iter_hints.c revision 356345
1/* 2 * iterator/iter_hints.c - iterative resolver module stub and root hints. 3 * 4 * Copyright (c) 2007, NLnet Labs. All rights reserved. 5 * 6 * This software is open source. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 12 * Redistributions of source code must retain the above copyright notice, 13 * this list of conditions and the following disclaimer. 14 * 15 * Redistributions in binary form must reproduce the above copyright notice, 16 * this list of conditions and the following disclaimer in the documentation 17 * and/or other materials provided with the distribution. 18 * 19 * Neither the name of the NLNET LABS nor the names of its contributors may 20 * be used to endorse or promote products derived from this software without 21 * specific prior written permission. 22 * 23 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 24 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 25 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 26 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 27 * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 28 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED 29 * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR 30 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF 31 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING 32 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS 33 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 34 */ 35 36/** 37 * \file 38 * 39 * This file contains functions to assist the iterator module. 40 * Keep track of stub and root hints, and read those from config. 41 */ 42#include "config.h" 43#include "iterator/iter_hints.h" 44#include "iterator/iter_delegpt.h" 45#include "util/log.h" 46#include "util/config_file.h" 47#include "util/net_help.h" 48#include "util/data/dname.h" 49#include "sldns/rrdef.h" 50#include "sldns/str2wire.h" 51#include "sldns/wire2str.h" 52 53struct iter_hints* 54hints_create(void) 55{ 56 struct iter_hints* hints = (struct iter_hints*)calloc(1, 57 sizeof(struct iter_hints)); 58 if(!hints) 59 return NULL; 60 return hints; 61} 62 63static void hints_stub_free(struct iter_hints_stub* s) 64{ 65 if(!s) return; 66 delegpt_free_mlc(s->dp); 67 free(s); 68} 69 70static void delhintnode(rbnode_type* n, void* ATTR_UNUSED(arg)) 71{ 72 struct iter_hints_stub* node = (struct iter_hints_stub*)n; 73 hints_stub_free(node); 74} 75 76static void hints_del_tree(struct iter_hints* hints) 77{ 78 traverse_postorder(&hints->tree, &delhintnode, NULL); 79} 80 81void 82hints_delete(struct iter_hints* hints) 83{ 84 if(!hints) 85 return; 86 hints_del_tree(hints); 87 free(hints); 88} 89 90/** add hint to delegation hints */ 91static int 92ah(struct delegpt* dp, const char* sv, const char* ip) 93{ 94 struct sockaddr_storage addr; 95 socklen_t addrlen; 96 size_t dname_len; 97 uint8_t* dname = sldns_str2wire_dname(sv, &dname_len); 98 if(!dname) { 99 log_err("could not parse %s", sv); 100 return 0; 101 } 102 if(!delegpt_add_ns_mlc(dp, dname, 0) || 103 !extstrtoaddr(ip, &addr, &addrlen) || 104 !delegpt_add_target_mlc(dp, dname, dname_len, 105 &addr, addrlen, 0, 0)) { 106 free(dname); 107 return 0; 108 } 109 free(dname); 110 return 1; 111} 112 113/** obtain compiletime provided root hints */ 114static struct delegpt* 115compile_time_root_prime(int do_ip4, int do_ip6) 116{ 117 /* from: 118 ; This file is made available by InterNIC 119 ; under anonymous FTP as 120 ; file /domain/named.cache 121 ; on server FTP.INTERNIC.NET 122 ; -OR- RS.INTERNIC.NET 123 ; 124 ; related version of root zone: changes-on-20120103 125 */ 126 struct delegpt* dp = delegpt_create_mlc((uint8_t*)"\000"); 127 if(!dp) 128 return NULL; 129 dp->has_parent_side_NS = 1; 130 if(do_ip4) { 131 if(!ah(dp, "A.ROOT-SERVERS.NET.", "198.41.0.4")) goto failed; 132 if(!ah(dp, "B.ROOT-SERVERS.NET.", "199.9.14.201")) goto failed; 133 if(!ah(dp, "C.ROOT-SERVERS.NET.", "192.33.4.12")) goto failed; 134 if(!ah(dp, "D.ROOT-SERVERS.NET.", "199.7.91.13")) goto failed; 135 if(!ah(dp, "E.ROOT-SERVERS.NET.", "192.203.230.10")) goto failed; 136 if(!ah(dp, "F.ROOT-SERVERS.NET.", "192.5.5.241")) goto failed; 137 if(!ah(dp, "G.ROOT-SERVERS.NET.", "192.112.36.4")) goto failed; 138 if(!ah(dp, "H.ROOT-SERVERS.NET.", "198.97.190.53")) goto failed; 139 if(!ah(dp, "I.ROOT-SERVERS.NET.", "192.36.148.17")) goto failed; 140 if(!ah(dp, "J.ROOT-SERVERS.NET.", "192.58.128.30")) goto failed; 141 if(!ah(dp, "K.ROOT-SERVERS.NET.", "193.0.14.129")) goto failed; 142 if(!ah(dp, "L.ROOT-SERVERS.NET.", "199.7.83.42")) goto failed; 143 if(!ah(dp, "M.ROOT-SERVERS.NET.", "202.12.27.33")) goto failed; 144 } 145 if(do_ip6) { 146 if(!ah(dp, "A.ROOT-SERVERS.NET.", "2001:503:ba3e::2:30")) goto failed; 147 if(!ah(dp, "B.ROOT-SERVERS.NET.", "2001:500:200::b")) goto failed; 148 if(!ah(dp, "C.ROOT-SERVERS.NET.", "2001:500:2::c")) goto failed; 149 if(!ah(dp, "D.ROOT-SERVERS.NET.", "2001:500:2d::d")) goto failed; 150 if(!ah(dp, "E.ROOT-SERVERS.NET.", "2001:500:a8::e")) goto failed; 151 if(!ah(dp, "F.ROOT-SERVERS.NET.", "2001:500:2f::f")) goto failed; 152 if(!ah(dp, "G.ROOT-SERVERS.NET.", "2001:500:12::d0d")) goto failed; 153 if(!ah(dp, "H.ROOT-SERVERS.NET.", "2001:500:1::53")) goto failed; 154 if(!ah(dp, "I.ROOT-SERVERS.NET.", "2001:7fe::53")) goto failed; 155 if(!ah(dp, "J.ROOT-SERVERS.NET.", "2001:503:c27::2:30")) goto failed; 156 if(!ah(dp, "K.ROOT-SERVERS.NET.", "2001:7fd::1")) goto failed; 157 if(!ah(dp, "L.ROOT-SERVERS.NET.", "2001:500:9f::42")) goto failed; 158 if(!ah(dp, "M.ROOT-SERVERS.NET.", "2001:dc3::35")) goto failed; 159 } 160 return dp; 161failed: 162 delegpt_free_mlc(dp); 163 return 0; 164} 165 166/** insert new hint info into hint structure */ 167static int 168hints_insert(struct iter_hints* hints, uint16_t c, struct delegpt* dp, 169 int noprime) 170{ 171 struct iter_hints_stub* node = (struct iter_hints_stub*)malloc( 172 sizeof(struct iter_hints_stub)); 173 if(!node) { 174 delegpt_free_mlc(dp); 175 return 0; 176 } 177 node->dp = dp; 178 node->noprime = (uint8_t)noprime; 179 if(!name_tree_insert(&hints->tree, &node->node, dp->name, dp->namelen, 180 dp->namelabs, c)) { 181 char buf[257]; 182 dname_str(dp->name, buf); 183 log_err("second hints for zone %s ignored.", buf); 184 delegpt_free_mlc(dp); 185 free(node); 186 } 187 return 1; 188} 189 190/** set stub name */ 191static struct delegpt* 192read_stubs_name(struct config_stub* s) 193{ 194 struct delegpt* dp; 195 size_t dname_len; 196 uint8_t* dname; 197 if(!s->name) { 198 log_err("stub zone without a name"); 199 return NULL; 200 } 201 dname = sldns_str2wire_dname(s->name, &dname_len); 202 if(!dname) { 203 log_err("cannot parse stub zone name %s", s->name); 204 return NULL; 205 } 206 if(!(dp=delegpt_create_mlc(dname))) { 207 free(dname); 208 log_err("out of memory"); 209 return NULL; 210 } 211 free(dname); 212 return dp; 213} 214 215/** set stub host names */ 216static int 217read_stubs_host(struct config_stub* s, struct delegpt* dp) 218{ 219 struct config_strlist* p; 220 size_t dname_len; 221 uint8_t* dname; 222 for(p = s->hosts; p; p = p->next) { 223 log_assert(p->str); 224 dname = sldns_str2wire_dname(p->str, &dname_len); 225 if(!dname) { 226 log_err("cannot parse stub %s nameserver name: '%s'", 227 s->name, p->str); 228 return 0; 229 } 230 if(!delegpt_add_ns_mlc(dp, dname, 0)) { 231 free(dname); 232 log_err("out of memory"); 233 return 0; 234 } 235 free(dname); 236 } 237 return 1; 238} 239 240/** set stub server addresses */ 241static int 242read_stubs_addr(struct config_stub* s, struct delegpt* dp) 243{ 244 struct config_strlist* p; 245 struct sockaddr_storage addr; 246 socklen_t addrlen; 247 char* auth_name; 248 for(p = s->addrs; p; p = p->next) { 249 log_assert(p->str); 250 if(!authextstrtoaddr(p->str, &addr, &addrlen, &auth_name)) { 251 log_err("cannot parse stub %s ip address: '%s'", 252 s->name, p->str); 253 return 0; 254 } 255#if ! defined(HAVE_SSL_SET1_HOST) && ! defined(HAVE_X509_VERIFY_PARAM_SET1_HOST) 256 if(auth_name) 257 log_err("no name verification functionality in " 258 "ssl library, ignored name for %s", p->str); 259#endif 260 if(!delegpt_add_addr_mlc(dp, &addr, addrlen, 0, 0, 261 auth_name)) { 262 log_err("out of memory"); 263 return 0; 264 } 265 } 266 return 1; 267} 268 269/** read stubs config */ 270static int 271read_stubs(struct iter_hints* hints, struct config_file* cfg) 272{ 273 struct config_stub* s; 274 struct delegpt* dp; 275 for(s = cfg->stubs; s; s = s->next) { 276 if(!(dp=read_stubs_name(s))) 277 return 0; 278 if(!read_stubs_host(s, dp) || !read_stubs_addr(s, dp)) { 279 delegpt_free_mlc(dp); 280 return 0; 281 } 282 /* the flag is turned off for 'stub-first' so that the 283 * last resort will ask for parent-side NS record and thus 284 * fallback to the internet name servers on a failure */ 285 dp->has_parent_side_NS = (uint8_t)!s->isfirst; 286 /* Do not cache if set. */ 287 dp->no_cache = s->no_cache; 288 /* ssl_upstream */ 289 dp->ssl_upstream = (uint8_t)s->ssl_upstream; 290 delegpt_log(VERB_QUERY, dp); 291 if(!hints_insert(hints, LDNS_RR_CLASS_IN, dp, !s->isprime)) 292 return 0; 293 } 294 return 1; 295} 296 297/** read root hints from file */ 298static int 299read_root_hints(struct iter_hints* hints, char* fname) 300{ 301 struct sldns_file_parse_state pstate; 302 struct delegpt* dp; 303 uint8_t rr[LDNS_RR_BUF_SIZE]; 304 size_t rr_len, dname_len; 305 int status; 306 uint16_t c = LDNS_RR_CLASS_IN; 307 FILE* f = fopen(fname, "r"); 308 if(!f) { 309 log_err("could not read root hints %s: %s", 310 fname, strerror(errno)); 311 return 0; 312 } 313 dp = delegpt_create_mlc(NULL); 314 if(!dp) { 315 log_err("out of memory reading root hints"); 316 fclose(f); 317 return 0; 318 } 319 verbose(VERB_QUERY, "Reading root hints from %s", fname); 320 memset(&pstate, 0, sizeof(pstate)); 321 pstate.lineno = 1; 322 dp->has_parent_side_NS = 1; 323 while(!feof(f)) { 324 rr_len = sizeof(rr); 325 dname_len = 0; 326 status = sldns_fp2wire_rr_buf(f, rr, &rr_len, &dname_len, 327 &pstate); 328 if(status != 0) { 329 log_err("reading root hints %s %d:%d: %s", fname, 330 pstate.lineno, LDNS_WIREPARSE_OFFSET(status), 331 sldns_get_errorstr_parse(status)); 332 goto stop_read; 333 } 334 if(rr_len == 0) 335 continue; /* EMPTY line, TTL or ORIGIN */ 336 if(sldns_wirerr_get_type(rr, rr_len, dname_len) 337 == LDNS_RR_TYPE_NS) { 338 if(!delegpt_add_ns_mlc(dp, sldns_wirerr_get_rdata(rr, 339 rr_len, dname_len), 0)) { 340 log_err("out of memory reading root hints"); 341 goto stop_read; 342 } 343 c = sldns_wirerr_get_class(rr, rr_len, dname_len); 344 if(!dp->name) { 345 if(!delegpt_set_name_mlc(dp, rr)) { 346 log_err("out of memory."); 347 goto stop_read; 348 } 349 } 350 } else if(sldns_wirerr_get_type(rr, rr_len, dname_len) 351 == LDNS_RR_TYPE_A && sldns_wirerr_get_rdatalen(rr, 352 rr_len, dname_len) == INET_SIZE) { 353 struct sockaddr_in sa; 354 socklen_t len = (socklen_t)sizeof(sa); 355 memset(&sa, 0, len); 356 sa.sin_family = AF_INET; 357 sa.sin_port = (in_port_t)htons(UNBOUND_DNS_PORT); 358 memmove(&sa.sin_addr, 359 sldns_wirerr_get_rdata(rr, rr_len, dname_len), 360 INET_SIZE); 361 if(!delegpt_add_target_mlc(dp, rr, dname_len, 362 (struct sockaddr_storage*)&sa, len, 363 0, 0)) { 364 log_err("out of memory reading root hints"); 365 goto stop_read; 366 } 367 } else if(sldns_wirerr_get_type(rr, rr_len, dname_len) 368 == LDNS_RR_TYPE_AAAA && sldns_wirerr_get_rdatalen(rr, 369 rr_len, dname_len) == INET6_SIZE) { 370 struct sockaddr_in6 sa; 371 socklen_t len = (socklen_t)sizeof(sa); 372 memset(&sa, 0, len); 373 sa.sin6_family = AF_INET6; 374 sa.sin6_port = (in_port_t)htons(UNBOUND_DNS_PORT); 375 memmove(&sa.sin6_addr, 376 sldns_wirerr_get_rdata(rr, rr_len, dname_len), 377 INET6_SIZE); 378 if(!delegpt_add_target_mlc(dp, rr, dname_len, 379 (struct sockaddr_storage*)&sa, len, 380 0, 0)) { 381 log_err("out of memory reading root hints"); 382 goto stop_read; 383 } 384 } else { 385 char buf[17]; 386 sldns_wire2str_type_buf(sldns_wirerr_get_type(rr, 387 rr_len, dname_len), buf, sizeof(buf)); 388 log_warn("root hints %s:%d skipping type %s", 389 fname, pstate.lineno, buf); 390 } 391 } 392 fclose(f); 393 if(!dp->name) { 394 log_warn("root hints %s: no NS content", fname); 395 delegpt_free_mlc(dp); 396 return 1; 397 } 398 if(!hints_insert(hints, c, dp, 0)) { 399 return 0; 400 } 401 delegpt_log(VERB_QUERY, dp); 402 return 1; 403 404stop_read: 405 delegpt_free_mlc(dp); 406 fclose(f); 407 return 0; 408} 409 410/** read root hints list */ 411static int 412read_root_hints_list(struct iter_hints* hints, struct config_file* cfg) 413{ 414 struct config_strlist* p; 415 for(p = cfg->root_hints; p; p = p->next) { 416 log_assert(p->str); 417 if(p->str && p->str[0]) { 418 char* f = p->str; 419 if(cfg->chrootdir && cfg->chrootdir[0] && 420 strncmp(p->str, cfg->chrootdir, 421 strlen(cfg->chrootdir)) == 0) 422 f += strlen(cfg->chrootdir); 423 if(!read_root_hints(hints, f)) 424 return 0; 425 } 426 } 427 return 1; 428} 429 430int 431hints_apply_cfg(struct iter_hints* hints, struct config_file* cfg) 432{ 433 hints_del_tree(hints); 434 name_tree_init(&hints->tree); 435 436 /* read root hints */ 437 if(!read_root_hints_list(hints, cfg)) 438 return 0; 439 440 /* read stub hints */ 441 if(!read_stubs(hints, cfg)) 442 return 0; 443 444 /* use fallback compiletime root hints */ 445 if(!hints_lookup_root(hints, LDNS_RR_CLASS_IN)) { 446 struct delegpt* dp = compile_time_root_prime(cfg->do_ip4, 447 cfg->do_ip6); 448 verbose(VERB_ALGO, "no config, using builtin root hints."); 449 if(!dp) 450 return 0; 451 if(!hints_insert(hints, LDNS_RR_CLASS_IN, dp, 0)) 452 return 0; 453 } 454 455 name_tree_init_parents(&hints->tree); 456 return 1; 457} 458 459struct delegpt* 460hints_lookup_root(struct iter_hints* hints, uint16_t qclass) 461{ 462 uint8_t rootlab = 0; 463 struct iter_hints_stub *stub; 464 stub = (struct iter_hints_stub*)name_tree_find(&hints->tree, 465 &rootlab, 1, 1, qclass); 466 if(!stub) 467 return NULL; 468 return stub->dp; 469} 470 471struct iter_hints_stub* 472hints_lookup_stub(struct iter_hints* hints, uint8_t* qname, 473 uint16_t qclass, struct delegpt* cache_dp) 474{ 475 size_t len; 476 int labs; 477 struct iter_hints_stub *r; 478 479 /* first lookup the stub */ 480 labs = dname_count_size_labels(qname, &len); 481 r = (struct iter_hints_stub*)name_tree_lookup(&hints->tree, qname, 482 len, labs, qclass); 483 if(!r) return NULL; 484 485 /* If there is no cache (root prime situation) */ 486 if(cache_dp == NULL) { 487 if(r->dp->namelabs != 1) 488 return r; /* no cache dp, use any non-root stub */ 489 return NULL; 490 } 491 492 /* 493 * If the stub is same as the delegation we got 494 * And has noprime set, we need to 'prime' to use this stub instead. 495 */ 496 if(r->noprime && query_dname_compare(cache_dp->name, r->dp->name)==0) 497 return r; /* use this stub instead of cached dp */ 498 499 /* 500 * If our cached delegation point is above the hint, we need to prime. 501 */ 502 if(dname_strict_subdomain(r->dp->name, r->dp->namelabs, 503 cache_dp->name, cache_dp->namelabs)) 504 return r; /* need to prime this stub */ 505 return NULL; 506} 507 508int hints_next_root(struct iter_hints* hints, uint16_t* qclass) 509{ 510 return name_tree_next_root(&hints->tree, qclass); 511} 512 513size_t 514hints_get_mem(struct iter_hints* hints) 515{ 516 size_t s; 517 struct iter_hints_stub* p; 518 if(!hints) return 0; 519 s = sizeof(*hints); 520 RBTREE_FOR(p, struct iter_hints_stub*, &hints->tree) { 521 s += sizeof(*p) + delegpt_get_mem(p->dp); 522 } 523 return s; 524} 525 526int 527hints_add_stub(struct iter_hints* hints, uint16_t c, struct delegpt* dp, 528 int noprime) 529{ 530 struct iter_hints_stub *z; 531 if((z=(struct iter_hints_stub*)name_tree_find(&hints->tree, 532 dp->name, dp->namelen, dp->namelabs, c)) != NULL) { 533 (void)rbtree_delete(&hints->tree, &z->node); 534 hints_stub_free(z); 535 } 536 if(!hints_insert(hints, c, dp, noprime)) 537 return 0; 538 name_tree_init_parents(&hints->tree); 539 return 1; 540} 541 542void 543hints_delete_stub(struct iter_hints* hints, uint16_t c, uint8_t* nm) 544{ 545 struct iter_hints_stub *z; 546 size_t len; 547 int labs = dname_count_size_labels(nm, &len); 548 if(!(z=(struct iter_hints_stub*)name_tree_find(&hints->tree, 549 nm, len, labs, c))) 550 return; /* nothing to do */ 551 (void)rbtree_delete(&hints->tree, &z->node); 552 hints_stub_free(z); 553 name_tree_init_parents(&hints->tree); 554} 555 556