
296 int prefix_net, const uint8_t a[], size_t a_len, uint8_t aaaa[],
299 log_assert(prefix_addr_len == 16 && a_len == 4 && aaaa_len == 16);
300 (void)prefix_addr_len; (void)a_len; (void)aaaa_len;
301 memcpy(aaaa, prefix_addr, 16);
302 aaaa[prefix_net/8+0] |= a[0] >> (0+prefix_net%8);
303 aaaa[prefix_net/8+1] |= a[0] << (8-prefix_net%8);
304 aaaa[prefix_net/8+1] |= a[1] >> (0+prefix_net%8);
305 aaaa[prefix_net/8+2] |= a[1] << (8-prefix_net%8);
306 aaaa[prefix_net/8+2] |= a[2] >> (0+prefix_net%8);
307 aaaa[prefix_net/8+3] |= a[2] << (8-prefix_net%8);
308 aaaa[prefix_net/8+3] |= a[3] >> (0+prefix_net%8);
309 if (prefix_net/8+4 < 16) /* <-- my beautiful symmetry is destroyed! */
310 aaaa[prefix_net/8+4] |= a[3] << (8-prefix_net%8);
314 /******************************************************************************
316 * DNS64 MODULE FUNCTIONS *
318 ******************************************************************************/
321 * insert ignore_aaaa element into the tree
322 * @param dns64_env: module env.
323 * @param str: string with domain name.
324 * @return false on failure.
327 dns64_insert_ignore_aaaa(struct dns64_env* dns64_env, char* str)
329 /* parse and insert element */
330 struct name_tree_node* node;
331 node = (struct name_tree_node*)calloc(1, sizeof(*node));
333 log_err("out of memory");
336 node->name = sldns_str2wire_dname(str, &node->len);
339 log_err("cannot parse dns64-ignore-aaaa: %s", str);
342 node->labs = dname_count_labels(node->name);
343 node->dclass = LDNS_RR_CLASS_IN;
344 if(!name_tree_insert(&dns64_env->ignore_aaaa, node,
345 node->name, node->len, node->labs, node->dclass)) {
346 /* ignore duplicate element */
355 * This function applies the configuration found in the parsed configuration
356 * file \a cfg to this instance of the dns64 module. Currently only the DNS64
357 * prefix (a.k.a. Pref64) is configurable.
359 * \param dns64_env Module-specific global parameters.
360 * \param cfg Parsed configuration file.
363 dns64_apply_cfg(struct dns64_env* dns64_env, struct config_file* cfg)
365 struct config_strlist* s;
366 verbose(VERB_ALGO, "dns64-prefix: %s", cfg->dns64_prefix);
367 if (!netblockstrtoaddr(cfg->dns64_prefix ? cfg->dns64_prefix :
368 DEFAULT_DNS64_PREFIX, 0, &dns64_env->prefix_addr,
369 &dns64_env->prefix_addrlen, &dns64_env->prefix_net)) {
370 log_err("cannot parse dns64-prefix netblock: %s", cfg->dns64_prefix);
373 if (!addr_is_ip6(&dns64_env->prefix_addr, dns64_env->prefix_addrlen)) {
374 log_err("dns64_prefix is not IPv6: %s", cfg->dns64_prefix);
377 if (dns64_env->prefix_net < 0 || dns64_env->prefix_net > 96) {
378 log_err("dns64-prefix length it not between 0 and 96: %s",
382 for(s = cfg->dns64_ignore_aaaa; s; s = s->next) {
383 if(!dns64_insert_ignore_aaaa(dns64_env, s->str))
386 name_tree_init_parents(&dns64_env->ignore_aaaa);
391 * Initializes this instance of the dns64 module.
393 * \param env Global state of all module instances.
394 * \param id This instance's ID number.
397 dns64_init(struct module_env* env, int id)
399 struct dns64_env* dns64_env =
400 (struct dns64_env*)calloc(1, sizeof(struct dns64_env));
402 log_err("malloc failure");
405 env->modinfo[id] = (void*)dns64_env;
406 name_tree_init(&dns64_env->ignore_aaaa);
407 if (!dns64_apply_cfg(dns64_env, env->cfg)) {
408 log_err("dns64: could not apply configuration settings.");
414 /** free ignore AAAA elements */
416 free_ignore_aaaa_node(rbnode_type* node, void* ATTR_UNUSED(arg))
418 struct name_tree_node* n = (struct name_tree_node*)node;
425 * Deinitializes this instance of the dns64 module.
427 * \param env Global state of all module instances.
428 * \param id This instance's ID number.
431 dns64_deinit(struct module_env* env, int id)
433 struct dns64_env* dns64_env;
436 dns64_env = (struct dns64_env*)env->modinfo[id];
438 traverse_postorder(&dns64_env->ignore_aaaa, free_ignore_aaaa_node,
441 free(env->modinfo[id]);
442 env->modinfo[id] = NULL;
446 * Handle PTR queries for IPv6 addresses. If the address belongs to the DNS64
447 * prefix, we must do a PTR query for the corresponding IPv4 address instead.
449 * \param qstate Query state structure.
450 * \param id This module instance's ID number.
452 * \return The new state of the query.
454 static enum module_ext_state
455 handle_ipv6_ptr(struct module_qstate* qstate, int id)
457 struct dns64_env* dns64_env = (struct dns64_env*)qstate->env->modinfo[id];
458 struct module_qstate* subq = NULL;
459 struct query_info qinfo;
460 struct sockaddr_in6 sin6;
462 /* Convert the PTR query string to an IPv6 address. */
463 memset(&sin6, 0, sizeof(sin6));
464 sin6.sin6_family = AF_INET6;
465 if (!ptr_to_ipv6((char*)qstate->qinfo.qname, sin6.sin6_addr.s6_addr,
466 sizeof(sin6.sin6_addr.s6_addr)))
467 return module_wait_module; /* Let other module handle this. */
470 * If this IPv6 address is not part of our DNS64 prefix, then we don't need
471 * to do anything. Let another module handle the query.
473 if (addr_in_common((struct sockaddr_storage*)&sin6, 128,
474 &dns64_env->prefix_addr, dns64_env->prefix_net,
475 (socklen_t)sizeof(sin6)) != dns64_env->prefix_net)
476 return module_wait_module;
478 verbose(VERB_ALGO, "dns64: rewrite PTR record");
481 * Create a new PTR query info for the domain name corresponding to the IPv4
482 * address corresponding to the IPv6 address corresponding to the original
483 * PTR query domain name.
485 qinfo = qstate->qinfo;
486 if (!(qinfo.qname = regional_alloc(qstate->region, MAX_PTR_QNAME_IPV4)))
488 qinfo.qname_len = ipv4_to_ptr(extract_ipv4(sin6.sin6_addr.s6_addr,
489 sizeof(sin6.sin6_addr.s6_addr), dns64_env->prefix_net),
490 (char*)qinfo.qname, MAX_PTR_QNAME_IPV4);
492 /* Create the new sub-query. */
493 fptr_ok(fptr_whitelist_modenv_attach_sub(qstate->env->attach_sub));
494 if(!(*qstate->env->attach_sub)(qstate, &qinfo, qstate->query_flags, 0, 0,
499 subq->ext_state[id] = module_state_initial;
500 subq->minfo[id] = NULL;
503 return module_wait_subquery;
506 static enum module_ext_state
507 generate_type_A_query(struct module_qstate* qstate, int id)
509 struct module_qstate* subq = NULL;
510 struct query_info qinfo;
512 verbose(VERB_ALGO, "dns64: query A record");
514 /* Create a new query info. */
515 qinfo = qstate->qinfo;
516 qinfo.qtype = LDNS_RR_TYPE_A;
518 /* Start the sub-query. */
519 fptr_ok(fptr_whitelist_modenv_attach_sub(qstate->env->attach_sub));
520 if(!(*qstate->env->attach_sub)(qstate, &qinfo, qstate->query_flags, 0,
523 verbose(VERB_ALGO, "dns64: sub-query creation failed");
528 subq->ext_state[id] = module_state_initial;
529 subq->minfo[id] = NULL;
532 return module_wait_subquery;
536 * See if query name is in the always synth config.
537 * The ignore-aaaa list has names for which the AAAA for the domain is
538 * ignored and the A is always used to create the answer.
539 * @param qstate: query state.
540 * @param id: module id.
541 * @return true if the name is covered by ignore-aaaa.
544 dns64_always_synth_for_qname(struct module_qstate* qstate, int id)
546 struct dns64_env* dns64_env = (struct dns64_env*)qstate->env->modinfo[id];
547 int labs = dname_count_labels(qstate->qinfo.qname);
548 struct name_tree_node* node = name_tree_lookup(&dns64_env->ignore_aaaa,
549 qstate->qinfo.qname, qstate->qinfo.qname_len, labs,
550 qstate->qinfo.qclass);
551 return (node != NULL);
555 * Handles the "pass" event for a query. This event is received when a new query
556 * is received by this module. The query may have been generated internally by
557 * another module, in which case we don't want to do any special processing
558 * (this is an interesting discussion topic), or it may be brand new, e.g.
559 * received over a socket, in which case we do want to apply DNS64 processing.
561 * \param qstate A structure representing the state of the query that has just
562 * received the "pass" event.
563 * \param id This module's instance ID.
565 * \return The new state of the query.
567 static enum module_ext_state
568 handle_event_pass(struct module_qstate* qstate, int id)
570 struct dns64_qstate* iq = (struct dns64_qstate*)qstate->minfo[id];
571 if (iq && iq->state == DNS64_NEW_QUERY
572 && qstate->qinfo.qtype == LDNS_RR_TYPE_PTR
573 && qstate->qinfo.qname_len == 74
574 && !strcmp((char*)&qstate->qinfo.qname[64], "\03ip6\04arpa"))
575 /* Handle PTR queries for IPv6 addresses. */
576 return handle_ipv6_ptr(qstate, id);
578 if (qstate->env->cfg->dns64_synthall &&
579 iq && iq->state == DNS64_NEW_QUERY
580 && qstate->qinfo.qtype == LDNS_RR_TYPE_AAAA)
581 return generate_type_A_query(qstate, id);
583 if(dns64_always_synth_for_qname(qstate, id) &&
584 iq && iq->state == DNS64_NEW_QUERY
585 && !(qstate->query_flags & BIT_CD)
586 && qstate->qinfo.qtype == LDNS_RR_TYPE_AAAA) {
587 verbose(VERB_ALGO, "dns64: ignore-aaaa and synthesize anyway");
588 return generate_type_A_query(qstate, id);
591 /* We are finished when our sub-query is finished. */
592 if (iq && iq->state == DNS64_SUBQUERY_FINISHED)
593 return module_finished;
595 /* Otherwise, pass request to next module. */
596 verbose(VERB_ALGO, "dns64: pass to next module");
597 return module_wait_module;
601 * Handles the "done" event for a query. We need to analyze the response and
602 * maybe issue a new sub-query for the A record.
604 * \param qstate A structure representing the state of the query that has just
605 * received the "pass" event.
606 * \param id This module's instance ID.
608 * \return The new state of the query.
610 static enum module_ext_state
611 handle_event_moddone(struct module_qstate* qstate, int id)
613 struct dns64_qstate* iq = (struct dns64_qstate*)qstate->minfo[id];
615 * In many cases we have nothing special to do. From most to least common:
617 * - An internal query.
618 * - A query for a record type other than AAAA.
619 * - CD FLAG was set on querier
620 * - An AAAA query for which an error was returned.(qstate.return_rcode)
621 * -> treated as servfail thus synthesize (sec 5.1.3 6147), thus
622 * synthesize in (sec 5.1.2 of RFC6147).
623 * - A successful AAAA query with an answer.
625 if((!iq || iq->state != DNS64_INTERNAL_QUERY)
626 && qstate->qinfo.qtype == LDNS_RR_TYPE_AAAA
627 && !(qstate->query_flags & BIT_CD)
628 && !(qstate->return_msg &&
629 qstate->return_msg->rep &&
630 reply_find_answer_rrset(&qstate->qinfo,
631 qstate->return_msg->rep)))
632 /* not internal, type AAAA, not CD, and no answer RRset,
633 * So, this is a AAAA noerror/nodata answer */
634 return generate_type_A_query(qstate, id);
636 if((!iq || iq->state != DNS64_INTERNAL_QUERY)
637 && qstate->qinfo.qtype == LDNS_RR_TYPE_AAAA
638 && !(qstate->query_flags & BIT_CD)
639 && dns64_always_synth_for_qname(qstate, id)) {
640 /* if it is not internal, AAAA, not CD and listed domain,
641 * generate from A record and ignore AAAA */
642 verbose(VERB_ALGO, "dns64: ignore-aaaa and synthesize anyway");
643 return generate_type_A_query(qstate, id);
646 /* Store the response in cache. */
647 if ( (!iq || !iq->started_no_cache_store) &&
648 qstate->return_msg && qstate->return_msg->rep &&
649 !dns_cache_store(qstate->env, &qstate->qinfo, qstate->return_msg->rep,
650 0, 0, 0, NULL, qstate->query_flags))
651 log_err("out of memory");
654 return module_finished;
658 * This is the module's main() function. It gets called each time a query
659 * receives an event which we may need to handle. We respond by updating the
660 * state of the query.
662 * \param qstate Structure containing the state of the query.
663 * \param event Event that has just been received.
664 * \param id This module's instance ID.
665 * \param outbound State of a DNS query on an authoritative server. We never do
666 * our own queries ourselves (other modules do it for us), so
670 dns64_operate(struct module_qstate* qstate, enum module_ev event, int id,
671 struct outbound_entry* outbound)
673 struct dns64_qstate* iq;
675 verbose(VERB_QUERY, "dns64[module %d] operate: extstate:%s event:%s",
676 id, strextstate(qstate->ext_state[id]),
677 strmodulevent(event));
678 log_query_info(VERB_QUERY, "dns64 operate: query", &qstate->qinfo);
681 case module_event_new:
682 /* Tag this query as being new and fall through. */
683 iq = (struct dns64_qstate*)regional_alloc(
684 qstate->region, sizeof(*iq));
685 qstate->minfo[id] = iq;
686 iq->state = DNS64_NEW_QUERY;
687 iq->started_no_cache_store = qstate->no_cache_store;
688 qstate->no_cache_store = 1;
690 case module_event_pass:
691 qstate->ext_state[id] = handle_event_pass(qstate, id);
693 case module_event_moddone:
694 qstate->ext_state[id] = handle_event_moddone(qstate, id);
697 qstate->ext_state[id] = module_finished;
700 if(qstate->ext_state[id] == module_finished) {
701 iq = (struct dns64_qstate*)qstate->minfo[id];
702 if(iq && iq->state != DNS64_INTERNAL_QUERY)
703 qstate->no_cache_store = iq->started_no_cache_store;
708 dns64_synth_aaaa_data(const struct ub_packed_rrset_key* fk,
709 const struct packed_rrset_data* fd,
710 struct ub_packed_rrset_key *dk,
711 struct packed_rrset_data **dd_out, struct regional *region,
712 struct dns64_env* dns64_env )
714 struct packed_rrset_data *dd;
717 * Create synthesized AAAA RR set data. We need to allocated extra memory
718 * for the RRs themselves. Each RR has a length, TTL, pointer to wireformat
719 * data, 2 bytes of data length, and 16 bytes of IPv6 address.
721 if(fd->count > RR_COUNT_MAX) {
723 return; /* integer overflow protection in alloc */
725 if (!(dd = *dd_out = regional_alloc(region,
726 sizeof(struct packed_rrset_data)
727 + fd->count * (sizeof(size_t) + sizeof(time_t) +
728 sizeof(uint8_t*) + 2 + 16)))) {
729 log_err("out of memory");
733 /* Copy attributes from A RR set. */
735 dd->count = fd->count;
737 dd->trust = fd->trust;
738 dd->security = fd->security;
741 * Synthesize AAAA records. Adjust pointers in structure.
744 (size_t*)((uint8_t*)dd + sizeof(struct packed_rrset_data));
745 dd->rr_data = (uint8_t**)&dd->rr_len[dd->count];
746 dd->rr_ttl = (time_t*)&dd->rr_data[dd->count];
747 for(i = 0; i < fd->count; ++i) {
748 if (fd->rr_len[i] != 6 || fd->rr_data[i][0] != 0
749 || fd->rr_data[i][1] != 4) {
755 (uint8_t*)&dd->rr_ttl[dd->count] + 18*i;
756 dd->rr_data[i][0] = 0;
757 dd->rr_data[i][1] = 16;
759 ((struct sockaddr_in6*)&dns64_env->prefix_addr)->sin6_addr.s6_addr,
760 sizeof(((struct sockaddr_in6*)&dns64_env->prefix_addr)->sin6_addr.s6_addr),
761 dns64_env->prefix_net, &fd->rr_data[i][2],
762 fd->rr_len[i]-2, &dd->rr_data[i][2],
764 dd->rr_ttl[i] = fd->rr_ttl[i];
768 * Create synthesized AAAA RR set key. This is mostly just bookkeeping,
769 * nothing interesting here.
777 dk->rk.dname = (uint8_t*)regional_alloc_init(region,
778 fk->rk.dname, fk->rk.dname_len);
781 log_err("out of memory");
786 dk->rk.type = htons(LDNS_RR_TYPE_AAAA);
787 memset(&dk->entry, 0, sizeof(dk->entry));
789 dk->entry.hash = rrset_key_hash(&dk->rk);
795 * Synthesize an AAAA RR set from an A sub-query's answer and add it to the
796 * original empty response.
798 * \param id This module's instance ID.
799 * \param super Original AAAA query.
800 * \param qstate A query.
803 dns64_adjust_a(int id, struct module_qstate* super, struct module_qstate* qstate)
805 struct dns64_env* dns64_env = (struct dns64_env*)super->env->modinfo[id];
806 struct reply_info *rep, *cp;
808 struct packed_rrset_data* fd, *dd;
809 struct ub_packed_rrset_key* fk, *dk;
811 verbose(VERB_ALGO, "converting A answers to AAAA answers");
813 log_assert(super->region);
814 log_assert(qstate->return_msg);
815 log_assert(qstate->return_msg->rep);
817 /* If dns64-synthall is enabled, return_msg is not initialized */
818 if(!super->return_msg) {
819 super->return_msg = (struct dns_msg*)regional_alloc(
820 super->region, sizeof(struct dns_msg));
821 if(!super->return_msg)
823 memset(super->return_msg, 0, sizeof(*super->return_msg));
824 super->return_msg->qinfo = super->qinfo;
827 rep = qstate->return_msg->rep;
830 * Build the actual reply.
832 cp = construct_reply_info_base(super->region, rep->flags, rep->qdcount,
833 rep->ttl, rep->prefetch_ttl, rep->serve_expired_ttl,
834 rep->an_numrrsets, rep->ns_numrrsets, rep->ar_numrrsets,
835 rep->rrset_count, rep->security);
839 /* allocate ub_key structures special or not */
840 if(!reply_info_alloc_rrset_keys(cp, NULL, super->region)) {
844 /* copy everything and replace A by AAAA */
845 for(i=0; i<cp->rrset_count; i++) {
848 fd = (struct packed_rrset_data*)fk->entry.data;
852 if(i<rep->an_numrrsets && fk->rk.type == htons(LDNS_RR_TYPE_A)) {
853 /* also sets dk->entry.hash */
854 dns64_synth_aaaa_data(fk, fd, dk, &dd, super->region, dns64_env);
857 /* Delete negative AAAA record from cache stored by
858 * the iterator module */
859 rrset_cache_remove(super->env->rrset_cache, dk->rk.dname,
860 dk->rk.dname_len, LDNS_RR_TYPE_AAAA,
861 LDNS_RR_CLASS_IN, 0);
862 /* Delete negative AAAA in msg cache for CNAMEs,
863 * stored by the iterator module */
864 if(i != 0) /* if not the first RR */
865 msg_cache_remove(super->env, dk->rk.dname,
866 dk->rk.dname_len, LDNS_RR_TYPE_AAAA,
867 LDNS_RR_CLASS_IN, 0);
869 dk->entry.hash = fk->entry.hash;
870 dk->rk.dname = (uint8_t*)regional_alloc_init(super->region,
871 fk->rk.dname, fk->rk.dname_len);
876 s = packed_rrset_sizeof(fd);
877 dd = (struct packed_rrset_data*)regional_alloc_init(
878 super->region, fd, s);
884 packed_rrset_ptr_fixup(dd);
885 dk->entry.data = (void*)dd;
888 /* Commit changes. */
889 super->return_msg->rep = cp;
893 * Generate a response for the original IPv6 PTR query based on an IPv4 PTR
894 * sub-query's response.
896 * \param qstate IPv4 PTR sub-query.
897 * \param super Original IPv6 PTR query.
900 dns64_adjust_ptr(struct module_qstate* qstate, struct module_qstate* super)
902 struct ub_packed_rrset_key* answer;
904 verbose(VERB_ALGO, "adjusting PTR reply");
906 /* Copy the sub-query's reply to the parent. */
907 if (!(super->return_msg = (struct dns_msg*)regional_alloc(super->region,
908 sizeof(struct dns_msg))))
910 super->return_msg->qinfo = super->qinfo;
911 super->return_msg->rep = reply_info_copy(qstate->return_msg->rep, NULL,
915 * Adjust the domain name of the answer RR set so that it matches the
916 * initial query's domain name.
918 answer = reply_find_answer_rrset(&qstate->qinfo, super->return_msg->rep);
920 answer->rk.dname = super->qinfo.qname;
921 answer->rk.dname_len = super->qinfo.qname_len;
926 * This function is called when a sub-query finishes to inform the parent query.
928 * We issue two kinds of sub-queries: PTR and A.
930 * \param qstate State of the sub-query.
931 * \param id This module's instance ID.
932 * \param super State of the super-query.
935 dns64_inform_super(struct module_qstate* qstate, int id,
936 struct module_qstate* super)
938 struct dns64_qstate* super_dq = (struct dns64_qstate*)super->minfo[id];
939 log_query_info(VERB_ALGO, "dns64: inform_super, sub is",
941 log_query_info(VERB_ALGO, "super is", &super->qinfo);
944 * Signal that the sub-query is finished, no matter whether we are
945 * successful or not. This lets the state machine terminate.
948 super_dq = (struct dns64_qstate*)regional_alloc(super->region,
951 log_err("out of memory");
952 super->return_rcode = LDNS_RCODE_SERVFAIL;
953 super->return_msg = NULL;
956 super->minfo[id] = super_dq;
957 memset(super_dq, 0, sizeof(*super_dq));
958 super_dq->started_no_cache_store = super->no_cache_store;
960 super_dq->state = DNS64_SUBQUERY_FINISHED;
962 /* If there is no successful answer, we're done. */
963 if (qstate->return_rcode != LDNS_RCODE_NOERROR
964 || !qstate->return_msg
965 || !qstate->return_msg->rep) {
969 /* Use return code from A query in response to client. */
970 if (super->return_rcode != LDNS_RCODE_NOERROR)
971 super->return_rcode = qstate->return_rcode;
973 /* Generate a response suitable for the original query. */
974 if (qstate->qinfo.qtype == LDNS_RR_TYPE_A) {
975 dns64_adjust_a(id, super, qstate);
977 log_assert(qstate->qinfo.qtype == LDNS_RR_TYPE_PTR);
978 dns64_adjust_ptr(qstate, super);
981 /* Store the generated response in cache. */
982 if ( (!super_dq || !super_dq->started_no_cache_store) &&
983 !dns_cache_store(super->env, &super->qinfo, super->return_msg->rep,
984 0, 0, 0, NULL, super->query_flags))
985 log_err("out of memory");
989 * Clear module-specific data from query state. Since we do not allocate memory,
990 * it's just a matter of setting a pointer to NULL.
992 * \param qstate Query state.
993 * \param id This module's instance ID.
996 dns64_clear(struct module_qstate* qstate, int id)
998 qstate->minfo[id] = NULL;
1002 * Returns the amount of global memory that this module uses, not including
1005 * \param env Module environment.
1006 * \param id This module's instance ID.
1009 dns64_get_mem(struct module_env* env, int id)
1011 struct dns64_env* dns64_env = (struct dns64_env*)env->modinfo[id];
1014 return sizeof(*dns64_env);
1018 * The dns64 function block.
1020 static struct module_func_block dns64_block = {
1022 &dns64_init, &dns64_deinit, &dns64_operate, &dns64_inform_super,
1023 &dns64_clear, &dns64_get_mem
1027 * Function for returning the above function block.
1029 struct module_func_block *
1030 dns64_get_funcblock(void)
1032 return &dns64_block;
projects / FreeBSD / FreeBSD.git / blob