Deleted Added
sdiff udiff text old ( 256281 ) new ( 269257 )
full compact
iter_delegpt.c (256281) iter_delegpt.c (269257)
1/*
2 * iterator/iter_delegpt.c - delegation point with NS and address information.
3 *
4 * Copyright (c) 2007, NLnet Labs. All rights reserved.
5 *
6 * This software is open source.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * Redistributions of source code must retain the above copyright notice,
13 * this list of conditions and the following disclaimer.
14 *
15 * Redistributions in binary form must reproduce the above copyright notice,
16 * this list of conditions and the following disclaimer in the documentation
17 * and/or other materials provided with the distribution.
18 *
19 * Neither the name of the NLNET LABS nor the names of its contributors may
20 * be used to endorse or promote products derived from this software without
21 * specific prior written permission.
22 *
23 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
1/*
2 * iterator/iter_delegpt.c - delegation point with NS and address information.
3 *
4 * Copyright (c) 2007, NLnet Labs. All rights reserved.
5 *
6 * This software is open source.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * Redistributions of source code must retain the above copyright notice,
13 * this list of conditions and the following disclaimer.
14 *
15 * Redistributions in binary form must reproduce the above copyright notice,
16 * this list of conditions and the following disclaimer in the documentation
17 * and/or other materials provided with the distribution.
18 *
19 * Neither the name of the NLNET LABS nor the names of its contributors may
20 * be used to endorse or promote products derived from this software without
21 * specific prior written permission.
22 *
23 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
24 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
25 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
26 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE
27 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
28 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
29 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
30 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
31 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
32 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
33 * POSSIBILITY OF SUCH DAMAGE.
24 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
25 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
26 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
27 * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
28 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
29 * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
30 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
31 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
32 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
33 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
34 */
35
36/**
37 * \file
38 *
39 * This file implements the Delegation Point. It contains a list of name servers
40 * and their addresses if known.
41 */
42#include "config.h"
43#include "iterator/iter_delegpt.h"
44#include "services/cache/dns.h"
45#include "util/regional.h"
46#include "util/data/dname.h"
47#include "util/data/packed_rrset.h"
48#include "util/data/msgreply.h"
49#include "util/net_help.h"
34 */
35
36/**
37 * \file
38 *
39 * This file implements the Delegation Point. It contains a list of name servers
40 * and their addresses if known.
41 */
42#include "config.h"
43#include "iterator/iter_delegpt.h"
44#include "services/cache/dns.h"
45#include "util/regional.h"
46#include "util/data/dname.h"
47#include "util/data/packed_rrset.h"
48#include "util/data/msgreply.h"
49#include "util/net_help.h"
50#include "ldns/rrdef.h"
51#include "ldns/sbuffer.h"
50
51struct delegpt*
52delegpt_create(struct regional* region)
53{
54 struct delegpt* dp=(struct delegpt*)regional_alloc(
55 region, sizeof(*dp));
56 if(!dp)
57 return NULL;
58 memset(dp, 0, sizeof(*dp));
59 return dp;
60}
61
62struct delegpt* delegpt_copy(struct delegpt* dp, struct regional* region)
63{
64 struct delegpt* copy = delegpt_create(region);
65 struct delegpt_ns* ns;
66 struct delegpt_addr* a;
67 if(!copy)
68 return NULL;
69 if(!delegpt_set_name(copy, region, dp->name))
70 return NULL;
71 copy->bogus = dp->bogus;
72 copy->has_parent_side_NS = dp->has_parent_side_NS;
73 for(ns = dp->nslist; ns; ns = ns->next) {
52
53struct delegpt*
54delegpt_create(struct regional* region)
55{
56 struct delegpt* dp=(struct delegpt*)regional_alloc(
57 region, sizeof(*dp));
58 if(!dp)
59 return NULL;
60 memset(dp, 0, sizeof(*dp));
61 return dp;
62}
63
64struct delegpt* delegpt_copy(struct delegpt* dp, struct regional* region)
65{
66 struct delegpt* copy = delegpt_create(region);
67 struct delegpt_ns* ns;
68 struct delegpt_addr* a;
69 if(!copy)
70 return NULL;
71 if(!delegpt_set_name(copy, region, dp->name))
72 return NULL;
73 copy->bogus = dp->bogus;
74 copy->has_parent_side_NS = dp->has_parent_side_NS;
75 for(ns = dp->nslist; ns; ns = ns->next) {
74 if(!delegpt_add_ns(copy, region, ns->name, (int)ns->lame))
76 if(!delegpt_add_ns(copy, region, ns->name, ns->lame))
75 return NULL;
76 copy->nslist->resolved = ns->resolved;
77 copy->nslist->got4 = ns->got4;
78 copy->nslist->got6 = ns->got6;
79 copy->nslist->done_pside4 = ns->done_pside4;
80 copy->nslist->done_pside6 = ns->done_pside6;
81 }
82 for(a = dp->target_list; a; a = a->next_target) {
83 if(!delegpt_add_addr(copy, region, &a->addr, a->addrlen,
84 a->bogus, a->lame))
85 return NULL;
86 }
87 return copy;
88}
89
90int
91delegpt_set_name(struct delegpt* dp, struct regional* region, uint8_t* name)
92{
93 log_assert(!dp->dp_type_mlc);
94 dp->namelabs = dname_count_size_labels(name, &dp->namelen);
95 dp->name = regional_alloc_init(region, name, dp->namelen);
96 return dp->name != 0;
97}
98
99int
100delegpt_add_ns(struct delegpt* dp, struct regional* region, uint8_t* name,
77 return NULL;
78 copy->nslist->resolved = ns->resolved;
79 copy->nslist->got4 = ns->got4;
80 copy->nslist->got6 = ns->got6;
81 copy->nslist->done_pside4 = ns->done_pside4;
82 copy->nslist->done_pside6 = ns->done_pside6;
83 }
84 for(a = dp->target_list; a; a = a->next_target) {
85 if(!delegpt_add_addr(copy, region, &a->addr, a->addrlen,
86 a->bogus, a->lame))
87 return NULL;
88 }
89 return copy;
90}
91
92int
93delegpt_set_name(struct delegpt* dp, struct regional* region, uint8_t* name)
94{
95 log_assert(!dp->dp_type_mlc);
96 dp->namelabs = dname_count_size_labels(name, &dp->namelen);
97 dp->name = regional_alloc_init(region, name, dp->namelen);
98 return dp->name != 0;
99}
100
101int
102delegpt_add_ns(struct delegpt* dp, struct regional* region, uint8_t* name,
101 int lame)
103 uint8_t lame)
102{
103 struct delegpt_ns* ns;
104 size_t len;
105 (void)dname_count_size_labels(name, &len);
106 log_assert(!dp->dp_type_mlc);
107 /* slow check for duplicates to avoid counting failures when
108 * adding the same server as a dependency twice */
109 if(delegpt_find_ns(dp, name, len))
110 return 1;
111 ns = (struct delegpt_ns*)regional_alloc(region,
112 sizeof(struct delegpt_ns));
113 if(!ns)
114 return 0;
115 ns->next = dp->nslist;
116 ns->namelen = len;
117 dp->nslist = ns;
118 ns->name = regional_alloc_init(region, name, ns->namelen);
119 ns->resolved = 0;
120 ns->got4 = 0;
121 ns->got6 = 0;
104{
105 struct delegpt_ns* ns;
106 size_t len;
107 (void)dname_count_size_labels(name, &len);
108 log_assert(!dp->dp_type_mlc);
109 /* slow check for duplicates to avoid counting failures when
110 * adding the same server as a dependency twice */
111 if(delegpt_find_ns(dp, name, len))
112 return 1;
113 ns = (struct delegpt_ns*)regional_alloc(region,
114 sizeof(struct delegpt_ns));
115 if(!ns)
116 return 0;
117 ns->next = dp->nslist;
118 ns->namelen = len;
119 dp->nslist = ns;
120 ns->name = regional_alloc_init(region, name, ns->namelen);
121 ns->resolved = 0;
122 ns->got4 = 0;
123 ns->got6 = 0;
122 ns->lame = (uint8_t)lame;
124 ns->lame = lame;
123 ns->done_pside4 = 0;
124 ns->done_pside6 = 0;
125 return ns->name != 0;
126}
127
128struct delegpt_ns*
129delegpt_find_ns(struct delegpt* dp, uint8_t* name, size_t namelen)
130{
131 struct delegpt_ns* p = dp->nslist;
132 while(p) {
133 if(namelen == p->namelen &&
134 query_dname_compare(name, p->name) == 0) {
135 return p;
136 }
137 p = p->next;
138 }
139 return NULL;
140}
141
142struct delegpt_addr*
143delegpt_find_addr(struct delegpt* dp, struct sockaddr_storage* addr,
144 socklen_t addrlen)
145{
146 struct delegpt_addr* p = dp->target_list;
147 while(p) {
148 if(sockaddr_cmp_addr(addr, addrlen, &p->addr, p->addrlen)==0) {
149 return p;
150 }
151 p = p->next_target;
152 }
153 return NULL;
154}
155
156int
157delegpt_add_target(struct delegpt* dp, struct regional* region,
158 uint8_t* name, size_t namelen, struct sockaddr_storage* addr,
125 ns->done_pside4 = 0;
126 ns->done_pside6 = 0;
127 return ns->name != 0;
128}
129
130struct delegpt_ns*
131delegpt_find_ns(struct delegpt* dp, uint8_t* name, size_t namelen)
132{
133 struct delegpt_ns* p = dp->nslist;
134 while(p) {
135 if(namelen == p->namelen &&
136 query_dname_compare(name, p->name) == 0) {
137 return p;
138 }
139 p = p->next;
140 }
141 return NULL;
142}
143
144struct delegpt_addr*
145delegpt_find_addr(struct delegpt* dp, struct sockaddr_storage* addr,
146 socklen_t addrlen)
147{
148 struct delegpt_addr* p = dp->target_list;
149 while(p) {
150 if(sockaddr_cmp_addr(addr, addrlen, &p->addr, p->addrlen)==0) {
151 return p;
152 }
153 p = p->next_target;
154 }
155 return NULL;
156}
157
158int
159delegpt_add_target(struct delegpt* dp, struct regional* region,
160 uint8_t* name, size_t namelen, struct sockaddr_storage* addr,
159 socklen_t addrlen, int bogus, int lame)
161 socklen_t addrlen, uint8_t bogus, uint8_t lame)
160{
161 struct delegpt_ns* ns = delegpt_find_ns(dp, name, namelen);
162 log_assert(!dp->dp_type_mlc);
163 if(!ns) {
164 /* ignore it */
165 return 1;
166 }
167 if(!lame) {
168 if(addr_is_ip6(addr, addrlen))
169 ns->got6 = 1;
170 else ns->got4 = 1;
171 if(ns->got4 && ns->got6)
172 ns->resolved = 1;
173 }
174 return delegpt_add_addr(dp, region, addr, addrlen, bogus, lame);
175}
176
177int
178delegpt_add_addr(struct delegpt* dp, struct regional* region,
162{
163 struct delegpt_ns* ns = delegpt_find_ns(dp, name, namelen);
164 log_assert(!dp->dp_type_mlc);
165 if(!ns) {
166 /* ignore it */
167 return 1;
168 }
169 if(!lame) {
170 if(addr_is_ip6(addr, addrlen))
171 ns->got6 = 1;
172 else ns->got4 = 1;
173 if(ns->got4 && ns->got6)
174 ns->resolved = 1;
175 }
176 return delegpt_add_addr(dp, region, addr, addrlen, bogus, lame);
177}
178
179int
180delegpt_add_addr(struct delegpt* dp, struct regional* region,
179 struct sockaddr_storage* addr, socklen_t addrlen, int bogus,
180 int lame)
181 struct sockaddr_storage* addr, socklen_t addrlen, uint8_t bogus,
182 uint8_t lame)
181{
182 struct delegpt_addr* a;
183 log_assert(!dp->dp_type_mlc);
184 /* check for duplicates */
185 if((a = delegpt_find_addr(dp, addr, addrlen))) {
186 if(bogus)
187 a->bogus = bogus;
188 if(!lame)
189 a->lame = 0;
190 return 1;
191 }
192
193 a = (struct delegpt_addr*)regional_alloc(region,
194 sizeof(struct delegpt_addr));
195 if(!a)
196 return 0;
197 a->next_target = dp->target_list;
198 dp->target_list = a;
199 a->next_result = 0;
200 a->next_usable = dp->usable_list;
201 dp->usable_list = a;
202 memcpy(&a->addr, addr, addrlen);
203 a->addrlen = addrlen;
204 a->attempts = 0;
205 a->bogus = bogus;
206 a->lame = lame;
183{
184 struct delegpt_addr* a;
185 log_assert(!dp->dp_type_mlc);
186 /* check for duplicates */
187 if((a = delegpt_find_addr(dp, addr, addrlen))) {
188 if(bogus)
189 a->bogus = bogus;
190 if(!lame)
191 a->lame = 0;
192 return 1;
193 }
194
195 a = (struct delegpt_addr*)regional_alloc(region,
196 sizeof(struct delegpt_addr));
197 if(!a)
198 return 0;
199 a->next_target = dp->target_list;
200 dp->target_list = a;
201 a->next_result = 0;
202 a->next_usable = dp->usable_list;
203 dp->usable_list = a;
204 memcpy(&a->addr, addr, addrlen);
205 a->addrlen = addrlen;
206 a->attempts = 0;
207 a->bogus = bogus;
208 a->lame = lame;
209 a->dnsseclame = 0;
207 return 1;
208}
209
210void
211delegpt_count_ns(struct delegpt* dp, size_t* numns, size_t* missing)
212{
213 struct delegpt_ns* ns;
214 *numns = 0;
215 *missing = 0;
216 for(ns = dp->nslist; ns; ns = ns->next) {
217 (*numns)++;
218 if(!ns->resolved)
219 (*missing)++;
220 }
221}
222
223void
224delegpt_count_addr(struct delegpt* dp, size_t* numaddr, size_t* numres,
225 size_t* numavail)
226{
227 struct delegpt_addr* a;
228 *numaddr = 0;
229 *numres = 0;
230 *numavail = 0;
231 for(a = dp->target_list; a; a = a->next_target) {
232 (*numaddr)++;
233 }
234 for(a = dp->result_list; a; a = a->next_result) {
235 (*numres)++;
236 }
237 for(a = dp->usable_list; a; a = a->next_usable) {
238 (*numavail)++;
239 }
240}
241
242void delegpt_log(enum verbosity_value v, struct delegpt* dp)
243{
244 char buf[LDNS_MAX_DOMAINLEN+1];
245 struct delegpt_ns* ns;
246 struct delegpt_addr* a;
247 size_t missing=0, numns=0, numaddr=0, numres=0, numavail=0;
248 if(verbosity < v)
249 return;
250 dname_str(dp->name, buf);
251 if(dp->nslist == NULL && dp->target_list == NULL) {
252 log_info("DelegationPoint<%s>: empty", buf);
253 return;
254 }
255 delegpt_count_ns(dp, &numns, &missing);
256 delegpt_count_addr(dp, &numaddr, &numres, &numavail);
257 log_info("DelegationPoint<%s>: %u names (%u missing), "
258 "%u addrs (%u result, %u avail)%s",
259 buf, (unsigned)numns, (unsigned)missing,
260 (unsigned)numaddr, (unsigned)numres, (unsigned)numavail,
261 (dp->has_parent_side_NS?" parentNS":" cacheNS"));
262 if(verbosity >= VERB_ALGO) {
263 for(ns = dp->nslist; ns; ns = ns->next) {
264 dname_str(ns->name, buf);
265 log_info(" %s %s%s%s%s%s%s%s", buf,
266 (ns->resolved?"*":""),
267 (ns->got4?" A":""), (ns->got6?" AAAA":""),
268 (dp->bogus?" BOGUS":""), (ns->lame?" PARENTSIDE":""),
269 (ns->done_pside4?" PSIDE_A":""),
270 (ns->done_pside6?" PSIDE_AAAA":""));
271 }
272 for(a = dp->target_list; a; a = a->next_target) {
273 const char* str = " ";
274 if(a->bogus && a->lame) str = " BOGUS ADDR_LAME ";
275 else if(a->bogus) str = " BOGUS ";
276 else if(a->lame) str = " ADDR_LAME ";
277 log_addr(VERB_ALGO, str, &a->addr, a->addrlen);
278 }
279 }
280}
281
282void
283delegpt_add_unused_targets(struct delegpt* dp)
284{
285 struct delegpt_addr* usa = dp->usable_list;
286 dp->usable_list = NULL;
287 while(usa) {
288 usa->next_result = dp->result_list;
289 dp->result_list = usa;
290 usa = usa->next_usable;
291 }
292}
293
294size_t
295delegpt_count_targets(struct delegpt* dp)
296{
297 struct delegpt_addr* a;
298 size_t n = 0;
299 for(a = dp->target_list; a; a = a->next_target)
300 n++;
301 return n;
302}
303
304size_t
305delegpt_count_missing_targets(struct delegpt* dp)
306{
307 struct delegpt_ns* ns;
308 size_t n = 0;
309 for(ns = dp->nslist; ns; ns = ns->next)
310 if(!ns->resolved)
311 n++;
312 return n;
313}
314
315/** find NS rrset in given list */
316static struct ub_packed_rrset_key*
317find_NS(struct reply_info* rep, size_t from, size_t to)
318{
319 size_t i;
320 for(i=from; i<to; i++) {
321 if(ntohs(rep->rrsets[i]->rk.type) == LDNS_RR_TYPE_NS)
322 return rep->rrsets[i];
323 }
324 return NULL;
325}
326
327struct delegpt*
328delegpt_from_message(struct dns_msg* msg, struct regional* region)
329{
330 struct ub_packed_rrset_key* ns_rrset = NULL;
331 struct delegpt* dp;
332 size_t i;
333 /* look for NS records in the authority section... */
334 ns_rrset = find_NS(msg->rep, msg->rep->an_numrrsets,
335 msg->rep->an_numrrsets+msg->rep->ns_numrrsets);
336
337 /* In some cases (even legitimate, perfectly legal cases), the
338 * NS set for the "referral" might be in the answer section. */
339 if(!ns_rrset)
340 ns_rrset = find_NS(msg->rep, 0, msg->rep->an_numrrsets);
341
342 /* If there was no NS rrset in the authority section, then this
343 * wasn't a referral message. (It might not actually be a
344 * referral message anyway) */
345 if(!ns_rrset)
346 return NULL;
347
348 /* If we found any, then Yay! we have a delegation point. */
349 dp = delegpt_create(region);
350 if(!dp)
351 return NULL;
352 dp->has_parent_side_NS = 1; /* created from message */
353 if(!delegpt_set_name(dp, region, ns_rrset->rk.dname))
354 return NULL;
355 if(!delegpt_rrset_add_ns(dp, region, ns_rrset, 0))
356 return NULL;
357
358 /* add glue, A and AAAA in answer and additional section */
359 for(i=0; i<msg->rep->rrset_count; i++) {
360 struct ub_packed_rrset_key* s = msg->rep->rrsets[i];
361 /* skip auth section. FIXME really needed?*/
362 if(msg->rep->an_numrrsets <= i &&
363 i < (msg->rep->an_numrrsets+msg->rep->ns_numrrsets))
364 continue;
365
366 if(ntohs(s->rk.type) == LDNS_RR_TYPE_A) {
367 if(!delegpt_add_rrset_A(dp, region, s, 0))
368 return NULL;
369 } else if(ntohs(s->rk.type) == LDNS_RR_TYPE_AAAA) {
370 if(!delegpt_add_rrset_AAAA(dp, region, s, 0))
371 return NULL;
372 }
373 }
374 return dp;
375}
376
377int
378delegpt_rrset_add_ns(struct delegpt* dp, struct regional* region,
210 return 1;
211}
212
213void
214delegpt_count_ns(struct delegpt* dp, size_t* numns, size_t* missing)
215{
216 struct delegpt_ns* ns;
217 *numns = 0;
218 *missing = 0;
219 for(ns = dp->nslist; ns; ns = ns->next) {
220 (*numns)++;
221 if(!ns->resolved)
222 (*missing)++;
223 }
224}
225
226void
227delegpt_count_addr(struct delegpt* dp, size_t* numaddr, size_t* numres,
228 size_t* numavail)
229{
230 struct delegpt_addr* a;
231 *numaddr = 0;
232 *numres = 0;
233 *numavail = 0;
234 for(a = dp->target_list; a; a = a->next_target) {
235 (*numaddr)++;
236 }
237 for(a = dp->result_list; a; a = a->next_result) {
238 (*numres)++;
239 }
240 for(a = dp->usable_list; a; a = a->next_usable) {
241 (*numavail)++;
242 }
243}
244
245void delegpt_log(enum verbosity_value v, struct delegpt* dp)
246{
247 char buf[LDNS_MAX_DOMAINLEN+1];
248 struct delegpt_ns* ns;
249 struct delegpt_addr* a;
250 size_t missing=0, numns=0, numaddr=0, numres=0, numavail=0;
251 if(verbosity < v)
252 return;
253 dname_str(dp->name, buf);
254 if(dp->nslist == NULL && dp->target_list == NULL) {
255 log_info("DelegationPoint<%s>: empty", buf);
256 return;
257 }
258 delegpt_count_ns(dp, &numns, &missing);
259 delegpt_count_addr(dp, &numaddr, &numres, &numavail);
260 log_info("DelegationPoint<%s>: %u names (%u missing), "
261 "%u addrs (%u result, %u avail)%s",
262 buf, (unsigned)numns, (unsigned)missing,
263 (unsigned)numaddr, (unsigned)numres, (unsigned)numavail,
264 (dp->has_parent_side_NS?" parentNS":" cacheNS"));
265 if(verbosity >= VERB_ALGO) {
266 for(ns = dp->nslist; ns; ns = ns->next) {
267 dname_str(ns->name, buf);
268 log_info(" %s %s%s%s%s%s%s%s", buf,
269 (ns->resolved?"*":""),
270 (ns->got4?" A":""), (ns->got6?" AAAA":""),
271 (dp->bogus?" BOGUS":""), (ns->lame?" PARENTSIDE":""),
272 (ns->done_pside4?" PSIDE_A":""),
273 (ns->done_pside6?" PSIDE_AAAA":""));
274 }
275 for(a = dp->target_list; a; a = a->next_target) {
276 const char* str = " ";
277 if(a->bogus && a->lame) str = " BOGUS ADDR_LAME ";
278 else if(a->bogus) str = " BOGUS ";
279 else if(a->lame) str = " ADDR_LAME ";
280 log_addr(VERB_ALGO, str, &a->addr, a->addrlen);
281 }
282 }
283}
284
285void
286delegpt_add_unused_targets(struct delegpt* dp)
287{
288 struct delegpt_addr* usa = dp->usable_list;
289 dp->usable_list = NULL;
290 while(usa) {
291 usa->next_result = dp->result_list;
292 dp->result_list = usa;
293 usa = usa->next_usable;
294 }
295}
296
297size_t
298delegpt_count_targets(struct delegpt* dp)
299{
300 struct delegpt_addr* a;
301 size_t n = 0;
302 for(a = dp->target_list; a; a = a->next_target)
303 n++;
304 return n;
305}
306
307size_t
308delegpt_count_missing_targets(struct delegpt* dp)
309{
310 struct delegpt_ns* ns;
311 size_t n = 0;
312 for(ns = dp->nslist; ns; ns = ns->next)
313 if(!ns->resolved)
314 n++;
315 return n;
316}
317
318/** find NS rrset in given list */
319static struct ub_packed_rrset_key*
320find_NS(struct reply_info* rep, size_t from, size_t to)
321{
322 size_t i;
323 for(i=from; i<to; i++) {
324 if(ntohs(rep->rrsets[i]->rk.type) == LDNS_RR_TYPE_NS)
325 return rep->rrsets[i];
326 }
327 return NULL;
328}
329
330struct delegpt*
331delegpt_from_message(struct dns_msg* msg, struct regional* region)
332{
333 struct ub_packed_rrset_key* ns_rrset = NULL;
334 struct delegpt* dp;
335 size_t i;
336 /* look for NS records in the authority section... */
337 ns_rrset = find_NS(msg->rep, msg->rep->an_numrrsets,
338 msg->rep->an_numrrsets+msg->rep->ns_numrrsets);
339
340 /* In some cases (even legitimate, perfectly legal cases), the
341 * NS set for the "referral" might be in the answer section. */
342 if(!ns_rrset)
343 ns_rrset = find_NS(msg->rep, 0, msg->rep->an_numrrsets);
344
345 /* If there was no NS rrset in the authority section, then this
346 * wasn't a referral message. (It might not actually be a
347 * referral message anyway) */
348 if(!ns_rrset)
349 return NULL;
350
351 /* If we found any, then Yay! we have a delegation point. */
352 dp = delegpt_create(region);
353 if(!dp)
354 return NULL;
355 dp->has_parent_side_NS = 1; /* created from message */
356 if(!delegpt_set_name(dp, region, ns_rrset->rk.dname))
357 return NULL;
358 if(!delegpt_rrset_add_ns(dp, region, ns_rrset, 0))
359 return NULL;
360
361 /* add glue, A and AAAA in answer and additional section */
362 for(i=0; i<msg->rep->rrset_count; i++) {
363 struct ub_packed_rrset_key* s = msg->rep->rrsets[i];
364 /* skip auth section. FIXME really needed?*/
365 if(msg->rep->an_numrrsets <= i &&
366 i < (msg->rep->an_numrrsets+msg->rep->ns_numrrsets))
367 continue;
368
369 if(ntohs(s->rk.type) == LDNS_RR_TYPE_A) {
370 if(!delegpt_add_rrset_A(dp, region, s, 0))
371 return NULL;
372 } else if(ntohs(s->rk.type) == LDNS_RR_TYPE_AAAA) {
373 if(!delegpt_add_rrset_AAAA(dp, region, s, 0))
374 return NULL;
375 }
376 }
377 return dp;
378}
379
380int
381delegpt_rrset_add_ns(struct delegpt* dp, struct regional* region,
379 struct ub_packed_rrset_key* ns_rrset, int lame)
382 struct ub_packed_rrset_key* ns_rrset, uint8_t lame)
380{
381 struct packed_rrset_data* nsdata = (struct packed_rrset_data*)
382 ns_rrset->entry.data;
383 size_t i;
384 log_assert(!dp->dp_type_mlc);
385 if(nsdata->security == sec_status_bogus)
386 dp->bogus = 1;
387 for(i=0; i<nsdata->count; i++) {
388 if(nsdata->rr_len[i] < 2+1) continue; /* len + root label */
389 if(dname_valid(nsdata->rr_data[i]+2, nsdata->rr_len[i]-2) !=
383{
384 struct packed_rrset_data* nsdata = (struct packed_rrset_data*)
385 ns_rrset->entry.data;
386 size_t i;
387 log_assert(!dp->dp_type_mlc);
388 if(nsdata->security == sec_status_bogus)
389 dp->bogus = 1;
390 for(i=0; i<nsdata->count; i++) {
391 if(nsdata->rr_len[i] < 2+1) continue; /* len + root label */
392 if(dname_valid(nsdata->rr_data[i]+2, nsdata->rr_len[i]-2) !=
390 (size_t)ldns_read_uint16(nsdata->rr_data[i]))
393 (size_t)sldns_read_uint16(nsdata->rr_data[i]))
391 continue; /* bad format */
392 /* add rdata of NS (= wirefmt dname), skip rdatalen bytes */
393 if(!delegpt_add_ns(dp, region, nsdata->rr_data[i]+2, lame))
394 return 0;
395 }
396 return 1;
397}
398
399int
400delegpt_add_rrset_A(struct delegpt* dp, struct regional* region,
394 continue; /* bad format */
395 /* add rdata of NS (= wirefmt dname), skip rdatalen bytes */
396 if(!delegpt_add_ns(dp, region, nsdata->rr_data[i]+2, lame))
397 return 0;
398 }
399 return 1;
400}
401
402int
403delegpt_add_rrset_A(struct delegpt* dp, struct regional* region,
401 struct ub_packed_rrset_key* ak, int lame)
404 struct ub_packed_rrset_key* ak, uint8_t lame)
402{
403 struct packed_rrset_data* d=(struct packed_rrset_data*)ak->entry.data;
404 size_t i;
405 struct sockaddr_in sa;
406 socklen_t len = (socklen_t)sizeof(sa);
407 log_assert(!dp->dp_type_mlc);
408 memset(&sa, 0, len);
409 sa.sin_family = AF_INET;
410 sa.sin_port = (in_port_t)htons(UNBOUND_DNS_PORT);
411 for(i=0; i<d->count; i++) {
412 if(d->rr_len[i] != 2 + INET_SIZE)
413 continue;
414 memmove(&sa.sin_addr, d->rr_data[i]+2, INET_SIZE);
415 if(!delegpt_add_target(dp, region, ak->rk.dname,
416 ak->rk.dname_len, (struct sockaddr_storage*)&sa,
417 len, (d->security==sec_status_bogus), lame))
418 return 0;
419 }
420 return 1;
421}
422
423int
424delegpt_add_rrset_AAAA(struct delegpt* dp, struct regional* region,
405{
406 struct packed_rrset_data* d=(struct packed_rrset_data*)ak->entry.data;
407 size_t i;
408 struct sockaddr_in sa;
409 socklen_t len = (socklen_t)sizeof(sa);
410 log_assert(!dp->dp_type_mlc);
411 memset(&sa, 0, len);
412 sa.sin_family = AF_INET;
413 sa.sin_port = (in_port_t)htons(UNBOUND_DNS_PORT);
414 for(i=0; i<d->count; i++) {
415 if(d->rr_len[i] != 2 + INET_SIZE)
416 continue;
417 memmove(&sa.sin_addr, d->rr_data[i]+2, INET_SIZE);
418 if(!delegpt_add_target(dp, region, ak->rk.dname,
419 ak->rk.dname_len, (struct sockaddr_storage*)&sa,
420 len, (d->security==sec_status_bogus), lame))
421 return 0;
422 }
423 return 1;
424}
425
426int
427delegpt_add_rrset_AAAA(struct delegpt* dp, struct regional* region,
425 struct ub_packed_rrset_key* ak, int lame)
428 struct ub_packed_rrset_key* ak, uint8_t lame)
426{
427 struct packed_rrset_data* d=(struct packed_rrset_data*)ak->entry.data;
428 size_t i;
429 struct sockaddr_in6 sa;
430 socklen_t len = (socklen_t)sizeof(sa);
431 log_assert(!dp->dp_type_mlc);
432 memset(&sa, 0, len);
433 sa.sin6_family = AF_INET6;
434 sa.sin6_port = (in_port_t)htons(UNBOUND_DNS_PORT);
435 for(i=0; i<d->count; i++) {
436 if(d->rr_len[i] != 2 + INET6_SIZE) /* rdatalen + len of IP6 */
437 continue;
438 memmove(&sa.sin6_addr, d->rr_data[i]+2, INET6_SIZE);
439 if(!delegpt_add_target(dp, region, ak->rk.dname,
440 ak->rk.dname_len, (struct sockaddr_storage*)&sa,
441 len, (d->security==sec_status_bogus), lame))
442 return 0;
443 }
444 return 1;
445}
446
447int
448delegpt_add_rrset(struct delegpt* dp, struct regional* region,
429{
430 struct packed_rrset_data* d=(struct packed_rrset_data*)ak->entry.data;
431 size_t i;
432 struct sockaddr_in6 sa;
433 socklen_t len = (socklen_t)sizeof(sa);
434 log_assert(!dp->dp_type_mlc);
435 memset(&sa, 0, len);
436 sa.sin6_family = AF_INET6;
437 sa.sin6_port = (in_port_t)htons(UNBOUND_DNS_PORT);
438 for(i=0; i<d->count; i++) {
439 if(d->rr_len[i] != 2 + INET6_SIZE) /* rdatalen + len of IP6 */
440 continue;
441 memmove(&sa.sin6_addr, d->rr_data[i]+2, INET6_SIZE);
442 if(!delegpt_add_target(dp, region, ak->rk.dname,
443 ak->rk.dname_len, (struct sockaddr_storage*)&sa,
444 len, (d->security==sec_status_bogus), lame))
445 return 0;
446 }
447 return 1;
448}
449
450int
451delegpt_add_rrset(struct delegpt* dp, struct regional* region,
449 struct ub_packed_rrset_key* rrset, int lame)
452 struct ub_packed_rrset_key* rrset, uint8_t lame)
450{
451 if(!rrset)
452 return 1;
453 if(ntohs(rrset->rk.type) == LDNS_RR_TYPE_NS)
454 return delegpt_rrset_add_ns(dp, region, rrset, lame);
455 else if(ntohs(rrset->rk.type) == LDNS_RR_TYPE_A)
456 return delegpt_add_rrset_A(dp, region, rrset, lame);
457 else if(ntohs(rrset->rk.type) == LDNS_RR_TYPE_AAAA)
458 return delegpt_add_rrset_AAAA(dp, region, rrset, lame);
459 log_warn("Unknown rrset type added to delegpt");
460 return 1;
461}
462
463void delegpt_add_neg_msg(struct delegpt* dp, struct msgreply_entry* msg)
464{
465 struct reply_info* rep = (struct reply_info*)msg->entry.data;
466 if(!rep) return;
467
468 /* if error or no answers */
469 if(FLAGS_GET_RCODE(rep->flags) != 0 || rep->an_numrrsets == 0) {
470 struct delegpt_ns* ns = delegpt_find_ns(dp, msg->key.qname,
471 msg->key.qname_len);
472 if(ns) {
473 if(msg->key.qtype == LDNS_RR_TYPE_A)
474 ns->got4 = 1;
475 else if(msg->key.qtype == LDNS_RR_TYPE_AAAA)
476 ns->got6 = 1;
477 if(ns->got4 && ns->got6)
478 ns->resolved = 1;
479 }
480 }
481}
482
483void delegpt_no_ipv6(struct delegpt* dp)
484{
485 struct delegpt_ns* ns;
486 for(ns = dp->nslist; ns; ns = ns->next) {
487 /* no ipv6, so only ipv4 is enough to resolve a nameserver */
488 if(ns->got4)
489 ns->resolved = 1;
490 }
491}
492
493void delegpt_no_ipv4(struct delegpt* dp)
494{
495 struct delegpt_ns* ns;
496 for(ns = dp->nslist; ns; ns = ns->next) {
497 /* no ipv4, so only ipv6 is enough to resolve a nameserver */
498 if(ns->got6)
499 ns->resolved = 1;
500 }
501}
502
503struct delegpt* delegpt_create_mlc(uint8_t* name)
504{
505 struct delegpt* dp=(struct delegpt*)calloc(1, sizeof(*dp));
506 if(!dp)
507 return NULL;
508 dp->dp_type_mlc = 1;
509 if(name) {
510 dp->namelabs = dname_count_size_labels(name, &dp->namelen);
511 dp->name = memdup(name, dp->namelen);
512 if(!dp->name) {
513 free(dp);
514 return NULL;
515 }
516 }
517 return dp;
518}
519
520void delegpt_free_mlc(struct delegpt* dp)
521{
522 struct delegpt_ns* n, *nn;
523 struct delegpt_addr* a, *na;
524 if(!dp) return;
525 log_assert(dp->dp_type_mlc);
526 n = dp->nslist;
527 while(n) {
528 nn = n->next;
529 free(n->name);
530 free(n);
531 n = nn;
532 }
533 a = dp->target_list;
534 while(a) {
535 na = a->next_target;
536 free(a);
537 a = na;
538 }
539 free(dp->name);
540 free(dp);
541}
542
543int delegpt_set_name_mlc(struct delegpt* dp, uint8_t* name)
544{
545 log_assert(dp->dp_type_mlc);
546 dp->namelabs = dname_count_size_labels(name, &dp->namelen);
547 dp->name = memdup(name, dp->namelen);
548 return (dp->name != NULL);
549}
550
453{
454 if(!rrset)
455 return 1;
456 if(ntohs(rrset->rk.type) == LDNS_RR_TYPE_NS)
457 return delegpt_rrset_add_ns(dp, region, rrset, lame);
458 else if(ntohs(rrset->rk.type) == LDNS_RR_TYPE_A)
459 return delegpt_add_rrset_A(dp, region, rrset, lame);
460 else if(ntohs(rrset->rk.type) == LDNS_RR_TYPE_AAAA)
461 return delegpt_add_rrset_AAAA(dp, region, rrset, lame);
462 log_warn("Unknown rrset type added to delegpt");
463 return 1;
464}
465
466void delegpt_add_neg_msg(struct delegpt* dp, struct msgreply_entry* msg)
467{
468 struct reply_info* rep = (struct reply_info*)msg->entry.data;
469 if(!rep) return;
470
471 /* if error or no answers */
472 if(FLAGS_GET_RCODE(rep->flags) != 0 || rep->an_numrrsets == 0) {
473 struct delegpt_ns* ns = delegpt_find_ns(dp, msg->key.qname,
474 msg->key.qname_len);
475 if(ns) {
476 if(msg->key.qtype == LDNS_RR_TYPE_A)
477 ns->got4 = 1;
478 else if(msg->key.qtype == LDNS_RR_TYPE_AAAA)
479 ns->got6 = 1;
480 if(ns->got4 && ns->got6)
481 ns->resolved = 1;
482 }
483 }
484}
485
486void delegpt_no_ipv6(struct delegpt* dp)
487{
488 struct delegpt_ns* ns;
489 for(ns = dp->nslist; ns; ns = ns->next) {
490 /* no ipv6, so only ipv4 is enough to resolve a nameserver */
491 if(ns->got4)
492 ns->resolved = 1;
493 }
494}
495
496void delegpt_no_ipv4(struct delegpt* dp)
497{
498 struct delegpt_ns* ns;
499 for(ns = dp->nslist; ns; ns = ns->next) {
500 /* no ipv4, so only ipv6 is enough to resolve a nameserver */
501 if(ns->got6)
502 ns->resolved = 1;
503 }
504}
505
506struct delegpt* delegpt_create_mlc(uint8_t* name)
507{
508 struct delegpt* dp=(struct delegpt*)calloc(1, sizeof(*dp));
509 if(!dp)
510 return NULL;
511 dp->dp_type_mlc = 1;
512 if(name) {
513 dp->namelabs = dname_count_size_labels(name, &dp->namelen);
514 dp->name = memdup(name, dp->namelen);
515 if(!dp->name) {
516 free(dp);
517 return NULL;
518 }
519 }
520 return dp;
521}
522
523void delegpt_free_mlc(struct delegpt* dp)
524{
525 struct delegpt_ns* n, *nn;
526 struct delegpt_addr* a, *na;
527 if(!dp) return;
528 log_assert(dp->dp_type_mlc);
529 n = dp->nslist;
530 while(n) {
531 nn = n->next;
532 free(n->name);
533 free(n);
534 n = nn;
535 }
536 a = dp->target_list;
537 while(a) {
538 na = a->next_target;
539 free(a);
540 a = na;
541 }
542 free(dp->name);
543 free(dp);
544}
545
546int delegpt_set_name_mlc(struct delegpt* dp, uint8_t* name)
547{
548 log_assert(dp->dp_type_mlc);
549 dp->namelabs = dname_count_size_labels(name, &dp->namelen);
550 dp->name = memdup(name, dp->namelen);
551 return (dp->name != NULL);
552}
553
551int delegpt_add_ns_mlc(struct delegpt* dp, uint8_t* name, int lame)
554int delegpt_add_ns_mlc(struct delegpt* dp, uint8_t* name, uint8_t lame)
552{
553 struct delegpt_ns* ns;
554 size_t len;
555 (void)dname_count_size_labels(name, &len);
556 log_assert(dp->dp_type_mlc);
557 /* slow check for duplicates to avoid counting failures when
558 * adding the same server as a dependency twice */
559 if(delegpt_find_ns(dp, name, len))
560 return 1;
561 ns = (struct delegpt_ns*)malloc(sizeof(struct delegpt_ns));
562 if(!ns)
563 return 0;
564 ns->namelen = len;
565 ns->name = memdup(name, ns->namelen);
566 if(!ns->name) {
567 free(ns);
568 return 0;
569 }
570 ns->next = dp->nslist;
571 dp->nslist = ns;
572 ns->resolved = 0;
573 ns->got4 = 0;
574 ns->got6 = 0;
575 ns->lame = (uint8_t)lame;
576 ns->done_pside4 = 0;
577 ns->done_pside6 = 0;
578 return 1;
579}
580
581int delegpt_add_addr_mlc(struct delegpt* dp, struct sockaddr_storage* addr,
555{
556 struct delegpt_ns* ns;
557 size_t len;
558 (void)dname_count_size_labels(name, &len);
559 log_assert(dp->dp_type_mlc);
560 /* slow check for duplicates to avoid counting failures when
561 * adding the same server as a dependency twice */
562 if(delegpt_find_ns(dp, name, len))
563 return 1;
564 ns = (struct delegpt_ns*)malloc(sizeof(struct delegpt_ns));
565 if(!ns)
566 return 0;
567 ns->namelen = len;
568 ns->name = memdup(name, ns->namelen);
569 if(!ns->name) {
570 free(ns);
571 return 0;
572 }
573 ns->next = dp->nslist;
574 dp->nslist = ns;
575 ns->resolved = 0;
576 ns->got4 = 0;
577 ns->got6 = 0;
578 ns->lame = (uint8_t)lame;
579 ns->done_pside4 = 0;
580 ns->done_pside6 = 0;
581 return 1;
582}
583
584int delegpt_add_addr_mlc(struct delegpt* dp, struct sockaddr_storage* addr,
582 socklen_t addrlen, int bogus, int lame)
585 socklen_t addrlen, uint8_t bogus, uint8_t lame)
583{
584 struct delegpt_addr* a;
585 log_assert(dp->dp_type_mlc);
586 /* check for duplicates */
587 if((a = delegpt_find_addr(dp, addr, addrlen))) {
588 if(bogus)
589 a->bogus = bogus;
590 if(!lame)
591 a->lame = 0;
592 return 1;
593 }
594
595 a = (struct delegpt_addr*)malloc(sizeof(struct delegpt_addr));
596 if(!a)
597 return 0;
598 a->next_target = dp->target_list;
599 dp->target_list = a;
600 a->next_result = 0;
601 a->next_usable = dp->usable_list;
602 dp->usable_list = a;
603 memcpy(&a->addr, addr, addrlen);
604 a->addrlen = addrlen;
605 a->attempts = 0;
606 a->bogus = bogus;
607 a->lame = lame;
586{
587 struct delegpt_addr* a;
588 log_assert(dp->dp_type_mlc);
589 /* check for duplicates */
590 if((a = delegpt_find_addr(dp, addr, addrlen))) {
591 if(bogus)
592 a->bogus = bogus;
593 if(!lame)
594 a->lame = 0;
595 return 1;
596 }
597
598 a = (struct delegpt_addr*)malloc(sizeof(struct delegpt_addr));
599 if(!a)
600 return 0;
601 a->next_target = dp->target_list;
602 dp->target_list = a;
603 a->next_result = 0;
604 a->next_usable = dp->usable_list;
605 dp->usable_list = a;
606 memcpy(&a->addr, addr, addrlen);
607 a->addrlen = addrlen;
608 a->attempts = 0;
609 a->bogus = bogus;
610 a->lame = lame;
611 a->dnsseclame = 0;
608 return 1;
609}
610
611int delegpt_add_target_mlc(struct delegpt* dp, uint8_t* name, size_t namelen,
612 return 1;
613}
614
615int delegpt_add_target_mlc(struct delegpt* dp, uint8_t* name, size_t namelen,
612 struct sockaddr_storage* addr, socklen_t addrlen, int bogus, int lame)
616 struct sockaddr_storage* addr, socklen_t addrlen, uint8_t bogus,
617 uint8_t lame)
613{
614 struct delegpt_ns* ns = delegpt_find_ns(dp, name, namelen);
615 log_assert(dp->dp_type_mlc);
616 if(!ns) {
617 /* ignore it */
618 return 1;
619 }
620 if(!lame) {
621 if(addr_is_ip6(addr, addrlen))
622 ns->got6 = 1;
623 else ns->got4 = 1;
624 if(ns->got4 && ns->got6)
625 ns->resolved = 1;
626 }
627 return delegpt_add_addr_mlc(dp, addr, addrlen, bogus, lame);
628}
629
630size_t delegpt_get_mem(struct delegpt* dp)
631{
632 struct delegpt_ns* ns;
633 size_t s;
634 if(!dp) return 0;
635 s = sizeof(*dp) + dp->namelen +
636 delegpt_count_targets(dp)*sizeof(struct delegpt_addr);
637 for(ns=dp->nslist; ns; ns=ns->next)
638 s += sizeof(*ns)+ns->namelen;
639 return s;
640}
618{
619 struct delegpt_ns* ns = delegpt_find_ns(dp, name, namelen);
620 log_assert(dp->dp_type_mlc);
621 if(!ns) {
622 /* ignore it */
623 return 1;
624 }
625 if(!lame) {
626 if(addr_is_ip6(addr, addrlen))
627 ns->got6 = 1;
628 else ns->got4 = 1;
629 if(ns->got4 && ns->got6)
630 ns->resolved = 1;
631 }
632 return delegpt_add_addr_mlc(dp, addr, addrlen, bogus, lame);
633}
634
635size_t delegpt_get_mem(struct delegpt* dp)
636{
637 struct delegpt_ns* ns;
638 size_t s;
639 if(!dp) return 0;
640 s = sizeof(*dp) + dp->namelen +
641 delegpt_count_targets(dp)*sizeof(struct delegpt_addr);
642 for(ns=dp->nslist; ns; ns=ns->next)
643 s += sizeof(*ns)+ns->namelen;
644 return s;
645}