1 /* 2 * services/authzone.c - authoritative zone that is locally hosted. 3 * 4 * Copyright (c) 2017, NLnet Labs. All rights reserved. 5 * 6 * This software is open source. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 12 * Redistributions of source code must retain the above copyright notice, 13 * this list of conditions and the following disclaimer. 14 * 15 * Redistributions in binary form must reproduce the above copyright notice, 16 * this list of conditions and the following disclaimer in the documentation 17 * and/or other materials provided with the distribution. 18 * 19 * Neither the name of the NLNET LABS nor the names of its contributors may 20 * be used to endorse or promote products derived from this software without 21 * specific prior written permission. 22 * 23 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 24 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 25 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 26 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 27 * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 28 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED 29 * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR 30 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF 31 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING 32 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS 33 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 34 */ 35 36 /** 37 * \file 38 * 39 * This file contains the functions for an authority zone. This zone 40 * is queried by the iterator, just like a stub or forward zone, but then 41 * the data is locally held. 42 */ 43 44 #include "config.h" 45 #include "services/authzone.h" 46 #include "util/data/dname.h" 47 #include "util/data/msgparse.h" 48 #include "util/data/msgreply.h" 49 #include "util/data/msgencode.h" 50 #include "util/data/packed_rrset.h" 51 #include "util/regional.h" 52 #include "util/net_help.h" 53 #include "util/netevent.h" 54 #include "util/config_file.h" 55 #include "util/log.h" 56 #include "util/module.h" 57 #include "util/random.h" 58 #include "services/cache/dns.h" 59 #include "services/outside_network.h" 60 #include "services/listen_dnsport.h" 61 #include "services/mesh.h" 62 #include "sldns/rrdef.h" 63 #include "sldns/pkthdr.h" 64 #include "sldns/sbuffer.h" 65 #include "sldns/str2wire.h" 66 #include "sldns/wire2str.h" 67 #include "sldns/parseutil.h" 68 #include "sldns/keyraw.h" 69 #include "validator/val_nsec3.h" 70 #include "validator/val_nsec.h" 71 #include "validator/val_secalgo.h" 72 #include "validator/val_sigcrypt.h" 73 #include "validator/val_anchor.h" 74 #include "validator/val_utils.h" 75 #include <ctype.h> 76 77 /** bytes to use for NSEC3 hash buffer. 20 for sha1 */ 78 #define N3HASHBUFLEN 32 79 /** max number of CNAMEs we are willing to follow (in one answer) */ 80 #define MAX_CNAME_CHAIN 8 81 /** timeout for probe packets for SOA */ 82 #define AUTH_PROBE_TIMEOUT 100 /* msec */ 83 /** when to stop with SOA probes (when exponential timeouts exceed this) */ 84 #define AUTH_PROBE_TIMEOUT_STOP 1000 /* msec */ 85 /* auth transfer timeout for TCP connections, in msec */ 86 #define AUTH_TRANSFER_TIMEOUT 10000 /* msec */ 87 /* auth transfer max backoff for failed transfers and probes */ 88 #define AUTH_TRANSFER_MAX_BACKOFF 86400 /* sec */ 89 /* auth http port number */ 90 #define AUTH_HTTP_PORT 80 91 /* auth https port number */ 92 #define AUTH_HTTPS_PORT 443 93 /* max depth for nested $INCLUDEs */ 94 #define MAX_INCLUDE_DEPTH 10 95 /** number of timeouts before we fallback from IXFR to AXFR, 96 * because some versions of servers (eg. dnsmasq) drop IXFR packets. */ 97 #define NUM_TIMEOUTS_FALLBACK_IXFR 3 98 99 /** pick up nextprobe task to start waiting to perform transfer actions */ 100 static void xfr_set_timeout(struct auth_xfer* xfr, struct module_env* env, 101 int failure, int lookup_only); 102 /** move to sending the probe packets, next if fails. task_probe */ 103 static void xfr_probe_send_or_end(struct auth_xfer* xfr, 104 struct module_env* env); 105 /** pick up probe task with specified(or NULL) destination first, 106 * or transfer task if nothing to probe, or false if already in progress */ 107 static int xfr_start_probe(struct auth_xfer* xfr, struct module_env* env, 108 struct auth_master* spec); 109 /** delete xfer structure (not its tree entry) */ 110 void auth_xfer_delete(struct auth_xfer* xfr); 111 112 /** create new dns_msg */ 113 static struct dns_msg* 114 msg_create(struct regional* region, struct query_info* qinfo) 115 { 116 struct dns_msg* msg = (struct dns_msg*)regional_alloc(region, 117 sizeof(struct dns_msg)); 118 if(!msg) 119 return NULL; 120 msg->qinfo.qname = regional_alloc_init(region, qinfo->qname, 121 qinfo->qname_len); 122 if(!msg->qinfo.qname) 123 return NULL; 124 msg->qinfo.qname_len = qinfo->qname_len; 125 msg->qinfo.qtype = qinfo->qtype; 126 msg->qinfo.qclass = qinfo->qclass; 127 msg->qinfo.local_alias = NULL; 128 /* non-packed reply_info, because it needs to grow the array */ 129 msg->rep = (struct reply_info*)regional_alloc_zero(region, 130 sizeof(struct reply_info)-sizeof(struct rrset_ref)); 131 if(!msg->rep) 132 return NULL; 133 msg->rep->flags = (uint16_t)(BIT_QR | BIT_AA); 134 msg->rep->authoritative = 1; 135 msg->rep->reason_bogus = LDNS_EDE_NONE; 136 msg->rep->qdcount = 1; 137 /* rrsets is NULL, no rrsets yet */ 138 return msg; 139 } 140 141 /** grow rrset array by one in msg */ 142 static int 143 msg_grow_array(struct regional* region, struct dns_msg* msg) 144 { 145 if(msg->rep->rrsets == NULL) { 146 msg->rep->rrsets = regional_alloc_zero(region, 147 sizeof(struct ub_packed_rrset_key*)*(msg->rep->rrset_count+1)); 148 if(!msg->rep->rrsets) 149 return 0; 150 } else { 151 struct ub_packed_rrset_key** rrsets_old = msg->rep->rrsets; 152 msg->rep->rrsets = regional_alloc_zero(region, 153 sizeof(struct ub_packed_rrset_key*)*(msg->rep->rrset_count+1)); 154 if(!msg->rep->rrsets) 155 return 0; 156 memmove(msg->rep->rrsets, rrsets_old, 157 sizeof(struct ub_packed_rrset_key*)*msg->rep->rrset_count); 158 } 159 return 1; 160 } 161 162 /** get ttl of rrset */ 163 static time_t 164 get_rrset_ttl(struct ub_packed_rrset_key* k) 165 { 166 struct packed_rrset_data* d = (struct packed_rrset_data*) 167 k->entry.data; 168 return d->ttl; 169 } 170 171 /** Copy rrset into region from domain-datanode and packet rrset */ 172 static struct ub_packed_rrset_key* 173 auth_packed_rrset_copy_region(struct auth_zone* z, struct auth_data* node, 174 struct auth_rrset* rrset, struct regional* region) 175 { 176 struct ub_packed_rrset_key key; 177 memset(&key, 0, sizeof(key)); 178 key.entry.key = &key; 179 key.entry.data = rrset->data; 180 key.rk.dname = node->name; 181 key.rk.dname_len = node->namelen; 182 key.rk.type = htons(rrset->type); 183 key.rk.rrset_class = htons(z->dclass); 184 key.entry.hash = rrset_key_hash(&key.rk); 185 return packed_rrset_copy_region(&key, region, 0); 186 } 187 188 /** fix up msg->rep TTL and prefetch ttl */ 189 static void 190 msg_ttl(struct dns_msg* msg) 191 { 192 if(msg->rep->rrset_count == 0) return; 193 if(msg->rep->rrset_count == 1) { 194 msg->rep->ttl = get_rrset_ttl(msg->rep->rrsets[0]); 195 msg->rep->prefetch_ttl = PREFETCH_TTL_CALC(msg->rep->ttl); 196 msg->rep->serve_expired_ttl = msg->rep->ttl + SERVE_EXPIRED_TTL; 197 } else if(get_rrset_ttl(msg->rep->rrsets[msg->rep->rrset_count-1]) < 198 msg->rep->ttl) { 199 msg->rep->ttl = get_rrset_ttl(msg->rep->rrsets[ 200 msg->rep->rrset_count-1]); 201 msg->rep->prefetch_ttl = PREFETCH_TTL_CALC(msg->rep->ttl); 202 msg->rep->serve_expired_ttl = msg->rep->ttl + SERVE_EXPIRED_TTL; 203 } 204 } 205 206 /** see if rrset is a duplicate in the answer message */ 207 static int 208 msg_rrset_duplicate(struct dns_msg* msg, uint8_t* nm, size_t nmlen, 209 uint16_t type, uint16_t dclass) 210 { 211 size_t i; 212 for(i=0; i<msg->rep->rrset_count; i++) { 213 struct ub_packed_rrset_key* k = msg->rep->rrsets[i]; 214 if(ntohs(k->rk.type) == type && k->rk.dname_len == nmlen && 215 ntohs(k->rk.rrset_class) == dclass && 216 query_dname_compare(k->rk.dname, nm) == 0) 217 return 1; 218 } 219 return 0; 220 } 221 222 /** add rrset to answer section (no auth, add rrsets yet) */ 223 static int 224 msg_add_rrset_an(struct auth_zone* z, struct regional* region, 225 struct dns_msg* msg, struct auth_data* node, struct auth_rrset* rrset) 226 { 227 log_assert(msg->rep->ns_numrrsets == 0); 228 log_assert(msg->rep->ar_numrrsets == 0); 229 if(!rrset || !node) 230 return 1; 231 if(msg_rrset_duplicate(msg, node->name, node->namelen, rrset->type, 232 z->dclass)) 233 return 1; 234 /* grow array */ 235 if(!msg_grow_array(region, msg)) 236 return 0; 237 /* copy it */ 238 if(!(msg->rep->rrsets[msg->rep->rrset_count] = 239 auth_packed_rrset_copy_region(z, node, rrset, region))) 240 return 0; 241 msg->rep->rrset_count++; 242 msg->rep->an_numrrsets++; 243 msg_ttl(msg); 244 return 1; 245 } 246 247 /** add rrset to authority section (no additional section rrsets yet) */ 248 static int 249 msg_add_rrset_ns(struct auth_zone* z, struct regional* region, 250 struct dns_msg* msg, struct auth_data* node, struct auth_rrset* rrset) 251 { 252 log_assert(msg->rep->ar_numrrsets == 0); 253 if(!rrset || !node) 254 return 1; 255 if(msg_rrset_duplicate(msg, node->name, node->namelen, rrset->type, 256 z->dclass)) 257 return 1; 258 /* grow array */ 259 if(!msg_grow_array(region, msg)) 260 return 0; 261 /* copy it */ 262 if(!(msg->rep->rrsets[msg->rep->rrset_count] = 263 auth_packed_rrset_copy_region(z, node, rrset, region))) 264 return 0; 265 msg->rep->rrset_count++; 266 msg->rep->ns_numrrsets++; 267 msg_ttl(msg); 268 return 1; 269 } 270 271 /** add rrset to additional section */ 272 static int 273 msg_add_rrset_ar(struct auth_zone* z, struct regional* region, 274 struct dns_msg* msg, struct auth_data* node, struct auth_rrset* rrset) 275 { 276 if(!rrset || !node) 277 return 1; 278 if(msg_rrset_duplicate(msg, node->name, node->namelen, rrset->type, 279 z->dclass)) 280 return 1; 281 /* grow array */ 282 if(!msg_grow_array(region, msg)) 283 return 0; 284 /* copy it */ 285 if(!(msg->rep->rrsets[msg->rep->rrset_count] = 286 auth_packed_rrset_copy_region(z, node, rrset, region))) 287 return 0; 288 msg->rep->rrset_count++; 289 msg->rep->ar_numrrsets++; 290 msg_ttl(msg); 291 return 1; 292 } 293 294 struct auth_zones* auth_zones_create(void) 295 { 296 struct auth_zones* az = (struct auth_zones*)calloc(1, sizeof(*az)); 297 if(!az) { 298 log_err("out of memory"); 299 return NULL; 300 } 301 rbtree_init(&az->ztree, &auth_zone_cmp); 302 rbtree_init(&az->xtree, &auth_xfer_cmp); 303 lock_rw_init(&az->lock); 304 lock_protect(&az->lock, &az->ztree, sizeof(az->ztree)); 305 lock_protect(&az->lock, &az->xtree, sizeof(az->xtree)); 306 /* also lock protects the rbnode's in struct auth_zone, auth_xfer */ 307 lock_rw_init(&az->rpz_lock); 308 lock_protect(&az->rpz_lock, &az->rpz_first, sizeof(az->rpz_first)); 309 return az; 310 } 311 312 int auth_zone_cmp(const void* z1, const void* z2) 313 { 314 /* first sort on class, so that hierarchy can be maintained within 315 * a class */ 316 struct auth_zone* a = (struct auth_zone*)z1; 317 struct auth_zone* b = (struct auth_zone*)z2; 318 int m; 319 if(a->dclass != b->dclass) { 320 if(a->dclass < b->dclass) 321 return -1; 322 return 1; 323 } 324 /* sorted such that higher zones sort before lower zones (their 325 * contents) */ 326 return dname_lab_cmp(a->name, a->namelabs, b->name, b->namelabs, &m); 327 } 328 329 int auth_data_cmp(const void* z1, const void* z2) 330 { 331 struct auth_data* a = (struct auth_data*)z1; 332 struct auth_data* b = (struct auth_data*)z2; 333 int m; 334 /* canonical sort, because DNSSEC needs that */ 335 return dname_canon_lab_cmp(a->name, a->namelabs, b->name, 336 b->namelabs, &m); 337 } 338 339 int auth_xfer_cmp(const void* z1, const void* z2) 340 { 341 /* first sort on class, so that hierarchy can be maintained within 342 * a class */ 343 struct auth_xfer* a = (struct auth_xfer*)z1; 344 struct auth_xfer* b = (struct auth_xfer*)z2; 345 int m; 346 if(a->dclass != b->dclass) { 347 if(a->dclass < b->dclass) 348 return -1; 349 return 1; 350 } 351 /* sorted such that higher zones sort before lower zones (their 352 * contents) */ 353 return dname_lab_cmp(a->name, a->namelabs, b->name, b->namelabs, &m); 354 } 355 356 /** delete auth rrset node */ 357 static void 358 auth_rrset_delete(struct auth_rrset* rrset) 359 { 360 if(!rrset) return; 361 free(rrset->data); 362 free(rrset); 363 } 364 365 /** delete auth data domain node */ 366 static void 367 auth_data_delete(struct auth_data* n) 368 { 369 struct auth_rrset* p, *np; 370 if(!n) return; 371 p = n->rrsets; 372 while(p) { 373 np = p->next; 374 auth_rrset_delete(p); 375 p = np; 376 } 377 free(n->name); 378 free(n); 379 } 380 381 /** helper traverse to delete zones */ 382 static void 383 auth_data_del(rbnode_type* n, void* ATTR_UNUSED(arg)) 384 { 385 struct auth_data* z = (struct auth_data*)n->key; 386 auth_data_delete(z); 387 } 388 389 /** delete an auth zone structure (tree remove must be done elsewhere) */ 390 static void 391 auth_zone_delete(struct auth_zone* z, struct auth_zones* az) 392 { 393 if(!z) return; 394 lock_rw_destroy(&z->lock); 395 traverse_postorder(&z->data, auth_data_del, NULL); 396 397 if(az && z->rpz) { 398 /* keep RPZ linked list intact */ 399 lock_rw_wrlock(&az->rpz_lock); 400 if(z->rpz_az_prev) 401 z->rpz_az_prev->rpz_az_next = z->rpz_az_next; 402 else 403 az->rpz_first = z->rpz_az_next; 404 if(z->rpz_az_next) 405 z->rpz_az_next->rpz_az_prev = z->rpz_az_prev; 406 lock_rw_unlock(&az->rpz_lock); 407 } 408 if(z->rpz) 409 rpz_delete(z->rpz); 410 free(z->name); 411 free(z->zonefile); 412 free(z); 413 } 414 415 struct auth_zone* 416 auth_zone_create(struct auth_zones* az, uint8_t* nm, size_t nmlen, 417 uint16_t dclass) 418 { 419 struct auth_zone* z = (struct auth_zone*)calloc(1, sizeof(*z)); 420 if(!z) { 421 return NULL; 422 } 423 z->node.key = z; 424 z->dclass = dclass; 425 z->namelen = nmlen; 426 z->namelabs = dname_count_labels(nm); 427 z->name = memdup(nm, nmlen); 428 if(!z->name) { 429 free(z); 430 return NULL; 431 } 432 rbtree_init(&z->data, &auth_data_cmp); 433 lock_rw_init(&z->lock); 434 lock_protect(&z->lock, &z->name, sizeof(*z)-sizeof(rbnode_type)- 435 sizeof(&z->rpz_az_next)-sizeof(&z->rpz_az_prev)); 436 lock_rw_wrlock(&z->lock); 437 /* z lock protects all, except rbtree itself and the rpz linked list 438 * pointers, which are protected using az->lock */ 439 if(!rbtree_insert(&az->ztree, &z->node)) { 440 lock_rw_unlock(&z->lock); 441 auth_zone_delete(z, NULL); 442 log_warn("duplicate auth zone"); 443 return NULL; 444 } 445 return z; 446 } 447 448 struct auth_zone* 449 auth_zone_find(struct auth_zones* az, uint8_t* nm, size_t nmlen, 450 uint16_t dclass) 451 { 452 struct auth_zone key; 453 key.node.key = &key; 454 key.dclass = dclass; 455 key.name = nm; 456 key.namelen = nmlen; 457 key.namelabs = dname_count_labels(nm); 458 return (struct auth_zone*)rbtree_search(&az->ztree, &key); 459 } 460 461 struct auth_xfer* 462 auth_xfer_find(struct auth_zones* az, uint8_t* nm, size_t nmlen, 463 uint16_t dclass) 464 { 465 struct auth_xfer key; 466 key.node.key = &key; 467 key.dclass = dclass; 468 key.name = nm; 469 key.namelen = nmlen; 470 key.namelabs = dname_count_labels(nm); 471 return (struct auth_xfer*)rbtree_search(&az->xtree, &key); 472 } 473 474 /** find an auth zone or sorted less-or-equal, return true if exact */ 475 static int 476 auth_zone_find_less_equal(struct auth_zones* az, uint8_t* nm, size_t nmlen, 477 uint16_t dclass, struct auth_zone** z) 478 { 479 struct auth_zone key; 480 key.node.key = &key; 481 key.dclass = dclass; 482 key.name = nm; 483 key.namelen = nmlen; 484 key.namelabs = dname_count_labels(nm); 485 return rbtree_find_less_equal(&az->ztree, &key, (rbnode_type**)z); 486 } 487 488 489 /** find the auth zone that is above the given name */ 490 struct auth_zone* 491 auth_zones_find_zone(struct auth_zones* az, uint8_t* name, size_t name_len, 492 uint16_t dclass) 493 { 494 uint8_t* nm = name; 495 size_t nmlen = name_len; 496 struct auth_zone* z; 497 if(auth_zone_find_less_equal(az, nm, nmlen, dclass, &z)) { 498 /* exact match */ 499 return z; 500 } else { 501 /* less-or-nothing */ 502 if(!z) return NULL; /* nothing smaller, nothing above it */ 503 /* we found smaller name; smaller may be above the name, 504 * but not below it. */ 505 nm = dname_get_shared_topdomain(z->name, name); 506 dname_count_size_labels(nm, &nmlen); 507 z = NULL; 508 } 509 510 /* search up */ 511 while(!z) { 512 z = auth_zone_find(az, nm, nmlen, dclass); 513 if(z) return z; 514 if(dname_is_root(nm)) break; 515 dname_remove_label(&nm, &nmlen); 516 } 517 return NULL; 518 } 519 520 /** find or create zone with name str. caller must have lock on az. 521 * returns a wrlocked zone */ 522 static struct auth_zone* 523 auth_zones_find_or_add_zone(struct auth_zones* az, char* name) 524 { 525 uint8_t nm[LDNS_MAX_DOMAINLEN+1]; 526 size_t nmlen = sizeof(nm); 527 struct auth_zone* z; 528 529 if(sldns_str2wire_dname_buf(name, nm, &nmlen) != 0) { 530 log_err("cannot parse auth zone name: %s", name); 531 return 0; 532 } 533 z = auth_zone_find(az, nm, nmlen, LDNS_RR_CLASS_IN); 534 if(!z) { 535 /* not found, create the zone */ 536 z = auth_zone_create(az, nm, nmlen, LDNS_RR_CLASS_IN); 537 } else { 538 lock_rw_wrlock(&z->lock); 539 } 540 return z; 541 } 542 543 /** find or create xfer zone with name str. caller must have lock on az. 544 * returns a locked xfer */ 545 static struct auth_xfer* 546 auth_zones_find_or_add_xfer(struct auth_zones* az, struct auth_zone* z) 547 { 548 struct auth_xfer* x; 549 x = auth_xfer_find(az, z->name, z->namelen, z->dclass); 550 if(!x) { 551 /* not found, create the zone */ 552 x = auth_xfer_create(az, z); 553 } else { 554 lock_basic_lock(&x->lock); 555 } 556 return x; 557 } 558 559 int 560 auth_zone_set_zonefile(struct auth_zone* z, char* zonefile) 561 { 562 if(z->zonefile) free(z->zonefile); 563 if(zonefile == NULL) { 564 z->zonefile = NULL; 565 } else { 566 z->zonefile = strdup(zonefile); 567 if(!z->zonefile) { 568 log_err("malloc failure"); 569 return 0; 570 } 571 } 572 return 1; 573 } 574 575 /** set auth zone fallback. caller must have lock on zone */ 576 int 577 auth_zone_set_fallback(struct auth_zone* z, char* fallbackstr) 578 { 579 if(strcmp(fallbackstr, "yes") != 0 && strcmp(fallbackstr, "no") != 0){ 580 log_err("auth zone fallback, expected yes or no, got %s", 581 fallbackstr); 582 return 0; 583 } 584 z->fallback_enabled = (strcmp(fallbackstr, "yes")==0); 585 return 1; 586 } 587 588 /** create domain with the given name */ 589 static struct auth_data* 590 az_domain_create(struct auth_zone* z, uint8_t* nm, size_t nmlen) 591 { 592 struct auth_data* n = (struct auth_data*)malloc(sizeof(*n)); 593 if(!n) return NULL; 594 memset(n, 0, sizeof(*n)); 595 n->node.key = n; 596 n->name = memdup(nm, nmlen); 597 if(!n->name) { 598 free(n); 599 return NULL; 600 } 601 n->namelen = nmlen; 602 n->namelabs = dname_count_labels(nm); 603 if(!rbtree_insert(&z->data, &n->node)) { 604 log_warn("duplicate auth domain name"); 605 free(n->name); 606 free(n); 607 return NULL; 608 } 609 return n; 610 } 611 612 /** find domain with exactly the given name */ 613 static struct auth_data* 614 az_find_name(struct auth_zone* z, uint8_t* nm, size_t nmlen) 615 { 616 struct auth_zone key; 617 key.node.key = &key; 618 key.name = nm; 619 key.namelen = nmlen; 620 key.namelabs = dname_count_labels(nm); 621 return (struct auth_data*)rbtree_search(&z->data, &key); 622 } 623 624 /** Find domain name (or closest match) */ 625 static void 626 az_find_domain(struct auth_zone* z, struct query_info* qinfo, int* node_exact, 627 struct auth_data** node) 628 { 629 struct auth_zone key; 630 key.node.key = &key; 631 key.name = qinfo->qname; 632 key.namelen = qinfo->qname_len; 633 key.namelabs = dname_count_labels(key.name); 634 *node_exact = rbtree_find_less_equal(&z->data, &key, 635 (rbnode_type**)node); 636 } 637 638 /** find or create domain with name in zone */ 639 static struct auth_data* 640 az_domain_find_or_create(struct auth_zone* z, uint8_t* dname, 641 size_t dname_len) 642 { 643 struct auth_data* n = az_find_name(z, dname, dname_len); 644 if(!n) { 645 n = az_domain_create(z, dname, dname_len); 646 } 647 return n; 648 } 649 650 /** find rrset of given type in the domain */ 651 static struct auth_rrset* 652 az_domain_rrset(struct auth_data* n, uint16_t t) 653 { 654 struct auth_rrset* rrset; 655 if(!n) return NULL; 656 rrset = n->rrsets; 657 while(rrset) { 658 if(rrset->type == t) 659 return rrset; 660 rrset = rrset->next; 661 } 662 return NULL; 663 } 664 665 /** remove rrset of this type from domain */ 666 static void 667 domain_remove_rrset(struct auth_data* node, uint16_t rr_type) 668 { 669 struct auth_rrset* rrset, *prev; 670 if(!node) return; 671 prev = NULL; 672 rrset = node->rrsets; 673 while(rrset) { 674 if(rrset->type == rr_type) { 675 /* found it, now delete it */ 676 if(prev) prev->next = rrset->next; 677 else node->rrsets = rrset->next; 678 auth_rrset_delete(rrset); 679 return; 680 } 681 prev = rrset; 682 rrset = rrset->next; 683 } 684 } 685 686 /** find an rrsig index in the rrset. returns true if found */ 687 static int 688 az_rrset_find_rrsig(struct packed_rrset_data* d, uint8_t* rdata, size_t len, 689 size_t* index) 690 { 691 size_t i; 692 for(i=d->count; i<d->count + d->rrsig_count; i++) { 693 if(d->rr_len[i] != len) 694 continue; 695 if(memcmp(d->rr_data[i], rdata, len) == 0) { 696 *index = i; 697 return 1; 698 } 699 } 700 return 0; 701 } 702 703 /** see if rdata is duplicate */ 704 static int 705 rdata_duplicate(struct packed_rrset_data* d, uint8_t* rdata, size_t len) 706 { 707 size_t i; 708 for(i=0; i<d->count + d->rrsig_count; i++) { 709 if(d->rr_len[i] != len) 710 continue; 711 if(memcmp(d->rr_data[i], rdata, len) == 0) 712 return 1; 713 } 714 return 0; 715 } 716 717 /** get rrsig type covered from rdata. 718 * @param rdata: rdata in wireformat, starting with 16bit rdlength. 719 * @param rdatalen: length of rdata buffer. 720 * @return type covered (or 0). 721 */ 722 static uint16_t 723 rrsig_rdata_get_type_covered(uint8_t* rdata, size_t rdatalen) 724 { 725 if(rdatalen < 4) 726 return 0; 727 return sldns_read_uint16(rdata+2); 728 } 729 730 /** remove RR from existing RRset. Also sig, if it is a signature. 731 * reallocates the packed rrset for a new one, false on alloc failure */ 732 static int 733 rrset_remove_rr(struct auth_rrset* rrset, size_t index) 734 { 735 struct packed_rrset_data* d, *old = rrset->data; 736 size_t i; 737 if(index >= old->count + old->rrsig_count) 738 return 0; /* index out of bounds */ 739 d = (struct packed_rrset_data*)calloc(1, packed_rrset_sizeof(old) - ( 740 sizeof(size_t) + sizeof(uint8_t*) + sizeof(time_t) + 741 old->rr_len[index])); 742 if(!d) { 743 log_err("malloc failure"); 744 return 0; 745 } 746 d->ttl = old->ttl; 747 d->count = old->count; 748 d->rrsig_count = old->rrsig_count; 749 if(index < d->count) d->count--; 750 else d->rrsig_count--; 751 d->trust = old->trust; 752 d->security = old->security; 753 754 /* set rr_len, needed for ptr_fixup */ 755 d->rr_len = (size_t*)((uint8_t*)d + 756 sizeof(struct packed_rrset_data)); 757 if(index > 0) 758 memmove(d->rr_len, old->rr_len, (index)*sizeof(size_t)); 759 if(index+1 < old->count+old->rrsig_count) 760 memmove(&d->rr_len[index], &old->rr_len[index+1], 761 (old->count+old->rrsig_count - (index+1))*sizeof(size_t)); 762 packed_rrset_ptr_fixup(d); 763 764 /* move over ttls */ 765 if(index > 0) 766 memmove(d->rr_ttl, old->rr_ttl, (index)*sizeof(time_t)); 767 if(index+1 < old->count+old->rrsig_count) 768 memmove(&d->rr_ttl[index], &old->rr_ttl[index+1], 769 (old->count+old->rrsig_count - (index+1))*sizeof(time_t)); 770 771 /* move over rr_data */ 772 for(i=0; i<d->count+d->rrsig_count; i++) { 773 size_t oldi; 774 if(i < index) oldi = i; 775 else oldi = i+1; 776 memmove(d->rr_data[i], old->rr_data[oldi], d->rr_len[i]); 777 } 778 779 /* recalc ttl (lowest of remaining RR ttls) */ 780 if(d->count + d->rrsig_count > 0) 781 d->ttl = d->rr_ttl[0]; 782 for(i=0; i<d->count+d->rrsig_count; i++) { 783 if(d->rr_ttl[i] < d->ttl) 784 d->ttl = d->rr_ttl[i]; 785 } 786 787 free(rrset->data); 788 rrset->data = d; 789 return 1; 790 } 791 792 /** add RR to existing RRset. If insert_sig is true, add to rrsigs. 793 * This reallocates the packed rrset for a new one */ 794 static int 795 rrset_add_rr(struct auth_rrset* rrset, uint32_t rr_ttl, uint8_t* rdata, 796 size_t rdatalen, int insert_sig) 797 { 798 struct packed_rrset_data* d, *old = rrset->data; 799 size_t total, old_total; 800 801 d = (struct packed_rrset_data*)calloc(1, packed_rrset_sizeof(old) 802 + sizeof(size_t) + sizeof(uint8_t*) + sizeof(time_t) 803 + rdatalen); 804 if(!d) { 805 log_err("out of memory"); 806 return 0; 807 } 808 /* copy base values */ 809 memcpy(d, old, sizeof(struct packed_rrset_data)); 810 if(!insert_sig) { 811 d->count++; 812 } else { 813 d->rrsig_count++; 814 } 815 old_total = old->count + old->rrsig_count; 816 total = d->count + d->rrsig_count; 817 /* set rr_len, needed for ptr_fixup */ 818 d->rr_len = (size_t*)((uint8_t*)d + 819 sizeof(struct packed_rrset_data)); 820 if(old->count != 0) 821 memmove(d->rr_len, old->rr_len, old->count*sizeof(size_t)); 822 if(old->rrsig_count != 0) 823 memmove(d->rr_len+d->count, old->rr_len+old->count, 824 old->rrsig_count*sizeof(size_t)); 825 if(!insert_sig) 826 d->rr_len[d->count-1] = rdatalen; 827 else d->rr_len[total-1] = rdatalen; 828 packed_rrset_ptr_fixup(d); 829 if((time_t)rr_ttl < d->ttl) 830 d->ttl = rr_ttl; 831 832 /* copy old values into new array */ 833 if(old->count != 0) { 834 memmove(d->rr_ttl, old->rr_ttl, old->count*sizeof(time_t)); 835 /* all the old rr pieces are allocated sequential, so we 836 * can copy them in one go */ 837 memmove(d->rr_data[0], old->rr_data[0], 838 (old->rr_data[old->count-1] - old->rr_data[0]) + 839 old->rr_len[old->count-1]); 840 } 841 if(old->rrsig_count != 0) { 842 memmove(d->rr_ttl+d->count, old->rr_ttl+old->count, 843 old->rrsig_count*sizeof(time_t)); 844 memmove(d->rr_data[d->count], old->rr_data[old->count], 845 (old->rr_data[old_total-1] - old->rr_data[old->count]) + 846 old->rr_len[old_total-1]); 847 } 848 849 /* insert new value */ 850 if(!insert_sig) { 851 d->rr_ttl[d->count-1] = rr_ttl; 852 memmove(d->rr_data[d->count-1], rdata, rdatalen); 853 } else { 854 d->rr_ttl[total-1] = rr_ttl; 855 memmove(d->rr_data[total-1], rdata, rdatalen); 856 } 857 858 rrset->data = d; 859 free(old); 860 return 1; 861 } 862 863 /** Create new rrset for node with packed rrset with one RR element */ 864 static struct auth_rrset* 865 rrset_create(struct auth_data* node, uint16_t rr_type, uint32_t rr_ttl, 866 uint8_t* rdata, size_t rdatalen) 867 { 868 struct auth_rrset* rrset = (struct auth_rrset*)calloc(1, 869 sizeof(*rrset)); 870 struct auth_rrset* p, *prev; 871 struct packed_rrset_data* d; 872 if(!rrset) { 873 log_err("out of memory"); 874 return NULL; 875 } 876 rrset->type = rr_type; 877 878 /* the rrset data structure, with one RR */ 879 d = (struct packed_rrset_data*)calloc(1, 880 sizeof(struct packed_rrset_data) + sizeof(size_t) + 881 sizeof(uint8_t*) + sizeof(time_t) + rdatalen); 882 if(!d) { 883 free(rrset); 884 log_err("out of memory"); 885 return NULL; 886 } 887 rrset->data = d; 888 d->ttl = rr_ttl; 889 d->trust = rrset_trust_prim_noglue; 890 d->rr_len = (size_t*)((uint8_t*)d + sizeof(struct packed_rrset_data)); 891 d->rr_data = (uint8_t**)&(d->rr_len[1]); 892 d->rr_ttl = (time_t*)&(d->rr_data[1]); 893 d->rr_data[0] = (uint8_t*)&(d->rr_ttl[1]); 894 895 /* insert the RR */ 896 d->rr_len[0] = rdatalen; 897 d->rr_ttl[0] = rr_ttl; 898 memmove(d->rr_data[0], rdata, rdatalen); 899 d->count++; 900 901 /* insert rrset into linked list for domain */ 902 /* find sorted place to link the rrset into the list */ 903 prev = NULL; 904 p = node->rrsets; 905 while(p && p->type<=rr_type) { 906 prev = p; 907 p = p->next; 908 } 909 /* so, prev is smaller, and p is larger than rr_type */ 910 rrset->next = p; 911 if(prev) prev->next = rrset; 912 else node->rrsets = rrset; 913 return rrset; 914 } 915 916 /** count number (and size) of rrsigs that cover a type */ 917 static size_t 918 rrsig_num_that_cover(struct auth_rrset* rrsig, uint16_t rr_type, size_t* sigsz) 919 { 920 struct packed_rrset_data* d = rrsig->data; 921 size_t i, num = 0; 922 *sigsz = 0; 923 log_assert(d && rrsig->type == LDNS_RR_TYPE_RRSIG); 924 for(i=0; i<d->count+d->rrsig_count; i++) { 925 if(rrsig_rdata_get_type_covered(d->rr_data[i], 926 d->rr_len[i]) == rr_type) { 927 num++; 928 (*sigsz) += d->rr_len[i]; 929 } 930 } 931 return num; 932 } 933 934 /** See if rrsig set has covered sigs for rrset and move them over */ 935 static int 936 rrset_moveover_rrsigs(struct auth_data* node, uint16_t rr_type, 937 struct auth_rrset* rrset, struct auth_rrset* rrsig) 938 { 939 size_t sigs, sigsz, i, j, total; 940 struct packed_rrset_data* sigold = rrsig->data; 941 struct packed_rrset_data* old = rrset->data; 942 struct packed_rrset_data* d, *sigd; 943 944 log_assert(rrset->type == rr_type); 945 log_assert(rrsig->type == LDNS_RR_TYPE_RRSIG); 946 sigs = rrsig_num_that_cover(rrsig, rr_type, &sigsz); 947 if(sigs == 0) { 948 /* 0 rrsigs to move over, done */ 949 return 1; 950 } 951 952 /* allocate rrset sigsz larger for extra sigs elements, and 953 * allocate rrsig sigsz smaller for less sigs elements. */ 954 d = (struct packed_rrset_data*)calloc(1, packed_rrset_sizeof(old) 955 + sigs*(sizeof(size_t) + sizeof(uint8_t*) + sizeof(time_t)) 956 + sigsz); 957 if(!d) { 958 log_err("out of memory"); 959 return 0; 960 } 961 /* copy base values */ 962 total = old->count + old->rrsig_count; 963 memcpy(d, old, sizeof(struct packed_rrset_data)); 964 d->rrsig_count += sigs; 965 /* setup rr_len */ 966 d->rr_len = (size_t*)((uint8_t*)d + 967 sizeof(struct packed_rrset_data)); 968 if(total != 0) 969 memmove(d->rr_len, old->rr_len, total*sizeof(size_t)); 970 j = d->count+d->rrsig_count-sigs; 971 for(i=0; i<sigold->count+sigold->rrsig_count; i++) { 972 if(rrsig_rdata_get_type_covered(sigold->rr_data[i], 973 sigold->rr_len[i]) == rr_type) { 974 d->rr_len[j] = sigold->rr_len[i]; 975 j++; 976 } 977 } 978 packed_rrset_ptr_fixup(d); 979 980 /* copy old values into new array */ 981 if(total != 0) { 982 memmove(d->rr_ttl, old->rr_ttl, total*sizeof(time_t)); 983 /* all the old rr pieces are allocated sequential, so we 984 * can copy them in one go */ 985 memmove(d->rr_data[0], old->rr_data[0], 986 (old->rr_data[total-1] - old->rr_data[0]) + 987 old->rr_len[total-1]); 988 } 989 990 /* move over the rrsigs to the larger rrset*/ 991 j = d->count+d->rrsig_count-sigs; 992 for(i=0; i<sigold->count+sigold->rrsig_count; i++) { 993 if(rrsig_rdata_get_type_covered(sigold->rr_data[i], 994 sigold->rr_len[i]) == rr_type) { 995 /* move this one over to location j */ 996 d->rr_ttl[j] = sigold->rr_ttl[i]; 997 memmove(d->rr_data[j], sigold->rr_data[i], 998 sigold->rr_len[i]); 999 if(d->rr_ttl[j] < d->ttl) 1000 d->ttl = d->rr_ttl[j]; 1001 j++; 1002 } 1003 } 1004 1005 /* put it in and deallocate the old rrset */ 1006 rrset->data = d; 1007 free(old); 1008 1009 /* now make rrsig set smaller */ 1010 if(sigold->count+sigold->rrsig_count == sigs) { 1011 /* remove all sigs from rrsig, remove it entirely */ 1012 domain_remove_rrset(node, LDNS_RR_TYPE_RRSIG); 1013 return 1; 1014 } 1015 log_assert(packed_rrset_sizeof(sigold) > sigs*(sizeof(size_t) + 1016 sizeof(uint8_t*) + sizeof(time_t)) + sigsz); 1017 sigd = (struct packed_rrset_data*)calloc(1, packed_rrset_sizeof(sigold) 1018 - sigs*(sizeof(size_t) + sizeof(uint8_t*) + sizeof(time_t)) 1019 - sigsz); 1020 if(!sigd) { 1021 /* no need to free up d, it has already been placed in the 1022 * node->rrset structure */ 1023 log_err("out of memory"); 1024 return 0; 1025 } 1026 /* copy base values */ 1027 memcpy(sigd, sigold, sizeof(struct packed_rrset_data)); 1028 /* in sigd the RRSIGs are stored in the base of the RR, in count */ 1029 sigd->count -= sigs; 1030 /* setup rr_len */ 1031 sigd->rr_len = (size_t*)((uint8_t*)sigd + 1032 sizeof(struct packed_rrset_data)); 1033 j = 0; 1034 for(i=0; i<sigold->count+sigold->rrsig_count; i++) { 1035 if(rrsig_rdata_get_type_covered(sigold->rr_data[i], 1036 sigold->rr_len[i]) != rr_type) { 1037 sigd->rr_len[j] = sigold->rr_len[i]; 1038 j++; 1039 } 1040 } 1041 packed_rrset_ptr_fixup(sigd); 1042 1043 /* copy old values into new rrsig array */ 1044 j = 0; 1045 for(i=0; i<sigold->count+sigold->rrsig_count; i++) { 1046 if(rrsig_rdata_get_type_covered(sigold->rr_data[i], 1047 sigold->rr_len[i]) != rr_type) { 1048 /* move this one over to location j */ 1049 sigd->rr_ttl[j] = sigold->rr_ttl[i]; 1050 memmove(sigd->rr_data[j], sigold->rr_data[i], 1051 sigold->rr_len[i]); 1052 if(j==0) sigd->ttl = sigd->rr_ttl[j]; 1053 else { 1054 if(sigd->rr_ttl[j] < sigd->ttl) 1055 sigd->ttl = sigd->rr_ttl[j]; 1056 } 1057 j++; 1058 } 1059 } 1060 1061 /* put it in and deallocate the old rrset */ 1062 rrsig->data = sigd; 1063 free(sigold); 1064 1065 return 1; 1066 } 1067 1068 /** copy the rrsigs from the rrset to the rrsig rrset, because the rrset 1069 * is going to be deleted. reallocates the RRSIG rrset data. */ 1070 static int 1071 rrsigs_copy_from_rrset_to_rrsigset(struct auth_rrset* rrset, 1072 struct auth_rrset* rrsigset) 1073 { 1074 size_t i; 1075 if(rrset->data->rrsig_count == 0) 1076 return 1; 1077 1078 /* move them over one by one, because there might be duplicates, 1079 * duplicates are ignored */ 1080 for(i=rrset->data->count; 1081 i<rrset->data->count+rrset->data->rrsig_count; i++) { 1082 uint8_t* rdata = rrset->data->rr_data[i]; 1083 size_t rdatalen = rrset->data->rr_len[i]; 1084 time_t rr_ttl = rrset->data->rr_ttl[i]; 1085 1086 if(rdata_duplicate(rrsigset->data, rdata, rdatalen)) { 1087 continue; 1088 } 1089 if(!rrset_add_rr(rrsigset, rr_ttl, rdata, rdatalen, 0)) 1090 return 0; 1091 } 1092 return 1; 1093 } 1094 1095 /** Add rr to node, ignores duplicate RRs, 1096 * rdata points to buffer with rdatalen octets, starts with 2bytelength. */ 1097 static int 1098 az_domain_add_rr(struct auth_data* node, uint16_t rr_type, uint32_t rr_ttl, 1099 uint8_t* rdata, size_t rdatalen, int* duplicate) 1100 { 1101 struct auth_rrset* rrset; 1102 /* packed rrsets have their rrsigs along with them, sort them out */ 1103 if(rr_type == LDNS_RR_TYPE_RRSIG) { 1104 uint16_t ctype = rrsig_rdata_get_type_covered(rdata, rdatalen); 1105 if((rrset=az_domain_rrset(node, ctype))!= NULL) { 1106 /* a node of the correct type exists, add the RRSIG 1107 * to the rrset of the covered data type */ 1108 if(rdata_duplicate(rrset->data, rdata, rdatalen)) { 1109 if(duplicate) *duplicate = 1; 1110 return 1; 1111 } 1112 if(!rrset_add_rr(rrset, rr_ttl, rdata, rdatalen, 1)) 1113 return 0; 1114 } else if((rrset=az_domain_rrset(node, rr_type))!= NULL) { 1115 /* add RRSIG to rrset of type RRSIG */ 1116 if(rdata_duplicate(rrset->data, rdata, rdatalen)) { 1117 if(duplicate) *duplicate = 1; 1118 return 1; 1119 } 1120 if(!rrset_add_rr(rrset, rr_ttl, rdata, rdatalen, 0)) 1121 return 0; 1122 } else { 1123 /* create rrset of type RRSIG */ 1124 if(!rrset_create(node, rr_type, rr_ttl, rdata, 1125 rdatalen)) 1126 return 0; 1127 } 1128 } else { 1129 /* normal RR type */ 1130 if((rrset=az_domain_rrset(node, rr_type))!= NULL) { 1131 /* add data to existing node with data type */ 1132 if(rdata_duplicate(rrset->data, rdata, rdatalen)) { 1133 if(duplicate) *duplicate = 1; 1134 return 1; 1135 } 1136 if(!rrset_add_rr(rrset, rr_ttl, rdata, rdatalen, 0)) 1137 return 0; 1138 } else { 1139 struct auth_rrset* rrsig; 1140 /* create new node with data type */ 1141 if(!(rrset=rrset_create(node, rr_type, rr_ttl, rdata, 1142 rdatalen))) 1143 return 0; 1144 1145 /* see if node of type RRSIG has signatures that 1146 * cover the data type, and move them over */ 1147 /* and then make the RRSIG type smaller */ 1148 if((rrsig=az_domain_rrset(node, LDNS_RR_TYPE_RRSIG)) 1149 != NULL) { 1150 if(!rrset_moveover_rrsigs(node, rr_type, 1151 rrset, rrsig)) 1152 return 0; 1153 } 1154 } 1155 } 1156 return 1; 1157 } 1158 1159 /** insert RR into zone, ignore duplicates */ 1160 static int 1161 az_insert_rr(struct auth_zone* z, uint8_t* rr, size_t rr_len, 1162 size_t dname_len, int* duplicate) 1163 { 1164 struct auth_data* node; 1165 uint8_t* dname = rr; 1166 uint16_t rr_type = sldns_wirerr_get_type(rr, rr_len, dname_len); 1167 uint16_t rr_class = sldns_wirerr_get_class(rr, rr_len, dname_len); 1168 uint32_t rr_ttl = sldns_wirerr_get_ttl(rr, rr_len, dname_len); 1169 size_t rdatalen = ((size_t)sldns_wirerr_get_rdatalen(rr, rr_len, 1170 dname_len))+2; 1171 /* rdata points to rdata prefixed with uint16 rdatalength */ 1172 uint8_t* rdata = sldns_wirerr_get_rdatawl(rr, rr_len, dname_len); 1173 1174 if(rr_class != z->dclass) { 1175 log_err("wrong class for RR"); 1176 return 0; 1177 } 1178 if(!(node=az_domain_find_or_create(z, dname, dname_len))) { 1179 log_err("cannot create domain"); 1180 return 0; 1181 } 1182 if(!az_domain_add_rr(node, rr_type, rr_ttl, rdata, rdatalen, 1183 duplicate)) { 1184 log_err("cannot add RR to domain"); 1185 return 0; 1186 } 1187 if(z->rpz) { 1188 if(!(rpz_insert_rr(z->rpz, z->name, z->namelen, dname, 1189 dname_len, rr_type, rr_class, rr_ttl, rdata, rdatalen, 1190 rr, rr_len))) 1191 return 0; 1192 } 1193 return 1; 1194 } 1195 1196 /** Remove rr from node, ignores nonexisting RRs, 1197 * rdata points to buffer with rdatalen octets, starts with 2bytelength. */ 1198 static int 1199 az_domain_remove_rr(struct auth_data* node, uint16_t rr_type, 1200 uint8_t* rdata, size_t rdatalen, int* nonexist) 1201 { 1202 struct auth_rrset* rrset; 1203 size_t index = 0; 1204 1205 /* find the plain RR of the given type */ 1206 if((rrset=az_domain_rrset(node, rr_type))!= NULL) { 1207 if(packed_rrset_find_rr(rrset->data, rdata, rdatalen, &index)) { 1208 if(rrset->data->count == 1 && 1209 rrset->data->rrsig_count == 0) { 1210 /* last RR, delete the rrset */ 1211 domain_remove_rrset(node, rr_type); 1212 } else if(rrset->data->count == 1 && 1213 rrset->data->rrsig_count != 0) { 1214 /* move RRSIGs to the RRSIG rrset, or 1215 * this one becomes that RRset */ 1216 struct auth_rrset* rrsigset = az_domain_rrset( 1217 node, LDNS_RR_TYPE_RRSIG); 1218 if(rrsigset) { 1219 /* move left over rrsigs to the 1220 * existing rrset of type RRSIG */ 1221 rrsigs_copy_from_rrset_to_rrsigset( 1222 rrset, rrsigset); 1223 /* and then delete the rrset */ 1224 domain_remove_rrset(node, rr_type); 1225 } else { 1226 /* no rrset of type RRSIG, this 1227 * set is now of that type, 1228 * just remove the rr */ 1229 if(!rrset_remove_rr(rrset, index)) 1230 return 0; 1231 rrset->type = LDNS_RR_TYPE_RRSIG; 1232 rrset->data->count = rrset->data->rrsig_count; 1233 rrset->data->rrsig_count = 0; 1234 } 1235 } else { 1236 /* remove the RR from the rrset */ 1237 if(!rrset_remove_rr(rrset, index)) 1238 return 0; 1239 } 1240 return 1; 1241 } 1242 /* rr not found in rrset */ 1243 } 1244 1245 /* is it a type RRSIG, look under the covered type */ 1246 if(rr_type == LDNS_RR_TYPE_RRSIG) { 1247 uint16_t ctype = rrsig_rdata_get_type_covered(rdata, rdatalen); 1248 if((rrset=az_domain_rrset(node, ctype))!= NULL) { 1249 if(az_rrset_find_rrsig(rrset->data, rdata, rdatalen, 1250 &index)) { 1251 /* rrsig should have d->count > 0, be 1252 * over some rr of that type */ 1253 /* remove the rrsig from the rrsigs list of the 1254 * rrset */ 1255 if(!rrset_remove_rr(rrset, index)) 1256 return 0; 1257 return 1; 1258 } 1259 } 1260 /* also RRSIG not found */ 1261 } 1262 1263 /* nothing found to delete */ 1264 if(nonexist) *nonexist = 1; 1265 return 1; 1266 } 1267 1268 /** remove RR from zone, ignore if it does not exist, false on alloc failure*/ 1269 static int 1270 az_remove_rr(struct auth_zone* z, uint8_t* rr, size_t rr_len, 1271 size_t dname_len, int* nonexist) 1272 { 1273 struct auth_data* node; 1274 uint8_t* dname = rr; 1275 uint16_t rr_type = sldns_wirerr_get_type(rr, rr_len, dname_len); 1276 uint16_t rr_class = sldns_wirerr_get_class(rr, rr_len, dname_len); 1277 size_t rdatalen = ((size_t)sldns_wirerr_get_rdatalen(rr, rr_len, 1278 dname_len))+2; 1279 /* rdata points to rdata prefixed with uint16 rdatalength */ 1280 uint8_t* rdata = sldns_wirerr_get_rdatawl(rr, rr_len, dname_len); 1281 1282 if(rr_class != z->dclass) { 1283 log_err("wrong class for RR"); 1284 /* really also a nonexisting entry, because no records 1285 * of that class in the zone, but return an error because 1286 * getting records of the wrong class is a failure of the 1287 * zone transfer */ 1288 return 0; 1289 } 1290 node = az_find_name(z, dname, dname_len); 1291 if(!node) { 1292 /* node with that name does not exist */ 1293 /* nonexisting entry, because no such name */ 1294 *nonexist = 1; 1295 return 1; 1296 } 1297 if(!az_domain_remove_rr(node, rr_type, rdata, rdatalen, nonexist)) { 1298 /* alloc failure or so */ 1299 return 0; 1300 } 1301 /* remove the node, if necessary */ 1302 /* an rrsets==NULL entry is not kept around for empty nonterminals, 1303 * and also parent nodes are not kept around, so we just delete it */ 1304 if(node->rrsets == NULL) { 1305 (void)rbtree_delete(&z->data, node); 1306 auth_data_delete(node); 1307 } 1308 if(z->rpz) { 1309 rpz_remove_rr(z->rpz, z->name, z->namelen, dname, dname_len, 1310 rr_type, rr_class, rdata, rdatalen); 1311 } 1312 return 1; 1313 } 1314 1315 /** decompress an RR into the buffer where it'll be an uncompressed RR 1316 * with uncompressed dname and uncompressed rdata (dnames) */ 1317 static int 1318 decompress_rr_into_buffer(struct sldns_buffer* buf, uint8_t* pkt, 1319 size_t pktlen, uint8_t* dname, uint16_t rr_type, uint16_t rr_class, 1320 uint32_t rr_ttl, uint8_t* rr_data, uint16_t rr_rdlen) 1321 { 1322 sldns_buffer pktbuf; 1323 size_t dname_len = 0; 1324 size_t rdlenpos; 1325 size_t rdlen; 1326 uint8_t* rd; 1327 const sldns_rr_descriptor* desc; 1328 sldns_buffer_init_frm_data(&pktbuf, pkt, pktlen); 1329 sldns_buffer_clear(buf); 1330 1331 /* decompress dname */ 1332 sldns_buffer_set_position(&pktbuf, 1333 (size_t)(dname - sldns_buffer_current(&pktbuf))); 1334 dname_len = pkt_dname_len(&pktbuf); 1335 if(dname_len == 0) return 0; /* parse fail on dname */ 1336 if(!sldns_buffer_available(buf, dname_len)) return 0; 1337 dname_pkt_copy(&pktbuf, sldns_buffer_current(buf), dname); 1338 sldns_buffer_skip(buf, (ssize_t)dname_len); 1339 1340 /* type, class, ttl and rdatalength fields */ 1341 if(!sldns_buffer_available(buf, 10)) return 0; 1342 sldns_buffer_write_u16(buf, rr_type); 1343 sldns_buffer_write_u16(buf, rr_class); 1344 sldns_buffer_write_u32(buf, rr_ttl); 1345 rdlenpos = sldns_buffer_position(buf); 1346 sldns_buffer_write_u16(buf, 0); /* rd length position */ 1347 1348 /* decompress rdata */ 1349 desc = sldns_rr_descript(rr_type); 1350 rd = rr_data; 1351 rdlen = rr_rdlen; 1352 if(rdlen > 0 && desc && desc->_dname_count > 0) { 1353 int count = (int)desc->_dname_count; 1354 int rdf = 0; 1355 size_t len; /* how much rdata to plain copy */ 1356 size_t uncompressed_len, compressed_len; 1357 size_t oldpos; 1358 /* decompress dnames. */ 1359 while(rdlen > 0 && count) { 1360 switch(desc->_wireformat[rdf]) { 1361 case LDNS_RDF_TYPE_DNAME: 1362 sldns_buffer_set_position(&pktbuf, 1363 (size_t)(rd - 1364 sldns_buffer_begin(&pktbuf))); 1365 oldpos = sldns_buffer_position(&pktbuf); 1366 /* moves pktbuf to right after the 1367 * compressed dname, and returns uncompressed 1368 * dname length */ 1369 uncompressed_len = pkt_dname_len(&pktbuf); 1370 if(!uncompressed_len) 1371 return 0; /* parse error in dname */ 1372 compressed_len = sldns_buffer_position( 1373 &pktbuf) - oldpos; 1374 if(compressed_len > rdlen) 1375 return 0; /* dname exceeds rdata */ 1376 if(!sldns_buffer_available(buf, 1377 uncompressed_len)) 1378 /* dname too long for buffer */ 1379 return 0; 1380 dname_pkt_copy(&pktbuf, 1381 sldns_buffer_current(buf), rd); 1382 sldns_buffer_skip(buf, (ssize_t)uncompressed_len); 1383 rd += compressed_len; 1384 rdlen -= compressed_len; 1385 count--; 1386 len = 0; 1387 break; 1388 case LDNS_RDF_TYPE_STR: 1389 /* Check rdlen for resilience, because it is 1390 * checked above, that rdlen > 0 */ 1391 if(rdlen < 1) return 0; /* malformed */ 1392 len = rd[0] + 1; 1393 break; 1394 default: 1395 len = get_rdf_size(desc->_wireformat[rdf]); 1396 break; 1397 } 1398 if(len) { 1399 if(len > rdlen) 1400 return 0; /* malformed */ 1401 if(!sldns_buffer_available(buf, len)) 1402 return 0; /* too long for buffer */ 1403 sldns_buffer_write(buf, rd, len); 1404 rd += len; 1405 rdlen -= len; 1406 } 1407 rdf++; 1408 } 1409 } 1410 /* copy remaining data */ 1411 if(rdlen > 0) { 1412 if(!sldns_buffer_available(buf, rdlen)) return 0; 1413 sldns_buffer_write(buf, rd, rdlen); 1414 } 1415 /* fixup rdlength */ 1416 sldns_buffer_write_u16_at(buf, rdlenpos, 1417 sldns_buffer_position(buf)-rdlenpos-2); 1418 sldns_buffer_flip(buf); 1419 return 1; 1420 } 1421 1422 /** insert RR into zone, from packet, decompress RR, 1423 * if duplicate is nonNULL set the flag but otherwise ignore duplicates */ 1424 static int 1425 az_insert_rr_decompress(struct auth_zone* z, uint8_t* pkt, size_t pktlen, 1426 struct sldns_buffer* scratch_buffer, uint8_t* dname, uint16_t rr_type, 1427 uint16_t rr_class, uint32_t rr_ttl, uint8_t* rr_data, 1428 uint16_t rr_rdlen, int* duplicate) 1429 { 1430 uint8_t* rr; 1431 size_t rr_len; 1432 size_t dname_len; 1433 if(!decompress_rr_into_buffer(scratch_buffer, pkt, pktlen, dname, 1434 rr_type, rr_class, rr_ttl, rr_data, rr_rdlen)) { 1435 log_err("could not decompress RR"); 1436 return 0; 1437 } 1438 rr = sldns_buffer_begin(scratch_buffer); 1439 rr_len = sldns_buffer_limit(scratch_buffer); 1440 dname_len = dname_valid(rr, rr_len); 1441 return az_insert_rr(z, rr, rr_len, dname_len, duplicate); 1442 } 1443 1444 /** remove RR from zone, from packet, decompress RR, 1445 * if nonexist is nonNULL set the flag but otherwise ignore nonexisting entries*/ 1446 static int 1447 az_remove_rr_decompress(struct auth_zone* z, uint8_t* pkt, size_t pktlen, 1448 struct sldns_buffer* scratch_buffer, uint8_t* dname, uint16_t rr_type, 1449 uint16_t rr_class, uint32_t rr_ttl, uint8_t* rr_data, 1450 uint16_t rr_rdlen, int* nonexist) 1451 { 1452 uint8_t* rr; 1453 size_t rr_len; 1454 size_t dname_len; 1455 if(!decompress_rr_into_buffer(scratch_buffer, pkt, pktlen, dname, 1456 rr_type, rr_class, rr_ttl, rr_data, rr_rdlen)) { 1457 log_err("could not decompress RR"); 1458 return 0; 1459 } 1460 rr = sldns_buffer_begin(scratch_buffer); 1461 rr_len = sldns_buffer_limit(scratch_buffer); 1462 dname_len = dname_valid(rr, rr_len); 1463 return az_remove_rr(z, rr, rr_len, dname_len, nonexist); 1464 } 1465 1466 /** 1467 * Parse zonefile 1468 * @param z: zone to read in. 1469 * @param in: file to read from (just opened). 1470 * @param rr: buffer to use for RRs, 64k. 1471 * passed so that recursive includes can use the same buffer and do 1472 * not grow the stack too much. 1473 * @param rrbuflen: sizeof rr buffer. 1474 * @param state: parse state with $ORIGIN, $TTL and 'prev-dname' and so on, 1475 * that is kept between includes. 1476 * The lineno is set at 1 and then increased by the function. 1477 * @param fname: file name. 1478 * @param depth: recursion depth for includes 1479 * @param cfg: config for chroot. 1480 * returns false on failure, has printed an error message 1481 */ 1482 static int 1483 az_parse_file(struct auth_zone* z, FILE* in, uint8_t* rr, size_t rrbuflen, 1484 struct sldns_file_parse_state* state, char* fname, int depth, 1485 struct config_file* cfg) 1486 { 1487 size_t rr_len, dname_len; 1488 int status; 1489 state->lineno = 1; 1490 1491 while(!feof(in)) { 1492 rr_len = rrbuflen; 1493 dname_len = 0; 1494 status = sldns_fp2wire_rr_buf(in, rr, &rr_len, &dname_len, 1495 state); 1496 if(status == LDNS_WIREPARSE_ERR_INCLUDE && rr_len == 0) { 1497 /* we have $INCLUDE or $something */ 1498 if(strncmp((char*)rr, "$INCLUDE ", 9) == 0 || 1499 strncmp((char*)rr, "$INCLUDE\t", 9) == 0) { 1500 FILE* inc; 1501 int lineno_orig = state->lineno; 1502 char* incfile = (char*)rr + 8; 1503 if(depth > MAX_INCLUDE_DEPTH) { 1504 log_err("%s:%d max include depth" 1505 "exceeded", fname, state->lineno); 1506 return 0; 1507 } 1508 /* skip spaces */ 1509 while(*incfile == ' ' || *incfile == '\t') 1510 incfile++; 1511 /* adjust for chroot on include file */ 1512 if(cfg->chrootdir && cfg->chrootdir[0] && 1513 strncmp(incfile, cfg->chrootdir, 1514 strlen(cfg->chrootdir)) == 0) 1515 incfile += strlen(cfg->chrootdir); 1516 incfile = strdup(incfile); 1517 if(!incfile) { 1518 log_err("malloc failure"); 1519 return 0; 1520 } 1521 verbose(VERB_ALGO, "opening $INCLUDE %s", 1522 incfile); 1523 inc = fopen(incfile, "r"); 1524 if(!inc) { 1525 log_err("%s:%d cannot open include " 1526 "file %s: %s", fname, 1527 lineno_orig, incfile, 1528 strerror(errno)); 1529 free(incfile); 1530 return 0; 1531 } 1532 /* recurse read that file now */ 1533 if(!az_parse_file(z, inc, rr, rrbuflen, 1534 state, incfile, depth+1, cfg)) { 1535 log_err("%s:%d cannot parse include " 1536 "file %s", fname, 1537 lineno_orig, incfile); 1538 fclose(inc); 1539 free(incfile); 1540 return 0; 1541 } 1542 fclose(inc); 1543 verbose(VERB_ALGO, "done with $INCLUDE %s", 1544 incfile); 1545 free(incfile); 1546 state->lineno = lineno_orig; 1547 } 1548 continue; 1549 } 1550 if(status != 0) { 1551 log_err("parse error %s %d:%d: %s", fname, 1552 state->lineno, LDNS_WIREPARSE_OFFSET(status), 1553 sldns_get_errorstr_parse(status)); 1554 return 0; 1555 } 1556 if(rr_len == 0) { 1557 /* EMPTY line, TTL or ORIGIN */ 1558 continue; 1559 } 1560 /* insert wirerr in rrbuf */ 1561 if(!az_insert_rr(z, rr, rr_len, dname_len, NULL)) { 1562 char buf[17]; 1563 sldns_wire2str_type_buf(sldns_wirerr_get_type(rr, 1564 rr_len, dname_len), buf, sizeof(buf)); 1565 log_err("%s:%d cannot insert RR of type %s", 1566 fname, state->lineno, buf); 1567 return 0; 1568 } 1569 } 1570 return 1; 1571 } 1572 1573 int 1574 auth_zone_read_zonefile(struct auth_zone* z, struct config_file* cfg) 1575 { 1576 uint8_t rr[LDNS_RR_BUF_SIZE]; 1577 struct sldns_file_parse_state state; 1578 char* zfilename; 1579 FILE* in; 1580 if(!z || !z->zonefile || z->zonefile[0]==0) 1581 return 1; /* no file, or "", nothing to read */ 1582 1583 zfilename = z->zonefile; 1584 if(cfg->chrootdir && cfg->chrootdir[0] && strncmp(zfilename, 1585 cfg->chrootdir, strlen(cfg->chrootdir)) == 0) 1586 zfilename += strlen(cfg->chrootdir); 1587 if(verbosity >= VERB_ALGO) { 1588 char nm[LDNS_MAX_DOMAINLEN]; 1589 dname_str(z->name, nm); 1590 verbose(VERB_ALGO, "read zonefile %s for %s", zfilename, nm); 1591 } 1592 in = fopen(zfilename, "r"); 1593 if(!in) { 1594 char* n = sldns_wire2str_dname(z->name, z->namelen); 1595 if(z->zone_is_slave && errno == ENOENT) { 1596 /* we fetch the zone contents later, no file yet */ 1597 verbose(VERB_ALGO, "no zonefile %s for %s", 1598 zfilename, n?n:"error"); 1599 free(n); 1600 return 1; 1601 } 1602 log_err("cannot open zonefile %s for %s: %s", 1603 zfilename, n?n:"error", strerror(errno)); 1604 free(n); 1605 return 0; 1606 } 1607 1608 /* clear the data tree */ 1609 traverse_postorder(&z->data, auth_data_del, NULL); 1610 rbtree_init(&z->data, &auth_data_cmp); 1611 /* clear the RPZ policies */ 1612 if(z->rpz) 1613 rpz_clear(z->rpz); 1614 1615 memset(&state, 0, sizeof(state)); 1616 /* default TTL to 3600 */ 1617 state.default_ttl = 3600; 1618 /* set $ORIGIN to the zone name */ 1619 if(z->namelen <= sizeof(state.origin)) { 1620 memcpy(state.origin, z->name, z->namelen); 1621 state.origin_len = z->namelen; 1622 } 1623 /* parse the (toplevel) file */ 1624 if(!az_parse_file(z, in, rr, sizeof(rr), &state, zfilename, 0, cfg)) { 1625 char* n = sldns_wire2str_dname(z->name, z->namelen); 1626 log_err("error parsing zonefile %s for %s", 1627 zfilename, n?n:"error"); 1628 free(n); 1629 fclose(in); 1630 return 0; 1631 } 1632 fclose(in); 1633 1634 if(z->rpz) 1635 rpz_finish_config(z->rpz); 1636 return 1; 1637 } 1638 1639 /** write buffer to file and check return codes */ 1640 static int 1641 write_out(FILE* out, const char* str, size_t len) 1642 { 1643 size_t r; 1644 if(len == 0) 1645 return 1; 1646 r = fwrite(str, 1, len, out); 1647 if(r == 0) { 1648 log_err("write failed: %s", strerror(errno)); 1649 return 0; 1650 } else if(r < len) { 1651 log_err("write failed: too short (disk full?)"); 1652 return 0; 1653 } 1654 return 1; 1655 } 1656 1657 /** convert auth rr to string */ 1658 static int 1659 auth_rr_to_string(uint8_t* nm, size_t nmlen, uint16_t tp, uint16_t cl, 1660 struct packed_rrset_data* data, size_t i, char* s, size_t buflen) 1661 { 1662 int w = 0; 1663 size_t slen = buflen, datlen; 1664 uint8_t* dat; 1665 if(i >= data->count) tp = LDNS_RR_TYPE_RRSIG; 1666 dat = nm; 1667 datlen = nmlen; 1668 w += sldns_wire2str_dname_scan(&dat, &datlen, &s, &slen, NULL, 0, NULL); 1669 w += sldns_str_print(&s, &slen, "\t"); 1670 w += sldns_str_print(&s, &slen, "%lu\t", (unsigned long)data->rr_ttl[i]); 1671 w += sldns_wire2str_class_print(&s, &slen, cl); 1672 w += sldns_str_print(&s, &slen, "\t"); 1673 w += sldns_wire2str_type_print(&s, &slen, tp); 1674 w += sldns_str_print(&s, &slen, "\t"); 1675 datlen = data->rr_len[i]-2; 1676 dat = data->rr_data[i]+2; 1677 w += sldns_wire2str_rdata_scan(&dat, &datlen, &s, &slen, tp, NULL, 0, NULL); 1678 1679 if(tp == LDNS_RR_TYPE_DNSKEY) { 1680 w += sldns_str_print(&s, &slen, " ;{id = %u}", 1681 sldns_calc_keytag_raw(data->rr_data[i]+2, 1682 data->rr_len[i]-2)); 1683 } 1684 w += sldns_str_print(&s, &slen, "\n"); 1685 1686 if(w >= (int)buflen) { 1687 log_nametypeclass(NO_VERBOSE, "RR too long to print", nm, tp, cl); 1688 return 0; 1689 } 1690 return 1; 1691 } 1692 1693 /** write rrset to file */ 1694 static int 1695 auth_zone_write_rrset(struct auth_zone* z, struct auth_data* node, 1696 struct auth_rrset* r, FILE* out) 1697 { 1698 size_t i, count = r->data->count + r->data->rrsig_count; 1699 char buf[LDNS_RR_BUF_SIZE]; 1700 for(i=0; i<count; i++) { 1701 if(!auth_rr_to_string(node->name, node->namelen, r->type, 1702 z->dclass, r->data, i, buf, sizeof(buf))) { 1703 verbose(VERB_ALGO, "failed to rr2str rr %d", (int)i); 1704 continue; 1705 } 1706 if(!write_out(out, buf, strlen(buf))) 1707 return 0; 1708 } 1709 return 1; 1710 } 1711 1712 /** write domain to file */ 1713 static int 1714 auth_zone_write_domain(struct auth_zone* z, struct auth_data* n, FILE* out) 1715 { 1716 struct auth_rrset* r; 1717 /* if this is zone apex, write SOA first */ 1718 if(z->namelen == n->namelen) { 1719 struct auth_rrset* soa = az_domain_rrset(n, LDNS_RR_TYPE_SOA); 1720 if(soa) { 1721 if(!auth_zone_write_rrset(z, n, soa, out)) 1722 return 0; 1723 } 1724 } 1725 /* write all the RRsets for this domain */ 1726 for(r = n->rrsets; r; r = r->next) { 1727 if(z->namelen == n->namelen && 1728 r->type == LDNS_RR_TYPE_SOA) 1729 continue; /* skip SOA here */ 1730 if(!auth_zone_write_rrset(z, n, r, out)) 1731 return 0; 1732 } 1733 return 1; 1734 } 1735 1736 int auth_zone_write_file(struct auth_zone* z, const char* fname) 1737 { 1738 FILE* out; 1739 struct auth_data* n; 1740 out = fopen(fname, "w"); 1741 if(!out) { 1742 log_err("could not open %s: %s", fname, strerror(errno)); 1743 return 0; 1744 } 1745 RBTREE_FOR(n, struct auth_data*, &z->data) { 1746 if(!auth_zone_write_domain(z, n, out)) { 1747 log_err("could not write domain to %s", fname); 1748 fclose(out); 1749 return 0; 1750 } 1751 } 1752 fclose(out); 1753 return 1; 1754 } 1755 1756 /** offline verify for zonemd, while reading a zone file to immediately 1757 * spot bad hashes in zonefile as they are read. 1758 * Creates temp buffers, but uses anchors and validation environment 1759 * from the module_env. */ 1760 static void 1761 zonemd_offline_verify(struct auth_zone* z, struct module_env* env_for_val, 1762 struct module_stack* mods) 1763 { 1764 struct module_env env; 1765 time_t now = 0; 1766 if(!z->zonemd_check) 1767 return; 1768 env = *env_for_val; 1769 env.scratch_buffer = sldns_buffer_new(env.cfg->msg_buffer_size); 1770 if(!env.scratch_buffer) { 1771 log_err("out of memory"); 1772 goto clean_exit; 1773 } 1774 env.scratch = regional_create(); 1775 if(!env.now) { 1776 env.now = &now; 1777 now = time(NULL); 1778 } 1779 if(!env.scratch) { 1780 log_err("out of memory"); 1781 goto clean_exit; 1782 } 1783 auth_zone_verify_zonemd(z, &env, mods, NULL, 1, 0); 1784 1785 clean_exit: 1786 /* clean up and exit */ 1787 sldns_buffer_free(env.scratch_buffer); 1788 regional_destroy(env.scratch); 1789 } 1790 1791 /** read all auth zones from file (if they have) */ 1792 static int 1793 auth_zones_read_zones(struct auth_zones* az, struct config_file* cfg, 1794 struct module_env* env, struct module_stack* mods) 1795 { 1796 struct auth_zone* z; 1797 lock_rw_wrlock(&az->lock); 1798 RBTREE_FOR(z, struct auth_zone*, &az->ztree) { 1799 lock_rw_wrlock(&z->lock); 1800 if(!auth_zone_read_zonefile(z, cfg)) { 1801 lock_rw_unlock(&z->lock); 1802 lock_rw_unlock(&az->lock); 1803 return 0; 1804 } 1805 if(z->zonefile && z->zonefile[0]!=0 && env) 1806 zonemd_offline_verify(z, env, mods); 1807 lock_rw_unlock(&z->lock); 1808 } 1809 lock_rw_unlock(&az->lock); 1810 return 1; 1811 } 1812 1813 /** fetch the content of a ZONEMD RR from the rdata */ 1814 static int zonemd_fetch_parameters(struct auth_rrset* zonemd_rrset, size_t i, 1815 uint32_t* serial, int* scheme, int* hashalgo, uint8_t** hash, 1816 size_t* hashlen) 1817 { 1818 size_t rr_len; 1819 uint8_t* rdata; 1820 if(i >= zonemd_rrset->data->count) 1821 return 0; 1822 rr_len = zonemd_rrset->data->rr_len[i]; 1823 if(rr_len < 2+4+1+1) 1824 return 0; /* too short, for rdlen+serial+scheme+algo */ 1825 rdata = zonemd_rrset->data->rr_data[i]; 1826 *serial = sldns_read_uint32(rdata+2); 1827 *scheme = rdata[6]; 1828 *hashalgo = rdata[7]; 1829 *hashlen = rr_len - 8; 1830 if(*hashlen == 0) 1831 *hash = NULL; 1832 else *hash = rdata+8; 1833 return 1; 1834 } 1835 1836 /** 1837 * See if the ZONEMD scheme, hash occurs more than once. 1838 * @param zonemd_rrset: the zonemd rrset to check with the RRs in it. 1839 * @param index: index of the original, this is allowed to have that 1840 * scheme and hashalgo, but other RRs should not have it. 1841 * @param scheme: the scheme to check for. 1842 * @param hashalgo: the hash algorithm to check for. 1843 * @return true if it occurs more than once. 1844 */ 1845 static int zonemd_is_duplicate_scheme_hash(struct auth_rrset* zonemd_rrset, 1846 size_t index, int scheme, int hashalgo) 1847 { 1848 size_t j; 1849 for(j=0; j<zonemd_rrset->data->count; j++) { 1850 uint32_t serial2 = 0; 1851 int scheme2 = 0, hashalgo2 = 0; 1852 uint8_t* hash2 = NULL; 1853 size_t hashlen2 = 0; 1854 if(index == j) { 1855 /* this is the original */ 1856 continue; 1857 } 1858 if(!zonemd_fetch_parameters(zonemd_rrset, j, &serial2, 1859 &scheme2, &hashalgo2, &hash2, &hashlen2)) { 1860 /* malformed, skip it */ 1861 continue; 1862 } 1863 if(scheme == scheme2 && hashalgo == hashalgo2) { 1864 /* duplicate scheme, hash */ 1865 verbose(VERB_ALGO, "zonemd duplicate for scheme %d " 1866 "and hash %d", scheme, hashalgo); 1867 return 1; 1868 } 1869 } 1870 return 0; 1871 } 1872 1873 /** 1874 * Check ZONEMDs if present for the auth zone. Depending on config 1875 * it can warn or fail on that. Checks the hash of the ZONEMD. 1876 * @param z: auth zone to check for. 1877 * caller must hold lock on zone. 1878 * @param env: module env for temp buffers. 1879 * @param reason: returned on failure. 1880 * @return false on failure, true if hash checks out. 1881 */ 1882 static int auth_zone_zonemd_check_hash(struct auth_zone* z, 1883 struct module_env* env, char** reason) 1884 { 1885 /* loop over ZONEMDs and see which one is valid. if not print 1886 * failure (depending on config) */ 1887 struct auth_data* apex; 1888 struct auth_rrset* zonemd_rrset; 1889 size_t i; 1890 struct regional* region = NULL; 1891 struct sldns_buffer* buf = NULL; 1892 uint32_t soa_serial = 0; 1893 char* unsupported_reason = NULL; 1894 int only_unsupported = 1; 1895 region = env->scratch; 1896 regional_free_all(region); 1897 buf = env->scratch_buffer; 1898 if(!auth_zone_get_serial(z, &soa_serial)) { 1899 *reason = "zone has no SOA serial"; 1900 return 0; 1901 } 1902 1903 apex = az_find_name(z, z->name, z->namelen); 1904 if(!apex) { 1905 *reason = "zone has no apex"; 1906 return 0; 1907 } 1908 zonemd_rrset = az_domain_rrset(apex, LDNS_RR_TYPE_ZONEMD); 1909 if(!zonemd_rrset || zonemd_rrset->data->count==0) { 1910 *reason = "zone has no ZONEMD"; 1911 return 0; /* no RRset or no RRs in rrset */ 1912 } 1913 1914 /* we have a ZONEMD, check if it is correct */ 1915 for(i=0; i<zonemd_rrset->data->count; i++) { 1916 uint32_t serial = 0; 1917 int scheme = 0, hashalgo = 0; 1918 uint8_t* hash = NULL; 1919 size_t hashlen = 0; 1920 if(!zonemd_fetch_parameters(zonemd_rrset, i, &serial, &scheme, 1921 &hashalgo, &hash, &hashlen)) { 1922 /* malformed RR */ 1923 *reason = "ZONEMD rdata malformed"; 1924 only_unsupported = 0; 1925 continue; 1926 } 1927 /* check for duplicates */ 1928 if(zonemd_is_duplicate_scheme_hash(zonemd_rrset, i, scheme, 1929 hashalgo)) { 1930 /* duplicate hash of the same scheme,hash 1931 * is not allowed. */ 1932 *reason = "ZONEMD RRSet contains more than one RR " 1933 "with the same scheme and hash algorithm"; 1934 only_unsupported = 0; 1935 continue; 1936 } 1937 regional_free_all(region); 1938 if(serial != soa_serial) { 1939 *reason = "ZONEMD serial is wrong"; 1940 only_unsupported = 0; 1941 continue; 1942 } 1943 *reason = NULL; 1944 if(auth_zone_generate_zonemd_check(z, scheme, hashalgo, 1945 hash, hashlen, region, buf, reason)) { 1946 /* success */ 1947 if(*reason) { 1948 if(!unsupported_reason) 1949 unsupported_reason = *reason; 1950 /* continue to check for valid ZONEMD */ 1951 if(verbosity >= VERB_ALGO) { 1952 char zstr[LDNS_MAX_DOMAINLEN]; 1953 dname_str(z->name, zstr); 1954 verbose(VERB_ALGO, "auth-zone %s ZONEMD %d %d is unsupported: %s", zstr, (int)scheme, (int)hashalgo, *reason); 1955 } 1956 *reason = NULL; 1957 continue; 1958 } 1959 if(verbosity >= VERB_ALGO) { 1960 char zstr[LDNS_MAX_DOMAINLEN]; 1961 dname_str(z->name, zstr); 1962 if(!*reason) 1963 verbose(VERB_ALGO, "auth-zone %s ZONEMD hash is correct", zstr); 1964 } 1965 return 1; 1966 } 1967 only_unsupported = 0; 1968 /* try next one */ 1969 } 1970 /* have we seen no failures but only unsupported algo, 1971 * and one unsupported algorithm, or more. */ 1972 if(only_unsupported && unsupported_reason) { 1973 /* only unsupported algorithms, with valid serial, not 1974 * malformed. Did not see supported algorithms, failed or 1975 * successful ones. */ 1976 *reason = unsupported_reason; 1977 return 1; 1978 } 1979 /* fail, we may have reason */ 1980 if(!*reason) 1981 *reason = "no ZONEMD records found"; 1982 if(verbosity >= VERB_ALGO) { 1983 char zstr[LDNS_MAX_DOMAINLEN]; 1984 dname_str(z->name, zstr); 1985 verbose(VERB_ALGO, "auth-zone %s ZONEMD failed: %s", zstr, *reason); 1986 } 1987 return 0; 1988 } 1989 1990 /** find the apex SOA RRset, if it exists */ 1991 struct auth_rrset* auth_zone_get_soa_rrset(struct auth_zone* z) 1992 { 1993 struct auth_data* apex; 1994 struct auth_rrset* soa; 1995 apex = az_find_name(z, z->name, z->namelen); 1996 if(!apex) return NULL; 1997 soa = az_domain_rrset(apex, LDNS_RR_TYPE_SOA); 1998 return soa; 1999 } 2000 2001 /** find serial number of zone or false if none */ 2002 int 2003 auth_zone_get_serial(struct auth_zone* z, uint32_t* serial) 2004 { 2005 struct auth_data* apex; 2006 struct auth_rrset* soa; 2007 struct packed_rrset_data* d; 2008 size_t primlen, mboxlen; 2009 apex = az_find_name(z, z->name, z->namelen); 2010 if(!apex) return 0; 2011 soa = az_domain_rrset(apex, LDNS_RR_TYPE_SOA); 2012 if(!soa || soa->data->count==0) 2013 return 0; /* no RRset or no RRs in rrset */ 2014 if(soa->data->rr_len[0] < 2+4*5) return 0; /* SOA too short */ 2015 if((primlen = dname_valid(soa->data->rr_data[0]+2, 2016 soa->data->rr_len[0]-2)) == 0) 2017 return 0; /* primary dname malformed */ 2018 if((mboxlen = dname_valid(soa->data->rr_data[0]+2+primlen, 2019 soa->data->rr_len[0]-2-primlen)) == 0) 2020 return 0; /* mailbox dname malformed */ 2021 if(2+primlen+mboxlen+4*5 != soa->data->rr_len[0]) 2022 return 0; /* rdata malformed */ 2023 d = soa->data; 2024 *serial = sldns_read_uint32(d->rr_data[0]+(d->rr_len[0]-20)); 2025 return 1; 2026 } 2027 2028 /** Find auth_zone SOA and populate the values in xfr(soa values). */ 2029 int 2030 xfr_find_soa(struct auth_zone* z, struct auth_xfer* xfr) 2031 { 2032 struct auth_data* apex; 2033 struct auth_rrset* soa; 2034 struct packed_rrset_data* d; 2035 size_t primlen, mboxlen; 2036 apex = az_find_name(z, z->name, z->namelen); 2037 if(!apex) return 0; 2038 soa = az_domain_rrset(apex, LDNS_RR_TYPE_SOA); 2039 if(!soa || soa->data->count==0) 2040 return 0; /* no RRset or no RRs in rrset */ 2041 if(soa->data->rr_len[0] < 2+4*5) return 0; /* SOA too short */ 2042 if((primlen = dname_valid(soa->data->rr_data[0]+2, 2043 soa->data->rr_len[0]-2)) == 0) 2044 return 0; /* primary dname malformed */ 2045 if((mboxlen = dname_valid(soa->data->rr_data[0]+2+primlen, 2046 soa->data->rr_len[0]-2-primlen)) == 0) 2047 return 0; /* mailbox dname malformed */ 2048 if(2+primlen+mboxlen+4*5 != soa->data->rr_len[0]) 2049 return 0; /* rdata malformed */ 2050 /* SOA record ends with serial, refresh, retry, expiry, minimum, 2051 * as 4 byte fields */ 2052 d = soa->data; 2053 xfr->have_zone = 1; 2054 xfr->serial = sldns_read_uint32(d->rr_data[0]+(d->rr_len[0]-20)); 2055 xfr->refresh = sldns_read_uint32(d->rr_data[0]+(d->rr_len[0]-16)); 2056 xfr->retry = sldns_read_uint32(d->rr_data[0]+(d->rr_len[0]-12)); 2057 xfr->expiry = sldns_read_uint32(d->rr_data[0]+(d->rr_len[0]-8)); 2058 /* soa minimum at d->rr_len[0]-4 */ 2059 return 1; 2060 } 2061 2062 /** 2063 * Setup auth_xfer zone 2064 * This populates the have_zone, soa values, and so on times. 2065 * Doesn't do network traffic yet, can set option flags. 2066 * @param z: locked by caller, and modified for setup 2067 * @param x: locked by caller, and modified. 2068 * @return false on failure. 2069 */ 2070 static int 2071 auth_xfer_setup(struct auth_zone* z, struct auth_xfer* x) 2072 { 2073 /* for a zone without zone transfers, x==NULL, so skip them, 2074 * i.e. the zone config is fixed with no masters or urls */ 2075 if(!z || !x) return 1; 2076 if(!xfr_find_soa(z, x)) { 2077 return 1; 2078 } 2079 /* nothing for probe, nextprobe and transfer tasks */ 2080 return 1; 2081 } 2082 2083 /** 2084 * Setup all zones 2085 * @param az: auth zones structure 2086 * @return false on failure. 2087 */ 2088 static int 2089 auth_zones_setup_zones(struct auth_zones* az) 2090 { 2091 struct auth_zone* z; 2092 struct auth_xfer* x; 2093 lock_rw_wrlock(&az->lock); 2094 RBTREE_FOR(z, struct auth_zone*, &az->ztree) { 2095 lock_rw_wrlock(&z->lock); 2096 x = auth_xfer_find(az, z->name, z->namelen, z->dclass); 2097 if(x) { 2098 lock_basic_lock(&x->lock); 2099 } 2100 if(!auth_xfer_setup(z, x)) { 2101 if(x) { 2102 lock_basic_unlock(&x->lock); 2103 } 2104 lock_rw_unlock(&z->lock); 2105 lock_rw_unlock(&az->lock); 2106 return 0; 2107 } 2108 if(x) { 2109 lock_basic_unlock(&x->lock); 2110 } 2111 lock_rw_unlock(&z->lock); 2112 } 2113 lock_rw_unlock(&az->lock); 2114 return 1; 2115 } 2116 2117 /** set config items and create zones */ 2118 static int 2119 auth_zones_cfg(struct auth_zones* az, struct config_auth* c) 2120 { 2121 struct auth_zone* z; 2122 struct auth_xfer* x = NULL; 2123 2124 /* create zone */ 2125 if(c->isrpz) { 2126 /* if the rpz lock is needed, grab it before the other 2127 * locks to avoid a lock dependency cycle */ 2128 lock_rw_wrlock(&az->rpz_lock); 2129 } 2130 lock_rw_wrlock(&az->lock); 2131 if(!(z=auth_zones_find_or_add_zone(az, c->name))) { 2132 lock_rw_unlock(&az->lock); 2133 if(c->isrpz) { 2134 lock_rw_unlock(&az->rpz_lock); 2135 } 2136 return 0; 2137 } 2138 if(c->masters || c->urls) { 2139 if(!(x=auth_zones_find_or_add_xfer(az, z))) { 2140 lock_rw_unlock(&az->lock); 2141 lock_rw_unlock(&z->lock); 2142 if(c->isrpz) { 2143 lock_rw_unlock(&az->rpz_lock); 2144 } 2145 return 0; 2146 } 2147 } 2148 if(c->for_downstream) 2149 az->have_downstream = 1; 2150 lock_rw_unlock(&az->lock); 2151 2152 /* set options */ 2153 z->zone_deleted = 0; 2154 if(!auth_zone_set_zonefile(z, c->zonefile)) { 2155 if(x) { 2156 lock_basic_unlock(&x->lock); 2157 } 2158 lock_rw_unlock(&z->lock); 2159 if(c->isrpz) { 2160 lock_rw_unlock(&az->rpz_lock); 2161 } 2162 return 0; 2163 } 2164 z->for_downstream = c->for_downstream; 2165 z->for_upstream = c->for_upstream; 2166 z->fallback_enabled = c->fallback_enabled; 2167 z->zonemd_check = c->zonemd_check; 2168 z->zonemd_reject_absence = c->zonemd_reject_absence; 2169 if(c->isrpz && !z->rpz){ 2170 if(!(z->rpz = rpz_create(c))){ 2171 fatal_exit("Could not setup RPZ zones"); 2172 return 0; 2173 } 2174 lock_protect(&z->lock, &z->rpz->local_zones, sizeof(*z->rpz)); 2175 /* the az->rpz_lock is locked above */ 2176 z->rpz_az_next = az->rpz_first; 2177 if(az->rpz_first) 2178 az->rpz_first->rpz_az_prev = z; 2179 az->rpz_first = z; 2180 } else if(c->isrpz && z->rpz) { 2181 if(!rpz_config(z->rpz, c)) { 2182 log_err("Could not change rpz config"); 2183 if(x) { 2184 lock_basic_unlock(&x->lock); 2185 } 2186 lock_rw_unlock(&z->lock); 2187 lock_rw_unlock(&az->rpz_lock); 2188 return 0; 2189 } 2190 } 2191 if(c->isrpz) { 2192 lock_rw_unlock(&az->rpz_lock); 2193 } 2194 2195 /* xfer zone */ 2196 if(x) { 2197 z->zone_is_slave = 1; 2198 /* set options on xfer zone */ 2199 if(!xfer_set_masters(&x->task_probe->masters, c, 0)) { 2200 lock_basic_unlock(&x->lock); 2201 lock_rw_unlock(&z->lock); 2202 return 0; 2203 } 2204 if(!xfer_set_masters(&x->task_transfer->masters, c, 1)) { 2205 lock_basic_unlock(&x->lock); 2206 lock_rw_unlock(&z->lock); 2207 return 0; 2208 } 2209 lock_basic_unlock(&x->lock); 2210 } 2211 2212 lock_rw_unlock(&z->lock); 2213 return 1; 2214 } 2215 2216 /** set all auth zones deleted, then in auth_zones_cfg, it marks them 2217 * as nondeleted (if they are still in the config), and then later 2218 * we can find deleted zones */ 2219 static void 2220 az_setall_deleted(struct auth_zones* az) 2221 { 2222 struct auth_zone* z; 2223 lock_rw_wrlock(&az->lock); 2224 RBTREE_FOR(z, struct auth_zone*, &az->ztree) { 2225 lock_rw_wrlock(&z->lock); 2226 z->zone_deleted = 1; 2227 lock_rw_unlock(&z->lock); 2228 } 2229 lock_rw_unlock(&az->lock); 2230 } 2231 2232 /** find zones that are marked deleted and delete them. 2233 * This is called from apply_cfg, and there are no threads and no 2234 * workers, so the xfr can just be deleted. */ 2235 static void 2236 az_delete_deleted_zones(struct auth_zones* az) 2237 { 2238 struct auth_zone* z; 2239 struct auth_zone* delete_list = NULL, *next; 2240 struct auth_xfer* xfr; 2241 lock_rw_wrlock(&az->lock); 2242 RBTREE_FOR(z, struct auth_zone*, &az->ztree) { 2243 lock_rw_wrlock(&z->lock); 2244 if(z->zone_deleted) { 2245 /* we cannot alter the rbtree right now, but 2246 * we can put it on a linked list and then 2247 * delete it */ 2248 z->delete_next = delete_list; 2249 delete_list = z; 2250 } 2251 lock_rw_unlock(&z->lock); 2252 } 2253 /* now we are out of the tree loop and we can loop and delete 2254 * the zones */ 2255 z = delete_list; 2256 while(z) { 2257 next = z->delete_next; 2258 xfr = auth_xfer_find(az, z->name, z->namelen, z->dclass); 2259 if(xfr) { 2260 (void)rbtree_delete(&az->xtree, &xfr->node); 2261 auth_xfer_delete(xfr); 2262 } 2263 (void)rbtree_delete(&az->ztree, &z->node); 2264 auth_zone_delete(z, az); 2265 z = next; 2266 } 2267 lock_rw_unlock(&az->lock); 2268 } 2269 2270 int auth_zones_apply_cfg(struct auth_zones* az, struct config_file* cfg, 2271 int setup, int* is_rpz, struct module_env* env, 2272 struct module_stack* mods) 2273 { 2274 struct config_auth* p; 2275 az_setall_deleted(az); 2276 for(p = cfg->auths; p; p = p->next) { 2277 if(!p->name || p->name[0] == 0) { 2278 log_warn("auth-zone without a name, skipped"); 2279 continue; 2280 } 2281 *is_rpz = (*is_rpz || p->isrpz); 2282 if(!auth_zones_cfg(az, p)) { 2283 log_err("cannot config auth zone %s", p->name); 2284 return 0; 2285 } 2286 } 2287 az_delete_deleted_zones(az); 2288 if(!auth_zones_read_zones(az, cfg, env, mods)) 2289 return 0; 2290 if(setup) { 2291 if(!auth_zones_setup_zones(az)) 2292 return 0; 2293 } 2294 return 1; 2295 } 2296 2297 /** delete chunks 2298 * @param at: transfer structure with chunks list. The chunks and their 2299 * data are freed. 2300 */ 2301 static void 2302 auth_chunks_delete(struct auth_transfer* at) 2303 { 2304 if(at->chunks_first) { 2305 struct auth_chunk* c, *cn; 2306 c = at->chunks_first; 2307 while(c) { 2308 cn = c->next; 2309 free(c->data); 2310 free(c); 2311 c = cn; 2312 } 2313 } 2314 at->chunks_first = NULL; 2315 at->chunks_last = NULL; 2316 } 2317 2318 /** free master addr list */ 2319 static void 2320 auth_free_master_addrs(struct auth_addr* list) 2321 { 2322 struct auth_addr *n; 2323 while(list) { 2324 n = list->next; 2325 free(list); 2326 list = n; 2327 } 2328 } 2329 2330 /** free the masters list */ 2331 static void 2332 auth_free_masters(struct auth_master* list) 2333 { 2334 struct auth_master* n; 2335 while(list) { 2336 n = list->next; 2337 auth_free_master_addrs(list->list); 2338 free(list->host); 2339 free(list->file); 2340 free(list); 2341 list = n; 2342 } 2343 } 2344 2345 void 2346 auth_xfer_delete(struct auth_xfer* xfr) 2347 { 2348 if(!xfr) return; 2349 lock_basic_destroy(&xfr->lock); 2350 free(xfr->name); 2351 if(xfr->task_nextprobe) { 2352 comm_timer_delete(xfr->task_nextprobe->timer); 2353 free(xfr->task_nextprobe); 2354 } 2355 if(xfr->task_probe) { 2356 auth_free_masters(xfr->task_probe->masters); 2357 comm_point_delete(xfr->task_probe->cp); 2358 comm_timer_delete(xfr->task_probe->timer); 2359 free(xfr->task_probe); 2360 } 2361 if(xfr->task_transfer) { 2362 auth_free_masters(xfr->task_transfer->masters); 2363 comm_point_delete(xfr->task_transfer->cp); 2364 comm_timer_delete(xfr->task_transfer->timer); 2365 if(xfr->task_transfer->chunks_first) { 2366 auth_chunks_delete(xfr->task_transfer); 2367 } 2368 free(xfr->task_transfer); 2369 } 2370 auth_free_masters(xfr->allow_notify_list); 2371 free(xfr); 2372 } 2373 2374 /** helper traverse to delete zones */ 2375 static void 2376 auth_zone_del(rbnode_type* n, void* ATTR_UNUSED(arg)) 2377 { 2378 struct auth_zone* z = (struct auth_zone*)n->key; 2379 auth_zone_delete(z, NULL); 2380 } 2381 2382 /** helper traverse to delete xfer zones */ 2383 static void 2384 auth_xfer_del(rbnode_type* n, void* ATTR_UNUSED(arg)) 2385 { 2386 struct auth_xfer* z = (struct auth_xfer*)n->key; 2387 auth_xfer_delete(z); 2388 } 2389 2390 void auth_zones_delete(struct auth_zones* az) 2391 { 2392 if(!az) return; 2393 lock_rw_destroy(&az->lock); 2394 lock_rw_destroy(&az->rpz_lock); 2395 traverse_postorder(&az->ztree, auth_zone_del, NULL); 2396 traverse_postorder(&az->xtree, auth_xfer_del, NULL); 2397 free(az); 2398 } 2399 2400 /** true if domain has only nsec3 */ 2401 static int 2402 domain_has_only_nsec3(struct auth_data* n) 2403 { 2404 struct auth_rrset* rrset = n->rrsets; 2405 int nsec3_seen = 0; 2406 while(rrset) { 2407 if(rrset->type == LDNS_RR_TYPE_NSEC3) { 2408 nsec3_seen = 1; 2409 } else if(rrset->type != LDNS_RR_TYPE_RRSIG) { 2410 return 0; 2411 } 2412 rrset = rrset->next; 2413 } 2414 return nsec3_seen; 2415 } 2416 2417 /** see if the domain has a wildcard child '*.domain' */ 2418 static struct auth_data* 2419 az_find_wildcard_domain(struct auth_zone* z, uint8_t* nm, size_t nmlen) 2420 { 2421 uint8_t wc[LDNS_MAX_DOMAINLEN]; 2422 if(nmlen+2 > sizeof(wc)) 2423 return NULL; /* result would be too long */ 2424 wc[0] = 1; /* length of wildcard label */ 2425 wc[1] = (uint8_t)'*'; /* wildcard label */ 2426 memmove(wc+2, nm, nmlen); 2427 return az_find_name(z, wc, nmlen+2); 2428 } 2429 2430 /** find wildcard between qname and cename */ 2431 static struct auth_data* 2432 az_find_wildcard(struct auth_zone* z, struct query_info* qinfo, 2433 struct auth_data* ce) 2434 { 2435 uint8_t* nm = qinfo->qname; 2436 size_t nmlen = qinfo->qname_len; 2437 struct auth_data* node; 2438 if(!dname_subdomain_c(nm, z->name)) 2439 return NULL; /* out of zone */ 2440 while((node=az_find_wildcard_domain(z, nm, nmlen))==NULL) { 2441 if(nmlen == z->namelen) 2442 return NULL; /* top of zone reached */ 2443 if(ce && nmlen == ce->namelen) 2444 return NULL; /* ce reached */ 2445 if(!dname_remove_label_limit_len(&nm, &nmlen, z->namelen)) 2446 return NULL; /* can't go up */ 2447 } 2448 return node; 2449 } 2450 2451 /** domain is not exact, find first candidate ce (name that matches 2452 * a part of qname) in tree */ 2453 static struct auth_data* 2454 az_find_candidate_ce(struct auth_zone* z, struct query_info* qinfo, 2455 struct auth_data* n) 2456 { 2457 uint8_t* nm; 2458 size_t nmlen; 2459 if(n) { 2460 nm = dname_get_shared_topdomain(qinfo->qname, n->name); 2461 } else { 2462 nm = qinfo->qname; 2463 } 2464 dname_count_size_labels(nm, &nmlen); 2465 n = az_find_name(z, nm, nmlen); 2466 /* delete labels and go up on name */ 2467 while(!n) { 2468 if(!dname_remove_label_limit_len(&nm, &nmlen, z->namelen)) 2469 return NULL; /* can't go up */ 2470 n = az_find_name(z, nm, nmlen); 2471 } 2472 return n; 2473 } 2474 2475 /** go up the auth tree to next existing name. */ 2476 static struct auth_data* 2477 az_domain_go_up(struct auth_zone* z, struct auth_data* n) 2478 { 2479 uint8_t* nm = n->name; 2480 size_t nmlen = n->namelen; 2481 while(dname_remove_label_limit_len(&nm, &nmlen, z->namelen)) { 2482 if((n=az_find_name(z, nm, nmlen)) != NULL) 2483 return n; 2484 } 2485 return NULL; 2486 } 2487 2488 /** Find the closest encloser, an name that exists and is above the 2489 * qname. 2490 * return true if the node (param node) is existing, nonobscured and 2491 * can be used to generate answers from. It is then also node_exact. 2492 * returns false if the node is not good enough (or it wasn't node_exact) 2493 * in this case the ce can be filled. 2494 * if ce is NULL, no ce exists, and likely the zone is completely empty, 2495 * not even with a zone apex. 2496 * if ce is nonNULL it is the closest enclosing upper name (that exists 2497 * itself for answer purposes). That name may have DNAME, NS or wildcard 2498 * rrset is the closest DNAME or NS rrset that was found. 2499 */ 2500 static int 2501 az_find_ce(struct auth_zone* z, struct query_info* qinfo, 2502 struct auth_data* node, int node_exact, struct auth_data** ce, 2503 struct auth_rrset** rrset) 2504 { 2505 struct auth_data* n = node; 2506 struct auth_rrset* lookrrset; 2507 *ce = NULL; 2508 *rrset = NULL; 2509 if(!node_exact) { 2510 /* if not exact, lookup closest exact match */ 2511 n = az_find_candidate_ce(z, qinfo, n); 2512 } else { 2513 /* if exact, the node itself is the first candidate ce */ 2514 *ce = n; 2515 } 2516 2517 /* no direct answer from nsec3-only domains */ 2518 if(n && domain_has_only_nsec3(n)) { 2519 node_exact = 0; 2520 *ce = NULL; 2521 } 2522 2523 /* with exact matches, walk up the labels until we find the 2524 * delegation, or DNAME or zone end */ 2525 while(n) { 2526 /* see if the current candidate has issues */ 2527 /* not zone apex and has type NS */ 2528 if(n->namelen != z->namelen && 2529 (lookrrset=az_domain_rrset(n, LDNS_RR_TYPE_NS)) && 2530 /* delegate here, but DS at exact the dp has notype */ 2531 (qinfo->qtype != LDNS_RR_TYPE_DS || 2532 n->namelen != qinfo->qname_len)) { 2533 /* referral */ 2534 /* this is ce and the lowernode is nonexisting */ 2535 *ce = n; 2536 *rrset = lookrrset; 2537 node_exact = 0; 2538 } 2539 /* not equal to qname and has type DNAME */ 2540 if(n->namelen != qinfo->qname_len && 2541 (lookrrset=az_domain_rrset(n, LDNS_RR_TYPE_DNAME))) { 2542 /* this is ce and the lowernode is nonexisting */ 2543 *ce = n; 2544 *rrset = lookrrset; 2545 node_exact = 0; 2546 } 2547 2548 if(*ce == NULL && !domain_has_only_nsec3(n)) { 2549 /* if not found yet, this exact name must be 2550 * our lowest match (but not nsec3onlydomain) */ 2551 *ce = n; 2552 } 2553 2554 /* walk up the tree by removing labels from name and lookup */ 2555 n = az_domain_go_up(z, n); 2556 } 2557 /* found no problems, if it was an exact node, it is fine to use */ 2558 return node_exact; 2559 } 2560 2561 /** add additional A/AAAA from domain names in rrset rdata (+offset) 2562 * offset is number of bytes in rdata where the dname is located. */ 2563 static int 2564 az_add_additionals_from(struct auth_zone* z, struct regional* region, 2565 struct dns_msg* msg, struct auth_rrset* rrset, size_t offset) 2566 { 2567 struct packed_rrset_data* d = rrset->data; 2568 size_t i; 2569 if(!d) return 0; 2570 for(i=0; i<d->count; i++) { 2571 size_t dlen; 2572 struct auth_data* domain; 2573 struct auth_rrset* ref; 2574 if(d->rr_len[i] < 2+offset) 2575 continue; /* too short */ 2576 if(!(dlen = dname_valid(d->rr_data[i]+2+offset, 2577 d->rr_len[i]-2-offset))) 2578 continue; /* malformed */ 2579 domain = az_find_name(z, d->rr_data[i]+2+offset, dlen); 2580 if(!domain) 2581 continue; 2582 if((ref=az_domain_rrset(domain, LDNS_RR_TYPE_A)) != NULL) { 2583 if(!msg_add_rrset_ar(z, region, msg, domain, ref)) 2584 return 0; 2585 } 2586 if((ref=az_domain_rrset(domain, LDNS_RR_TYPE_AAAA)) != NULL) { 2587 if(!msg_add_rrset_ar(z, region, msg, domain, ref)) 2588 return 0; 2589 } 2590 } 2591 return 1; 2592 } 2593 2594 /** add negative SOA record (with negative TTL) */ 2595 static int 2596 az_add_negative_soa(struct auth_zone* z, struct regional* region, 2597 struct dns_msg* msg) 2598 { 2599 time_t minimum; 2600 size_t i; 2601 struct packed_rrset_data* d; 2602 struct auth_rrset* soa; 2603 struct auth_data* apex = az_find_name(z, z->name, z->namelen); 2604 if(!apex) return 0; 2605 soa = az_domain_rrset(apex, LDNS_RR_TYPE_SOA); 2606 if(!soa) return 0; 2607 /* must be first to put in message; we want to fix the TTL with 2608 * one RRset here, otherwise we'd need to loop over the RRs to get 2609 * the resulting lower TTL */ 2610 log_assert(msg->rep->rrset_count == 0); 2611 if(!msg_add_rrset_ns(z, region, msg, apex, soa)) return 0; 2612 /* fixup TTL */ 2613 d = (struct packed_rrset_data*)msg->rep->rrsets[msg->rep->rrset_count-1]->entry.data; 2614 /* last 4 bytes are minimum ttl in network format */ 2615 if(d->count == 0) return 0; 2616 if(d->rr_len[0] < 2+4) return 0; 2617 minimum = (time_t)sldns_read_uint32(d->rr_data[0]+(d->rr_len[0]-4)); 2618 minimum = d->ttl<minimum?d->ttl:minimum; 2619 d->ttl = minimum; 2620 for(i=0; i < d->count + d->rrsig_count; i++) 2621 d->rr_ttl[i] = minimum; 2622 msg->rep->ttl = get_rrset_ttl(msg->rep->rrsets[0]); 2623 msg->rep->prefetch_ttl = PREFETCH_TTL_CALC(msg->rep->ttl); 2624 msg->rep->serve_expired_ttl = msg->rep->ttl + SERVE_EXPIRED_TTL; 2625 return 1; 2626 } 2627 2628 /** See if the query goes to empty nonterminal (that has no auth_data, 2629 * but there are nodes underneath. We already checked that there are 2630 * not NS, or DNAME above, so that we only need to check if some node 2631 * exists below (with nonempty rr list), return true if emptynonterminal */ 2632 static int 2633 az_empty_nonterminal(struct auth_zone* z, struct query_info* qinfo, 2634 struct auth_data* node) 2635 { 2636 struct auth_data* next; 2637 if(!node) { 2638 /* no smaller was found, use first (smallest) node as the 2639 * next one */ 2640 next = (struct auth_data*)rbtree_first(&z->data); 2641 } else { 2642 next = (struct auth_data*)rbtree_next(&node->node); 2643 } 2644 while(next && (rbnode_type*)next != RBTREE_NULL && next->rrsets == NULL) { 2645 /* the next name has empty rrsets, is an empty nonterminal 2646 * itself, see if there exists something below it */ 2647 next = (struct auth_data*)rbtree_next(&node->node); 2648 } 2649 if((rbnode_type*)next == RBTREE_NULL || !next) { 2650 /* there is no next node, so something below it cannot 2651 * exist */ 2652 return 0; 2653 } 2654 /* a next node exists, if there was something below the query, 2655 * this node has to be it. See if it is below the query name */ 2656 if(dname_strict_subdomain_c(next->name, qinfo->qname)) 2657 return 1; 2658 return 0; 2659 } 2660 2661 /** create synth cname target name in buffer, or fail if too long */ 2662 static size_t 2663 synth_cname_buf(uint8_t* qname, size_t qname_len, size_t dname_len, 2664 uint8_t* dtarg, size_t dtarglen, uint8_t* buf, size_t buflen) 2665 { 2666 size_t newlen = qname_len + dtarglen - dname_len; 2667 if(newlen > buflen) { 2668 /* YXDOMAIN error */ 2669 return 0; 2670 } 2671 /* new name is concatenation of qname front (without DNAME owner) 2672 * and DNAME target name */ 2673 memcpy(buf, qname, qname_len-dname_len); 2674 memmove(buf+(qname_len-dname_len), dtarg, dtarglen); 2675 return newlen; 2676 } 2677 2678 /** create synthetic CNAME rrset for in a DNAME answer in region, 2679 * false on alloc failure, cname==NULL when name too long. */ 2680 static int 2681 create_synth_cname(uint8_t* qname, size_t qname_len, struct regional* region, 2682 struct auth_data* node, struct auth_rrset* dname, uint16_t dclass, 2683 struct ub_packed_rrset_key** cname) 2684 { 2685 uint8_t buf[LDNS_MAX_DOMAINLEN]; 2686 uint8_t* dtarg; 2687 size_t dtarglen, newlen; 2688 struct packed_rrset_data* d; 2689 2690 /* get DNAME target name */ 2691 if(dname->data->count < 1) return 0; 2692 if(dname->data->rr_len[0] < 3) return 0; /* at least rdatalen +1 */ 2693 dtarg = dname->data->rr_data[0]+2; 2694 dtarglen = dname->data->rr_len[0]-2; 2695 if(sldns_read_uint16(dname->data->rr_data[0]) != dtarglen) 2696 return 0; /* rdatalen in DNAME rdata is malformed */ 2697 if(dname_valid(dtarg, dtarglen) != dtarglen) 2698 return 0; /* DNAME RR has malformed rdata */ 2699 if(qname_len == 0) 2700 return 0; /* too short */ 2701 if(qname_len <= node->namelen) 2702 return 0; /* qname too short for dname removal */ 2703 2704 /* synthesize a CNAME */ 2705 newlen = synth_cname_buf(qname, qname_len, node->namelen, 2706 dtarg, dtarglen, buf, sizeof(buf)); 2707 if(newlen == 0) { 2708 /* YXDOMAIN error */ 2709 *cname = NULL; 2710 return 1; 2711 } 2712 *cname = (struct ub_packed_rrset_key*)regional_alloc(region, 2713 sizeof(struct ub_packed_rrset_key)); 2714 if(!*cname) 2715 return 0; /* out of memory */ 2716 memset(&(*cname)->entry, 0, sizeof((*cname)->entry)); 2717 (*cname)->entry.key = (*cname); 2718 (*cname)->rk.type = htons(LDNS_RR_TYPE_CNAME); 2719 (*cname)->rk.rrset_class = htons(dclass); 2720 (*cname)->rk.flags = 0; 2721 (*cname)->rk.dname = regional_alloc_init(region, qname, qname_len); 2722 if(!(*cname)->rk.dname) 2723 return 0; /* out of memory */ 2724 (*cname)->rk.dname_len = qname_len; 2725 (*cname)->entry.hash = rrset_key_hash(&(*cname)->rk); 2726 d = (struct packed_rrset_data*)regional_alloc_zero(region, 2727 sizeof(struct packed_rrset_data) + sizeof(size_t) + 2728 sizeof(uint8_t*) + sizeof(time_t) + sizeof(uint16_t) 2729 + newlen); 2730 if(!d) 2731 return 0; /* out of memory */ 2732 (*cname)->entry.data = d; 2733 d->ttl = dname->data->ttl; /* RFC6672: synth CNAME TTL == DNAME TTL */ 2734 d->count = 1; 2735 d->rrsig_count = 0; 2736 d->trust = rrset_trust_ans_noAA; 2737 d->rr_len = (size_t*)((uint8_t*)d + 2738 sizeof(struct packed_rrset_data)); 2739 d->rr_len[0] = newlen + sizeof(uint16_t); 2740 packed_rrset_ptr_fixup(d); 2741 d->rr_ttl[0] = d->ttl; 2742 sldns_write_uint16(d->rr_data[0], newlen); 2743 memmove(d->rr_data[0] + sizeof(uint16_t), buf, newlen); 2744 return 1; 2745 } 2746 2747 /** add a synthesized CNAME to the answer section */ 2748 static int 2749 add_synth_cname(struct auth_zone* z, uint8_t* qname, size_t qname_len, 2750 struct regional* region, struct dns_msg* msg, struct auth_data* dname, 2751 struct auth_rrset* rrset) 2752 { 2753 struct ub_packed_rrset_key* cname; 2754 /* synthesize a CNAME */ 2755 if(!create_synth_cname(qname, qname_len, region, dname, rrset, 2756 z->dclass, &cname)) { 2757 /* out of memory */ 2758 return 0; 2759 } 2760 if(!cname) { 2761 /* cname cannot be create because of YXDOMAIN */ 2762 msg->rep->flags |= LDNS_RCODE_YXDOMAIN; 2763 return 1; 2764 } 2765 /* add cname to message */ 2766 if(!msg_grow_array(region, msg)) 2767 return 0; 2768 msg->rep->rrsets[msg->rep->rrset_count] = cname; 2769 msg->rep->rrset_count++; 2770 msg->rep->an_numrrsets++; 2771 msg_ttl(msg); 2772 return 1; 2773 } 2774 2775 /** Change a dname to a different one, for wildcard namechange */ 2776 static void 2777 az_change_dnames(struct dns_msg* msg, uint8_t* oldname, uint8_t* newname, 2778 size_t newlen, int an_only) 2779 { 2780 size_t i; 2781 size_t start = 0, end = msg->rep->rrset_count; 2782 if(!an_only) start = msg->rep->an_numrrsets; 2783 if(an_only) end = msg->rep->an_numrrsets; 2784 for(i=start; i<end; i++) { 2785 /* allocated in region so we can change the ptrs */ 2786 if(query_dname_compare(msg->rep->rrsets[i]->rk.dname, oldname) 2787 == 0) { 2788 msg->rep->rrsets[i]->rk.dname = newname; 2789 msg->rep->rrsets[i]->rk.dname_len = newlen; 2790 msg->rep->rrsets[i]->entry.hash = rrset_key_hash(&msg->rep->rrsets[i]->rk); 2791 } 2792 } 2793 } 2794 2795 /** find NSEC record covering the query, with the given node in the zone */ 2796 static struct auth_rrset* 2797 az_find_nsec_cover(struct auth_zone* z, struct auth_data** node) 2798 { 2799 uint8_t* nm; 2800 size_t nmlen; 2801 struct auth_rrset* rrset; 2802 log_assert(*node); /* we already have a node when calling this */ 2803 nm = (*node)->name; 2804 nmlen = (*node)->namelen; 2805 /* find the NSEC for the smallest-or-equal node */ 2806 /* But there could be glue, and then it has no NSEC. 2807 * Go up to find nonglue (previous) NSEC-holding nodes */ 2808 while((rrset=az_domain_rrset(*node, LDNS_RR_TYPE_NSEC)) == NULL) { 2809 if(nmlen == z->namelen) return NULL; 2810 if(!dname_remove_label_limit_len(&nm, &nmlen, z->namelen)) 2811 return NULL; /* can't go up */ 2812 /* adjust *node for the nsec rrset to find in */ 2813 *node = az_find_name(z, nm, nmlen); 2814 } 2815 return rrset; 2816 } 2817 2818 /** Find NSEC and add for wildcard denial */ 2819 static int 2820 az_nsec_wildcard_denial(struct auth_zone* z, struct regional* region, 2821 struct dns_msg* msg, uint8_t* cenm, size_t cenmlen) 2822 { 2823 struct query_info qinfo; 2824 int node_exact; 2825 struct auth_data* node; 2826 struct auth_rrset* nsec; 2827 uint8_t wc[LDNS_MAX_DOMAINLEN]; 2828 if(cenmlen+2 > sizeof(wc)) 2829 return 0; /* result would be too long */ 2830 wc[0] = 1; /* length of wildcard label */ 2831 wc[1] = (uint8_t)'*'; /* wildcard label */ 2832 memmove(wc+2, cenm, cenmlen); 2833 2834 /* we have '*.ce' in wc wildcard name buffer */ 2835 /* get nsec cover for that */ 2836 qinfo.qname = wc; 2837 qinfo.qname_len = cenmlen+2; 2838 qinfo.qtype = 0; 2839 qinfo.qclass = 0; 2840 az_find_domain(z, &qinfo, &node_exact, &node); 2841 if((nsec=az_find_nsec_cover(z, &node)) != NULL) { 2842 if(!msg_add_rrset_ns(z, region, msg, node, nsec)) return 0; 2843 } 2844 return 1; 2845 } 2846 2847 /** Find the NSEC3PARAM rrset (if any) and if true you have the parameters */ 2848 static int 2849 az_nsec3_param(struct auth_zone* z, int* algo, size_t* iter, uint8_t** salt, 2850 size_t* saltlen) 2851 { 2852 struct auth_data* apex; 2853 struct auth_rrset* param; 2854 size_t i; 2855 apex = az_find_name(z, z->name, z->namelen); 2856 if(!apex) return 0; 2857 param = az_domain_rrset(apex, LDNS_RR_TYPE_NSEC3PARAM); 2858 if(!param || param->data->count==0) 2859 return 0; /* no RRset or no RRs in rrset */ 2860 /* find out which NSEC3PARAM RR has supported parameters */ 2861 /* skip unknown flags (dynamic signer is recalculating nsec3 chain) */ 2862 for(i=0; i<param->data->count; i++) { 2863 uint8_t* rdata = param->data->rr_data[i]+2; 2864 size_t rdatalen = param->data->rr_len[i]; 2865 if(rdatalen < 2+5) 2866 continue; /* too short */ 2867 if(!nsec3_hash_algo_size_supported((int)(rdata[0]))) 2868 continue; /* unsupported algo */ 2869 if(rdatalen < (size_t)(2+5+(size_t)rdata[4])) 2870 continue; /* salt missing */ 2871 if((rdata[1]&NSEC3_UNKNOWN_FLAGS)!=0) 2872 continue; /* unknown flags */ 2873 *algo = (int)(rdata[0]); 2874 *iter = sldns_read_uint16(rdata+2); 2875 *saltlen = rdata[4]; 2876 if(*saltlen == 0) 2877 *salt = NULL; 2878 else *salt = rdata+5; 2879 return 1; 2880 } 2881 /* no supported params */ 2882 return 0; 2883 } 2884 2885 /** Hash a name with nsec3param into buffer, it has zone name appended. 2886 * return length of hash */ 2887 static size_t 2888 az_nsec3_hash(uint8_t* buf, size_t buflen, uint8_t* nm, size_t nmlen, 2889 int algo, size_t iter, uint8_t* salt, size_t saltlen) 2890 { 2891 size_t hlen = nsec3_hash_algo_size_supported(algo); 2892 /* buffer has domain name, nsec3hash, and 256 is for max saltlen 2893 * (salt has 0-255 length) */ 2894 unsigned char p[LDNS_MAX_DOMAINLEN+1+N3HASHBUFLEN+256]; 2895 size_t i; 2896 if(nmlen+saltlen > sizeof(p) || hlen+saltlen > sizeof(p)) 2897 return 0; 2898 if(hlen > buflen) 2899 return 0; /* somehow too large for destination buffer */ 2900 /* hashfunc(name, salt) */ 2901 memmove(p, nm, nmlen); 2902 query_dname_tolower(p); 2903 if(salt && saltlen > 0) 2904 memmove(p+nmlen, salt, saltlen); 2905 (void)secalgo_nsec3_hash(algo, p, nmlen+saltlen, (unsigned char*)buf); 2906 for(i=0; i<iter; i++) { 2907 /* hashfunc(hash, salt) */ 2908 memmove(p, buf, hlen); 2909 if(salt && saltlen > 0) 2910 memmove(p+hlen, salt, saltlen); 2911 (void)secalgo_nsec3_hash(algo, p, hlen+saltlen, 2912 (unsigned char*)buf); 2913 } 2914 return hlen; 2915 } 2916 2917 /** Hash name and return b32encoded hashname for lookup, zone name appended */ 2918 static int 2919 az_nsec3_hashname(struct auth_zone* z, uint8_t* hashname, size_t* hashnmlen, 2920 uint8_t* nm, size_t nmlen, int algo, size_t iter, uint8_t* salt, 2921 size_t saltlen) 2922 { 2923 uint8_t hash[N3HASHBUFLEN]; 2924 size_t hlen; 2925 int ret; 2926 hlen = az_nsec3_hash(hash, sizeof(hash), nm, nmlen, algo, iter, 2927 salt, saltlen); 2928 if(!hlen) return 0; 2929 /* b32 encode */ 2930 if(*hashnmlen < hlen*2+1+z->namelen) /* approx b32 as hexb16 */ 2931 return 0; 2932 ret = sldns_b32_ntop_extended_hex(hash, hlen, (char*)(hashname+1), 2933 (*hashnmlen)-1); 2934 if(ret<1) 2935 return 0; 2936 hashname[0] = (uint8_t)ret; 2937 ret++; 2938 if((*hashnmlen) - ret < z->namelen) 2939 return 0; 2940 memmove(hashname+ret, z->name, z->namelen); 2941 *hashnmlen = z->namelen+(size_t)ret; 2942 return 1; 2943 } 2944 2945 /** Find the datanode that covers the nsec3hash-name */ 2946 static struct auth_data* 2947 az_nsec3_findnode(struct auth_zone* z, uint8_t* hashnm, size_t hashnmlen) 2948 { 2949 struct query_info qinfo; 2950 struct auth_data* node; 2951 int node_exact; 2952 qinfo.qclass = 0; 2953 qinfo.qtype = 0; 2954 qinfo.qname = hashnm; 2955 qinfo.qname_len = hashnmlen; 2956 /* because canonical ordering and b32 nsec3 ordering are the same. 2957 * this is a good lookup to find the nsec3 name. */ 2958 az_find_domain(z, &qinfo, &node_exact, &node); 2959 /* but we may have to skip non-nsec3 nodes */ 2960 /* this may be a lot, the way to speed that up is to have a 2961 * separate nsec3 tree with nsec3 nodes */ 2962 while(node && (rbnode_type*)node != RBTREE_NULL && 2963 !az_domain_rrset(node, LDNS_RR_TYPE_NSEC3)) { 2964 node = (struct auth_data*)rbtree_previous(&node->node); 2965 } 2966 if((rbnode_type*)node == RBTREE_NULL) 2967 node = NULL; 2968 return node; 2969 } 2970 2971 /** Find cover for hashed(nm, nmlen) (or NULL) */ 2972 static struct auth_data* 2973 az_nsec3_find_cover(struct auth_zone* z, uint8_t* nm, size_t nmlen, 2974 int algo, size_t iter, uint8_t* salt, size_t saltlen) 2975 { 2976 struct auth_data* node; 2977 uint8_t hname[LDNS_MAX_DOMAINLEN]; 2978 size_t hlen = sizeof(hname); 2979 if(!az_nsec3_hashname(z, hname, &hlen, nm, nmlen, algo, iter, 2980 salt, saltlen)) 2981 return NULL; 2982 node = az_nsec3_findnode(z, hname, hlen); 2983 if(node) 2984 return node; 2985 /* we did not find any, perhaps because the NSEC3 hash is before 2986 * the first hash, we have to find the 'last hash' in the zone */ 2987 node = (struct auth_data*)rbtree_last(&z->data); 2988 while(node && (rbnode_type*)node != RBTREE_NULL && 2989 !az_domain_rrset(node, LDNS_RR_TYPE_NSEC3)) { 2990 node = (struct auth_data*)rbtree_previous(&node->node); 2991 } 2992 if((rbnode_type*)node == RBTREE_NULL) 2993 node = NULL; 2994 return node; 2995 } 2996 2997 /** Find exact match for hashed(nm, nmlen) NSEC3 record or NULL */ 2998 static struct auth_data* 2999 az_nsec3_find_exact(struct auth_zone* z, uint8_t* nm, size_t nmlen, 3000 int algo, size_t iter, uint8_t* salt, size_t saltlen) 3001 { 3002 struct auth_data* node; 3003 uint8_t hname[LDNS_MAX_DOMAINLEN]; 3004 size_t hlen = sizeof(hname); 3005 if(!az_nsec3_hashname(z, hname, &hlen, nm, nmlen, algo, iter, 3006 salt, saltlen)) 3007 return NULL; 3008 node = az_find_name(z, hname, hlen); 3009 if(az_domain_rrset(node, LDNS_RR_TYPE_NSEC3)) 3010 return node; 3011 return NULL; 3012 } 3013 3014 /** Return nextcloser name (as a ref into the qname). This is one label 3015 * more than the cenm (cename must be a suffix of qname) */ 3016 static void 3017 az_nsec3_get_nextcloser(uint8_t* cenm, uint8_t* qname, size_t qname_len, 3018 uint8_t** nx, size_t* nxlen) 3019 { 3020 int celabs = dname_count_labels(cenm); 3021 int qlabs = dname_count_labels(qname); 3022 int strip = qlabs - celabs -1; 3023 log_assert(dname_strict_subdomain(qname, qlabs, cenm, celabs)); 3024 *nx = qname; 3025 *nxlen = qname_len; 3026 if(strip>0) 3027 dname_remove_labels(nx, nxlen, strip); 3028 } 3029 3030 /** Find the closest encloser that has exact NSEC3. 3031 * updated cenm to the new name. If it went up no-exact-ce is true. */ 3032 static struct auth_data* 3033 az_nsec3_find_ce(struct auth_zone* z, uint8_t** cenm, size_t* cenmlen, 3034 int* no_exact_ce, int algo, size_t iter, uint8_t* salt, size_t saltlen) 3035 { 3036 struct auth_data* node; 3037 while((node = az_nsec3_find_exact(z, *cenm, *cenmlen, 3038 algo, iter, salt, saltlen)) == NULL) { 3039 if(!dname_remove_label_limit_len(cenm, cenmlen, z->namelen)) 3040 return NULL; /* can't go up */ 3041 *no_exact_ce = 1; 3042 } 3043 return node; 3044 } 3045 3046 /* Insert NSEC3 record in authority section, if NULL does nothing */ 3047 static int 3048 az_nsec3_insert(struct auth_zone* z, struct regional* region, 3049 struct dns_msg* msg, struct auth_data* node) 3050 { 3051 struct auth_rrset* nsec3; 3052 if(!node) return 1; /* no node, skip this */ 3053 nsec3 = az_domain_rrset(node, LDNS_RR_TYPE_NSEC3); 3054 if(!nsec3) return 1; /* if no nsec3 RR, skip it */ 3055 if(!msg_add_rrset_ns(z, region, msg, node, nsec3)) return 0; 3056 return 1; 3057 } 3058 3059 /** add NSEC3 records to the zone for the nsec3 proof. 3060 * Specify with the flags with parts of the proof are required. 3061 * the ce is the exact matching name (for notype) but also delegation points. 3062 * qname is the one where the nextcloser name can be derived from. 3063 * If NSEC3 is not properly there (in the zone) nothing is added. 3064 * always enabled: include nsec3 proving about the Closest Encloser. 3065 * that is an exact match that should exist for it. 3066 * If that does not exist, a higher exact match + nxproof is enabled 3067 * (for some sort of opt-out empty nonterminal cases). 3068 * nodataproof: search for exact match and include that instead. 3069 * ceproof: include ce proof NSEC3 (omitted for wildcard replies). 3070 * nxproof: include denial of the qname. 3071 * wcproof: include denial of wildcard (wildcard.ce). 3072 */ 3073 static int 3074 az_add_nsec3_proof(struct auth_zone* z, struct regional* region, 3075 struct dns_msg* msg, uint8_t* cenm, size_t cenmlen, uint8_t* qname, 3076 size_t qname_len, int nodataproof, int ceproof, int nxproof, 3077 int wcproof) 3078 { 3079 int algo; 3080 size_t iter, saltlen; 3081 uint8_t* salt; 3082 int no_exact_ce = 0; 3083 struct auth_data* node; 3084 3085 /* find parameters of nsec3 proof */ 3086 if(!az_nsec3_param(z, &algo, &iter, &salt, &saltlen)) 3087 return 1; /* no nsec3 */ 3088 if(nodataproof) { 3089 /* see if the node has a hash of itself for the nodata 3090 * proof nsec3, this has to be an exact match nsec3. */ 3091 struct auth_data* match; 3092 match = az_nsec3_find_exact(z, qname, qname_len, algo, 3093 iter, salt, saltlen); 3094 if(match) { 3095 if(!az_nsec3_insert(z, region, msg, match)) 3096 return 0; 3097 /* only nodata NSEC3 needed, no CE or others. */ 3098 return 1; 3099 } 3100 } 3101 /* find ce that has an NSEC3 */ 3102 if(ceproof) { 3103 node = az_nsec3_find_ce(z, &cenm, &cenmlen, &no_exact_ce, 3104 algo, iter, salt, saltlen); 3105 if(no_exact_ce) nxproof = 1; 3106 if(!az_nsec3_insert(z, region, msg, node)) 3107 return 0; 3108 } 3109 3110 if(nxproof) { 3111 uint8_t* nx; 3112 size_t nxlen; 3113 /* create nextcloser domain name */ 3114 az_nsec3_get_nextcloser(cenm, qname, qname_len, &nx, &nxlen); 3115 /* find nsec3 that matches or covers it */ 3116 node = az_nsec3_find_cover(z, nx, nxlen, algo, iter, salt, 3117 saltlen); 3118 if(!az_nsec3_insert(z, region, msg, node)) 3119 return 0; 3120 } 3121 if(wcproof) { 3122 /* create wildcard name *.ce */ 3123 uint8_t wc[LDNS_MAX_DOMAINLEN]; 3124 size_t wclen; 3125 if(cenmlen+2 > sizeof(wc)) 3126 return 0; /* result would be too long */ 3127 wc[0] = 1; /* length of wildcard label */ 3128 wc[1] = (uint8_t)'*'; /* wildcard label */ 3129 memmove(wc+2, cenm, cenmlen); 3130 wclen = cenmlen+2; 3131 /* find nsec3 that matches or covers it */ 3132 node = az_nsec3_find_cover(z, wc, wclen, algo, iter, salt, 3133 saltlen); 3134 if(!az_nsec3_insert(z, region, msg, node)) 3135 return 0; 3136 } 3137 return 1; 3138 } 3139 3140 /** generate answer for positive answer */ 3141 static int 3142 az_generate_positive_answer(struct auth_zone* z, struct regional* region, 3143 struct dns_msg* msg, struct auth_data* node, struct auth_rrset* rrset) 3144 { 3145 if(!msg_add_rrset_an(z, region, msg, node, rrset)) return 0; 3146 /* see if we want additional rrs */ 3147 if(rrset->type == LDNS_RR_TYPE_MX) { 3148 if(!az_add_additionals_from(z, region, msg, rrset, 2)) 3149 return 0; 3150 } else if(rrset->type == LDNS_RR_TYPE_SRV) { 3151 if(!az_add_additionals_from(z, region, msg, rrset, 6)) 3152 return 0; 3153 } else if(rrset->type == LDNS_RR_TYPE_NS) { 3154 if(!az_add_additionals_from(z, region, msg, rrset, 0)) 3155 return 0; 3156 } 3157 return 1; 3158 } 3159 3160 /** generate answer for type ANY answer */ 3161 static int 3162 az_generate_any_answer(struct auth_zone* z, struct regional* region, 3163 struct dns_msg* msg, struct auth_data* node) 3164 { 3165 struct auth_rrset* rrset; 3166 int added = 0; 3167 /* add a couple (at least one) RRs */ 3168 if((rrset=az_domain_rrset(node, LDNS_RR_TYPE_SOA)) != NULL) { 3169 if(!msg_add_rrset_an(z, region, msg, node, rrset)) return 0; 3170 added++; 3171 } 3172 if((rrset=az_domain_rrset(node, LDNS_RR_TYPE_MX)) != NULL) { 3173 if(!msg_add_rrset_an(z, region, msg, node, rrset)) return 0; 3174 added++; 3175 } 3176 if((rrset=az_domain_rrset(node, LDNS_RR_TYPE_A)) != NULL) { 3177 if(!msg_add_rrset_an(z, region, msg, node, rrset)) return 0; 3178 added++; 3179 } 3180 if((rrset=az_domain_rrset(node, LDNS_RR_TYPE_AAAA)) != NULL) { 3181 if(!msg_add_rrset_an(z, region, msg, node, rrset)) return 0; 3182 added++; 3183 } 3184 if(added == 0 && node && node->rrsets) { 3185 if(!msg_add_rrset_an(z, region, msg, node, 3186 node->rrsets)) return 0; 3187 } 3188 return 1; 3189 } 3190 3191 /** follow cname chain and add more data to the answer section */ 3192 static int 3193 follow_cname_chain(struct auth_zone* z, uint16_t qtype, 3194 struct regional* region, struct dns_msg* msg, 3195 struct packed_rrset_data* d) 3196 { 3197 int maxchain = 0; 3198 /* see if we can add the target of the CNAME into the answer */ 3199 while(maxchain++ < MAX_CNAME_CHAIN) { 3200 struct auth_data* node; 3201 struct auth_rrset* rrset; 3202 size_t clen; 3203 /* d has cname rdata */ 3204 if(d->count == 0) break; /* no CNAME */ 3205 if(d->rr_len[0] < 2+1) break; /* too small */ 3206 if((clen=dname_valid(d->rr_data[0]+2, d->rr_len[0]-2))==0) 3207 break; /* malformed */ 3208 if(!dname_subdomain_c(d->rr_data[0]+2, z->name)) 3209 break; /* target out of zone */ 3210 if((node = az_find_name(z, d->rr_data[0]+2, clen))==NULL) 3211 break; /* no such target name */ 3212 if((rrset=az_domain_rrset(node, qtype))!=NULL) { 3213 /* done we found the target */ 3214 if(!msg_add_rrset_an(z, region, msg, node, rrset)) 3215 return 0; 3216 break; 3217 } 3218 if((rrset=az_domain_rrset(node, LDNS_RR_TYPE_CNAME))==NULL) 3219 break; /* no further CNAME chain, notype */ 3220 if(!msg_add_rrset_an(z, region, msg, node, rrset)) return 0; 3221 d = rrset->data; 3222 } 3223 return 1; 3224 } 3225 3226 /** generate answer for cname answer */ 3227 static int 3228 az_generate_cname_answer(struct auth_zone* z, struct query_info* qinfo, 3229 struct regional* region, struct dns_msg* msg, 3230 struct auth_data* node, struct auth_rrset* rrset) 3231 { 3232 if(!msg_add_rrset_an(z, region, msg, node, rrset)) return 0; 3233 if(!rrset) return 1; 3234 if(!follow_cname_chain(z, qinfo->qtype, region, msg, rrset->data)) 3235 return 0; 3236 return 1; 3237 } 3238 3239 /** generate answer for notype answer */ 3240 static int 3241 az_generate_notype_answer(struct auth_zone* z, struct regional* region, 3242 struct dns_msg* msg, struct auth_data* node) 3243 { 3244 struct auth_rrset* rrset; 3245 if(!az_add_negative_soa(z, region, msg)) return 0; 3246 /* DNSSEC denial NSEC */ 3247 if((rrset=az_domain_rrset(node, LDNS_RR_TYPE_NSEC))!=NULL) { 3248 if(!msg_add_rrset_ns(z, region, msg, node, rrset)) return 0; 3249 } else if(node) { 3250 /* DNSSEC denial NSEC3 */ 3251 if(!az_add_nsec3_proof(z, region, msg, node->name, 3252 node->namelen, msg->qinfo.qname, 3253 msg->qinfo.qname_len, 1, 1, 0, 0)) 3254 return 0; 3255 } 3256 return 1; 3257 } 3258 3259 /** generate answer for referral answer */ 3260 static int 3261 az_generate_referral_answer(struct auth_zone* z, struct regional* region, 3262 struct dns_msg* msg, struct auth_data* ce, struct auth_rrset* rrset) 3263 { 3264 struct auth_rrset* ds, *nsec; 3265 /* turn off AA flag, referral is nonAA because it leaves the zone */ 3266 log_assert(ce); 3267 msg->rep->flags &= ~BIT_AA; 3268 if(!msg_add_rrset_ns(z, region, msg, ce, rrset)) return 0; 3269 /* add DS or deny it */ 3270 if((ds=az_domain_rrset(ce, LDNS_RR_TYPE_DS))!=NULL) { 3271 if(!msg_add_rrset_ns(z, region, msg, ce, ds)) return 0; 3272 } else { 3273 /* deny the DS */ 3274 if((nsec=az_domain_rrset(ce, LDNS_RR_TYPE_NSEC))!=NULL) { 3275 if(!msg_add_rrset_ns(z, region, msg, ce, nsec)) 3276 return 0; 3277 } else { 3278 if(!az_add_nsec3_proof(z, region, msg, ce->name, 3279 ce->namelen, msg->qinfo.qname, 3280 msg->qinfo.qname_len, 1, 1, 0, 0)) 3281 return 0; 3282 } 3283 } 3284 /* add additional rrs for type NS */ 3285 if(!az_add_additionals_from(z, region, msg, rrset, 0)) return 0; 3286 return 1; 3287 } 3288 3289 /** generate answer for DNAME answer */ 3290 static int 3291 az_generate_dname_answer(struct auth_zone* z, struct query_info* qinfo, 3292 struct regional* region, struct dns_msg* msg, struct auth_data* ce, 3293 struct auth_rrset* rrset) 3294 { 3295 log_assert(ce); 3296 /* add the DNAME and then a CNAME */ 3297 if(!msg_add_rrset_an(z, region, msg, ce, rrset)) return 0; 3298 if(!add_synth_cname(z, qinfo->qname, qinfo->qname_len, region, 3299 msg, ce, rrset)) return 0; 3300 if(FLAGS_GET_RCODE(msg->rep->flags) == LDNS_RCODE_YXDOMAIN) 3301 return 1; 3302 if(msg->rep->rrset_count == 0 || 3303 !msg->rep->rrsets[msg->rep->rrset_count-1]) 3304 return 0; 3305 if(!follow_cname_chain(z, qinfo->qtype, region, msg, 3306 (struct packed_rrset_data*)msg->rep->rrsets[ 3307 msg->rep->rrset_count-1]->entry.data)) 3308 return 0; 3309 return 1; 3310 } 3311 3312 /** generate answer for wildcard answer */ 3313 static int 3314 az_generate_wildcard_answer(struct auth_zone* z, struct query_info* qinfo, 3315 struct regional* region, struct dns_msg* msg, struct auth_data* ce, 3316 struct auth_data* wildcard, struct auth_data* node) 3317 { 3318 struct auth_rrset* rrset, *nsec; 3319 int insert_ce = 0; 3320 if((rrset=az_domain_rrset(wildcard, qinfo->qtype)) != NULL) { 3321 /* wildcard has type, add it */ 3322 if(!msg_add_rrset_an(z, region, msg, wildcard, rrset)) 3323 return 0; 3324 az_change_dnames(msg, wildcard->name, msg->qinfo.qname, 3325 msg->qinfo.qname_len, 1); 3326 } else if((rrset=az_domain_rrset(wildcard, LDNS_RR_TYPE_CNAME))!=NULL) { 3327 /* wildcard has cname instead, do that */ 3328 if(!msg_add_rrset_an(z, region, msg, wildcard, rrset)) 3329 return 0; 3330 az_change_dnames(msg, wildcard->name, msg->qinfo.qname, 3331 msg->qinfo.qname_len, 1); 3332 if(!follow_cname_chain(z, qinfo->qtype, region, msg, 3333 rrset->data)) 3334 return 0; 3335 } else if(qinfo->qtype == LDNS_RR_TYPE_ANY && wildcard->rrsets) { 3336 /* add ANY rrsets from wildcard node */ 3337 if(!az_generate_any_answer(z, region, msg, wildcard)) 3338 return 0; 3339 az_change_dnames(msg, wildcard->name, msg->qinfo.qname, 3340 msg->qinfo.qname_len, 1); 3341 } else { 3342 /* wildcard has nodata, notype answer */ 3343 /* call other notype routine for dnssec notype denials */ 3344 if(!az_generate_notype_answer(z, region, msg, wildcard)) 3345 return 0; 3346 /* because the notype, there is no positive data with an 3347 * RRSIG that indicates the wildcard position. Thus the 3348 * wildcard qname denial needs to have a CE nsec3. */ 3349 insert_ce = 1; 3350 } 3351 3352 /* ce and node for dnssec denial of wildcard original name */ 3353 if((nsec=az_find_nsec_cover(z, &node)) != NULL) { 3354 if(!msg_add_rrset_ns(z, region, msg, node, nsec)) return 0; 3355 } else if(ce) { 3356 uint8_t* wildup = wildcard->name; 3357 size_t wilduplen= wildcard->namelen; 3358 if(!dname_remove_label_limit_len(&wildup, &wilduplen, z->namelen)) 3359 return 0; /* can't go up */ 3360 if(!az_add_nsec3_proof(z, region, msg, wildup, 3361 wilduplen, msg->qinfo.qname, 3362 msg->qinfo.qname_len, 0, insert_ce, 1, 0)) 3363 return 0; 3364 } 3365 3366 /* fixup name of wildcard from *.zone to qname, use already allocated 3367 * pointer to msg qname */ 3368 az_change_dnames(msg, wildcard->name, msg->qinfo.qname, 3369 msg->qinfo.qname_len, 0); 3370 return 1; 3371 } 3372 3373 /** generate answer for nxdomain answer */ 3374 static int 3375 az_generate_nxdomain_answer(struct auth_zone* z, struct regional* region, 3376 struct dns_msg* msg, struct auth_data* ce, struct auth_data* node) 3377 { 3378 struct auth_rrset* nsec; 3379 msg->rep->flags |= LDNS_RCODE_NXDOMAIN; 3380 if(!az_add_negative_soa(z, region, msg)) return 0; 3381 if((nsec=az_find_nsec_cover(z, &node)) != NULL) { 3382 if(!msg_add_rrset_ns(z, region, msg, node, nsec)) return 0; 3383 if(ce && !az_nsec_wildcard_denial(z, region, msg, ce->name, 3384 ce->namelen)) return 0; 3385 } else if(ce) { 3386 if(!az_add_nsec3_proof(z, region, msg, ce->name, 3387 ce->namelen, msg->qinfo.qname, 3388 msg->qinfo.qname_len, 0, 1, 1, 1)) 3389 return 0; 3390 } 3391 return 1; 3392 } 3393 3394 /** Create answers when an exact match exists for the domain name */ 3395 static int 3396 az_generate_answer_with_node(struct auth_zone* z, struct query_info* qinfo, 3397 struct regional* region, struct dns_msg* msg, struct auth_data* node) 3398 { 3399 struct auth_rrset* rrset; 3400 /* positive answer, rrset we are looking for exists */ 3401 if((rrset=az_domain_rrset(node, qinfo->qtype)) != NULL) { 3402 return az_generate_positive_answer(z, region, msg, node, rrset); 3403 } 3404 /* CNAME? */ 3405 if((rrset=az_domain_rrset(node, LDNS_RR_TYPE_CNAME)) != NULL) { 3406 return az_generate_cname_answer(z, qinfo, region, msg, 3407 node, rrset); 3408 } 3409 /* type ANY ? */ 3410 if(qinfo->qtype == LDNS_RR_TYPE_ANY) { 3411 return az_generate_any_answer(z, region, msg, node); 3412 } 3413 /* NOERROR/NODATA (no such type at domain name) */ 3414 return az_generate_notype_answer(z, region, msg, node); 3415 } 3416 3417 /** Generate answer without an existing-node that we can use. 3418 * So it'll be a referral, DNAME, notype, wildcard or nxdomain */ 3419 static int 3420 az_generate_answer_nonexistnode(struct auth_zone* z, struct query_info* qinfo, 3421 struct regional* region, struct dns_msg* msg, struct auth_data* ce, 3422 struct auth_rrset* rrset, struct auth_data* node) 3423 { 3424 struct auth_data* wildcard; 3425 3426 /* we do not have an exact matching name (that exists) */ 3427 /* see if we have a NS or DNAME in the ce */ 3428 if(ce && rrset && rrset->type == LDNS_RR_TYPE_NS) { 3429 return az_generate_referral_answer(z, region, msg, ce, rrset); 3430 } 3431 if(ce && rrset && rrset->type == LDNS_RR_TYPE_DNAME) { 3432 return az_generate_dname_answer(z, qinfo, region, msg, ce, 3433 rrset); 3434 } 3435 /* if there is an empty nonterminal, wildcard and nxdomain don't 3436 * happen, it is a notype answer */ 3437 if(az_empty_nonterminal(z, qinfo, node)) { 3438 return az_generate_notype_answer(z, region, msg, node); 3439 } 3440 /* see if we have a wildcard under the ce */ 3441 if((wildcard=az_find_wildcard(z, qinfo, ce)) != NULL) { 3442 return az_generate_wildcard_answer(z, qinfo, region, msg, 3443 ce, wildcard, node); 3444 } 3445 /* generate nxdomain answer */ 3446 return az_generate_nxdomain_answer(z, region, msg, ce, node); 3447 } 3448 3449 /** Lookup answer in a zone. */ 3450 static int 3451 auth_zone_generate_answer(struct auth_zone* z, struct query_info* qinfo, 3452 struct regional* region, struct dns_msg** msg, int* fallback) 3453 { 3454 struct auth_data* node, *ce; 3455 struct auth_rrset* rrset; 3456 int node_exact, node_exists; 3457 /* does the zone want fallback in case of failure? */ 3458 *fallback = z->fallback_enabled; 3459 if(!(*msg=msg_create(region, qinfo))) return 0; 3460 3461 /* lookup if there is a matching domain name for the query */ 3462 az_find_domain(z, qinfo, &node_exact, &node); 3463 3464 /* see if node exists for generating answers from (i.e. not glue and 3465 * obscured by NS or DNAME or NSEC3-only), and also return the 3466 * closest-encloser from that, closest node that should be used 3467 * to generate answers from that is above the query */ 3468 node_exists = az_find_ce(z, qinfo, node, node_exact, &ce, &rrset); 3469 3470 if(verbosity >= VERB_ALGO) { 3471 char zname[256], qname[256], nname[256], cename[256], 3472 tpstr[32], rrstr[32]; 3473 sldns_wire2str_dname_buf(qinfo->qname, qinfo->qname_len, qname, 3474 sizeof(qname)); 3475 sldns_wire2str_type_buf(qinfo->qtype, tpstr, sizeof(tpstr)); 3476 sldns_wire2str_dname_buf(z->name, z->namelen, zname, 3477 sizeof(zname)); 3478 if(node) 3479 sldns_wire2str_dname_buf(node->name, node->namelen, 3480 nname, sizeof(nname)); 3481 else snprintf(nname, sizeof(nname), "NULL"); 3482 if(ce) 3483 sldns_wire2str_dname_buf(ce->name, ce->namelen, 3484 cename, sizeof(cename)); 3485 else snprintf(cename, sizeof(cename), "NULL"); 3486 if(rrset) sldns_wire2str_type_buf(rrset->type, rrstr, 3487 sizeof(rrstr)); 3488 else snprintf(rrstr, sizeof(rrstr), "NULL"); 3489 log_info("auth_zone %s query %s %s, domain %s %s %s, " 3490 "ce %s, rrset %s", zname, qname, tpstr, nname, 3491 (node_exact?"exact":"notexact"), 3492 (node_exists?"exist":"notexist"), cename, rrstr); 3493 } 3494 3495 if(node_exists) { 3496 /* the node is fine, generate answer from node */ 3497 return az_generate_answer_with_node(z, qinfo, region, *msg, 3498 node); 3499 } 3500 return az_generate_answer_nonexistnode(z, qinfo, region, *msg, 3501 ce, rrset, node); 3502 } 3503 3504 int auth_zones_lookup(struct auth_zones* az, struct query_info* qinfo, 3505 struct regional* region, struct dns_msg** msg, int* fallback, 3506 uint8_t* dp_nm, size_t dp_nmlen) 3507 { 3508 int r; 3509 struct auth_zone* z; 3510 /* find the zone that should contain the answer. */ 3511 lock_rw_rdlock(&az->lock); 3512 z = auth_zone_find(az, dp_nm, dp_nmlen, qinfo->qclass); 3513 if(!z) { 3514 lock_rw_unlock(&az->lock); 3515 /* no auth zone, fallback to internet */ 3516 *fallback = 1; 3517 return 0; 3518 } 3519 lock_rw_rdlock(&z->lock); 3520 lock_rw_unlock(&az->lock); 3521 3522 /* if not for upstream queries, fallback */ 3523 if(!z->for_upstream) { 3524 lock_rw_unlock(&z->lock); 3525 *fallback = 1; 3526 return 0; 3527 } 3528 if(z->zone_expired) { 3529 *fallback = z->fallback_enabled; 3530 lock_rw_unlock(&z->lock); 3531 return 0; 3532 } 3533 /* see what answer that zone would generate */ 3534 r = auth_zone_generate_answer(z, qinfo, region, msg, fallback); 3535 lock_rw_unlock(&z->lock); 3536 return r; 3537 } 3538 3539 /** encode auth answer */ 3540 static void 3541 auth_answer_encode(struct query_info* qinfo, struct module_env* env, 3542 struct edns_data* edns, struct comm_reply* repinfo, sldns_buffer* buf, 3543 struct regional* temp, struct dns_msg* msg) 3544 { 3545 uint16_t udpsize; 3546 udpsize = edns->udp_size; 3547 edns->edns_version = EDNS_ADVERTISED_VERSION; 3548 edns->udp_size = EDNS_ADVERTISED_SIZE; 3549 edns->ext_rcode = 0; 3550 edns->bits &= EDNS_DO; 3551 3552 if(!inplace_cb_reply_local_call(env, qinfo, NULL, msg->rep, 3553 (int)FLAGS_GET_RCODE(msg->rep->flags), edns, repinfo, temp, env->now_tv) 3554 || !reply_info_answer_encode(qinfo, msg->rep, 3555 *(uint16_t*)sldns_buffer_begin(buf), 3556 sldns_buffer_read_u16_at(buf, 2), 3557 buf, 0, 0, temp, udpsize, edns, 3558 (int)(edns->bits&EDNS_DO), 0)) { 3559 error_encode(buf, (LDNS_RCODE_SERVFAIL|BIT_AA), qinfo, 3560 *(uint16_t*)sldns_buffer_begin(buf), 3561 sldns_buffer_read_u16_at(buf, 2), edns); 3562 } 3563 } 3564 3565 /** encode auth error answer */ 3566 static void 3567 auth_error_encode(struct query_info* qinfo, struct module_env* env, 3568 struct edns_data* edns, struct comm_reply* repinfo, sldns_buffer* buf, 3569 struct regional* temp, int rcode) 3570 { 3571 edns->edns_version = EDNS_ADVERTISED_VERSION; 3572 edns->udp_size = EDNS_ADVERTISED_SIZE; 3573 edns->ext_rcode = 0; 3574 edns->bits &= EDNS_DO; 3575 3576 if(!inplace_cb_reply_local_call(env, qinfo, NULL, NULL, 3577 rcode, edns, repinfo, temp, env->now_tv)) 3578 edns->opt_list_inplace_cb_out = NULL; 3579 error_encode(buf, rcode|BIT_AA, qinfo, 3580 *(uint16_t*)sldns_buffer_begin(buf), 3581 sldns_buffer_read_u16_at(buf, 2), edns); 3582 } 3583 3584 int auth_zones_downstream_answer(struct auth_zones* az, struct module_env* env, 3585 struct query_info* qinfo, struct edns_data* edns, 3586 struct comm_reply* repinfo, struct sldns_buffer* buf, 3587 struct regional* temp) 3588 { 3589 struct dns_msg* msg = NULL; 3590 struct auth_zone* z; 3591 int r; 3592 int fallback = 0; 3593 /* Copy the qinfo in case of cname aliasing from local-zone */ 3594 struct query_info zqinfo = *qinfo; 3595 3596 lock_rw_rdlock(&az->lock); 3597 if(!az->have_downstream) { 3598 /* no downstream auth zones */ 3599 lock_rw_unlock(&az->lock); 3600 return 0; 3601 } 3602 3603 if(qinfo->qtype == LDNS_RR_TYPE_DS) { 3604 uint8_t* delname = qinfo->qname; 3605 size_t delnamelen = qinfo->qname_len; 3606 dname_remove_label(&delname, &delnamelen); 3607 z = auth_zones_find_zone(az, delname, delnamelen, 3608 qinfo->qclass); 3609 } else { 3610 if(zqinfo.local_alias && !local_alias_shallow_copy_qname( 3611 zqinfo.local_alias, &zqinfo.qname, 3612 &zqinfo.qname_len)) { 3613 lock_rw_unlock(&az->lock); 3614 return 0; 3615 } 3616 z = auth_zones_find_zone(az, zqinfo.qname, zqinfo.qname_len, 3617 zqinfo.qclass); 3618 } 3619 if(!z) { 3620 /* no zone above it */ 3621 lock_rw_unlock(&az->lock); 3622 return 0; 3623 } 3624 lock_rw_rdlock(&z->lock); 3625 lock_rw_unlock(&az->lock); 3626 if(!z->for_downstream) { 3627 lock_rw_unlock(&z->lock); 3628 return 0; 3629 } 3630 if(z->zone_expired) { 3631 if(z->fallback_enabled) { 3632 lock_rw_unlock(&z->lock); 3633 return 0; 3634 } 3635 lock_rw_unlock(&z->lock); 3636 env->mesh->num_query_authzone_down++; 3637 auth_error_encode(qinfo, env, edns, repinfo, buf, temp, 3638 LDNS_RCODE_SERVFAIL); 3639 return 1; 3640 } 3641 3642 /* answer it from zone z */ 3643 r = auth_zone_generate_answer(z, &zqinfo, temp, &msg, &fallback); 3644 lock_rw_unlock(&z->lock); 3645 if(!r && fallback) { 3646 /* fallback to regular answering (recursive) */ 3647 return 0; 3648 } 3649 env->mesh->num_query_authzone_down++; 3650 3651 /* encode answer */ 3652 if(!r) 3653 auth_error_encode(qinfo, env, edns, repinfo, buf, temp, 3654 LDNS_RCODE_SERVFAIL); 3655 else auth_answer_encode(qinfo, env, edns, repinfo, buf, temp, msg); 3656 3657 return 1; 3658 } 3659 3660 int auth_zones_can_fallback(struct auth_zones* az, uint8_t* nm, size_t nmlen, 3661 uint16_t dclass) 3662 { 3663 int r; 3664 struct auth_zone* z; 3665 lock_rw_rdlock(&az->lock); 3666 z = auth_zone_find(az, nm, nmlen, dclass); 3667 if(!z) { 3668 lock_rw_unlock(&az->lock); 3669 /* no such auth zone, fallback */ 3670 return 1; 3671 } 3672 lock_rw_rdlock(&z->lock); 3673 lock_rw_unlock(&az->lock); 3674 r = z->fallback_enabled || (!z->for_upstream); 3675 lock_rw_unlock(&z->lock); 3676 return r; 3677 } 3678 3679 int 3680 auth_zone_parse_notify_serial(sldns_buffer* pkt, uint32_t *serial) 3681 { 3682 struct query_info q; 3683 uint16_t rdlen; 3684 memset(&q, 0, sizeof(q)); 3685 sldns_buffer_set_position(pkt, 0); 3686 if(!query_info_parse(&q, pkt)) return 0; 3687 if(LDNS_ANCOUNT(sldns_buffer_begin(pkt)) == 0) return 0; 3688 /* skip name of RR in answer section */ 3689 if(sldns_buffer_remaining(pkt) < 1) return 0; 3690 if(pkt_dname_len(pkt) == 0) return 0; 3691 /* check type */ 3692 if(sldns_buffer_remaining(pkt) < 10 /* type,class,ttl,rdatalen*/) 3693 return 0; 3694 if(sldns_buffer_read_u16(pkt) != LDNS_RR_TYPE_SOA) return 0; 3695 sldns_buffer_skip(pkt, 2); /* class */ 3696 sldns_buffer_skip(pkt, 4); /* ttl */ 3697 rdlen = sldns_buffer_read_u16(pkt); /* rdatalen */ 3698 if(sldns_buffer_remaining(pkt) < rdlen) return 0; 3699 if(rdlen < 22) return 0; /* bad soa length */ 3700 sldns_buffer_skip(pkt, (ssize_t)(rdlen-20)); 3701 *serial = sldns_buffer_read_u32(pkt); 3702 /* return true when has serial in answer section */ 3703 return 1; 3704 } 3705 3706 /** print addr to str, and if not 53, append "@port_number", for logs. */ 3707 static void addr_port_to_str(struct sockaddr_storage* addr, socklen_t addrlen, 3708 char* buf, size_t len) 3709 { 3710 uint16_t port = 0; 3711 if(addr_is_ip6(addr, addrlen)) { 3712 struct sockaddr_in6* sa = (struct sockaddr_in6*)addr; 3713 port = ntohs((uint16_t)sa->sin6_port); 3714 } else { 3715 struct sockaddr_in* sa = (struct sockaddr_in*)addr; 3716 port = ntohs((uint16_t)sa->sin_port); 3717 } 3718 if(port == UNBOUND_DNS_PORT) { 3719 /* If it is port 53, print it plainly. */ 3720 addr_to_str(addr, addrlen, buf, len); 3721 } else { 3722 char a[256]; 3723 a[0]=0; 3724 addr_to_str(addr, addrlen, a, sizeof(a)); 3725 snprintf(buf, len, "%s@%d", a, (int)port); 3726 } 3727 } 3728 3729 /** see if addr appears in the list */ 3730 static int 3731 addr_in_list(struct auth_addr* list, struct sockaddr_storage* addr, 3732 socklen_t addrlen) 3733 { 3734 struct auth_addr* p; 3735 for(p=list; p; p=p->next) { 3736 if(sockaddr_cmp_addr(addr, addrlen, &p->addr, p->addrlen)==0) 3737 return 1; 3738 } 3739 return 0; 3740 } 3741 3742 /** check if an address matches a master specification (or one of its 3743 * addresses in the addr list) */ 3744 static int 3745 addr_matches_master(struct auth_master* master, struct sockaddr_storage* addr, 3746 socklen_t addrlen, struct auth_master** fromhost) 3747 { 3748 struct sockaddr_storage a; 3749 socklen_t alen = 0; 3750 int net = 0; 3751 if(addr_in_list(master->list, addr, addrlen)) { 3752 *fromhost = master; 3753 return 1; 3754 } 3755 /* compare address (but not port number, that is the destination 3756 * port of the master, the port number of the received notify is 3757 * allowed to by any port on that master) */ 3758 if(extstrtoaddr(master->host, &a, &alen, UNBOUND_DNS_PORT) && 3759 sockaddr_cmp_addr(addr, addrlen, &a, alen)==0) { 3760 *fromhost = master; 3761 return 1; 3762 } 3763 /* prefixes, addr/len, like 10.0.0.0/8 */ 3764 /* not http and has a / and there is one / */ 3765 if(master->allow_notify && !master->http && 3766 strchr(master->host, '/') != NULL && 3767 strchr(master->host, '/') == strrchr(master->host, '/') && 3768 netblockstrtoaddr(master->host, UNBOUND_DNS_PORT, &a, &alen, 3769 &net) && alen == addrlen) { 3770 if(addr_in_common(addr, (addr_is_ip6(addr, addrlen)?128:32), 3771 &a, net, alen) >= net) { 3772 *fromhost = NULL; /* prefix does not have destination 3773 to send the probe or transfer with */ 3774 return 1; /* matches the netblock */ 3775 } 3776 } 3777 return 0; 3778 } 3779 3780 /** check access list for notifies */ 3781 static int 3782 az_xfr_allowed_notify(struct auth_xfer* xfr, struct sockaddr_storage* addr, 3783 socklen_t addrlen, struct auth_master** fromhost) 3784 { 3785 struct auth_master* p; 3786 for(p=xfr->allow_notify_list; p; p=p->next) { 3787 if(addr_matches_master(p, addr, addrlen, fromhost)) { 3788 return 1; 3789 } 3790 } 3791 return 0; 3792 } 3793 3794 /** see if the serial means the zone has to be updated, i.e. the serial 3795 * is newer than the zone serial, or we have no zone */ 3796 static int 3797 xfr_serial_means_update(struct auth_xfer* xfr, uint32_t serial) 3798 { 3799 if(!xfr->have_zone) 3800 return 1; /* no zone, anything is better */ 3801 if(xfr->zone_expired) 3802 return 1; /* expired, the sent serial is better than expired 3803 data */ 3804 if(compare_serial(xfr->serial, serial) < 0) 3805 return 1; /* our serial is smaller than the sent serial, 3806 the data is newer, fetch it */ 3807 return 0; 3808 } 3809 3810 /** note notify serial, updates the notify information in the xfr struct */ 3811 static void 3812 xfr_note_notify_serial(struct auth_xfer* xfr, int has_serial, uint32_t serial) 3813 { 3814 if(xfr->notify_received && xfr->notify_has_serial && has_serial) { 3815 /* see if this serial is newer */ 3816 if(compare_serial(xfr->notify_serial, serial) < 0) 3817 xfr->notify_serial = serial; 3818 } else if(xfr->notify_received && xfr->notify_has_serial && 3819 !has_serial) { 3820 /* remove serial, we have notify without serial */ 3821 xfr->notify_has_serial = 0; 3822 xfr->notify_serial = 0; 3823 } else if(xfr->notify_received && !xfr->notify_has_serial) { 3824 /* we already have notify without serial, keep it 3825 * that way; no serial check when current operation 3826 * is done */ 3827 } else { 3828 xfr->notify_received = 1; 3829 xfr->notify_has_serial = has_serial; 3830 xfr->notify_serial = serial; 3831 } 3832 } 3833 3834 /** process a notify serial, start new probe or note serial. xfr is locked */ 3835 static void 3836 xfr_process_notify(struct auth_xfer* xfr, struct module_env* env, 3837 int has_serial, uint32_t serial, struct auth_master* fromhost) 3838 { 3839 /* if the serial of notify is older than we have, don't fetch 3840 * a zone, we already have it */ 3841 if(has_serial && !xfr_serial_means_update(xfr, serial)) { 3842 lock_basic_unlock(&xfr->lock); 3843 return; 3844 } 3845 /* start new probe with this addr src, or note serial */ 3846 if(!xfr_start_probe(xfr, env, fromhost)) { 3847 /* not started because already in progress, note the serial */ 3848 xfr_note_notify_serial(xfr, has_serial, serial); 3849 lock_basic_unlock(&xfr->lock); 3850 } 3851 /* successful end of start_probe unlocked xfr->lock */ 3852 } 3853 3854 int auth_zones_notify(struct auth_zones* az, struct module_env* env, 3855 uint8_t* nm, size_t nmlen, uint16_t dclass, 3856 struct sockaddr_storage* addr, socklen_t addrlen, int has_serial, 3857 uint32_t serial, int* refused) 3858 { 3859 struct auth_xfer* xfr; 3860 struct auth_master* fromhost = NULL; 3861 /* see which zone this is */ 3862 lock_rw_rdlock(&az->lock); 3863 xfr = auth_xfer_find(az, nm, nmlen, dclass); 3864 if(!xfr) { 3865 lock_rw_unlock(&az->lock); 3866 /* no such zone, refuse the notify */ 3867 *refused = 1; 3868 return 0; 3869 } 3870 lock_basic_lock(&xfr->lock); 3871 lock_rw_unlock(&az->lock); 3872 3873 /* check access list for notifies */ 3874 if(!az_xfr_allowed_notify(xfr, addr, addrlen, &fromhost)) { 3875 lock_basic_unlock(&xfr->lock); 3876 /* notify not allowed, refuse the notify */ 3877 *refused = 1; 3878 return 0; 3879 } 3880 3881 /* process the notify */ 3882 xfr_process_notify(xfr, env, has_serial, serial, fromhost); 3883 return 1; 3884 } 3885 3886 int auth_zones_startprobesequence(struct auth_zones* az, 3887 struct module_env* env, uint8_t* nm, size_t nmlen, uint16_t dclass) 3888 { 3889 struct auth_xfer* xfr; 3890 lock_rw_rdlock(&az->lock); 3891 xfr = auth_xfer_find(az, nm, nmlen, dclass); 3892 if(!xfr) { 3893 lock_rw_unlock(&az->lock); 3894 return 0; 3895 } 3896 lock_basic_lock(&xfr->lock); 3897 lock_rw_unlock(&az->lock); 3898 3899 xfr_process_notify(xfr, env, 0, 0, NULL); 3900 return 1; 3901 } 3902 3903 /** set a zone expired */ 3904 static void 3905 auth_xfer_set_expired(struct auth_xfer* xfr, struct module_env* env, 3906 int expired) 3907 { 3908 struct auth_zone* z; 3909 3910 /* expire xfr */ 3911 lock_basic_lock(&xfr->lock); 3912 xfr->zone_expired = expired; 3913 lock_basic_unlock(&xfr->lock); 3914 3915 /* find auth_zone */ 3916 lock_rw_rdlock(&env->auth_zones->lock); 3917 z = auth_zone_find(env->auth_zones, xfr->name, xfr->namelen, 3918 xfr->dclass); 3919 if(!z) { 3920 lock_rw_unlock(&env->auth_zones->lock); 3921 return; 3922 } 3923 lock_rw_wrlock(&z->lock); 3924 lock_rw_unlock(&env->auth_zones->lock); 3925 3926 /* expire auth_zone */ 3927 z->zone_expired = expired; 3928 lock_rw_unlock(&z->lock); 3929 } 3930 3931 /** find master (from notify or probe) in list of masters */ 3932 static struct auth_master* 3933 find_master_by_host(struct auth_master* list, char* host) 3934 { 3935 struct auth_master* p; 3936 for(p=list; p; p=p->next) { 3937 if(strcmp(p->host, host) == 0) 3938 return p; 3939 } 3940 return NULL; 3941 } 3942 3943 /** delete the looked up auth_addrs for all the masters in the list */ 3944 static void 3945 xfr_masterlist_free_addrs(struct auth_master* list) 3946 { 3947 struct auth_master* m; 3948 for(m=list; m; m=m->next) { 3949 if(m->list) { 3950 auth_free_master_addrs(m->list); 3951 m->list = NULL; 3952 } 3953 } 3954 } 3955 3956 /** copy a list of auth_addrs */ 3957 static struct auth_addr* 3958 auth_addr_list_copy(struct auth_addr* source) 3959 { 3960 struct auth_addr* list = NULL, *last = NULL; 3961 struct auth_addr* p; 3962 for(p=source; p; p=p->next) { 3963 struct auth_addr* a = (struct auth_addr*)memdup(p, sizeof(*p)); 3964 if(!a) { 3965 log_err("malloc failure"); 3966 auth_free_master_addrs(list); 3967 return NULL; 3968 } 3969 a->next = NULL; 3970 if(last) last->next = a; 3971 if(!list) list = a; 3972 last = a; 3973 } 3974 return list; 3975 } 3976 3977 /** copy a master to a new structure, NULL on alloc failure */ 3978 static struct auth_master* 3979 auth_master_copy(struct auth_master* o) 3980 { 3981 struct auth_master* m; 3982 if(!o) return NULL; 3983 m = (struct auth_master*)memdup(o, sizeof(*o)); 3984 if(!m) { 3985 log_err("malloc failure"); 3986 return NULL; 3987 } 3988 m->next = NULL; 3989 if(m->host) { 3990 m->host = strdup(m->host); 3991 if(!m->host) { 3992 free(m); 3993 log_err("malloc failure"); 3994 return NULL; 3995 } 3996 } 3997 if(m->file) { 3998 m->file = strdup(m->file); 3999 if(!m->file) { 4000 free(m->host); 4001 free(m); 4002 log_err("malloc failure"); 4003 return NULL; 4004 } 4005 } 4006 if(m->list) { 4007 m->list = auth_addr_list_copy(m->list); 4008 if(!m->list) { 4009 free(m->file); 4010 free(m->host); 4011 free(m); 4012 return NULL; 4013 } 4014 } 4015 return m; 4016 } 4017 4018 /** append the master to the copied list. */ 4019 static int 4020 auth_master_copy_and_append(struct auth_master* p, struct auth_master** list, 4021 struct auth_master** last) 4022 { 4023 struct auth_master* m = auth_master_copy(p); 4024 if(!m) { 4025 return 0; 4026 } 4027 m->next = NULL; 4028 if(*last) (*last)->next = m; 4029 if(!*list) *list = m; 4030 *last = m; 4031 return 1; 4032 } 4033 4034 /** copy the master addresses from the task_probe lookups to the allow_notify 4035 * list of masters */ 4036 static void 4037 probe_copy_masters_for_allow_notify(struct auth_xfer* xfr) 4038 { 4039 struct auth_master* list = NULL, *last = NULL; 4040 struct auth_master* p; 4041 /* build up new list with copies */ 4042 /* The list in task probe has been looked up before the list in 4043 * task transfer. */ 4044 for(p = xfr->task_probe->masters; p; p=p->next) { 4045 if(!auth_master_copy_and_append(p, &list, &last)) { 4046 auth_free_masters(list); 4047 /* failed because of malloc failure, use old list */ 4048 return; 4049 } 4050 } 4051 /* The list in task transfer also contains the http entries. */ 4052 for(p = xfr->task_transfer->masters; p; p=p->next) { 4053 /* Copy the http entries from this lookup. The allow_notify 4054 * entries are not looked up from this list. The other 4055 * ones are already in from the probe lookups. */ 4056 if(!p->http) 4057 continue; 4058 if(!auth_master_copy_and_append(p, &list, &last)) { 4059 auth_free_masters(list); 4060 /* failed because of malloc failure, use old list */ 4061 return; 4062 } 4063 } 4064 /* success, replace list */ 4065 auth_free_masters(xfr->allow_notify_list); 4066 xfr->allow_notify_list = list; 4067 } 4068 4069 /** start the lookups for task_transfer */ 4070 static void 4071 xfr_transfer_start_lookups(struct auth_xfer* xfr) 4072 { 4073 /* delete all the looked up addresses in the list */ 4074 xfr->task_transfer->scan_addr = NULL; 4075 xfr_masterlist_free_addrs(xfr->task_transfer->masters); 4076 4077 /* start lookup at the first master */ 4078 xfr->task_transfer->lookup_target = xfr->task_transfer->masters; 4079 xfr->task_transfer->lookup_aaaa = 0; 4080 } 4081 4082 /** move to the next lookup of hostname for task_transfer */ 4083 static void 4084 xfr_transfer_move_to_next_lookup(struct auth_xfer* xfr, struct module_env* env) 4085 { 4086 if(!xfr->task_transfer->lookup_target) 4087 return; /* already at end of list */ 4088 if(!xfr->task_transfer->lookup_aaaa && env->cfg->do_ip6) { 4089 /* move to lookup AAAA */ 4090 xfr->task_transfer->lookup_aaaa = 1; 4091 return; 4092 } 4093 xfr->task_transfer->lookup_target = 4094 xfr->task_transfer->lookup_target->next; 4095 xfr->task_transfer->lookup_aaaa = 0; 4096 if(!env->cfg->do_ip4 && xfr->task_transfer->lookup_target!=NULL) 4097 xfr->task_transfer->lookup_aaaa = 1; 4098 } 4099 4100 /** start the lookups for task_probe */ 4101 static void 4102 xfr_probe_start_lookups(struct auth_xfer* xfr) 4103 { 4104 /* delete all the looked up addresses in the list */ 4105 xfr->task_probe->scan_addr = NULL; 4106 xfr_masterlist_free_addrs(xfr->task_probe->masters); 4107 4108 /* start lookup at the first master */ 4109 xfr->task_probe->lookup_target = xfr->task_probe->masters; 4110 xfr->task_probe->lookup_aaaa = 0; 4111 } 4112 4113 /** move to the next lookup of hostname for task_probe */ 4114 static void 4115 xfr_probe_move_to_next_lookup(struct auth_xfer* xfr, struct module_env* env) 4116 { 4117 if(!xfr->task_probe->lookup_target) 4118 return; /* already at end of list */ 4119 if(!xfr->task_probe->lookup_aaaa && env->cfg->do_ip6) { 4120 /* move to lookup AAAA */ 4121 xfr->task_probe->lookup_aaaa = 1; 4122 return; 4123 } 4124 xfr->task_probe->lookup_target = xfr->task_probe->lookup_target->next; 4125 xfr->task_probe->lookup_aaaa = 0; 4126 if(!env->cfg->do_ip4 && xfr->task_probe->lookup_target!=NULL) 4127 xfr->task_probe->lookup_aaaa = 1; 4128 } 4129 4130 /** start the iteration of the task_transfer list of masters */ 4131 static void 4132 xfr_transfer_start_list(struct auth_xfer* xfr, struct auth_master* spec) 4133 { 4134 if(spec) { 4135 xfr->task_transfer->scan_specific = find_master_by_host( 4136 xfr->task_transfer->masters, spec->host); 4137 if(xfr->task_transfer->scan_specific) { 4138 xfr->task_transfer->scan_target = NULL; 4139 xfr->task_transfer->scan_addr = NULL; 4140 if(xfr->task_transfer->scan_specific->list) 4141 xfr->task_transfer->scan_addr = 4142 xfr->task_transfer->scan_specific->list; 4143 return; 4144 } 4145 } 4146 /* no specific (notified) host to scan */ 4147 xfr->task_transfer->scan_specific = NULL; 4148 xfr->task_transfer->scan_addr = NULL; 4149 /* pick up first scan target */ 4150 xfr->task_transfer->scan_target = xfr->task_transfer->masters; 4151 if(xfr->task_transfer->scan_target && xfr->task_transfer-> 4152 scan_target->list) 4153 xfr->task_transfer->scan_addr = 4154 xfr->task_transfer->scan_target->list; 4155 } 4156 4157 /** start the iteration of the task_probe list of masters */ 4158 static void 4159 xfr_probe_start_list(struct auth_xfer* xfr, struct auth_master* spec) 4160 { 4161 if(spec) { 4162 xfr->task_probe->scan_specific = find_master_by_host( 4163 xfr->task_probe->masters, spec->host); 4164 if(xfr->task_probe->scan_specific) { 4165 xfr->task_probe->scan_target = NULL; 4166 xfr->task_probe->scan_addr = NULL; 4167 if(xfr->task_probe->scan_specific->list) 4168 xfr->task_probe->scan_addr = 4169 xfr->task_probe->scan_specific->list; 4170 return; 4171 } 4172 } 4173 /* no specific (notified) host to scan */ 4174 xfr->task_probe->scan_specific = NULL; 4175 xfr->task_probe->scan_addr = NULL; 4176 /* pick up first scan target */ 4177 xfr->task_probe->scan_target = xfr->task_probe->masters; 4178 if(xfr->task_probe->scan_target && xfr->task_probe->scan_target->list) 4179 xfr->task_probe->scan_addr = 4180 xfr->task_probe->scan_target->list; 4181 } 4182 4183 /** pick up the master that is being scanned right now, task_transfer */ 4184 static struct auth_master* 4185 xfr_transfer_current_master(struct auth_xfer* xfr) 4186 { 4187 if(xfr->task_transfer->scan_specific) 4188 return xfr->task_transfer->scan_specific; 4189 return xfr->task_transfer->scan_target; 4190 } 4191 4192 /** pick up the master that is being scanned right now, task_probe */ 4193 static struct auth_master* 4194 xfr_probe_current_master(struct auth_xfer* xfr) 4195 { 4196 if(xfr->task_probe->scan_specific) 4197 return xfr->task_probe->scan_specific; 4198 return xfr->task_probe->scan_target; 4199 } 4200 4201 /** true if at end of list, task_transfer */ 4202 static int 4203 xfr_transfer_end_of_list(struct auth_xfer* xfr) 4204 { 4205 return !xfr->task_transfer->scan_specific && 4206 !xfr->task_transfer->scan_target; 4207 } 4208 4209 /** true if at end of list, task_probe */ 4210 static int 4211 xfr_probe_end_of_list(struct auth_xfer* xfr) 4212 { 4213 return !xfr->task_probe->scan_specific && !xfr->task_probe->scan_target; 4214 } 4215 4216 /** move to next master in list, task_transfer */ 4217 static void 4218 xfr_transfer_nextmaster(struct auth_xfer* xfr) 4219 { 4220 if(!xfr->task_transfer->scan_specific && 4221 !xfr->task_transfer->scan_target) 4222 return; 4223 if(xfr->task_transfer->scan_addr) { 4224 xfr->task_transfer->scan_addr = 4225 xfr->task_transfer->scan_addr->next; 4226 if(xfr->task_transfer->scan_addr) 4227 return; 4228 } 4229 if(xfr->task_transfer->scan_specific) { 4230 xfr->task_transfer->scan_specific = NULL; 4231 xfr->task_transfer->scan_target = xfr->task_transfer->masters; 4232 if(xfr->task_transfer->scan_target && xfr->task_transfer-> 4233 scan_target->list) 4234 xfr->task_transfer->scan_addr = 4235 xfr->task_transfer->scan_target->list; 4236 return; 4237 } 4238 if(!xfr->task_transfer->scan_target) 4239 return; 4240 xfr->task_transfer->scan_target = xfr->task_transfer->scan_target->next; 4241 if(xfr->task_transfer->scan_target && xfr->task_transfer-> 4242 scan_target->list) 4243 xfr->task_transfer->scan_addr = 4244 xfr->task_transfer->scan_target->list; 4245 return; 4246 } 4247 4248 /** move to next master in list, task_probe */ 4249 static void 4250 xfr_probe_nextmaster(struct auth_xfer* xfr) 4251 { 4252 if(!xfr->task_probe->scan_specific && !xfr->task_probe->scan_target) 4253 return; 4254 if(xfr->task_probe->scan_addr) { 4255 xfr->task_probe->scan_addr = xfr->task_probe->scan_addr->next; 4256 if(xfr->task_probe->scan_addr) 4257 return; 4258 } 4259 if(xfr->task_probe->scan_specific) { 4260 xfr->task_probe->scan_specific = NULL; 4261 xfr->task_probe->scan_target = xfr->task_probe->masters; 4262 if(xfr->task_probe->scan_target && xfr->task_probe-> 4263 scan_target->list) 4264 xfr->task_probe->scan_addr = 4265 xfr->task_probe->scan_target->list; 4266 return; 4267 } 4268 if(!xfr->task_probe->scan_target) 4269 return; 4270 xfr->task_probe->scan_target = xfr->task_probe->scan_target->next; 4271 if(xfr->task_probe->scan_target && xfr->task_probe-> 4272 scan_target->list) 4273 xfr->task_probe->scan_addr = 4274 xfr->task_probe->scan_target->list; 4275 return; 4276 } 4277 4278 /** create SOA probe packet for xfr */ 4279 static void 4280 xfr_create_soa_probe_packet(struct auth_xfer* xfr, sldns_buffer* buf, 4281 uint16_t id) 4282 { 4283 struct query_info qinfo; 4284 4285 memset(&qinfo, 0, sizeof(qinfo)); 4286 qinfo.qname = xfr->name; 4287 qinfo.qname_len = xfr->namelen; 4288 qinfo.qtype = LDNS_RR_TYPE_SOA; 4289 qinfo.qclass = xfr->dclass; 4290 qinfo_query_encode(buf, &qinfo); 4291 sldns_buffer_write_u16_at(buf, 0, id); 4292 } 4293 4294 /** create IXFR/AXFR packet for xfr */ 4295 static void 4296 xfr_create_ixfr_packet(struct auth_xfer* xfr, sldns_buffer* buf, uint16_t id, 4297 struct auth_master* master) 4298 { 4299 struct query_info qinfo; 4300 uint32_t serial; 4301 int have_zone; 4302 have_zone = xfr->have_zone; 4303 serial = xfr->serial; 4304 4305 memset(&qinfo, 0, sizeof(qinfo)); 4306 qinfo.qname = xfr->name; 4307 qinfo.qname_len = xfr->namelen; 4308 xfr->task_transfer->got_xfr_serial = 0; 4309 xfr->task_transfer->rr_scan_num = 0; 4310 xfr->task_transfer->incoming_xfr_serial = 0; 4311 xfr->task_transfer->on_ixfr_is_axfr = 0; 4312 xfr->task_transfer->on_ixfr = 1; 4313 qinfo.qtype = LDNS_RR_TYPE_IXFR; 4314 if(!have_zone || xfr->task_transfer->ixfr_fail || !master->ixfr) { 4315 qinfo.qtype = LDNS_RR_TYPE_AXFR; 4316 xfr->task_transfer->ixfr_fail = 0; 4317 xfr->task_transfer->on_ixfr = 0; 4318 } 4319 4320 qinfo.qclass = xfr->dclass; 4321 qinfo_query_encode(buf, &qinfo); 4322 sldns_buffer_write_u16_at(buf, 0, id); 4323 4324 /* append serial for IXFR */ 4325 if(qinfo.qtype == LDNS_RR_TYPE_IXFR) { 4326 size_t end = sldns_buffer_limit(buf); 4327 sldns_buffer_clear(buf); 4328 sldns_buffer_set_position(buf, end); 4329 /* auth section count 1 */ 4330 sldns_buffer_write_u16_at(buf, LDNS_NSCOUNT_OFF, 1); 4331 /* write SOA */ 4332 sldns_buffer_write_u8(buf, 0xC0); /* compressed ptr to qname */ 4333 sldns_buffer_write_u8(buf, 0x0C); 4334 sldns_buffer_write_u16(buf, LDNS_RR_TYPE_SOA); 4335 sldns_buffer_write_u16(buf, qinfo.qclass); 4336 sldns_buffer_write_u32(buf, 0); /* ttl */ 4337 sldns_buffer_write_u16(buf, 22); /* rdata length */ 4338 sldns_buffer_write_u8(buf, 0); /* . */ 4339 sldns_buffer_write_u8(buf, 0); /* . */ 4340 sldns_buffer_write_u32(buf, serial); /* serial */ 4341 sldns_buffer_write_u32(buf, 0); /* refresh */ 4342 sldns_buffer_write_u32(buf, 0); /* retry */ 4343 sldns_buffer_write_u32(buf, 0); /* expire */ 4344 sldns_buffer_write_u32(buf, 0); /* minimum */ 4345 sldns_buffer_flip(buf); 4346 } 4347 } 4348 4349 /** check if returned packet is OK */ 4350 static int 4351 check_packet_ok(sldns_buffer* pkt, uint16_t qtype, struct auth_xfer* xfr, 4352 uint32_t* serial) 4353 { 4354 /* parse to see if packet worked, valid reply */ 4355 4356 /* check serial number of SOA */ 4357 if(sldns_buffer_limit(pkt) < LDNS_HEADER_SIZE) 4358 return 0; 4359 4360 /* check ID */ 4361 if(LDNS_ID_WIRE(sldns_buffer_begin(pkt)) != xfr->task_probe->id) 4362 return 0; 4363 4364 /* check flag bits and rcode */ 4365 if(!LDNS_QR_WIRE(sldns_buffer_begin(pkt))) 4366 return 0; 4367 if(LDNS_OPCODE_WIRE(sldns_buffer_begin(pkt)) != LDNS_PACKET_QUERY) 4368 return 0; 4369 if(LDNS_RCODE_WIRE(sldns_buffer_begin(pkt)) != LDNS_RCODE_NOERROR) 4370 return 0; 4371 4372 /* check qname */ 4373 if(LDNS_QDCOUNT(sldns_buffer_begin(pkt)) != 1) 4374 return 0; 4375 sldns_buffer_skip(pkt, LDNS_HEADER_SIZE); 4376 if(sldns_buffer_remaining(pkt) < xfr->namelen) 4377 return 0; 4378 if(query_dname_compare(sldns_buffer_current(pkt), xfr->name) != 0) 4379 return 0; 4380 sldns_buffer_skip(pkt, (ssize_t)xfr->namelen); 4381 4382 /* check qtype, qclass */ 4383 if(sldns_buffer_remaining(pkt) < 4) 4384 return 0; 4385 if(sldns_buffer_read_u16(pkt) != qtype) 4386 return 0; 4387 if(sldns_buffer_read_u16(pkt) != xfr->dclass) 4388 return 0; 4389 4390 if(serial) { 4391 uint16_t rdlen; 4392 /* read serial number, from answer section SOA */ 4393 if(LDNS_ANCOUNT(sldns_buffer_begin(pkt)) == 0) 4394 return 0; 4395 /* read from first record SOA record */ 4396 if(sldns_buffer_remaining(pkt) < 1) 4397 return 0; 4398 if(dname_pkt_compare(pkt, sldns_buffer_current(pkt), 4399 xfr->name) != 0) 4400 return 0; 4401 if(!pkt_dname_len(pkt)) 4402 return 0; 4403 /* type, class, ttl, rdatalen */ 4404 if(sldns_buffer_remaining(pkt) < 4+4+2) 4405 return 0; 4406 if(sldns_buffer_read_u16(pkt) != qtype) 4407 return 0; 4408 if(sldns_buffer_read_u16(pkt) != xfr->dclass) 4409 return 0; 4410 sldns_buffer_skip(pkt, 4); /* ttl */ 4411 rdlen = sldns_buffer_read_u16(pkt); 4412 if(sldns_buffer_remaining(pkt) < rdlen) 4413 return 0; 4414 if(sldns_buffer_remaining(pkt) < 1) 4415 return 0; 4416 if(!pkt_dname_len(pkt)) /* soa name */ 4417 return 0; 4418 if(sldns_buffer_remaining(pkt) < 1) 4419 return 0; 4420 if(!pkt_dname_len(pkt)) /* soa name */ 4421 return 0; 4422 if(sldns_buffer_remaining(pkt) < 20) 4423 return 0; 4424 *serial = sldns_buffer_read_u32(pkt); 4425 } 4426 return 1; 4427 } 4428 4429 /** read one line from chunks into buffer at current position */ 4430 static int 4431 chunkline_get_line(struct auth_chunk** chunk, size_t* chunk_pos, 4432 sldns_buffer* buf) 4433 { 4434 int readsome = 0; 4435 while(*chunk) { 4436 /* more text in this chunk? */ 4437 if(*chunk_pos < (*chunk)->len) { 4438 readsome = 1; 4439 while(*chunk_pos < (*chunk)->len) { 4440 char c = (char)((*chunk)->data[*chunk_pos]); 4441 (*chunk_pos)++; 4442 if(sldns_buffer_remaining(buf) < 2) { 4443 /* buffer too short */ 4444 verbose(VERB_ALGO, "http chunkline, " 4445 "line too long"); 4446 return 0; 4447 } 4448 sldns_buffer_write_u8(buf, (uint8_t)c); 4449 if(c == '\n') { 4450 /* we are done */ 4451 return 1; 4452 } 4453 } 4454 } 4455 /* move to next chunk */ 4456 *chunk = (*chunk)->next; 4457 *chunk_pos = 0; 4458 } 4459 /* no more text */ 4460 if(readsome) return 1; 4461 return 0; 4462 } 4463 4464 /** count number of open and closed parenthesis in a chunkline */ 4465 static int 4466 chunkline_count_parens(sldns_buffer* buf, size_t start) 4467 { 4468 size_t end = sldns_buffer_position(buf); 4469 size_t i; 4470 int count = 0; 4471 int squote = 0, dquote = 0; 4472 for(i=start; i<end; i++) { 4473 char c = (char)sldns_buffer_read_u8_at(buf, i); 4474 if(squote && c != '\'') continue; 4475 if(dquote && c != '"') continue; 4476 if(c == '"') 4477 dquote = !dquote; /* skip quoted part */ 4478 else if(c == '\'') 4479 squote = !squote; /* skip quoted part */ 4480 else if(c == '(') 4481 count ++; 4482 else if(c == ')') 4483 count --; 4484 else if(c == ';') { 4485 /* rest is a comment */ 4486 return count; 4487 } 4488 } 4489 return count; 4490 } 4491 4492 /** remove trailing ;... comment from a line in the chunkline buffer */ 4493 static void 4494 chunkline_remove_trailcomment(sldns_buffer* buf, size_t start) 4495 { 4496 size_t end = sldns_buffer_position(buf); 4497 size_t i; 4498 int squote = 0, dquote = 0; 4499 for(i=start; i<end; i++) { 4500 char c = (char)sldns_buffer_read_u8_at(buf, i); 4501 if(squote && c != '\'') continue; 4502 if(dquote && c != '"') continue; 4503 if(c == '"') 4504 dquote = !dquote; /* skip quoted part */ 4505 else if(c == '\'') 4506 squote = !squote; /* skip quoted part */ 4507 else if(c == ';') { 4508 /* rest is a comment */ 4509 sldns_buffer_set_position(buf, i); 4510 return; 4511 } 4512 } 4513 /* nothing to remove */ 4514 } 4515 4516 /** see if a chunkline is a comment line (or empty line) */ 4517 static int 4518 chunkline_is_comment_line_or_empty(sldns_buffer* buf) 4519 { 4520 size_t i, end = sldns_buffer_limit(buf); 4521 for(i=0; i<end; i++) { 4522 char c = (char)sldns_buffer_read_u8_at(buf, i); 4523 if(c == ';') 4524 return 1; /* comment */ 4525 else if(c != ' ' && c != '\t' && c != '\r' && c != '\n') 4526 return 0; /* not a comment */ 4527 } 4528 return 1; /* empty */ 4529 } 4530 4531 /** find a line with ( ) collated */ 4532 static int 4533 chunkline_get_line_collated(struct auth_chunk** chunk, size_t* chunk_pos, 4534 sldns_buffer* buf) 4535 { 4536 size_t pos; 4537 int parens = 0; 4538 sldns_buffer_clear(buf); 4539 pos = sldns_buffer_position(buf); 4540 if(!chunkline_get_line(chunk, chunk_pos, buf)) { 4541 if(sldns_buffer_position(buf) < sldns_buffer_limit(buf)) 4542 sldns_buffer_write_u8_at(buf, sldns_buffer_position(buf), 0); 4543 else sldns_buffer_write_u8_at(buf, sldns_buffer_position(buf)-1, 0); 4544 sldns_buffer_flip(buf); 4545 return 0; 4546 } 4547 parens += chunkline_count_parens(buf, pos); 4548 while(parens > 0) { 4549 chunkline_remove_trailcomment(buf, pos); 4550 pos = sldns_buffer_position(buf); 4551 if(!chunkline_get_line(chunk, chunk_pos, buf)) { 4552 if(sldns_buffer_position(buf) < sldns_buffer_limit(buf)) 4553 sldns_buffer_write_u8_at(buf, sldns_buffer_position(buf), 0); 4554 else sldns_buffer_write_u8_at(buf, sldns_buffer_position(buf)-1, 0); 4555 sldns_buffer_flip(buf); 4556 return 0; 4557 } 4558 parens += chunkline_count_parens(buf, pos); 4559 } 4560 4561 if(sldns_buffer_remaining(buf) < 1) { 4562 verbose(VERB_ALGO, "http chunkline: " 4563 "line too long"); 4564 return 0; 4565 } 4566 sldns_buffer_write_u8_at(buf, sldns_buffer_position(buf), 0); 4567 sldns_buffer_flip(buf); 4568 return 1; 4569 } 4570 4571 /** process $ORIGIN for http, 0 nothing, 1 done, 2 error */ 4572 static int 4573 http_parse_origin(sldns_buffer* buf, struct sldns_file_parse_state* pstate) 4574 { 4575 char* line = (char*)sldns_buffer_begin(buf); 4576 if(strncmp(line, "$ORIGIN", 7) == 0 && 4577 isspace((unsigned char)line[7])) { 4578 int s; 4579 pstate->origin_len = sizeof(pstate->origin); 4580 s = sldns_str2wire_dname_buf(sldns_strip_ws(line+8), 4581 pstate->origin, &pstate->origin_len); 4582 if(s) { 4583 pstate->origin_len = 0; 4584 return 2; 4585 } 4586 return 1; 4587 } 4588 return 0; 4589 } 4590 4591 /** process $TTL for http, 0 nothing, 1 done, 2 error */ 4592 static int 4593 http_parse_ttl(sldns_buffer* buf, struct sldns_file_parse_state* pstate) 4594 { 4595 char* line = (char*)sldns_buffer_begin(buf); 4596 if(strncmp(line, "$TTL", 4) == 0 && 4597 isspace((unsigned char)line[4])) { 4598 const char* end = NULL; 4599 int overflow = 0; 4600 pstate->default_ttl = sldns_str2period( 4601 sldns_strip_ws(line+5), &end, &overflow); 4602 if(overflow) { 4603 return 2; 4604 } 4605 return 1; 4606 } 4607 return 0; 4608 } 4609 4610 /** remove newlines from collated line */ 4611 static void 4612 chunkline_newline_removal(sldns_buffer* buf) 4613 { 4614 size_t i, end=sldns_buffer_limit(buf); 4615 for(i=0; i<end; i++) { 4616 char c = (char)sldns_buffer_read_u8_at(buf, i); 4617 if(c == '\n' && i==end-1) { 4618 sldns_buffer_write_u8_at(buf, i, 0); 4619 sldns_buffer_set_limit(buf, end-1); 4620 return; 4621 } 4622 if(c == '\n') 4623 sldns_buffer_write_u8_at(buf, i, (uint8_t)' '); 4624 } 4625 } 4626 4627 /** find noncomment RR line in chunks, collates lines if ( ) format */ 4628 static int 4629 chunkline_non_comment_RR(struct auth_chunk** chunk, size_t* chunk_pos, 4630 sldns_buffer* buf, struct sldns_file_parse_state* pstate) 4631 { 4632 int ret; 4633 while(chunkline_get_line_collated(chunk, chunk_pos, buf)) { 4634 chunkline_newline_removal(buf); 4635 if(chunkline_is_comment_line_or_empty(buf)) { 4636 /* a comment, go to next line */ 4637 continue; 4638 } 4639 if((ret=http_parse_origin(buf, pstate))!=0) { 4640 if(ret == 2) 4641 return 0; 4642 continue; /* $ORIGIN has been handled */ 4643 } 4644 if((ret=http_parse_ttl(buf, pstate))!=0) { 4645 if(ret == 2) 4646 return 0; 4647 continue; /* $TTL has been handled */ 4648 } 4649 return 1; 4650 } 4651 /* no noncomments, fail */ 4652 return 0; 4653 } 4654 4655 /** check syntax of chunklist zonefile, parse first RR, return false on 4656 * failure and return a string in the scratch buffer (first RR string) 4657 * on failure. */ 4658 static int 4659 http_zonefile_syntax_check(struct auth_xfer* xfr, sldns_buffer* buf) 4660 { 4661 uint8_t rr[LDNS_RR_BUF_SIZE]; 4662 size_t rr_len, dname_len = 0; 4663 struct sldns_file_parse_state pstate; 4664 struct auth_chunk* chunk; 4665 size_t chunk_pos; 4666 int e; 4667 memset(&pstate, 0, sizeof(pstate)); 4668 pstate.default_ttl = 3600; 4669 if(xfr->namelen < sizeof(pstate.origin)) { 4670 pstate.origin_len = xfr->namelen; 4671 memmove(pstate.origin, xfr->name, xfr->namelen); 4672 } 4673 chunk = xfr->task_transfer->chunks_first; 4674 chunk_pos = 0; 4675 if(!chunkline_non_comment_RR(&chunk, &chunk_pos, buf, &pstate)) { 4676 return 0; 4677 } 4678 rr_len = sizeof(rr); 4679 e=sldns_str2wire_rr_buf((char*)sldns_buffer_begin(buf), rr, &rr_len, 4680 &dname_len, pstate.default_ttl, 4681 pstate.origin_len?pstate.origin:NULL, pstate.origin_len, 4682 pstate.prev_rr_len?pstate.prev_rr:NULL, pstate.prev_rr_len); 4683 if(e != 0) { 4684 log_err("parse failure on first RR[%d]: %s", 4685 LDNS_WIREPARSE_OFFSET(e), 4686 sldns_get_errorstr_parse(LDNS_WIREPARSE_ERROR(e))); 4687 return 0; 4688 } 4689 /* check that class is correct */ 4690 if(sldns_wirerr_get_class(rr, rr_len, dname_len) != xfr->dclass) { 4691 log_err("parse failure: first record in downloaded zonefile " 4692 "from wrong RR class"); 4693 return 0; 4694 } 4695 return 1; 4696 } 4697 4698 /** sum sizes of chunklist */ 4699 static size_t 4700 chunklist_sum(struct auth_chunk* list) 4701 { 4702 struct auth_chunk* p; 4703 size_t s = 0; 4704 for(p=list; p; p=p->next) { 4705 s += p->len; 4706 } 4707 return s; 4708 } 4709 4710 /** for http download, parse and add RR to zone */ 4711 static int 4712 http_parse_add_rr(struct auth_xfer* xfr, struct auth_zone* z, 4713 sldns_buffer* buf, struct sldns_file_parse_state* pstate) 4714 { 4715 uint8_t rr[LDNS_RR_BUF_SIZE]; 4716 size_t rr_len, dname_len = 0; 4717 int e; 4718 char* line = (char*)sldns_buffer_begin(buf); 4719 rr_len = sizeof(rr); 4720 e = sldns_str2wire_rr_buf(line, rr, &rr_len, &dname_len, 4721 pstate->default_ttl, 4722 pstate->origin_len?pstate->origin:NULL, pstate->origin_len, 4723 pstate->prev_rr_len?pstate->prev_rr:NULL, pstate->prev_rr_len); 4724 if(e != 0) { 4725 log_err("%s/%s parse failure RR[%d]: %s in '%s'", 4726 xfr->task_transfer->master->host, 4727 xfr->task_transfer->master->file, 4728 LDNS_WIREPARSE_OFFSET(e), 4729 sldns_get_errorstr_parse(LDNS_WIREPARSE_ERROR(e)), 4730 line); 4731 return 0; 4732 } 4733 if(rr_len == 0) 4734 return 1; /* empty line or so */ 4735 4736 /* set prev */ 4737 if(dname_len < sizeof(pstate->prev_rr)) { 4738 memmove(pstate->prev_rr, rr, dname_len); 4739 pstate->prev_rr_len = dname_len; 4740 } 4741 4742 return az_insert_rr(z, rr, rr_len, dname_len, NULL); 4743 } 4744 4745 /** RR list iterator, returns RRs from answer section one by one from the 4746 * dns packets in the chunklist */ 4747 static void 4748 chunk_rrlist_start(struct auth_xfer* xfr, struct auth_chunk** rr_chunk, 4749 int* rr_num, size_t* rr_pos) 4750 { 4751 *rr_chunk = xfr->task_transfer->chunks_first; 4752 *rr_num = 0; 4753 *rr_pos = 0; 4754 } 4755 4756 /** RR list iterator, see if we are at the end of the list */ 4757 static int 4758 chunk_rrlist_end(struct auth_chunk* rr_chunk, int rr_num) 4759 { 4760 while(rr_chunk) { 4761 if(rr_chunk->len < LDNS_HEADER_SIZE) 4762 return 1; 4763 if(rr_num < (int)LDNS_ANCOUNT(rr_chunk->data)) 4764 return 0; 4765 /* no more RRs in this chunk */ 4766 /* continue with next chunk, see if it has RRs */ 4767 rr_chunk = rr_chunk->next; 4768 rr_num = 0; 4769 } 4770 return 1; 4771 } 4772 4773 /** RR list iterator, move to next RR */ 4774 static void 4775 chunk_rrlist_gonext(struct auth_chunk** rr_chunk, int* rr_num, 4776 size_t* rr_pos, size_t rr_nextpos) 4777 { 4778 /* already at end of chunks? */ 4779 if(!*rr_chunk) 4780 return; 4781 /* move within this chunk */ 4782 if((*rr_chunk)->len >= LDNS_HEADER_SIZE && 4783 (*rr_num)+1 < (int)LDNS_ANCOUNT((*rr_chunk)->data)) { 4784 (*rr_num) += 1; 4785 *rr_pos = rr_nextpos; 4786 return; 4787 } 4788 /* no more RRs in this chunk */ 4789 /* continue with next chunk, see if it has RRs */ 4790 if(*rr_chunk) 4791 *rr_chunk = (*rr_chunk)->next; 4792 while(*rr_chunk) { 4793 *rr_num = 0; 4794 *rr_pos = 0; 4795 if((*rr_chunk)->len >= LDNS_HEADER_SIZE && 4796 LDNS_ANCOUNT((*rr_chunk)->data) > 0) { 4797 return; 4798 } 4799 *rr_chunk = (*rr_chunk)->next; 4800 } 4801 } 4802 4803 /** RR iterator, get current RR information, false on parse error */ 4804 static int 4805 chunk_rrlist_get_current(struct auth_chunk* rr_chunk, int rr_num, 4806 size_t rr_pos, uint8_t** rr_dname, uint16_t* rr_type, 4807 uint16_t* rr_class, uint32_t* rr_ttl, uint16_t* rr_rdlen, 4808 uint8_t** rr_rdata, size_t* rr_nextpos) 4809 { 4810 sldns_buffer pkt; 4811 /* integrity checks on position */ 4812 if(!rr_chunk) return 0; 4813 if(rr_chunk->len < LDNS_HEADER_SIZE) return 0; 4814 if(rr_num >= (int)LDNS_ANCOUNT(rr_chunk->data)) return 0; 4815 if(rr_pos >= rr_chunk->len) return 0; 4816 4817 /* fetch rr information */ 4818 sldns_buffer_init_frm_data(&pkt, rr_chunk->data, rr_chunk->len); 4819 if(rr_pos == 0) { 4820 size_t i; 4821 /* skip question section */ 4822 sldns_buffer_set_position(&pkt, LDNS_HEADER_SIZE); 4823 for(i=0; i<LDNS_QDCOUNT(rr_chunk->data); i++) { 4824 if(pkt_dname_len(&pkt) == 0) return 0; 4825 if(sldns_buffer_remaining(&pkt) < 4) return 0; 4826 sldns_buffer_skip(&pkt, 4); /* type and class */ 4827 } 4828 } else { 4829 sldns_buffer_set_position(&pkt, rr_pos); 4830 } 4831 *rr_dname = sldns_buffer_current(&pkt); 4832 if(pkt_dname_len(&pkt) == 0) return 0; 4833 if(sldns_buffer_remaining(&pkt) < 10) return 0; 4834 *rr_type = sldns_buffer_read_u16(&pkt); 4835 *rr_class = sldns_buffer_read_u16(&pkt); 4836 *rr_ttl = sldns_buffer_read_u32(&pkt); 4837 *rr_rdlen = sldns_buffer_read_u16(&pkt); 4838 if(sldns_buffer_remaining(&pkt) < (*rr_rdlen)) return 0; 4839 *rr_rdata = sldns_buffer_current(&pkt); 4840 sldns_buffer_skip(&pkt, (ssize_t)(*rr_rdlen)); 4841 *rr_nextpos = sldns_buffer_position(&pkt); 4842 return 1; 4843 } 4844 4845 /** print log message where we are in parsing the zone transfer */ 4846 static void 4847 log_rrlist_position(const char* label, struct auth_chunk* rr_chunk, 4848 uint8_t* rr_dname, uint16_t rr_type, size_t rr_counter) 4849 { 4850 sldns_buffer pkt; 4851 size_t dlen; 4852 uint8_t buf[LDNS_MAX_DOMAINLEN]; 4853 char str[LDNS_MAX_DOMAINLEN]; 4854 char typestr[32]; 4855 sldns_buffer_init_frm_data(&pkt, rr_chunk->data, rr_chunk->len); 4856 sldns_buffer_set_position(&pkt, (size_t)(rr_dname - 4857 sldns_buffer_begin(&pkt))); 4858 if((dlen=pkt_dname_len(&pkt)) == 0) return; 4859 if(dlen >= sizeof(buf)) return; 4860 dname_pkt_copy(&pkt, buf, rr_dname); 4861 dname_str(buf, str); 4862 (void)sldns_wire2str_type_buf(rr_type, typestr, sizeof(typestr)); 4863 verbose(VERB_ALGO, "%s at[%d] %s %s", label, (int)rr_counter, 4864 str, typestr); 4865 } 4866 4867 /** check that start serial is OK for ixfr. we are at rr_counter == 0, 4868 * and we are going to check rr_counter == 1 (has to be type SOA) serial */ 4869 static int 4870 ixfr_start_serial(struct auth_chunk* rr_chunk, int rr_num, size_t rr_pos, 4871 uint8_t* rr_dname, uint16_t rr_type, uint16_t rr_class, 4872 uint32_t rr_ttl, uint16_t rr_rdlen, uint8_t* rr_rdata, 4873 size_t rr_nextpos, uint32_t transfer_serial, uint32_t xfr_serial) 4874 { 4875 uint32_t startserial; 4876 /* move forward on RR */ 4877 chunk_rrlist_gonext(&rr_chunk, &rr_num, &rr_pos, rr_nextpos); 4878 if(chunk_rrlist_end(rr_chunk, rr_num)) { 4879 /* no second SOA */ 4880 verbose(VERB_OPS, "IXFR has no second SOA record"); 4881 return 0; 4882 } 4883 if(!chunk_rrlist_get_current(rr_chunk, rr_num, rr_pos, 4884 &rr_dname, &rr_type, &rr_class, &rr_ttl, &rr_rdlen, 4885 &rr_rdata, &rr_nextpos)) { 4886 verbose(VERB_OPS, "IXFR cannot parse second SOA record"); 4887 /* failed to parse RR */ 4888 return 0; 4889 } 4890 if(rr_type != LDNS_RR_TYPE_SOA) { 4891 verbose(VERB_OPS, "IXFR second record is not type SOA"); 4892 return 0; 4893 } 4894 if(rr_rdlen < 22) { 4895 verbose(VERB_OPS, "IXFR, second SOA has short rdlength"); 4896 return 0; /* bad SOA rdlen */ 4897 } 4898 startserial = sldns_read_uint32(rr_rdata+rr_rdlen-20); 4899 if(startserial == transfer_serial) { 4900 /* empty AXFR, not an IXFR */ 4901 verbose(VERB_OPS, "IXFR second serial same as first"); 4902 return 0; 4903 } 4904 if(startserial != xfr_serial) { 4905 /* wrong start serial, it does not match the serial in 4906 * memory */ 4907 verbose(VERB_OPS, "IXFR is from serial %u to %u but %u " 4908 "in memory, rejecting the zone transfer", 4909 (unsigned)startserial, (unsigned)transfer_serial, 4910 (unsigned)xfr_serial); 4911 return 0; 4912 } 4913 /* everything OK in second SOA serial */ 4914 return 1; 4915 } 4916 4917 /** apply IXFR to zone in memory. z is locked. false on failure(mallocfail) */ 4918 static int 4919 apply_ixfr(struct auth_xfer* xfr, struct auth_zone* z, 4920 struct sldns_buffer* scratch_buffer) 4921 { 4922 struct auth_chunk* rr_chunk; 4923 int rr_num; 4924 size_t rr_pos; 4925 uint8_t* rr_dname, *rr_rdata; 4926 uint16_t rr_type, rr_class, rr_rdlen; 4927 uint32_t rr_ttl; 4928 size_t rr_nextpos; 4929 int have_transfer_serial = 0; 4930 uint32_t transfer_serial = 0; 4931 size_t rr_counter = 0; 4932 int delmode = 0; 4933 int softfail = 0; 4934 4935 /* start RR iterator over chunklist of packets */ 4936 chunk_rrlist_start(xfr, &rr_chunk, &rr_num, &rr_pos); 4937 while(!chunk_rrlist_end(rr_chunk, rr_num)) { 4938 if(!chunk_rrlist_get_current(rr_chunk, rr_num, rr_pos, 4939 &rr_dname, &rr_type, &rr_class, &rr_ttl, &rr_rdlen, 4940 &rr_rdata, &rr_nextpos)) { 4941 /* failed to parse RR */ 4942 return 0; 4943 } 4944 if(verbosity>=7) log_rrlist_position("apply ixfr", 4945 rr_chunk, rr_dname, rr_type, rr_counter); 4946 /* twiddle add/del mode and check for start and end */ 4947 if(rr_counter == 0 && rr_type != LDNS_RR_TYPE_SOA) 4948 return 0; 4949 if(rr_counter == 1 && rr_type != LDNS_RR_TYPE_SOA) { 4950 /* this is an AXFR returned from the IXFR master */ 4951 /* but that should already have been detected, by 4952 * on_ixfr_is_axfr */ 4953 return 0; 4954 } 4955 if(rr_type == LDNS_RR_TYPE_SOA) { 4956 uint32_t serial; 4957 if(rr_rdlen < 22) return 0; /* bad SOA rdlen */ 4958 serial = sldns_read_uint32(rr_rdata+rr_rdlen-20); 4959 if(have_transfer_serial == 0) { 4960 have_transfer_serial = 1; 4961 transfer_serial = serial; 4962 delmode = 1; /* gets negated below */ 4963 /* check second RR before going any further */ 4964 if(!ixfr_start_serial(rr_chunk, rr_num, rr_pos, 4965 rr_dname, rr_type, rr_class, rr_ttl, 4966 rr_rdlen, rr_rdata, rr_nextpos, 4967 transfer_serial, xfr->serial)) { 4968 return 0; 4969 } 4970 } else if(transfer_serial == serial) { 4971 have_transfer_serial++; 4972 if(rr_counter == 1) { 4973 /* empty AXFR, with SOA; SOA; */ 4974 /* should have been detected by 4975 * on_ixfr_is_axfr */ 4976 return 0; 4977 } 4978 if(have_transfer_serial == 3) { 4979 /* see serial three times for end */ 4980 /* eg. IXFR: 4981 * SOA 3 start 4982 * SOA 1 second RR, followed by del 4983 * SOA 2 followed by add 4984 * SOA 2 followed by del 4985 * SOA 3 followed by add 4986 * SOA 3 end */ 4987 /* ended by SOA record */ 4988 xfr->serial = transfer_serial; 4989 break; 4990 } 4991 } 4992 /* twiddle add/del mode */ 4993 /* switch from delete part to add part and back again 4994 * just before the soa, it gets deleted and added too 4995 * this means we switch to delete mode for the final 4996 * SOA(so skip that one) */ 4997 delmode = !delmode; 4998 } 4999 /* process this RR */ 5000 /* if the RR is deleted twice or added twice, then we 5001 * softfail, and continue with the rest of the IXFR, so 5002 * that we serve something fairly nice during the refetch */ 5003 if(verbosity>=7) log_rrlist_position((delmode?"del":"add"), 5004 rr_chunk, rr_dname, rr_type, rr_counter); 5005 if(delmode) { 5006 /* delete this RR */ 5007 int nonexist = 0; 5008 if(!az_remove_rr_decompress(z, rr_chunk->data, 5009 rr_chunk->len, scratch_buffer, rr_dname, 5010 rr_type, rr_class, rr_ttl, rr_rdata, rr_rdlen, 5011 &nonexist)) { 5012 /* failed, malloc error or so */ 5013 return 0; 5014 } 5015 if(nonexist) { 5016 /* it was removal of a nonexisting RR */ 5017 if(verbosity>=4) log_rrlist_position( 5018 "IXFR error nonexistent RR", 5019 rr_chunk, rr_dname, rr_type, rr_counter); 5020 softfail = 1; 5021 } 5022 } else if(rr_counter != 0) { 5023 /* skip first SOA RR for addition, it is added in 5024 * the addition part near the end of the ixfr, when 5025 * that serial is seen the second time. */ 5026 int duplicate = 0; 5027 /* add this RR */ 5028 if(!az_insert_rr_decompress(z, rr_chunk->data, 5029 rr_chunk->len, scratch_buffer, rr_dname, 5030 rr_type, rr_class, rr_ttl, rr_rdata, rr_rdlen, 5031 &duplicate)) { 5032 /* failed, malloc error or so */ 5033 return 0; 5034 } 5035 if(duplicate) { 5036 /* it was a duplicate */ 5037 if(verbosity>=4) log_rrlist_position( 5038 "IXFR error duplicate RR", 5039 rr_chunk, rr_dname, rr_type, rr_counter); 5040 softfail = 1; 5041 } 5042 } 5043 5044 rr_counter++; 5045 chunk_rrlist_gonext(&rr_chunk, &rr_num, &rr_pos, rr_nextpos); 5046 } 5047 if(softfail) { 5048 verbose(VERB_ALGO, "IXFR did not apply cleanly, fetching full zone"); 5049 return 0; 5050 } 5051 return 1; 5052 } 5053 5054 /** apply AXFR to zone in memory. z is locked. false on failure(mallocfail) */ 5055 static int 5056 apply_axfr(struct auth_xfer* xfr, struct auth_zone* z, 5057 struct sldns_buffer* scratch_buffer) 5058 { 5059 struct auth_chunk* rr_chunk; 5060 int rr_num; 5061 size_t rr_pos; 5062 uint8_t* rr_dname, *rr_rdata; 5063 uint16_t rr_type, rr_class, rr_rdlen; 5064 uint32_t rr_ttl; 5065 uint32_t serial = 0; 5066 size_t rr_nextpos; 5067 size_t rr_counter = 0; 5068 int have_end_soa = 0; 5069 5070 /* clear the data tree */ 5071 traverse_postorder(&z->data, auth_data_del, NULL); 5072 rbtree_init(&z->data, &auth_data_cmp); 5073 /* clear the RPZ policies */ 5074 if(z->rpz) 5075 rpz_clear(z->rpz); 5076 5077 xfr->have_zone = 0; 5078 xfr->serial = 0; 5079 xfr->soa_zone_acquired = 0; 5080 5081 /* insert all RRs in to the zone */ 5082 /* insert the SOA only once, skip the last one */ 5083 /* start RR iterator over chunklist of packets */ 5084 chunk_rrlist_start(xfr, &rr_chunk, &rr_num, &rr_pos); 5085 while(!chunk_rrlist_end(rr_chunk, rr_num)) { 5086 if(!chunk_rrlist_get_current(rr_chunk, rr_num, rr_pos, 5087 &rr_dname, &rr_type, &rr_class, &rr_ttl, &rr_rdlen, 5088 &rr_rdata, &rr_nextpos)) { 5089 /* failed to parse RR */ 5090 return 0; 5091 } 5092 if(verbosity>=7) log_rrlist_position("apply_axfr", 5093 rr_chunk, rr_dname, rr_type, rr_counter); 5094 if(rr_type == LDNS_RR_TYPE_SOA) { 5095 if(rr_counter != 0) { 5096 /* end of the axfr */ 5097 have_end_soa = 1; 5098 break; 5099 } 5100 if(rr_rdlen < 22) return 0; /* bad SOA rdlen */ 5101 serial = sldns_read_uint32(rr_rdata+rr_rdlen-20); 5102 } 5103 5104 /* add this RR */ 5105 if(!az_insert_rr_decompress(z, rr_chunk->data, rr_chunk->len, 5106 scratch_buffer, rr_dname, rr_type, rr_class, rr_ttl, 5107 rr_rdata, rr_rdlen, NULL)) { 5108 /* failed, malloc error or so */ 5109 return 0; 5110 } 5111 5112 rr_counter++; 5113 chunk_rrlist_gonext(&rr_chunk, &rr_num, &rr_pos, rr_nextpos); 5114 } 5115 if(!have_end_soa) { 5116 log_err("no end SOA record for AXFR"); 5117 return 0; 5118 } 5119 5120 xfr->serial = serial; 5121 xfr->have_zone = 1; 5122 return 1; 5123 } 5124 5125 /** apply HTTP to zone in memory. z is locked. false on failure(mallocfail) */ 5126 static int 5127 apply_http(struct auth_xfer* xfr, struct auth_zone* z, 5128 struct sldns_buffer* scratch_buffer) 5129 { 5130 /* parse data in chunks */ 5131 /* parse RR's and read into memory. ignore $INCLUDE from the 5132 * downloaded file*/ 5133 struct sldns_file_parse_state pstate; 5134 struct auth_chunk* chunk; 5135 size_t chunk_pos; 5136 int ret; 5137 memset(&pstate, 0, sizeof(pstate)); 5138 pstate.default_ttl = 3600; 5139 if(xfr->namelen < sizeof(pstate.origin)) { 5140 pstate.origin_len = xfr->namelen; 5141 memmove(pstate.origin, xfr->name, xfr->namelen); 5142 } 5143 5144 if(verbosity >= VERB_ALGO) 5145 verbose(VERB_ALGO, "http download %s of size %d", 5146 xfr->task_transfer->master->file, 5147 (int)chunklist_sum(xfr->task_transfer->chunks_first)); 5148 if(xfr->task_transfer->chunks_first && verbosity >= VERB_ALGO) { 5149 char preview[1024]; 5150 if(xfr->task_transfer->chunks_first->len+1 > sizeof(preview)) { 5151 memmove(preview, xfr->task_transfer->chunks_first->data, 5152 sizeof(preview)-1); 5153 preview[sizeof(preview)-1]=0; 5154 } else { 5155 memmove(preview, xfr->task_transfer->chunks_first->data, 5156 xfr->task_transfer->chunks_first->len); 5157 preview[xfr->task_transfer->chunks_first->len]=0; 5158 } 5159 log_info("auth zone http downloaded content preview: %s", 5160 preview); 5161 } 5162 5163 /* perhaps a little syntax check before we try to apply the data? */ 5164 if(!http_zonefile_syntax_check(xfr, scratch_buffer)) { 5165 log_err("http download %s/%s does not contain a zonefile, " 5166 "but got '%s'", xfr->task_transfer->master->host, 5167 xfr->task_transfer->master->file, 5168 sldns_buffer_begin(scratch_buffer)); 5169 return 0; 5170 } 5171 5172 /* clear the data tree */ 5173 traverse_postorder(&z->data, auth_data_del, NULL); 5174 rbtree_init(&z->data, &auth_data_cmp); 5175 /* clear the RPZ policies */ 5176 if(z->rpz) 5177 rpz_clear(z->rpz); 5178 5179 xfr->have_zone = 0; 5180 xfr->serial = 0; 5181 xfr->soa_zone_acquired = 0; 5182 5183 chunk = xfr->task_transfer->chunks_first; 5184 chunk_pos = 0; 5185 pstate.lineno = 0; 5186 while(chunkline_get_line_collated(&chunk, &chunk_pos, scratch_buffer)) { 5187 /* process this line */ 5188 pstate.lineno++; 5189 chunkline_newline_removal(scratch_buffer); 5190 if(chunkline_is_comment_line_or_empty(scratch_buffer)) { 5191 continue; 5192 } 5193 /* parse line and add RR */ 5194 if((ret=http_parse_origin(scratch_buffer, &pstate))!=0) { 5195 if(ret == 2) { 5196 verbose(VERB_ALGO, "error parsing ORIGIN on line [%s:%d] %s", 5197 xfr->task_transfer->master->file, 5198 pstate.lineno, 5199 sldns_buffer_begin(scratch_buffer)); 5200 return 0; 5201 } 5202 continue; /* $ORIGIN has been handled */ 5203 } 5204 if((ret=http_parse_ttl(scratch_buffer, &pstate))!=0) { 5205 if(ret == 2) { 5206 verbose(VERB_ALGO, "error parsing TTL on line [%s:%d] %s", 5207 xfr->task_transfer->master->file, 5208 pstate.lineno, 5209 sldns_buffer_begin(scratch_buffer)); 5210 return 0; 5211 } 5212 continue; /* $TTL has been handled */ 5213 } 5214 if(!http_parse_add_rr(xfr, z, scratch_buffer, &pstate)) { 5215 verbose(VERB_ALGO, "error parsing line [%s:%d] %s", 5216 xfr->task_transfer->master->file, 5217 pstate.lineno, 5218 sldns_buffer_begin(scratch_buffer)); 5219 return 0; 5220 } 5221 } 5222 return 1; 5223 } 5224 5225 /** write http chunks to zonefile to create downloaded file */ 5226 static int 5227 auth_zone_write_chunks(struct auth_xfer* xfr, const char* fname) 5228 { 5229 FILE* out; 5230 struct auth_chunk* p; 5231 out = fopen(fname, "w"); 5232 if(!out) { 5233 log_err("could not open %s: %s", fname, strerror(errno)); 5234 return 0; 5235 } 5236 for(p = xfr->task_transfer->chunks_first; p ; p = p->next) { 5237 if(!write_out(out, (char*)p->data, p->len)) { 5238 log_err("could not write http download to %s", fname); 5239 fclose(out); 5240 return 0; 5241 } 5242 } 5243 fclose(out); 5244 return 1; 5245 } 5246 5247 /** write to zonefile after zone has been updated */ 5248 static void 5249 xfr_write_after_update(struct auth_xfer* xfr, struct module_env* env) 5250 { 5251 struct config_file* cfg = env->cfg; 5252 struct auth_zone* z; 5253 char tmpfile[1024]; 5254 char* zfilename; 5255 lock_basic_unlock(&xfr->lock); 5256 5257 /* get lock again, so it is a readlock and concurrently queries 5258 * can be answered */ 5259 lock_rw_rdlock(&env->auth_zones->lock); 5260 z = auth_zone_find(env->auth_zones, xfr->name, xfr->namelen, 5261 xfr->dclass); 5262 if(!z) { 5263 lock_rw_unlock(&env->auth_zones->lock); 5264 /* the zone is gone, ignore xfr results */ 5265 lock_basic_lock(&xfr->lock); 5266 return; 5267 } 5268 lock_rw_rdlock(&z->lock); 5269 lock_basic_lock(&xfr->lock); 5270 lock_rw_unlock(&env->auth_zones->lock); 5271 5272 if(z->zonefile == NULL || z->zonefile[0] == 0) { 5273 lock_rw_unlock(&z->lock); 5274 /* no write needed, no zonefile set */ 5275 return; 5276 } 5277 zfilename = z->zonefile; 5278 if(cfg->chrootdir && cfg->chrootdir[0] && strncmp(zfilename, 5279 cfg->chrootdir, strlen(cfg->chrootdir)) == 0) 5280 zfilename += strlen(cfg->chrootdir); 5281 if(verbosity >= VERB_ALGO) { 5282 char nm[LDNS_MAX_DOMAINLEN]; 5283 dname_str(z->name, nm); 5284 verbose(VERB_ALGO, "write zonefile %s for %s", zfilename, nm); 5285 } 5286 5287 /* write to tempfile first */ 5288 if((size_t)strlen(zfilename) + 16 > sizeof(tmpfile)) { 5289 verbose(VERB_ALGO, "tmpfilename too long, cannot update " 5290 " zonefile %s", zfilename); 5291 lock_rw_unlock(&z->lock); 5292 return; 5293 } 5294 snprintf(tmpfile, sizeof(tmpfile), "%s.tmp%u", zfilename, 5295 (unsigned)getpid()); 5296 if(xfr->task_transfer->master->http) { 5297 /* use the stored chunk list to write them */ 5298 if(!auth_zone_write_chunks(xfr, tmpfile)) { 5299 unlink(tmpfile); 5300 lock_rw_unlock(&z->lock); 5301 return; 5302 } 5303 } else if(!auth_zone_write_file(z, tmpfile)) { 5304 unlink(tmpfile); 5305 lock_rw_unlock(&z->lock); 5306 return; 5307 } 5308 #ifdef UB_ON_WINDOWS 5309 (void)unlink(zfilename); /* windows does not replace file with rename() */ 5310 #endif 5311 if(rename(tmpfile, zfilename) < 0) { 5312 log_err("could not rename(%s, %s): %s", tmpfile, zfilename, 5313 strerror(errno)); 5314 unlink(tmpfile); 5315 lock_rw_unlock(&z->lock); 5316 return; 5317 } 5318 lock_rw_unlock(&z->lock); 5319 } 5320 5321 /** reacquire locks and structures. Starts with no locks, ends 5322 * with xfr and z locks, if fail, no z lock */ 5323 static int xfr_process_reacquire_locks(struct auth_xfer* xfr, 5324 struct module_env* env, struct auth_zone** z) 5325 { 5326 /* release xfr lock, then, while holding az->lock grab both 5327 * z->lock and xfr->lock */ 5328 lock_rw_rdlock(&env->auth_zones->lock); 5329 *z = auth_zone_find(env->auth_zones, xfr->name, xfr->namelen, 5330 xfr->dclass); 5331 if(!*z) { 5332 lock_rw_unlock(&env->auth_zones->lock); 5333 lock_basic_lock(&xfr->lock); 5334 *z = NULL; 5335 return 0; 5336 } 5337 lock_rw_wrlock(&(*z)->lock); 5338 lock_basic_lock(&xfr->lock); 5339 lock_rw_unlock(&env->auth_zones->lock); 5340 return 1; 5341 } 5342 5343 /** process chunk list and update zone in memory, 5344 * return false if it did not work */ 5345 static int 5346 xfr_process_chunk_list(struct auth_xfer* xfr, struct module_env* env, 5347 int* ixfr_fail) 5348 { 5349 struct auth_zone* z; 5350 5351 /* obtain locks and structures */ 5352 lock_basic_unlock(&xfr->lock); 5353 if(!xfr_process_reacquire_locks(xfr, env, &z)) { 5354 /* the zone is gone, ignore xfr results */ 5355 return 0; 5356 } 5357 /* holding xfr and z locks */ 5358 5359 /* apply data */ 5360 if(xfr->task_transfer->master->http) { 5361 if(!apply_http(xfr, z, env->scratch_buffer)) { 5362 lock_rw_unlock(&z->lock); 5363 verbose(VERB_ALGO, "http from %s: could not store data", 5364 xfr->task_transfer->master->host); 5365 return 0; 5366 } 5367 } else if(xfr->task_transfer->on_ixfr && 5368 !xfr->task_transfer->on_ixfr_is_axfr) { 5369 if(!apply_ixfr(xfr, z, env->scratch_buffer)) { 5370 lock_rw_unlock(&z->lock); 5371 verbose(VERB_ALGO, "xfr from %s: could not store IXFR" 5372 " data", xfr->task_transfer->master->host); 5373 *ixfr_fail = 1; 5374 return 0; 5375 } 5376 } else { 5377 if(!apply_axfr(xfr, z, env->scratch_buffer)) { 5378 lock_rw_unlock(&z->lock); 5379 verbose(VERB_ALGO, "xfr from %s: could not store AXFR" 5380 " data", xfr->task_transfer->master->host); 5381 return 0; 5382 } 5383 } 5384 xfr->zone_expired = 0; 5385 z->zone_expired = 0; 5386 if(!xfr_find_soa(z, xfr)) { 5387 lock_rw_unlock(&z->lock); 5388 verbose(VERB_ALGO, "xfr from %s: no SOA in zone after update" 5389 " (or malformed RR)", xfr->task_transfer->master->host); 5390 return 0; 5391 } 5392 z->soa_zone_acquired = *env->now; 5393 xfr->soa_zone_acquired = *env->now; 5394 5395 /* release xfr lock while verifying zonemd because it may have 5396 * to spawn lookups in the state machines */ 5397 lock_basic_unlock(&xfr->lock); 5398 /* holding z lock */ 5399 auth_zone_verify_zonemd(z, env, &env->mesh->mods, NULL, 0, 0); 5400 if(z->zone_expired) { 5401 char zname[LDNS_MAX_DOMAINLEN]; 5402 /* ZONEMD must have failed */ 5403 /* reacquire locks, so we hold xfr lock on exit of routine, 5404 * and both xfr and z again after releasing xfr for potential 5405 * state machine mesh callbacks */ 5406 lock_rw_unlock(&z->lock); 5407 if(!xfr_process_reacquire_locks(xfr, env, &z)) 5408 return 0; 5409 dname_str(xfr->name, zname); 5410 verbose(VERB_ALGO, "xfr from %s: ZONEMD failed for %s, transfer is failed", xfr->task_transfer->master->host, zname); 5411 xfr->zone_expired = 1; 5412 lock_rw_unlock(&z->lock); 5413 return 0; 5414 } 5415 /* reacquire locks, so we hold xfr lock on exit of routine, 5416 * and both xfr and z again after releasing xfr for potential 5417 * state machine mesh callbacks */ 5418 lock_rw_unlock(&z->lock); 5419 if(!xfr_process_reacquire_locks(xfr, env, &z)) 5420 return 0; 5421 /* holding xfr and z locks */ 5422 5423 if(xfr->have_zone) 5424 xfr->lease_time = *env->now; 5425 5426 if(z->rpz) 5427 rpz_finish_config(z->rpz); 5428 5429 /* unlock */ 5430 lock_rw_unlock(&z->lock); 5431 5432 if(verbosity >= VERB_QUERY && xfr->have_zone) { 5433 char zname[LDNS_MAX_DOMAINLEN]; 5434 dname_str(xfr->name, zname); 5435 verbose(VERB_QUERY, "auth zone %s updated to serial %u", zname, 5436 (unsigned)xfr->serial); 5437 } 5438 /* see if we need to write to a zonefile */ 5439 xfr_write_after_update(xfr, env); 5440 return 1; 5441 } 5442 5443 /** disown task_transfer. caller must hold xfr.lock */ 5444 static void 5445 xfr_transfer_disown(struct auth_xfer* xfr) 5446 { 5447 /* remove timer (from this worker's event base) */ 5448 comm_timer_delete(xfr->task_transfer->timer); 5449 xfr->task_transfer->timer = NULL; 5450 /* remove the commpoint */ 5451 comm_point_delete(xfr->task_transfer->cp); 5452 xfr->task_transfer->cp = NULL; 5453 /* we don't own this item anymore */ 5454 xfr->task_transfer->worker = NULL; 5455 xfr->task_transfer->env = NULL; 5456 } 5457 5458 /** lookup a host name for its addresses, if needed */ 5459 static int 5460 xfr_transfer_lookup_host(struct auth_xfer* xfr, struct module_env* env) 5461 { 5462 struct sockaddr_storage addr; 5463 socklen_t addrlen = 0; 5464 struct auth_master* master = xfr->task_transfer->lookup_target; 5465 struct query_info qinfo; 5466 uint16_t qflags = BIT_RD; 5467 uint8_t dname[LDNS_MAX_DOMAINLEN+1]; 5468 struct edns_data edns; 5469 sldns_buffer* buf = env->scratch_buffer; 5470 if(!master) return 0; 5471 if(extstrtoaddr(master->host, &addr, &addrlen, UNBOUND_DNS_PORT)) { 5472 /* not needed, host is in IP addr format */ 5473 return 0; 5474 } 5475 if(master->allow_notify) 5476 return 0; /* allow-notifies are not transferred from, no 5477 lookup is needed */ 5478 5479 /* use mesh_new_callback to probe for non-addr hosts, 5480 * and then wait for them to be looked up (in cache, or query) */ 5481 qinfo.qname_len = sizeof(dname); 5482 if(sldns_str2wire_dname_buf(master->host, dname, &qinfo.qname_len) 5483 != 0) { 5484 log_err("cannot parse host name of master %s", master->host); 5485 return 0; 5486 } 5487 qinfo.qname = dname; 5488 qinfo.qclass = xfr->dclass; 5489 qinfo.qtype = LDNS_RR_TYPE_A; 5490 if(xfr->task_transfer->lookup_aaaa) 5491 qinfo.qtype = LDNS_RR_TYPE_AAAA; 5492 qinfo.local_alias = NULL; 5493 if(verbosity >= VERB_ALGO) { 5494 char buf1[512]; 5495 char buf2[LDNS_MAX_DOMAINLEN]; 5496 dname_str(xfr->name, buf2); 5497 snprintf(buf1, sizeof(buf1), "auth zone %s: master lookup" 5498 " for task_transfer", buf2); 5499 log_query_info(VERB_ALGO, buf1, &qinfo); 5500 } 5501 edns.edns_present = 1; 5502 edns.ext_rcode = 0; 5503 edns.edns_version = 0; 5504 edns.bits = EDNS_DO; 5505 edns.opt_list_in = NULL; 5506 edns.opt_list_out = NULL; 5507 edns.opt_list_inplace_cb_out = NULL; 5508 edns.padding_block_size = 0; 5509 edns.cookie_present = 0; 5510 edns.cookie_valid = 0; 5511 if(sldns_buffer_capacity(buf) < 65535) 5512 edns.udp_size = (uint16_t)sldns_buffer_capacity(buf); 5513 else edns.udp_size = 65535; 5514 5515 /* unlock xfr during mesh_new_callback() because the callback can be 5516 * called straight away */ 5517 lock_basic_unlock(&xfr->lock); 5518 if(!mesh_new_callback(env->mesh, &qinfo, qflags, &edns, buf, 0, 5519 &auth_xfer_transfer_lookup_callback, xfr, 0)) { 5520 lock_basic_lock(&xfr->lock); 5521 log_err("out of memory lookup up master %s", master->host); 5522 return 0; 5523 } 5524 lock_basic_lock(&xfr->lock); 5525 return 1; 5526 } 5527 5528 /** initiate TCP to the target and fetch zone. 5529 * returns true if that was successfully started, and timeout setup. */ 5530 static int 5531 xfr_transfer_init_fetch(struct auth_xfer* xfr, struct module_env* env) 5532 { 5533 struct sockaddr_storage addr; 5534 socklen_t addrlen = 0; 5535 struct auth_master* master = xfr->task_transfer->master; 5536 char *auth_name = NULL; 5537 struct timeval t; 5538 int timeout; 5539 if(!master) return 0; 5540 if(master->allow_notify) return 0; /* only for notify */ 5541 5542 /* get master addr */ 5543 if(xfr->task_transfer->scan_addr) { 5544 addrlen = xfr->task_transfer->scan_addr->addrlen; 5545 memmove(&addr, &xfr->task_transfer->scan_addr->addr, addrlen); 5546 } else { 5547 if(!authextstrtoaddr(master->host, &addr, &addrlen, &auth_name)) { 5548 /* the ones that are not in addr format are supposed 5549 * to be looked up. The lookup has failed however, 5550 * so skip them */ 5551 char zname[LDNS_MAX_DOMAINLEN]; 5552 dname_str(xfr->name, zname); 5553 log_err("%s: failed lookup, cannot transfer from master %s", 5554 zname, master->host); 5555 return 0; 5556 } 5557 } 5558 5559 /* remove previous TCP connection (if any) */ 5560 if(xfr->task_transfer->cp) { 5561 comm_point_delete(xfr->task_transfer->cp); 5562 xfr->task_transfer->cp = NULL; 5563 } 5564 if(!xfr->task_transfer->timer) { 5565 xfr->task_transfer->timer = comm_timer_create(env->worker_base, 5566 auth_xfer_transfer_timer_callback, xfr); 5567 if(!xfr->task_transfer->timer) { 5568 log_err("malloc failure"); 5569 return 0; 5570 } 5571 } 5572 timeout = AUTH_TRANSFER_TIMEOUT; 5573 #ifndef S_SPLINT_S 5574 t.tv_sec = timeout/1000; 5575 t.tv_usec = (timeout%1000)*1000; 5576 #endif 5577 5578 if(master->http) { 5579 /* perform http fetch */ 5580 /* store http port number into sockaddr, 5581 * unless someone used unbound's host@port notation */ 5582 xfr->task_transfer->on_ixfr = 0; 5583 if(strchr(master->host, '@') == NULL) 5584 sockaddr_store_port(&addr, addrlen, master->port); 5585 xfr->task_transfer->cp = outnet_comm_point_for_http( 5586 env->outnet, auth_xfer_transfer_http_callback, xfr, 5587 &addr, addrlen, -1, master->ssl, master->host, 5588 master->file, env->cfg); 5589 if(!xfr->task_transfer->cp) { 5590 char zname[LDNS_MAX_DOMAINLEN], as[256]; 5591 dname_str(xfr->name, zname); 5592 addr_port_to_str(&addr, addrlen, as, sizeof(as)); 5593 verbose(VERB_ALGO, "cannot create http cp " 5594 "connection for %s to %s", zname, as); 5595 return 0; 5596 } 5597 comm_timer_set(xfr->task_transfer->timer, &t); 5598 if(verbosity >= VERB_ALGO) { 5599 char zname[LDNS_MAX_DOMAINLEN], as[256]; 5600 dname_str(xfr->name, zname); 5601 addr_port_to_str(&addr, addrlen, as, sizeof(as)); 5602 verbose(VERB_ALGO, "auth zone %s transfer next HTTP fetch from %s started", zname, as); 5603 } 5604 /* Create or refresh the list of allow_notify addrs */ 5605 probe_copy_masters_for_allow_notify(xfr); 5606 return 1; 5607 } 5608 5609 /* perform AXFR/IXFR */ 5610 /* set the packet to be written */ 5611 /* create new ID */ 5612 xfr->task_transfer->id = GET_RANDOM_ID(env->rnd); 5613 xfr_create_ixfr_packet(xfr, env->scratch_buffer, 5614 xfr->task_transfer->id, master); 5615 5616 /* connect on fd */ 5617 xfr->task_transfer->cp = outnet_comm_point_for_tcp(env->outnet, 5618 auth_xfer_transfer_tcp_callback, xfr, &addr, addrlen, 5619 env->scratch_buffer, -1, 5620 auth_name != NULL, auth_name); 5621 if(!xfr->task_transfer->cp) { 5622 char zname[LDNS_MAX_DOMAINLEN], as[256]; 5623 dname_str(xfr->name, zname); 5624 addr_port_to_str(&addr, addrlen, as, sizeof(as)); 5625 verbose(VERB_ALGO, "cannot create tcp cp connection for " 5626 "xfr %s to %s", zname, as); 5627 return 0; 5628 } 5629 comm_timer_set(xfr->task_transfer->timer, &t); 5630 if(verbosity >= VERB_ALGO) { 5631 char zname[LDNS_MAX_DOMAINLEN], as[256]; 5632 dname_str(xfr->name, zname); 5633 addr_port_to_str(&addr, addrlen, as, sizeof(as)); 5634 verbose(VERB_ALGO, "auth zone %s transfer next %s fetch from %s started", zname, 5635 (xfr->task_transfer->on_ixfr?"IXFR":"AXFR"), as); 5636 } 5637 return 1; 5638 } 5639 5640 /** perform next lookup, next transfer TCP, or end and resume wait time task */ 5641 static void 5642 xfr_transfer_nexttarget_or_end(struct auth_xfer* xfr, struct module_env* env) 5643 { 5644 log_assert(xfr->task_transfer->worker == env->worker); 5645 5646 /* are we performing lookups? */ 5647 while(xfr->task_transfer->lookup_target) { 5648 if(xfr_transfer_lookup_host(xfr, env)) { 5649 /* wait for lookup to finish, 5650 * note that the hostname may be in unbound's cache 5651 * and we may then get an instant cache response, 5652 * and that calls the callback just like a full 5653 * lookup and lookup failures also call callback */ 5654 if(verbosity >= VERB_ALGO) { 5655 char zname[LDNS_MAX_DOMAINLEN]; 5656 dname_str(xfr->name, zname); 5657 verbose(VERB_ALGO, "auth zone %s transfer next target lookup", zname); 5658 } 5659 lock_basic_unlock(&xfr->lock); 5660 return; 5661 } 5662 xfr_transfer_move_to_next_lookup(xfr, env); 5663 } 5664 5665 /* initiate TCP and fetch the zone from the master */ 5666 /* and set timeout on it */ 5667 while(!xfr_transfer_end_of_list(xfr)) { 5668 xfr->task_transfer->master = xfr_transfer_current_master(xfr); 5669 if(xfr_transfer_init_fetch(xfr, env)) { 5670 /* successfully started, wait for callback */ 5671 lock_basic_unlock(&xfr->lock); 5672 return; 5673 } 5674 /* failed to fetch, next master */ 5675 xfr_transfer_nextmaster(xfr); 5676 } 5677 if(verbosity >= VERB_ALGO) { 5678 char zname[LDNS_MAX_DOMAINLEN]; 5679 dname_str(xfr->name, zname); 5680 verbose(VERB_ALGO, "auth zone %s transfer failed, wait", zname); 5681 } 5682 5683 /* we failed to fetch the zone, move to wait task 5684 * use the shorter retry timeout */ 5685 xfr_transfer_disown(xfr); 5686 5687 /* pick up the nextprobe task and wait */ 5688 if(xfr->task_nextprobe->worker == NULL) 5689 xfr_set_timeout(xfr, env, 1, 0); 5690 lock_basic_unlock(&xfr->lock); 5691 } 5692 5693 /** add addrs from A or AAAA rrset to the master */ 5694 static void 5695 xfr_master_add_addrs(struct auth_master* m, struct ub_packed_rrset_key* rrset, 5696 uint16_t rrtype) 5697 { 5698 size_t i; 5699 struct packed_rrset_data* data; 5700 if(!m || !rrset) return; 5701 if(rrtype != LDNS_RR_TYPE_A && rrtype != LDNS_RR_TYPE_AAAA) 5702 return; 5703 data = (struct packed_rrset_data*)rrset->entry.data; 5704 for(i=0; i<data->count; i++) { 5705 struct auth_addr* a; 5706 size_t len = data->rr_len[i] - 2; 5707 uint8_t* rdata = data->rr_data[i]+2; 5708 if(rrtype == LDNS_RR_TYPE_A && len != INET_SIZE) 5709 continue; /* wrong length for A */ 5710 if(rrtype == LDNS_RR_TYPE_AAAA && len != INET6_SIZE) 5711 continue; /* wrong length for AAAA */ 5712 5713 /* add and alloc it */ 5714 a = (struct auth_addr*)calloc(1, sizeof(*a)); 5715 if(!a) { 5716 log_err("out of memory"); 5717 return; 5718 } 5719 if(rrtype == LDNS_RR_TYPE_A) { 5720 struct sockaddr_in* sa; 5721 a->addrlen = (socklen_t)sizeof(*sa); 5722 sa = (struct sockaddr_in*)&a->addr; 5723 sa->sin_family = AF_INET; 5724 sa->sin_port = (in_port_t)htons(UNBOUND_DNS_PORT); 5725 memmove(&sa->sin_addr, rdata, INET_SIZE); 5726 } else { 5727 struct sockaddr_in6* sa; 5728 a->addrlen = (socklen_t)sizeof(*sa); 5729 sa = (struct sockaddr_in6*)&a->addr; 5730 sa->sin6_family = AF_INET6; 5731 sa->sin6_port = (in_port_t)htons(UNBOUND_DNS_PORT); 5732 memmove(&sa->sin6_addr, rdata, INET6_SIZE); 5733 } 5734 if(verbosity >= VERB_ALGO) { 5735 char s[64]; 5736 addr_port_to_str(&a->addr, a->addrlen, s, sizeof(s)); 5737 verbose(VERB_ALGO, "auth host %s lookup %s", 5738 m->host, s); 5739 } 5740 /* append to list */ 5741 a->next = m->list; 5742 m->list = a; 5743 } 5744 } 5745 5746 /** callback for task_transfer lookup of host name, of A or AAAA */ 5747 void auth_xfer_transfer_lookup_callback(void* arg, int rcode, sldns_buffer* buf, 5748 enum sec_status ATTR_UNUSED(sec), char* ATTR_UNUSED(why_bogus), 5749 int ATTR_UNUSED(was_ratelimited)) 5750 { 5751 struct auth_xfer* xfr = (struct auth_xfer*)arg; 5752 struct module_env* env; 5753 log_assert(xfr->task_transfer); 5754 lock_basic_lock(&xfr->lock); 5755 env = xfr->task_transfer->env; 5756 if(!env || env->outnet->want_to_quit) { 5757 lock_basic_unlock(&xfr->lock); 5758 return; /* stop on quit */ 5759 } 5760 5761 /* process result */ 5762 if(rcode == LDNS_RCODE_NOERROR) { 5763 uint16_t wanted_qtype = LDNS_RR_TYPE_A; 5764 struct regional* temp = env->scratch; 5765 struct query_info rq; 5766 struct reply_info* rep; 5767 if(xfr->task_transfer->lookup_aaaa) 5768 wanted_qtype = LDNS_RR_TYPE_AAAA; 5769 memset(&rq, 0, sizeof(rq)); 5770 rep = parse_reply_in_temp_region(buf, temp, &rq); 5771 if(rep && rq.qtype == wanted_qtype && 5772 FLAGS_GET_RCODE(rep->flags) == LDNS_RCODE_NOERROR) { 5773 /* parsed successfully */ 5774 struct ub_packed_rrset_key* answer = 5775 reply_find_answer_rrset(&rq, rep); 5776 if(answer) { 5777 xfr_master_add_addrs(xfr->task_transfer-> 5778 lookup_target, answer, wanted_qtype); 5779 } else { 5780 if(verbosity >= VERB_ALGO) { 5781 char zname[LDNS_MAX_DOMAINLEN]; 5782 dname_str(xfr->name, zname); 5783 verbose(VERB_ALGO, "auth zone %s host %s type %s transfer lookup has nodata", zname, xfr->task_transfer->lookup_target->host, (xfr->task_transfer->lookup_aaaa?"AAAA":"A")); 5784 } 5785 } 5786 } else { 5787 if(verbosity >= VERB_ALGO) { 5788 char zname[LDNS_MAX_DOMAINLEN]; 5789 dname_str(xfr->name, zname); 5790 verbose(VERB_ALGO, "auth zone %s host %s type %s transfer lookup has no answer", zname, xfr->task_transfer->lookup_target->host, (xfr->task_transfer->lookup_aaaa?"AAAA":"A")); 5791 } 5792 } 5793 regional_free_all(temp); 5794 } else { 5795 if(verbosity >= VERB_ALGO) { 5796 char zname[LDNS_MAX_DOMAINLEN]; 5797 dname_str(xfr->name, zname); 5798 verbose(VERB_ALGO, "auth zone %s host %s type %s transfer lookup failed", zname, xfr->task_transfer->lookup_target->host, (xfr->task_transfer->lookup_aaaa?"AAAA":"A")); 5799 } 5800 } 5801 if(xfr->task_transfer->lookup_target->list && 5802 xfr->task_transfer->lookup_target == xfr_transfer_current_master(xfr)) 5803 xfr->task_transfer->scan_addr = xfr->task_transfer->lookup_target->list; 5804 5805 /* move to lookup AAAA after A lookup, move to next hostname lookup, 5806 * or move to fetch the zone, or, if nothing to do, end task_transfer */ 5807 xfr_transfer_move_to_next_lookup(xfr, env); 5808 xfr_transfer_nexttarget_or_end(xfr, env); 5809 } 5810 5811 /** check if xfer (AXFR or IXFR) packet is OK. 5812 * return false if we lost connection (SERVFAIL, or unreadable). 5813 * return false if we need to move from IXFR to AXFR, with gonextonfail 5814 * set to false, so the same master is tried again, but with AXFR. 5815 * return true if fine to link into data. 5816 * return true with transferdone=true when the transfer has ended. 5817 */ 5818 static int 5819 check_xfer_packet(sldns_buffer* pkt, struct auth_xfer* xfr, 5820 int* gonextonfail, int* transferdone) 5821 { 5822 uint8_t* wire = sldns_buffer_begin(pkt); 5823 int i; 5824 if(sldns_buffer_limit(pkt) < LDNS_HEADER_SIZE) { 5825 verbose(VERB_ALGO, "xfr to %s failed, packet too small", 5826 xfr->task_transfer->master->host); 5827 return 0; 5828 } 5829 if(!LDNS_QR_WIRE(wire)) { 5830 verbose(VERB_ALGO, "xfr to %s failed, packet has no QR flag", 5831 xfr->task_transfer->master->host); 5832 return 0; 5833 } 5834 if(LDNS_TC_WIRE(wire)) { 5835 verbose(VERB_ALGO, "xfr to %s failed, packet has TC flag", 5836 xfr->task_transfer->master->host); 5837 return 0; 5838 } 5839 /* check ID */ 5840 if(LDNS_ID_WIRE(wire) != xfr->task_transfer->id) { 5841 verbose(VERB_ALGO, "xfr to %s failed, packet wrong ID", 5842 xfr->task_transfer->master->host); 5843 return 0; 5844 } 5845 if(LDNS_RCODE_WIRE(wire) != LDNS_RCODE_NOERROR) { 5846 char rcode[32]; 5847 sldns_wire2str_rcode_buf((int)LDNS_RCODE_WIRE(wire), rcode, 5848 sizeof(rcode)); 5849 /* if we are doing IXFR, check for fallback */ 5850 if(xfr->task_transfer->on_ixfr) { 5851 if(LDNS_RCODE_WIRE(wire) == LDNS_RCODE_NOTIMPL || 5852 LDNS_RCODE_WIRE(wire) == LDNS_RCODE_SERVFAIL || 5853 LDNS_RCODE_WIRE(wire) == LDNS_RCODE_REFUSED || 5854 LDNS_RCODE_WIRE(wire) == LDNS_RCODE_FORMERR) { 5855 verbose(VERB_ALGO, "xfr to %s, fallback " 5856 "from IXFR to AXFR (with rcode %s)", 5857 xfr->task_transfer->master->host, 5858 rcode); 5859 xfr->task_transfer->ixfr_fail = 1; 5860 *gonextonfail = 0; 5861 return 0; 5862 } 5863 } 5864 verbose(VERB_ALGO, "xfr to %s failed, packet with rcode %s", 5865 xfr->task_transfer->master->host, rcode); 5866 return 0; 5867 } 5868 if(LDNS_OPCODE_WIRE(wire) != LDNS_PACKET_QUERY) { 5869 verbose(VERB_ALGO, "xfr to %s failed, packet with bad opcode", 5870 xfr->task_transfer->master->host); 5871 return 0; 5872 } 5873 if(LDNS_QDCOUNT(wire) > 1) { 5874 verbose(VERB_ALGO, "xfr to %s failed, packet has qdcount %d", 5875 xfr->task_transfer->master->host, 5876 (int)LDNS_QDCOUNT(wire)); 5877 return 0; 5878 } 5879 5880 /* check qname */ 5881 sldns_buffer_set_position(pkt, LDNS_HEADER_SIZE); 5882 for(i=0; i<(int)LDNS_QDCOUNT(wire); i++) { 5883 size_t pos = sldns_buffer_position(pkt); 5884 uint16_t qtype, qclass; 5885 if(pkt_dname_len(pkt) == 0) { 5886 verbose(VERB_ALGO, "xfr to %s failed, packet with " 5887 "malformed dname", 5888 xfr->task_transfer->master->host); 5889 return 0; 5890 } 5891 if(dname_pkt_compare(pkt, sldns_buffer_at(pkt, pos), 5892 xfr->name) != 0) { 5893 verbose(VERB_ALGO, "xfr to %s failed, packet with " 5894 "wrong qname", 5895 xfr->task_transfer->master->host); 5896 return 0; 5897 } 5898 if(sldns_buffer_remaining(pkt) < 4) { 5899 verbose(VERB_ALGO, "xfr to %s failed, packet with " 5900 "truncated query RR", 5901 xfr->task_transfer->master->host); 5902 return 0; 5903 } 5904 qtype = sldns_buffer_read_u16(pkt); 5905 qclass = sldns_buffer_read_u16(pkt); 5906 if(qclass != xfr->dclass) { 5907 verbose(VERB_ALGO, "xfr to %s failed, packet with " 5908 "wrong qclass", 5909 xfr->task_transfer->master->host); 5910 return 0; 5911 } 5912 if(xfr->task_transfer->on_ixfr) { 5913 if(qtype != LDNS_RR_TYPE_IXFR) { 5914 verbose(VERB_ALGO, "xfr to %s failed, packet " 5915 "with wrong qtype, expected IXFR", 5916 xfr->task_transfer->master->host); 5917 return 0; 5918 } 5919 } else { 5920 if(qtype != LDNS_RR_TYPE_AXFR) { 5921 verbose(VERB_ALGO, "xfr to %s failed, packet " 5922 "with wrong qtype, expected AXFR", 5923 xfr->task_transfer->master->host); 5924 return 0; 5925 } 5926 } 5927 } 5928 5929 /* check parse of RRs in packet, store first SOA serial 5930 * to be able to detect last SOA (with that serial) to see if done */ 5931 /* also check for IXFR 'zone up to date' reply */ 5932 for(i=0; i<(int)LDNS_ANCOUNT(wire); i++) { 5933 size_t pos = sldns_buffer_position(pkt); 5934 uint16_t tp, rdlen; 5935 if(pkt_dname_len(pkt) == 0) { 5936 verbose(VERB_ALGO, "xfr to %s failed, packet with " 5937 "malformed dname in answer section", 5938 xfr->task_transfer->master->host); 5939 return 0; 5940 } 5941 if(sldns_buffer_remaining(pkt) < 10) { 5942 verbose(VERB_ALGO, "xfr to %s failed, packet with " 5943 "truncated RR", 5944 xfr->task_transfer->master->host); 5945 return 0; 5946 } 5947 tp = sldns_buffer_read_u16(pkt); 5948 (void)sldns_buffer_read_u16(pkt); /* class */ 5949 (void)sldns_buffer_read_u32(pkt); /* ttl */ 5950 rdlen = sldns_buffer_read_u16(pkt); 5951 if(sldns_buffer_remaining(pkt) < rdlen) { 5952 verbose(VERB_ALGO, "xfr to %s failed, packet with " 5953 "truncated RR rdata", 5954 xfr->task_transfer->master->host); 5955 return 0; 5956 } 5957 5958 /* RR parses (haven't checked rdata itself), now look at 5959 * SOA records to see serial number */ 5960 if(xfr->task_transfer->rr_scan_num == 0 && 5961 tp != LDNS_RR_TYPE_SOA) { 5962 verbose(VERB_ALGO, "xfr to %s failed, packet with " 5963 "malformed zone transfer, no start SOA", 5964 xfr->task_transfer->master->host); 5965 return 0; 5966 } 5967 if(xfr->task_transfer->rr_scan_num == 1 && 5968 tp != LDNS_RR_TYPE_SOA) { 5969 /* second RR is not a SOA record, this is not an IXFR 5970 * the master is replying with an AXFR */ 5971 xfr->task_transfer->on_ixfr_is_axfr = 1; 5972 } 5973 if(tp == LDNS_RR_TYPE_SOA) { 5974 uint32_t serial; 5975 if(rdlen < 22) { 5976 verbose(VERB_ALGO, "xfr to %s failed, packet " 5977 "with SOA with malformed rdata", 5978 xfr->task_transfer->master->host); 5979 return 0; 5980 } 5981 if(dname_pkt_compare(pkt, sldns_buffer_at(pkt, pos), 5982 xfr->name) != 0) { 5983 verbose(VERB_ALGO, "xfr to %s failed, packet " 5984 "with SOA with wrong dname", 5985 xfr->task_transfer->master->host); 5986 return 0; 5987 } 5988 5989 /* read serial number of SOA */ 5990 serial = sldns_buffer_read_u32_at(pkt, 5991 sldns_buffer_position(pkt)+rdlen-20); 5992 5993 /* check for IXFR 'zone has SOA x' reply */ 5994 if(xfr->task_transfer->on_ixfr && 5995 xfr->task_transfer->rr_scan_num == 0 && 5996 LDNS_ANCOUNT(wire)==1) { 5997 verbose(VERB_ALGO, "xfr to %s ended, " 5998 "IXFR reply that zone has serial %u," 5999 " fallback from IXFR to AXFR", 6000 xfr->task_transfer->master->host, 6001 (unsigned)serial); 6002 xfr->task_transfer->ixfr_fail = 1; 6003 *gonextonfail = 0; 6004 return 0; 6005 } 6006 6007 /* if first SOA, store serial number */ 6008 if(xfr->task_transfer->got_xfr_serial == 0) { 6009 xfr->task_transfer->got_xfr_serial = 1; 6010 xfr->task_transfer->incoming_xfr_serial = 6011 serial; 6012 verbose(VERB_ALGO, "xfr %s: contains " 6013 "SOA serial %u", 6014 xfr->task_transfer->master->host, 6015 (unsigned)serial); 6016 /* see if end of AXFR */ 6017 } else if(!xfr->task_transfer->on_ixfr || 6018 xfr->task_transfer->on_ixfr_is_axfr) { 6019 /* second SOA with serial is the end 6020 * for AXFR */ 6021 *transferdone = 1; 6022 verbose(VERB_ALGO, "xfr %s: last AXFR packet", 6023 xfr->task_transfer->master->host); 6024 /* for IXFR, count SOA records with that serial */ 6025 } else if(xfr->task_transfer->incoming_xfr_serial == 6026 serial && xfr->task_transfer->got_xfr_serial 6027 == 1) { 6028 xfr->task_transfer->got_xfr_serial++; 6029 /* if not first soa, if serial==firstserial, the 6030 * third time we are at the end, for IXFR */ 6031 } else if(xfr->task_transfer->incoming_xfr_serial == 6032 serial && xfr->task_transfer->got_xfr_serial 6033 == 2) { 6034 verbose(VERB_ALGO, "xfr %s: last IXFR packet", 6035 xfr->task_transfer->master->host); 6036 *transferdone = 1; 6037 /* continue parse check, if that succeeds, 6038 * transfer is done */ 6039 } 6040 } 6041 xfr->task_transfer->rr_scan_num++; 6042 6043 /* skip over RR rdata to go to the next RR */ 6044 sldns_buffer_skip(pkt, (ssize_t)rdlen); 6045 } 6046 6047 /* check authority section */ 6048 /* we skip over the RRs checking packet format */ 6049 for(i=0; i<(int)LDNS_NSCOUNT(wire); i++) { 6050 uint16_t rdlen; 6051 if(pkt_dname_len(pkt) == 0) { 6052 verbose(VERB_ALGO, "xfr to %s failed, packet with " 6053 "malformed dname in authority section", 6054 xfr->task_transfer->master->host); 6055 return 0; 6056 } 6057 if(sldns_buffer_remaining(pkt) < 10) { 6058 verbose(VERB_ALGO, "xfr to %s failed, packet with " 6059 "truncated RR", 6060 xfr->task_transfer->master->host); 6061 return 0; 6062 } 6063 (void)sldns_buffer_read_u16(pkt); /* type */ 6064 (void)sldns_buffer_read_u16(pkt); /* class */ 6065 (void)sldns_buffer_read_u32(pkt); /* ttl */ 6066 rdlen = sldns_buffer_read_u16(pkt); 6067 if(sldns_buffer_remaining(pkt) < rdlen) { 6068 verbose(VERB_ALGO, "xfr to %s failed, packet with " 6069 "truncated RR rdata", 6070 xfr->task_transfer->master->host); 6071 return 0; 6072 } 6073 /* skip over RR rdata to go to the next RR */ 6074 sldns_buffer_skip(pkt, (ssize_t)rdlen); 6075 } 6076 6077 /* check additional section */ 6078 for(i=0; i<(int)LDNS_ARCOUNT(wire); i++) { 6079 uint16_t rdlen; 6080 if(pkt_dname_len(pkt) == 0) { 6081 verbose(VERB_ALGO, "xfr to %s failed, packet with " 6082 "malformed dname in additional section", 6083 xfr->task_transfer->master->host); 6084 return 0; 6085 } 6086 if(sldns_buffer_remaining(pkt) < 10) { 6087 verbose(VERB_ALGO, "xfr to %s failed, packet with " 6088 "truncated RR", 6089 xfr->task_transfer->master->host); 6090 return 0; 6091 } 6092 (void)sldns_buffer_read_u16(pkt); /* type */ 6093 (void)sldns_buffer_read_u16(pkt); /* class */ 6094 (void)sldns_buffer_read_u32(pkt); /* ttl */ 6095 rdlen = sldns_buffer_read_u16(pkt); 6096 if(sldns_buffer_remaining(pkt) < rdlen) { 6097 verbose(VERB_ALGO, "xfr to %s failed, packet with " 6098 "truncated RR rdata", 6099 xfr->task_transfer->master->host); 6100 return 0; 6101 } 6102 /* skip over RR rdata to go to the next RR */ 6103 sldns_buffer_skip(pkt, (ssize_t)rdlen); 6104 } 6105 6106 return 1; 6107 } 6108 6109 /** Link the data from this packet into the worklist of transferred data */ 6110 static int 6111 xfer_link_data(sldns_buffer* pkt, struct auth_xfer* xfr) 6112 { 6113 /* alloc it */ 6114 struct auth_chunk* e; 6115 e = (struct auth_chunk*)calloc(1, sizeof(*e)); 6116 if(!e) return 0; 6117 e->next = NULL; 6118 e->len = sldns_buffer_limit(pkt); 6119 e->data = memdup(sldns_buffer_begin(pkt), e->len); 6120 if(!e->data) { 6121 free(e); 6122 return 0; 6123 } 6124 6125 /* alloc succeeded, link into list */ 6126 if(!xfr->task_transfer->chunks_first) 6127 xfr->task_transfer->chunks_first = e; 6128 if(xfr->task_transfer->chunks_last) 6129 xfr->task_transfer->chunks_last->next = e; 6130 xfr->task_transfer->chunks_last = e; 6131 return 1; 6132 } 6133 6134 /** task transfer. the list of data is complete. process it and if failed 6135 * move to next master, if succeeded, end the task transfer */ 6136 static void 6137 process_list_end_transfer(struct auth_xfer* xfr, struct module_env* env) 6138 { 6139 int ixfr_fail = 0; 6140 if(xfr_process_chunk_list(xfr, env, &ixfr_fail)) { 6141 /* it worked! */ 6142 auth_chunks_delete(xfr->task_transfer); 6143 6144 /* we fetched the zone, move to wait task */ 6145 xfr_transfer_disown(xfr); 6146 6147 if(xfr->notify_received && (!xfr->notify_has_serial || 6148 (xfr->notify_has_serial && 6149 xfr_serial_means_update(xfr, xfr->notify_serial)))) { 6150 uint32_t sr = xfr->notify_serial; 6151 int has_sr = xfr->notify_has_serial; 6152 /* we received a notify while probe/transfer was 6153 * in progress. start a new probe and transfer */ 6154 xfr->notify_received = 0; 6155 xfr->notify_has_serial = 0; 6156 xfr->notify_serial = 0; 6157 if(!xfr_start_probe(xfr, env, NULL)) { 6158 /* if we couldn't start it, already in 6159 * progress; restore notify serial, 6160 * while xfr still locked */ 6161 xfr->notify_received = 1; 6162 xfr->notify_has_serial = has_sr; 6163 xfr->notify_serial = sr; 6164 lock_basic_unlock(&xfr->lock); 6165 } 6166 return; 6167 } else { 6168 /* pick up the nextprobe task and wait (normail wait time) */ 6169 if(xfr->task_nextprobe->worker == NULL) 6170 xfr_set_timeout(xfr, env, 0, 0); 6171 } 6172 lock_basic_unlock(&xfr->lock); 6173 return; 6174 } 6175 /* processing failed */ 6176 /* when done, delete data from list */ 6177 auth_chunks_delete(xfr->task_transfer); 6178 if(ixfr_fail) { 6179 xfr->task_transfer->ixfr_fail = 1; 6180 } else { 6181 xfr_transfer_nextmaster(xfr); 6182 } 6183 xfr_transfer_nexttarget_or_end(xfr, env); 6184 } 6185 6186 /** callback for the task_transfer timer */ 6187 void 6188 auth_xfer_transfer_timer_callback(void* arg) 6189 { 6190 struct auth_xfer* xfr = (struct auth_xfer*)arg; 6191 struct module_env* env; 6192 int gonextonfail = 1; 6193 log_assert(xfr->task_transfer); 6194 lock_basic_lock(&xfr->lock); 6195 env = xfr->task_transfer->env; 6196 if(!env || env->outnet->want_to_quit) { 6197 lock_basic_unlock(&xfr->lock); 6198 return; /* stop on quit */ 6199 } 6200 6201 verbose(VERB_ALGO, "xfr stopped, connection timeout to %s", 6202 xfr->task_transfer->master->host); 6203 6204 /* see if IXFR caused the failure, if so, try AXFR */ 6205 if(xfr->task_transfer->on_ixfr) { 6206 xfr->task_transfer->ixfr_possible_timeout_count++; 6207 if(xfr->task_transfer->ixfr_possible_timeout_count >= 6208 NUM_TIMEOUTS_FALLBACK_IXFR) { 6209 verbose(VERB_ALGO, "xfr to %s, fallback " 6210 "from IXFR to AXFR (because of timeouts)", 6211 xfr->task_transfer->master->host); 6212 xfr->task_transfer->ixfr_fail = 1; 6213 gonextonfail = 0; 6214 } 6215 } 6216 6217 /* delete transferred data from list */ 6218 auth_chunks_delete(xfr->task_transfer); 6219 comm_point_delete(xfr->task_transfer->cp); 6220 xfr->task_transfer->cp = NULL; 6221 if(gonextonfail) 6222 xfr_transfer_nextmaster(xfr); 6223 xfr_transfer_nexttarget_or_end(xfr, env); 6224 } 6225 6226 /** callback for task_transfer tcp connections */ 6227 int 6228 auth_xfer_transfer_tcp_callback(struct comm_point* c, void* arg, int err, 6229 struct comm_reply* ATTR_UNUSED(repinfo)) 6230 { 6231 struct auth_xfer* xfr = (struct auth_xfer*)arg; 6232 struct module_env* env; 6233 int gonextonfail = 1; 6234 int transferdone = 0; 6235 log_assert(xfr->task_transfer); 6236 lock_basic_lock(&xfr->lock); 6237 env = xfr->task_transfer->env; 6238 if(!env || env->outnet->want_to_quit) { 6239 lock_basic_unlock(&xfr->lock); 6240 return 0; /* stop on quit */ 6241 } 6242 /* stop the timer */ 6243 comm_timer_disable(xfr->task_transfer->timer); 6244 6245 if(err != NETEVENT_NOERROR) { 6246 /* connection failed, closed, or timeout */ 6247 /* stop this transfer, cleanup 6248 * and continue task_transfer*/ 6249 verbose(VERB_ALGO, "xfr stopped, connection lost to %s", 6250 xfr->task_transfer->master->host); 6251 6252 /* see if IXFR caused the failure, if so, try AXFR */ 6253 if(xfr->task_transfer->on_ixfr) { 6254 xfr->task_transfer->ixfr_possible_timeout_count++; 6255 if(xfr->task_transfer->ixfr_possible_timeout_count >= 6256 NUM_TIMEOUTS_FALLBACK_IXFR) { 6257 verbose(VERB_ALGO, "xfr to %s, fallback " 6258 "from IXFR to AXFR (because of timeouts)", 6259 xfr->task_transfer->master->host); 6260 xfr->task_transfer->ixfr_fail = 1; 6261 gonextonfail = 0; 6262 } 6263 } 6264 6265 failed: 6266 /* delete transferred data from list */ 6267 auth_chunks_delete(xfr->task_transfer); 6268 comm_point_delete(xfr->task_transfer->cp); 6269 xfr->task_transfer->cp = NULL; 6270 if(gonextonfail) 6271 xfr_transfer_nextmaster(xfr); 6272 xfr_transfer_nexttarget_or_end(xfr, env); 6273 return 0; 6274 } 6275 /* note that IXFR worked without timeout */ 6276 if(xfr->task_transfer->on_ixfr) 6277 xfr->task_transfer->ixfr_possible_timeout_count = 0; 6278 6279 /* handle returned packet */ 6280 /* if it fails, cleanup and end this transfer */ 6281 /* if it needs to fallback from IXFR to AXFR, do that */ 6282 if(!check_xfer_packet(c->buffer, xfr, &gonextonfail, &transferdone)) { 6283 goto failed; 6284 } 6285 /* if it is good, link it into the list of data */ 6286 /* if the link into list of data fails (malloc fail) cleanup and end */ 6287 if(!xfer_link_data(c->buffer, xfr)) { 6288 verbose(VERB_ALGO, "xfr stopped to %s, malloc failed", 6289 xfr->task_transfer->master->host); 6290 goto failed; 6291 } 6292 /* if the transfer is done now, disconnect and process the list */ 6293 if(transferdone) { 6294 comm_point_delete(xfr->task_transfer->cp); 6295 xfr->task_transfer->cp = NULL; 6296 process_list_end_transfer(xfr, env); 6297 return 0; 6298 } 6299 6300 /* if we want to read more messages, setup the commpoint to read 6301 * a DNS packet, and the timeout */ 6302 lock_basic_unlock(&xfr->lock); 6303 c->tcp_is_reading = 1; 6304 sldns_buffer_clear(c->buffer); 6305 comm_point_start_listening(c, -1, AUTH_TRANSFER_TIMEOUT); 6306 return 0; 6307 } 6308 6309 /** callback for task_transfer http connections */ 6310 int 6311 auth_xfer_transfer_http_callback(struct comm_point* c, void* arg, int err, 6312 struct comm_reply* repinfo) 6313 { 6314 struct auth_xfer* xfr = (struct auth_xfer*)arg; 6315 struct module_env* env; 6316 log_assert(xfr->task_transfer); 6317 lock_basic_lock(&xfr->lock); 6318 env = xfr->task_transfer->env; 6319 if(!env || env->outnet->want_to_quit) { 6320 lock_basic_unlock(&xfr->lock); 6321 return 0; /* stop on quit */ 6322 } 6323 verbose(VERB_ALGO, "auth zone transfer http callback"); 6324 /* stop the timer */ 6325 comm_timer_disable(xfr->task_transfer->timer); 6326 6327 if(err != NETEVENT_NOERROR && err != NETEVENT_DONE) { 6328 /* connection failed, closed, or timeout */ 6329 /* stop this transfer, cleanup 6330 * and continue task_transfer*/ 6331 verbose(VERB_ALGO, "http stopped, connection lost to %s", 6332 xfr->task_transfer->master->host); 6333 failed: 6334 /* delete transferred data from list */ 6335 auth_chunks_delete(xfr->task_transfer); 6336 if(repinfo) repinfo->c = NULL; /* signal cp deleted to 6337 the routine calling this callback */ 6338 comm_point_delete(xfr->task_transfer->cp); 6339 xfr->task_transfer->cp = NULL; 6340 xfr_transfer_nextmaster(xfr); 6341 xfr_transfer_nexttarget_or_end(xfr, env); 6342 return 0; 6343 } 6344 6345 /* if it is good, link it into the list of data */ 6346 /* if the link into list of data fails (malloc fail) cleanup and end */ 6347 if(sldns_buffer_limit(c->buffer) > 0) { 6348 verbose(VERB_ALGO, "auth zone http queued up %d bytes", 6349 (int)sldns_buffer_limit(c->buffer)); 6350 if(!xfer_link_data(c->buffer, xfr)) { 6351 verbose(VERB_ALGO, "http stopped to %s, malloc failed", 6352 xfr->task_transfer->master->host); 6353 goto failed; 6354 } 6355 } 6356 /* if the transfer is done now, disconnect and process the list */ 6357 if(err == NETEVENT_DONE) { 6358 if(repinfo) repinfo->c = NULL; /* signal cp deleted to 6359 the routine calling this callback */ 6360 comm_point_delete(xfr->task_transfer->cp); 6361 xfr->task_transfer->cp = NULL; 6362 process_list_end_transfer(xfr, env); 6363 return 0; 6364 } 6365 6366 /* if we want to read more messages, setup the commpoint to read 6367 * a DNS packet, and the timeout */ 6368 lock_basic_unlock(&xfr->lock); 6369 c->tcp_is_reading = 1; 6370 sldns_buffer_clear(c->buffer); 6371 comm_point_start_listening(c, -1, AUTH_TRANSFER_TIMEOUT); 6372 return 0; 6373 } 6374 6375 6376 /** start transfer task by this worker , xfr is locked. */ 6377 static void 6378 xfr_start_transfer(struct auth_xfer* xfr, struct module_env* env, 6379 struct auth_master* master) 6380 { 6381 log_assert(xfr->task_transfer != NULL); 6382 log_assert(xfr->task_transfer->worker == NULL); 6383 log_assert(xfr->task_transfer->chunks_first == NULL); 6384 log_assert(xfr->task_transfer->chunks_last == NULL); 6385 xfr->task_transfer->worker = env->worker; 6386 xfr->task_transfer->env = env; 6387 6388 /* init transfer process */ 6389 /* find that master in the transfer's list of masters? */ 6390 xfr_transfer_start_list(xfr, master); 6391 /* start lookup for hostnames in transfer master list */ 6392 xfr_transfer_start_lookups(xfr); 6393 6394 /* initiate TCP, and set timeout on it */ 6395 xfr_transfer_nexttarget_or_end(xfr, env); 6396 } 6397 6398 /** disown task_probe. caller must hold xfr.lock */ 6399 static void 6400 xfr_probe_disown(struct auth_xfer* xfr) 6401 { 6402 /* remove timer (from this worker's event base) */ 6403 comm_timer_delete(xfr->task_probe->timer); 6404 xfr->task_probe->timer = NULL; 6405 /* remove the commpoint */ 6406 comm_point_delete(xfr->task_probe->cp); 6407 xfr->task_probe->cp = NULL; 6408 /* we don't own this item anymore */ 6409 xfr->task_probe->worker = NULL; 6410 xfr->task_probe->env = NULL; 6411 } 6412 6413 /** send the UDP probe to the master, this is part of task_probe */ 6414 static int 6415 xfr_probe_send_probe(struct auth_xfer* xfr, struct module_env* env, 6416 int timeout) 6417 { 6418 struct sockaddr_storage addr; 6419 socklen_t addrlen = 0; 6420 struct timeval t; 6421 /* pick master */ 6422 struct auth_master* master = xfr_probe_current_master(xfr); 6423 char *auth_name = NULL; 6424 if(!master) return 0; 6425 if(master->allow_notify) return 0; /* only for notify */ 6426 if(master->http) return 0; /* only masters get SOA UDP probe, 6427 not urls, if those are in this list */ 6428 6429 /* get master addr */ 6430 if(xfr->task_probe->scan_addr) { 6431 addrlen = xfr->task_probe->scan_addr->addrlen; 6432 memmove(&addr, &xfr->task_probe->scan_addr->addr, addrlen); 6433 } else { 6434 if(!authextstrtoaddr(master->host, &addr, &addrlen, &auth_name)) { 6435 /* the ones that are not in addr format are supposed 6436 * to be looked up. The lookup has failed however, 6437 * so skip them */ 6438 char zname[LDNS_MAX_DOMAINLEN]; 6439 dname_str(xfr->name, zname); 6440 log_err("%s: failed lookup, cannot probe to master %s", 6441 zname, master->host); 6442 return 0; 6443 } 6444 if (auth_name != NULL) { 6445 if (addr.ss_family == AF_INET 6446 && (int)ntohs(((struct sockaddr_in *)&addr)->sin_port) 6447 == env->cfg->ssl_port) 6448 ((struct sockaddr_in *)&addr)->sin_port 6449 = htons((uint16_t)env->cfg->port); 6450 else if (addr.ss_family == AF_INET6 6451 && (int)ntohs(((struct sockaddr_in6 *)&addr)->sin6_port) 6452 == env->cfg->ssl_port) 6453 ((struct sockaddr_in6 *)&addr)->sin6_port 6454 = htons((uint16_t)env->cfg->port); 6455 } 6456 } 6457 6458 /* create packet */ 6459 /* create new ID for new probes, but not on timeout retries, 6460 * this means we'll accept replies to previous retries to same ip */ 6461 if(timeout == AUTH_PROBE_TIMEOUT) 6462 xfr->task_probe->id = GET_RANDOM_ID(env->rnd); 6463 xfr_create_soa_probe_packet(xfr, env->scratch_buffer, 6464 xfr->task_probe->id); 6465 /* we need to remove the cp if we have a different ip4/ip6 type now */ 6466 if(xfr->task_probe->cp && 6467 ((xfr->task_probe->cp_is_ip6 && !addr_is_ip6(&addr, addrlen)) || 6468 (!xfr->task_probe->cp_is_ip6 && addr_is_ip6(&addr, addrlen))) 6469 ) { 6470 comm_point_delete(xfr->task_probe->cp); 6471 xfr->task_probe->cp = NULL; 6472 } 6473 if(!xfr->task_probe->cp) { 6474 if(addr_is_ip6(&addr, addrlen)) 6475 xfr->task_probe->cp_is_ip6 = 1; 6476 else xfr->task_probe->cp_is_ip6 = 0; 6477 xfr->task_probe->cp = outnet_comm_point_for_udp(env->outnet, 6478 auth_xfer_probe_udp_callback, xfr, &addr, addrlen); 6479 if(!xfr->task_probe->cp) { 6480 char zname[LDNS_MAX_DOMAINLEN], as[256]; 6481 dname_str(xfr->name, zname); 6482 addr_port_to_str(&addr, addrlen, as, sizeof(as)); 6483 verbose(VERB_ALGO, "cannot create udp cp for " 6484 "probe %s to %s", zname, as); 6485 return 0; 6486 } 6487 } 6488 if(!xfr->task_probe->timer) { 6489 xfr->task_probe->timer = comm_timer_create(env->worker_base, 6490 auth_xfer_probe_timer_callback, xfr); 6491 if(!xfr->task_probe->timer) { 6492 log_err("malloc failure"); 6493 return 0; 6494 } 6495 } 6496 6497 /* send udp packet */ 6498 if(!comm_point_send_udp_msg(xfr->task_probe->cp, env->scratch_buffer, 6499 (struct sockaddr*)&addr, addrlen, 0)) { 6500 char zname[LDNS_MAX_DOMAINLEN], as[256]; 6501 dname_str(xfr->name, zname); 6502 addr_port_to_str(&addr, addrlen, as, sizeof(as)); 6503 verbose(VERB_ALGO, "failed to send soa probe for %s to %s", 6504 zname, as); 6505 return 0; 6506 } 6507 if(verbosity >= VERB_ALGO) { 6508 char zname[LDNS_MAX_DOMAINLEN], as[256]; 6509 dname_str(xfr->name, zname); 6510 addr_port_to_str(&addr, addrlen, as, sizeof(as)); 6511 verbose(VERB_ALGO, "auth zone %s soa probe sent to %s", zname, 6512 as); 6513 } 6514 xfr->task_probe->timeout = timeout; 6515 #ifndef S_SPLINT_S 6516 t.tv_sec = timeout/1000; 6517 t.tv_usec = (timeout%1000)*1000; 6518 #endif 6519 comm_timer_set(xfr->task_probe->timer, &t); 6520 6521 return 1; 6522 } 6523 6524 /** callback for task_probe timer */ 6525 void 6526 auth_xfer_probe_timer_callback(void* arg) 6527 { 6528 struct auth_xfer* xfr = (struct auth_xfer*)arg; 6529 struct module_env* env; 6530 log_assert(xfr->task_probe); 6531 lock_basic_lock(&xfr->lock); 6532 env = xfr->task_probe->env; 6533 if(!env || env->outnet->want_to_quit) { 6534 lock_basic_unlock(&xfr->lock); 6535 return; /* stop on quit */ 6536 } 6537 6538 if(verbosity >= VERB_ALGO) { 6539 char zname[LDNS_MAX_DOMAINLEN]; 6540 dname_str(xfr->name, zname); 6541 verbose(VERB_ALGO, "auth zone %s soa probe timeout", zname); 6542 } 6543 if(xfr->task_probe->timeout <= AUTH_PROBE_TIMEOUT_STOP) { 6544 /* try again with bigger timeout */ 6545 if(xfr_probe_send_probe(xfr, env, xfr->task_probe->timeout*2)) { 6546 lock_basic_unlock(&xfr->lock); 6547 return; 6548 } 6549 } 6550 /* delete commpoint so a new one is created, with a fresh port nr */ 6551 comm_point_delete(xfr->task_probe->cp); 6552 xfr->task_probe->cp = NULL; 6553 6554 /* too many timeouts (or fail to send), move to next or end */ 6555 xfr_probe_nextmaster(xfr); 6556 xfr_probe_send_or_end(xfr, env); 6557 } 6558 6559 /** callback for task_probe udp packets */ 6560 int 6561 auth_xfer_probe_udp_callback(struct comm_point* c, void* arg, int err, 6562 struct comm_reply* repinfo) 6563 { 6564 struct auth_xfer* xfr = (struct auth_xfer*)arg; 6565 struct module_env* env; 6566 log_assert(xfr->task_probe); 6567 lock_basic_lock(&xfr->lock); 6568 env = xfr->task_probe->env; 6569 if(!env || env->outnet->want_to_quit) { 6570 lock_basic_unlock(&xfr->lock); 6571 return 0; /* stop on quit */ 6572 } 6573 6574 /* the comm_point_udp_callback is in a for loop for NUM_UDP_PER_SELECT 6575 * and we set rep.c=NULL to stop if from looking inside the commpoint*/ 6576 repinfo->c = NULL; 6577 /* stop the timer */ 6578 comm_timer_disable(xfr->task_probe->timer); 6579 6580 /* see if we got a packet and what that means */ 6581 if(err == NETEVENT_NOERROR) { 6582 uint32_t serial = 0; 6583 if(check_packet_ok(c->buffer, LDNS_RR_TYPE_SOA, xfr, 6584 &serial)) { 6585 /* successful lookup */ 6586 if(verbosity >= VERB_ALGO) { 6587 char buf[LDNS_MAX_DOMAINLEN]; 6588 dname_str(xfr->name, buf); 6589 verbose(VERB_ALGO, "auth zone %s: soa probe " 6590 "serial is %u", buf, (unsigned)serial); 6591 } 6592 /* see if this serial indicates that the zone has 6593 * to be updated */ 6594 if(xfr_serial_means_update(xfr, serial)) { 6595 /* if updated, start the transfer task, if needed */ 6596 verbose(VERB_ALGO, "auth_zone updated, start transfer"); 6597 if(xfr->task_transfer->worker == NULL) { 6598 struct auth_master* master = 6599 xfr_probe_current_master(xfr); 6600 /* if we have download URLs use them 6601 * in preference to this master we 6602 * just probed the SOA from */ 6603 if(xfr->task_transfer->masters && 6604 xfr->task_transfer->masters->http) 6605 master = NULL; 6606 xfr_probe_disown(xfr); 6607 xfr_start_transfer(xfr, env, master); 6608 return 0; 6609 6610 } 6611 /* other tasks are running, we don't do this anymore */ 6612 xfr_probe_disown(xfr); 6613 lock_basic_unlock(&xfr->lock); 6614 /* return, we don't sent a reply to this udp packet, 6615 * and we setup the tasks to do next */ 6616 return 0; 6617 } else { 6618 verbose(VERB_ALGO, "auth_zone master reports unchanged soa serial"); 6619 /* we if cannot find updates amongst the 6620 * masters, this means we then have a new lease 6621 * on the zone */ 6622 xfr->task_probe->have_new_lease = 1; 6623 } 6624 } else { 6625 if(verbosity >= VERB_ALGO) { 6626 char buf[LDNS_MAX_DOMAINLEN]; 6627 dname_str(xfr->name, buf); 6628 verbose(VERB_ALGO, "auth zone %s: bad reply to soa probe", buf); 6629 } 6630 } 6631 } else { 6632 if(verbosity >= VERB_ALGO) { 6633 char buf[LDNS_MAX_DOMAINLEN]; 6634 dname_str(xfr->name, buf); 6635 verbose(VERB_ALGO, "auth zone %s: soa probe failed", buf); 6636 } 6637 } 6638 6639 /* failed lookup or not an update */ 6640 /* delete commpoint so a new one is created, with a fresh port nr */ 6641 comm_point_delete(xfr->task_probe->cp); 6642 xfr->task_probe->cp = NULL; 6643 6644 /* if the result was not a successful probe, we need 6645 * to send the next one */ 6646 xfr_probe_nextmaster(xfr); 6647 xfr_probe_send_or_end(xfr, env); 6648 return 0; 6649 } 6650 6651 /** lookup a host name for its addresses, if needed */ 6652 static int 6653 xfr_probe_lookup_host(struct auth_xfer* xfr, struct module_env* env) 6654 { 6655 struct sockaddr_storage addr; 6656 socklen_t addrlen = 0; 6657 struct auth_master* master = xfr->task_probe->lookup_target; 6658 struct query_info qinfo; 6659 uint16_t qflags = BIT_RD; 6660 uint8_t dname[LDNS_MAX_DOMAINLEN+1]; 6661 struct edns_data edns; 6662 sldns_buffer* buf = env->scratch_buffer; 6663 if(!master) return 0; 6664 if(extstrtoaddr(master->host, &addr, &addrlen, UNBOUND_DNS_PORT)) { 6665 /* not needed, host is in IP addr format */ 6666 return 0; 6667 } 6668 if(master->allow_notify && !master->http && 6669 strchr(master->host, '/') != NULL && 6670 strchr(master->host, '/') == strrchr(master->host, '/')) { 6671 return 0; /* is IP/prefix format, not something to look up */ 6672 } 6673 6674 /* use mesh_new_callback to probe for non-addr hosts, 6675 * and then wait for them to be looked up (in cache, or query) */ 6676 qinfo.qname_len = sizeof(dname); 6677 if(sldns_str2wire_dname_buf(master->host, dname, &qinfo.qname_len) 6678 != 0) { 6679 log_err("cannot parse host name of master %s", master->host); 6680 return 0; 6681 } 6682 qinfo.qname = dname; 6683 qinfo.qclass = xfr->dclass; 6684 qinfo.qtype = LDNS_RR_TYPE_A; 6685 if(xfr->task_probe->lookup_aaaa) 6686 qinfo.qtype = LDNS_RR_TYPE_AAAA; 6687 qinfo.local_alias = NULL; 6688 if(verbosity >= VERB_ALGO) { 6689 char buf1[512]; 6690 char buf2[LDNS_MAX_DOMAINLEN]; 6691 dname_str(xfr->name, buf2); 6692 snprintf(buf1, sizeof(buf1), "auth zone %s: master lookup" 6693 " for task_probe", buf2); 6694 log_query_info(VERB_ALGO, buf1, &qinfo); 6695 } 6696 edns.edns_present = 1; 6697 edns.ext_rcode = 0; 6698 edns.edns_version = 0; 6699 edns.bits = EDNS_DO; 6700 edns.opt_list_in = NULL; 6701 edns.opt_list_out = NULL; 6702 edns.opt_list_inplace_cb_out = NULL; 6703 edns.padding_block_size = 0; 6704 edns.cookie_present = 0; 6705 edns.cookie_valid = 0; 6706 if(sldns_buffer_capacity(buf) < 65535) 6707 edns.udp_size = (uint16_t)sldns_buffer_capacity(buf); 6708 else edns.udp_size = 65535; 6709 6710 /* unlock xfr during mesh_new_callback() because the callback can be 6711 * called straight away */ 6712 lock_basic_unlock(&xfr->lock); 6713 if(!mesh_new_callback(env->mesh, &qinfo, qflags, &edns, buf, 0, 6714 &auth_xfer_probe_lookup_callback, xfr, 0)) { 6715 lock_basic_lock(&xfr->lock); 6716 log_err("out of memory lookup up master %s", master->host); 6717 return 0; 6718 } 6719 lock_basic_lock(&xfr->lock); 6720 return 1; 6721 } 6722 6723 /** return true if there are probe (SOA UDP query) targets in the master list*/ 6724 static int 6725 have_probe_targets(struct auth_master* list) 6726 { 6727 struct auth_master* p; 6728 for(p=list; p; p = p->next) { 6729 if(!p->allow_notify && p->host) 6730 return 1; 6731 } 6732 return 0; 6733 } 6734 6735 /** move to sending the probe packets, next if fails. task_probe */ 6736 static void 6737 xfr_probe_send_or_end(struct auth_xfer* xfr, struct module_env* env) 6738 { 6739 /* are we doing hostname lookups? */ 6740 while(xfr->task_probe->lookup_target) { 6741 if(xfr_probe_lookup_host(xfr, env)) { 6742 /* wait for lookup to finish, 6743 * note that the hostname may be in unbound's cache 6744 * and we may then get an instant cache response, 6745 * and that calls the callback just like a full 6746 * lookup and lookup failures also call callback */ 6747 if(verbosity >= VERB_ALGO) { 6748 char zname[LDNS_MAX_DOMAINLEN]; 6749 dname_str(xfr->name, zname); 6750 verbose(VERB_ALGO, "auth zone %s probe next target lookup", zname); 6751 } 6752 lock_basic_unlock(&xfr->lock); 6753 return; 6754 } 6755 xfr_probe_move_to_next_lookup(xfr, env); 6756 } 6757 /* probe of list has ended. Create or refresh the list of of 6758 * allow_notify addrs */ 6759 probe_copy_masters_for_allow_notify(xfr); 6760 if(verbosity >= VERB_ALGO) { 6761 char zname[LDNS_MAX_DOMAINLEN]; 6762 dname_str(xfr->name, zname); 6763 verbose(VERB_ALGO, "auth zone %s probe: notify addrs updated", zname); 6764 } 6765 if(xfr->task_probe->only_lookup) { 6766 /* only wanted lookups for copy, stop probe and start wait */ 6767 xfr->task_probe->only_lookup = 0; 6768 if(verbosity >= VERB_ALGO) { 6769 char zname[LDNS_MAX_DOMAINLEN]; 6770 dname_str(xfr->name, zname); 6771 verbose(VERB_ALGO, "auth zone %s probe: finished only_lookup", zname); 6772 } 6773 xfr_probe_disown(xfr); 6774 if(!have_probe_targets(xfr->task_probe->masters)) { 6775 /* If there are no masters to probe, go to transfer. */ 6776 if(xfr->task_transfer->worker == NULL) { 6777 xfr_start_transfer(xfr, env, NULL); 6778 return; 6779 } 6780 /* The transfer is already in progress. */ 6781 lock_basic_unlock(&xfr->lock); 6782 return; 6783 } 6784 if(xfr->task_nextprobe->worker == NULL) 6785 xfr_set_timeout(xfr, env, 0, 0); 6786 lock_basic_unlock(&xfr->lock); 6787 return; 6788 } 6789 6790 /* send probe packets */ 6791 while(!xfr_probe_end_of_list(xfr)) { 6792 if(xfr_probe_send_probe(xfr, env, AUTH_PROBE_TIMEOUT)) { 6793 /* successfully sent probe, wait for callback */ 6794 lock_basic_unlock(&xfr->lock); 6795 return; 6796 } 6797 /* failed to send probe, next master */ 6798 xfr_probe_nextmaster(xfr); 6799 } 6800 6801 /* done with probe sequence, wait */ 6802 if(xfr->task_probe->have_new_lease) { 6803 /* if zone not updated, start the wait timer again */ 6804 if(verbosity >= VERB_ALGO) { 6805 char zname[LDNS_MAX_DOMAINLEN]; 6806 dname_str(xfr->name, zname); 6807 verbose(VERB_ALGO, "auth_zone %s unchanged, new lease, wait", zname); 6808 } 6809 xfr_probe_disown(xfr); 6810 if(xfr->have_zone) 6811 xfr->lease_time = *env->now; 6812 if(xfr->task_nextprobe->worker == NULL) 6813 xfr_set_timeout(xfr, env, 0, 0); 6814 } else { 6815 if(verbosity >= VERB_ALGO) { 6816 char zname[LDNS_MAX_DOMAINLEN]; 6817 dname_str(xfr->name, zname); 6818 verbose(VERB_ALGO, "auth zone %s soa probe failed, wait to retry", zname); 6819 } 6820 /* we failed to send this as well, move to the wait task, 6821 * use the shorter retry timeout */ 6822 xfr_probe_disown(xfr); 6823 /* pick up the nextprobe task and wait */ 6824 if(xfr->task_nextprobe->worker == NULL) 6825 xfr_set_timeout(xfr, env, 1, 0); 6826 } 6827 6828 lock_basic_unlock(&xfr->lock); 6829 } 6830 6831 /** callback for task_probe lookup of host name, of A or AAAA */ 6832 void auth_xfer_probe_lookup_callback(void* arg, int rcode, sldns_buffer* buf, 6833 enum sec_status ATTR_UNUSED(sec), char* ATTR_UNUSED(why_bogus), 6834 int ATTR_UNUSED(was_ratelimited)) 6835 { 6836 struct auth_xfer* xfr = (struct auth_xfer*)arg; 6837 struct module_env* env; 6838 log_assert(xfr->task_probe); 6839 lock_basic_lock(&xfr->lock); 6840 env = xfr->task_probe->env; 6841 if(!env || env->outnet->want_to_quit) { 6842 lock_basic_unlock(&xfr->lock); 6843 return; /* stop on quit */ 6844 } 6845 6846 /* process result */ 6847 if(rcode == LDNS_RCODE_NOERROR) { 6848 uint16_t wanted_qtype = LDNS_RR_TYPE_A; 6849 struct regional* temp = env->scratch; 6850 struct query_info rq; 6851 struct reply_info* rep; 6852 if(xfr->task_probe->lookup_aaaa) 6853 wanted_qtype = LDNS_RR_TYPE_AAAA; 6854 memset(&rq, 0, sizeof(rq)); 6855 rep = parse_reply_in_temp_region(buf, temp, &rq); 6856 if(rep && rq.qtype == wanted_qtype && 6857 FLAGS_GET_RCODE(rep->flags) == LDNS_RCODE_NOERROR) { 6858 /* parsed successfully */ 6859 struct ub_packed_rrset_key* answer = 6860 reply_find_answer_rrset(&rq, rep); 6861 if(answer) { 6862 xfr_master_add_addrs(xfr->task_probe-> 6863 lookup_target, answer, wanted_qtype); 6864 } else { 6865 if(verbosity >= VERB_ALGO) { 6866 char zname[LDNS_MAX_DOMAINLEN]; 6867 dname_str(xfr->name, zname); 6868 verbose(VERB_ALGO, "auth zone %s host %s type %s probe lookup has nodata", zname, xfr->task_probe->lookup_target->host, (xfr->task_probe->lookup_aaaa?"AAAA":"A")); 6869 } 6870 } 6871 } else { 6872 if(verbosity >= VERB_ALGO) { 6873 char zname[LDNS_MAX_DOMAINLEN]; 6874 dname_str(xfr->name, zname); 6875 verbose(VERB_ALGO, "auth zone %s host %s type %s probe lookup has no address", zname, xfr->task_probe->lookup_target->host, (xfr->task_probe->lookup_aaaa?"AAAA":"A")); 6876 } 6877 } 6878 regional_free_all(temp); 6879 } else { 6880 if(verbosity >= VERB_ALGO) { 6881 char zname[LDNS_MAX_DOMAINLEN]; 6882 dname_str(xfr->name, zname); 6883 verbose(VERB_ALGO, "auth zone %s host %s type %s probe lookup failed", zname, xfr->task_probe->lookup_target->host, (xfr->task_probe->lookup_aaaa?"AAAA":"A")); 6884 } 6885 } 6886 if(xfr->task_probe->lookup_target->list && 6887 xfr->task_probe->lookup_target == xfr_probe_current_master(xfr)) 6888 xfr->task_probe->scan_addr = xfr->task_probe->lookup_target->list; 6889 6890 /* move to lookup AAAA after A lookup, move to next hostname lookup, 6891 * or move to send the probes, or, if nothing to do, end task_probe */ 6892 xfr_probe_move_to_next_lookup(xfr, env); 6893 xfr_probe_send_or_end(xfr, env); 6894 } 6895 6896 /** disown task_nextprobe. caller must hold xfr.lock */ 6897 static void 6898 xfr_nextprobe_disown(struct auth_xfer* xfr) 6899 { 6900 /* delete the timer, because the next worker to pick this up may 6901 * not have the same event base */ 6902 comm_timer_delete(xfr->task_nextprobe->timer); 6903 xfr->task_nextprobe->timer = NULL; 6904 xfr->task_nextprobe->next_probe = 0; 6905 /* we don't own this item anymore */ 6906 xfr->task_nextprobe->worker = NULL; 6907 xfr->task_nextprobe->env = NULL; 6908 } 6909 6910 /** xfer nextprobe timeout callback, this is part of task_nextprobe */ 6911 void 6912 auth_xfer_timer(void* arg) 6913 { 6914 struct auth_xfer* xfr = (struct auth_xfer*)arg; 6915 struct module_env* env; 6916 log_assert(xfr->task_nextprobe); 6917 lock_basic_lock(&xfr->lock); 6918 env = xfr->task_nextprobe->env; 6919 if(!env || env->outnet->want_to_quit) { 6920 lock_basic_unlock(&xfr->lock); 6921 return; /* stop on quit */ 6922 } 6923 6924 /* see if zone has expired, and if so, also set auth_zone expired */ 6925 if(xfr->have_zone && !xfr->zone_expired && 6926 *env->now >= xfr->lease_time + xfr->expiry) { 6927 lock_basic_unlock(&xfr->lock); 6928 auth_xfer_set_expired(xfr, env, 1); 6929 lock_basic_lock(&xfr->lock); 6930 } 6931 6932 xfr_nextprobe_disown(xfr); 6933 6934 if(!xfr_start_probe(xfr, env, NULL)) { 6935 /* not started because already in progress */ 6936 lock_basic_unlock(&xfr->lock); 6937 } 6938 } 6939 6940 /** start task_probe if possible, if no masters for probe start task_transfer 6941 * returns true if task has been started, and false if the task is already 6942 * in progress. */ 6943 static int 6944 xfr_start_probe(struct auth_xfer* xfr, struct module_env* env, 6945 struct auth_master* spec) 6946 { 6947 /* see if we need to start a probe (or maybe it is already in 6948 * progress (due to notify)) */ 6949 if(xfr->task_probe->worker == NULL) { 6950 if(!have_probe_targets(xfr->task_probe->masters) && 6951 xfr->task_probe->masters != NULL) 6952 xfr->task_probe->only_lookup = 1; 6953 if(!(xfr->task_probe->only_lookup && 6954 xfr->task_probe->masters != NULL)) { 6955 /* useless to pick up task_probe, no masters to 6956 * probe. Instead attempt to pick up task transfer */ 6957 if(xfr->task_transfer->worker == NULL) { 6958 xfr_start_transfer(xfr, env, spec); 6959 return 1; 6960 } 6961 /* task transfer already in progress */ 6962 return 0; 6963 } 6964 6965 /* pick up the probe task ourselves */ 6966 xfr->task_probe->worker = env->worker; 6967 xfr->task_probe->env = env; 6968 xfr->task_probe->cp = NULL; 6969 6970 /* start the task */ 6971 /* have not seen a new lease yet, this scan */ 6972 xfr->task_probe->have_new_lease = 0; 6973 /* if this was a timeout, no specific first master to scan */ 6974 /* otherwise, spec is nonNULL the notified master, scan 6975 * first and also transfer first from it */ 6976 xfr_probe_start_list(xfr, spec); 6977 /* setup to start the lookup of hostnames of masters afresh */ 6978 xfr_probe_start_lookups(xfr); 6979 /* send the probe packet or next send, or end task */ 6980 xfr_probe_send_or_end(xfr, env); 6981 return 1; 6982 } 6983 return 0; 6984 } 6985 6986 /** for task_nextprobe. 6987 * determine next timeout for auth_xfer. Also (re)sets timer. 6988 * @param xfr: task structure 6989 * @param env: module environment, with worker and time. 6990 * @param failure: set true if timer should be set for failure retry. 6991 * @param lookup_only: only perform lookups when timer done, 0 sec timeout 6992 */ 6993 static void 6994 xfr_set_timeout(struct auth_xfer* xfr, struct module_env* env, 6995 int failure, int lookup_only) 6996 { 6997 struct timeval tv; 6998 log_assert(xfr->task_nextprobe != NULL); 6999 log_assert(xfr->task_nextprobe->worker == NULL || 7000 xfr->task_nextprobe->worker == env->worker); 7001 /* normally, nextprobe = startoflease + refresh, 7002 * but if expiry is sooner, use that one. 7003 * after a failure, use the retry timer instead. */ 7004 xfr->task_nextprobe->next_probe = *env->now; 7005 if(xfr->lease_time && !failure) 7006 xfr->task_nextprobe->next_probe = xfr->lease_time; 7007 7008 if(!failure) { 7009 xfr->task_nextprobe->backoff = 0; 7010 } else { 7011 if(xfr->task_nextprobe->backoff == 0) 7012 xfr->task_nextprobe->backoff = 3; 7013 else xfr->task_nextprobe->backoff *= 2; 7014 if(xfr->task_nextprobe->backoff > AUTH_TRANSFER_MAX_BACKOFF) 7015 xfr->task_nextprobe->backoff = 7016 AUTH_TRANSFER_MAX_BACKOFF; 7017 } 7018 7019 if(xfr->have_zone) { 7020 time_t wait = xfr->refresh; 7021 if(failure) wait = xfr->retry; 7022 if(xfr->expiry < wait) 7023 xfr->task_nextprobe->next_probe += xfr->expiry; 7024 else xfr->task_nextprobe->next_probe += wait; 7025 if(failure) 7026 xfr->task_nextprobe->next_probe += 7027 xfr->task_nextprobe->backoff; 7028 /* put the timer exactly on expiry, if possible */ 7029 if(xfr->lease_time && xfr->lease_time+xfr->expiry < 7030 xfr->task_nextprobe->next_probe && 7031 xfr->lease_time+xfr->expiry > *env->now) 7032 xfr->task_nextprobe->next_probe = 7033 xfr->lease_time+xfr->expiry; 7034 } else { 7035 xfr->task_nextprobe->next_probe += 7036 xfr->task_nextprobe->backoff; 7037 } 7038 7039 if(!xfr->task_nextprobe->timer) { 7040 xfr->task_nextprobe->timer = comm_timer_create( 7041 env->worker_base, auth_xfer_timer, xfr); 7042 if(!xfr->task_nextprobe->timer) { 7043 /* failed to malloc memory. likely zone transfer 7044 * also fails for that. skip the timeout */ 7045 char zname[LDNS_MAX_DOMAINLEN]; 7046 dname_str(xfr->name, zname); 7047 log_err("cannot allocate timer, no refresh for %s", 7048 zname); 7049 return; 7050 } 7051 } 7052 xfr->task_nextprobe->worker = env->worker; 7053 xfr->task_nextprobe->env = env; 7054 if(*(xfr->task_nextprobe->env->now) <= xfr->task_nextprobe->next_probe) 7055 tv.tv_sec = xfr->task_nextprobe->next_probe - 7056 *(xfr->task_nextprobe->env->now); 7057 else tv.tv_sec = 0; 7058 if(tv.tv_sec != 0 && lookup_only && xfr->task_probe->masters) { 7059 /* don't lookup_only, if lookup timeout is 0 anyway, 7060 * or if we don't have masters to lookup */ 7061 tv.tv_sec = 0; 7062 if(xfr->task_probe->worker == NULL) 7063 xfr->task_probe->only_lookup = 1; 7064 } 7065 if(verbosity >= VERB_ALGO) { 7066 char zname[LDNS_MAX_DOMAINLEN]; 7067 dname_str(xfr->name, zname); 7068 verbose(VERB_ALGO, "auth zone %s timeout in %d seconds", 7069 zname, (int)tv.tv_sec); 7070 } 7071 tv.tv_usec = 0; 7072 comm_timer_set(xfr->task_nextprobe->timer, &tv); 7073 } 7074 7075 void auth_zone_pickup_initial_zone(struct auth_zone* z, struct module_env* env) 7076 { 7077 /* Set the time, because we now have timestamp in env, 7078 * (not earlier during startup and apply_cfg), and this 7079 * notes the start time when the data was acquired. */ 7080 z->soa_zone_acquired = *env->now; 7081 } 7082 7083 void auth_xfer_pickup_initial_zone(struct auth_xfer* x, struct module_env* env) 7084 { 7085 /* set lease_time, because we now have timestamp in env, 7086 * (not earlier during startup and apply_cfg), and this 7087 * notes the start time when the data was acquired */ 7088 if(x->have_zone) { 7089 x->lease_time = *env->now; 7090 x->soa_zone_acquired = *env->now; 7091 } 7092 if(x->task_nextprobe && x->task_nextprobe->worker == NULL) { 7093 xfr_set_timeout(x, env, 0, 1); 7094 } 7095 } 7096 7097 /** initial pick up of worker timeouts, ties events to worker event loop */ 7098 void 7099 auth_xfer_pickup_initial(struct auth_zones* az, struct module_env* env) 7100 { 7101 struct auth_xfer* x; 7102 struct auth_zone* z; 7103 lock_rw_wrlock(&az->lock); 7104 RBTREE_FOR(z, struct auth_zone*, &az->ztree) { 7105 lock_rw_wrlock(&z->lock); 7106 auth_zone_pickup_initial_zone(z, env); 7107 lock_rw_unlock(&z->lock); 7108 } 7109 RBTREE_FOR(x, struct auth_xfer*, &az->xtree) { 7110 lock_basic_lock(&x->lock); 7111 auth_xfer_pickup_initial_zone(x, env); 7112 lock_basic_unlock(&x->lock); 7113 } 7114 lock_rw_unlock(&az->lock); 7115 } 7116 7117 void auth_zones_cleanup(struct auth_zones* az) 7118 { 7119 struct auth_xfer* x; 7120 lock_rw_wrlock(&az->lock); 7121 RBTREE_FOR(x, struct auth_xfer*, &az->xtree) { 7122 lock_basic_lock(&x->lock); 7123 if(x->task_nextprobe && x->task_nextprobe->worker != NULL) { 7124 xfr_nextprobe_disown(x); 7125 } 7126 if(x->task_probe && x->task_probe->worker != NULL) { 7127 xfr_probe_disown(x); 7128 } 7129 if(x->task_transfer && x->task_transfer->worker != NULL) { 7130 auth_chunks_delete(x->task_transfer); 7131 xfr_transfer_disown(x); 7132 } 7133 lock_basic_unlock(&x->lock); 7134 } 7135 lock_rw_unlock(&az->lock); 7136 } 7137 7138 /** 7139 * malloc the xfer and tasks 7140 * @param z: auth_zone with name of zone. 7141 */ 7142 static struct auth_xfer* 7143 auth_xfer_new(struct auth_zone* z) 7144 { 7145 struct auth_xfer* xfr; 7146 xfr = (struct auth_xfer*)calloc(1, sizeof(*xfr)); 7147 if(!xfr) return NULL; 7148 xfr->name = memdup(z->name, z->namelen); 7149 if(!xfr->name) { 7150 free(xfr); 7151 return NULL; 7152 } 7153 xfr->node.key = xfr; 7154 xfr->namelen = z->namelen; 7155 xfr->namelabs = z->namelabs; 7156 xfr->dclass = z->dclass; 7157 7158 xfr->task_nextprobe = (struct auth_nextprobe*)calloc(1, 7159 sizeof(struct auth_nextprobe)); 7160 if(!xfr->task_nextprobe) { 7161 free(xfr->name); 7162 free(xfr); 7163 return NULL; 7164 } 7165 xfr->task_probe = (struct auth_probe*)calloc(1, 7166 sizeof(struct auth_probe)); 7167 if(!xfr->task_probe) { 7168 free(xfr->task_nextprobe); 7169 free(xfr->name); 7170 free(xfr); 7171 return NULL; 7172 } 7173 xfr->task_transfer = (struct auth_transfer*)calloc(1, 7174 sizeof(struct auth_transfer)); 7175 if(!xfr->task_transfer) { 7176 free(xfr->task_probe); 7177 free(xfr->task_nextprobe); 7178 free(xfr->name); 7179 free(xfr); 7180 return NULL; 7181 } 7182 7183 lock_basic_init(&xfr->lock); 7184 lock_protect(&xfr->lock, &xfr->name, sizeof(xfr->name)); 7185 lock_protect(&xfr->lock, &xfr->namelen, sizeof(xfr->namelen)); 7186 lock_protect(&xfr->lock, xfr->name, xfr->namelen); 7187 lock_protect(&xfr->lock, &xfr->namelabs, sizeof(xfr->namelabs)); 7188 lock_protect(&xfr->lock, &xfr->dclass, sizeof(xfr->dclass)); 7189 lock_protect(&xfr->lock, &xfr->notify_received, sizeof(xfr->notify_received)); 7190 lock_protect(&xfr->lock, &xfr->notify_serial, sizeof(xfr->notify_serial)); 7191 lock_protect(&xfr->lock, &xfr->zone_expired, sizeof(xfr->zone_expired)); 7192 lock_protect(&xfr->lock, &xfr->have_zone, sizeof(xfr->have_zone)); 7193 lock_protect(&xfr->lock, &xfr->soa_zone_acquired, sizeof(xfr->soa_zone_acquired)); 7194 lock_protect(&xfr->lock, &xfr->serial, sizeof(xfr->serial)); 7195 lock_protect(&xfr->lock, &xfr->retry, sizeof(xfr->retry)); 7196 lock_protect(&xfr->lock, &xfr->refresh, sizeof(xfr->refresh)); 7197 lock_protect(&xfr->lock, &xfr->expiry, sizeof(xfr->expiry)); 7198 lock_protect(&xfr->lock, &xfr->lease_time, sizeof(xfr->lease_time)); 7199 lock_protect(&xfr->lock, &xfr->task_nextprobe->worker, 7200 sizeof(xfr->task_nextprobe->worker)); 7201 lock_protect(&xfr->lock, &xfr->task_probe->worker, 7202 sizeof(xfr->task_probe->worker)); 7203 lock_protect(&xfr->lock, &xfr->task_transfer->worker, 7204 sizeof(xfr->task_transfer->worker)); 7205 lock_basic_lock(&xfr->lock); 7206 return xfr; 7207 } 7208 7209 /** Create auth_xfer structure. 7210 * This populates the have_zone, soa values, and so on times. 7211 * and sets the timeout, if a zone transfer is needed a short timeout is set. 7212 * For that the auth_zone itself must exist (and read in zonefile) 7213 * returns false on alloc failure. */ 7214 struct auth_xfer* 7215 auth_xfer_create(struct auth_zones* az, struct auth_zone* z) 7216 { 7217 struct auth_xfer* xfr; 7218 7219 /* malloc it */ 7220 xfr = auth_xfer_new(z); 7221 if(!xfr) { 7222 log_err("malloc failure"); 7223 return NULL; 7224 } 7225 /* insert in tree */ 7226 (void)rbtree_insert(&az->xtree, &xfr->node); 7227 return xfr; 7228 } 7229 7230 /** create new auth_master structure */ 7231 static struct auth_master* 7232 auth_master_new(struct auth_master*** list) 7233 { 7234 struct auth_master *m; 7235 m = (struct auth_master*)calloc(1, sizeof(*m)); 7236 if(!m) { 7237 log_err("malloc failure"); 7238 return NULL; 7239 } 7240 /* set first pointer to m, or next pointer of previous element to m */ 7241 (**list) = m; 7242 /* store m's next pointer as future point to store at */ 7243 (*list) = &(m->next); 7244 return m; 7245 } 7246 7247 /** dup_prefix : create string from initial part of other string, malloced */ 7248 static char* 7249 dup_prefix(char* str, size_t num) 7250 { 7251 char* result; 7252 size_t len = strlen(str); 7253 if(len < num) num = len; /* not more than strlen */ 7254 result = (char*)malloc(num+1); 7255 if(!result) { 7256 log_err("malloc failure"); 7257 return result; 7258 } 7259 memmove(result, str, num); 7260 result[num] = 0; 7261 return result; 7262 } 7263 7264 /** dup string and print error on error */ 7265 static char* 7266 dup_all(char* str) 7267 { 7268 char* result = strdup(str); 7269 if(!result) { 7270 log_err("malloc failure"); 7271 return NULL; 7272 } 7273 return result; 7274 } 7275 7276 /** find first of two characters */ 7277 static char* 7278 str_find_first_of_chars(char* s, char a, char b) 7279 { 7280 char* ra = strchr(s, a); 7281 char* rb = strchr(s, b); 7282 if(!ra) return rb; 7283 if(!rb) return ra; 7284 if(ra < rb) return ra; 7285 return rb; 7286 } 7287 7288 /** parse URL into host and file parts, false on malloc or parse error */ 7289 static int 7290 parse_url(char* url, char** host, char** file, int* port, int* ssl) 7291 { 7292 char* p = url; 7293 /* parse http://www.example.com/file.htm 7294 * or http://127.0.0.1 (index.html) 7295 * or https://[::1@1234]/a/b/c/d */ 7296 *ssl = 1; 7297 *port = AUTH_HTTPS_PORT; 7298 7299 /* parse http:// or https:// */ 7300 if(strncmp(p, "http://", 7) == 0) { 7301 p += 7; 7302 *ssl = 0; 7303 *port = AUTH_HTTP_PORT; 7304 } else if(strncmp(p, "https://", 8) == 0) { 7305 p += 8; 7306 } else if(strstr(p, "://") && strchr(p, '/') > strstr(p, "://") && 7307 strchr(p, ':') >= strstr(p, "://")) { 7308 char* uri = dup_prefix(p, (size_t)(strstr(p, "://")-p)); 7309 log_err("protocol %s:// not supported (for url %s)", 7310 uri?uri:"", p); 7311 free(uri); 7312 return 0; 7313 } 7314 7315 /* parse hostname part */ 7316 if(p[0] == '[') { 7317 char* end = strchr(p, ']'); 7318 p++; /* skip over [ */ 7319 if(end) { 7320 *host = dup_prefix(p, (size_t)(end-p)); 7321 if(!*host) return 0; 7322 p = end+1; /* skip over ] */ 7323 } else { 7324 *host = dup_all(p); 7325 if(!*host) return 0; 7326 p = end; 7327 } 7328 } else { 7329 char* end = str_find_first_of_chars(p, ':', '/'); 7330 if(end) { 7331 *host = dup_prefix(p, (size_t)(end-p)); 7332 if(!*host) return 0; 7333 } else { 7334 *host = dup_all(p); 7335 if(!*host) return 0; 7336 } 7337 p = end; /* at next : or / or NULL */ 7338 } 7339 7340 /* parse port number */ 7341 if(p && p[0] == ':') { 7342 char* end = NULL; 7343 *port = strtol(p+1, &end, 10); 7344 p = end; 7345 } 7346 7347 /* parse filename part */ 7348 while(p && *p == '/') 7349 p++; 7350 if(!p || p[0] == 0) 7351 *file = strdup("/"); 7352 else *file = strdup(p); 7353 if(!*file) { 7354 log_err("malloc failure"); 7355 return 0; 7356 } 7357 return 1; 7358 } 7359 7360 int 7361 xfer_set_masters(struct auth_master** list, struct config_auth* c, 7362 int with_http) 7363 { 7364 struct auth_master* m; 7365 struct config_strlist* p; 7366 /* list points to the first, or next pointer for the new element */ 7367 while(*list) { 7368 list = &( (*list)->next ); 7369 } 7370 if(with_http) 7371 for(p = c->urls; p; p = p->next) { 7372 m = auth_master_new(&list); 7373 if(!m) return 0; 7374 m->http = 1; 7375 if(!parse_url(p->str, &m->host, &m->file, &m->port, &m->ssl)) 7376 return 0; 7377 } 7378 for(p = c->masters; p; p = p->next) { 7379 m = auth_master_new(&list); 7380 if(!m) return 0; 7381 m->ixfr = 1; /* this flag is not configurable */ 7382 m->host = strdup(p->str); 7383 if(!m->host) { 7384 log_err("malloc failure"); 7385 return 0; 7386 } 7387 } 7388 for(p = c->allow_notify; p; p = p->next) { 7389 m = auth_master_new(&list); 7390 if(!m) return 0; 7391 m->allow_notify = 1; 7392 m->host = strdup(p->str); 7393 if(!m->host) { 7394 log_err("malloc failure"); 7395 return 0; 7396 } 7397 } 7398 return 1; 7399 } 7400 7401 #define SERIAL_BITS 32 7402 int 7403 compare_serial(uint32_t a, uint32_t b) 7404 { 7405 const uint32_t cutoff = ((uint32_t) 1 << (SERIAL_BITS - 1)); 7406 7407 if (a == b) { 7408 return 0; 7409 } else if ((a < b && b - a < cutoff) || (a > b && a - b > cutoff)) { 7410 return -1; 7411 } else { 7412 return 1; 7413 } 7414 } 7415 7416 int zonemd_hashalgo_supported(int hashalgo) 7417 { 7418 if(hashalgo == ZONEMD_ALGO_SHA384) return 1; 7419 if(hashalgo == ZONEMD_ALGO_SHA512) return 1; 7420 return 0; 7421 } 7422 7423 int zonemd_scheme_supported(int scheme) 7424 { 7425 if(scheme == ZONEMD_SCHEME_SIMPLE) return 1; 7426 return 0; 7427 } 7428 7429 /** initialize hash for hashing with zonemd hash algo */ 7430 static struct secalgo_hash* zonemd_digest_init(int hashalgo, char** reason) 7431 { 7432 struct secalgo_hash *h; 7433 if(hashalgo == ZONEMD_ALGO_SHA384) { 7434 /* sha384 */ 7435 h = secalgo_hash_create_sha384(); 7436 if(!h) 7437 *reason = "digest sha384 could not be created"; 7438 return h; 7439 } else if(hashalgo == ZONEMD_ALGO_SHA512) { 7440 /* sha512 */ 7441 h = secalgo_hash_create_sha512(); 7442 if(!h) 7443 *reason = "digest sha512 could not be created"; 7444 return h; 7445 } 7446 /* unknown hash algo */ 7447 *reason = "unsupported algorithm"; 7448 return NULL; 7449 } 7450 7451 /** update the hash for zonemd */ 7452 static int zonemd_digest_update(int hashalgo, struct secalgo_hash* h, 7453 uint8_t* data, size_t len, char** reason) 7454 { 7455 if(hashalgo == ZONEMD_ALGO_SHA384) { 7456 if(!secalgo_hash_update(h, data, len)) { 7457 *reason = "digest sha384 failed"; 7458 return 0; 7459 } 7460 return 1; 7461 } else if(hashalgo == ZONEMD_ALGO_SHA512) { 7462 if(!secalgo_hash_update(h, data, len)) { 7463 *reason = "digest sha512 failed"; 7464 return 0; 7465 } 7466 return 1; 7467 } 7468 /* unknown hash algo */ 7469 *reason = "unsupported algorithm"; 7470 return 0; 7471 } 7472 7473 /** finish the hash for zonemd */ 7474 static int zonemd_digest_finish(int hashalgo, struct secalgo_hash* h, 7475 uint8_t* result, size_t hashlen, size_t* resultlen, char** reason) 7476 { 7477 if(hashalgo == ZONEMD_ALGO_SHA384) { 7478 if(hashlen < 384/8) { 7479 *reason = "digest buffer too small for sha384"; 7480 return 0; 7481 } 7482 if(!secalgo_hash_final(h, result, hashlen, resultlen)) { 7483 *reason = "digest sha384 finish failed"; 7484 return 0; 7485 } 7486 return 1; 7487 } else if(hashalgo == ZONEMD_ALGO_SHA512) { 7488 if(hashlen < 512/8) { 7489 *reason = "digest buffer too small for sha512"; 7490 return 0; 7491 } 7492 if(!secalgo_hash_final(h, result, hashlen, resultlen)) { 7493 *reason = "digest sha512 finish failed"; 7494 return 0; 7495 } 7496 return 1; 7497 } 7498 /* unknown algo */ 7499 *reason = "unsupported algorithm"; 7500 return 0; 7501 } 7502 7503 /** add rrsets from node to the list */ 7504 static size_t authdata_rrsets_to_list(struct auth_rrset** array, 7505 size_t arraysize, struct auth_rrset* first) 7506 { 7507 struct auth_rrset* rrset = first; 7508 size_t num = 0; 7509 while(rrset) { 7510 if(num >= arraysize) 7511 return num; 7512 array[num] = rrset; 7513 num++; 7514 rrset = rrset->next; 7515 } 7516 return num; 7517 } 7518 7519 /** compare rr list entries */ 7520 static int rrlist_compare(const void* arg1, const void* arg2) 7521 { 7522 struct auth_rrset* r1 = *(struct auth_rrset**)arg1; 7523 struct auth_rrset* r2 = *(struct auth_rrset**)arg2; 7524 uint16_t t1, t2; 7525 if(r1 == NULL) t1 = LDNS_RR_TYPE_RRSIG; 7526 else t1 = r1->type; 7527 if(r2 == NULL) t2 = LDNS_RR_TYPE_RRSIG; 7528 else t2 = r2->type; 7529 if(t1 < t2) 7530 return -1; 7531 if(t1 > t2) 7532 return 1; 7533 return 0; 7534 } 7535 7536 /** add type RRSIG to rr list if not one there already, 7537 * this is to perform RRSIG collate processing at that point. */ 7538 static void addrrsigtype_if_needed(struct auth_rrset** array, 7539 size_t arraysize, size_t* rrnum, struct auth_data* node) 7540 { 7541 if(az_domain_rrset(node, LDNS_RR_TYPE_RRSIG)) 7542 return; /* already one there */ 7543 if((*rrnum) >= arraysize) 7544 return; /* array too small? */ 7545 array[*rrnum] = NULL; /* nothing there, but need entry in list */ 7546 (*rrnum)++; 7547 } 7548 7549 /** collate the RRs in an RRset using the simple scheme */ 7550 static int zonemd_simple_rrset(struct auth_zone* z, int hashalgo, 7551 struct secalgo_hash* h, struct auth_data* node, 7552 struct auth_rrset* rrset, struct regional* region, 7553 struct sldns_buffer* buf, char** reason) 7554 { 7555 /* canonicalize */ 7556 struct ub_packed_rrset_key key; 7557 memset(&key, 0, sizeof(key)); 7558 key.entry.key = &key; 7559 key.entry.data = rrset->data; 7560 key.rk.dname = node->name; 7561 key.rk.dname_len = node->namelen; 7562 key.rk.type = htons(rrset->type); 7563 key.rk.rrset_class = htons(z->dclass); 7564 if(!rrset_canonicalize_to_buffer(region, buf, &key)) { 7565 *reason = "out of memory"; 7566 return 0; 7567 } 7568 regional_free_all(region); 7569 7570 /* hash */ 7571 if(!zonemd_digest_update(hashalgo, h, sldns_buffer_begin(buf), 7572 sldns_buffer_limit(buf), reason)) { 7573 return 0; 7574 } 7575 return 1; 7576 } 7577 7578 /** count number of RRSIGs in a domain name rrset list */ 7579 static size_t zonemd_simple_count_rrsig(struct auth_rrset* rrset, 7580 struct auth_rrset** rrlist, size_t rrnum, 7581 struct auth_zone* z, struct auth_data* node) 7582 { 7583 size_t i, count = 0; 7584 if(rrset) { 7585 size_t j; 7586 for(j = 0; j<rrset->data->count; j++) { 7587 if(rrsig_rdata_get_type_covered(rrset->data-> 7588 rr_data[j], rrset->data->rr_len[j]) == 7589 LDNS_RR_TYPE_ZONEMD && 7590 query_dname_compare(z->name, node->name)==0) { 7591 /* omit RRSIGs over type ZONEMD at apex */ 7592 continue; 7593 } 7594 count++; 7595 } 7596 } 7597 for(i=0; i<rrnum; i++) { 7598 if(rrlist[i] && rrlist[i]->type == LDNS_RR_TYPE_ZONEMD && 7599 query_dname_compare(z->name, node->name)==0) { 7600 /* omit RRSIGs over type ZONEMD at apex */ 7601 continue; 7602 } 7603 count += (rrlist[i]?rrlist[i]->data->rrsig_count:0); 7604 } 7605 return count; 7606 } 7607 7608 /** allocate sparse rrset data for the number of entries in tepm region */ 7609 static int zonemd_simple_rrsig_allocs(struct regional* region, 7610 struct packed_rrset_data* data, size_t count) 7611 { 7612 data->rr_len = regional_alloc(region, sizeof(*data->rr_len) * count); 7613 if(!data->rr_len) { 7614 return 0; 7615 } 7616 data->rr_ttl = regional_alloc(region, sizeof(*data->rr_ttl) * count); 7617 if(!data->rr_ttl) { 7618 return 0; 7619 } 7620 data->rr_data = regional_alloc(region, sizeof(*data->rr_data) * count); 7621 if(!data->rr_data) { 7622 return 0; 7623 } 7624 return 1; 7625 } 7626 7627 /** add the RRSIGs from the rrs in the domain into the data */ 7628 static void add_rrlist_rrsigs_into_data(struct packed_rrset_data* data, 7629 size_t* done, struct auth_rrset** rrlist, size_t rrnum, 7630 struct auth_zone* z, struct auth_data* node) 7631 { 7632 size_t i; 7633 for(i=0; i<rrnum; i++) { 7634 size_t j; 7635 if(!rrlist[i]) 7636 continue; 7637 if(rrlist[i]->type == LDNS_RR_TYPE_ZONEMD && 7638 query_dname_compare(z->name, node->name)==0) { 7639 /* omit RRSIGs over type ZONEMD at apex */ 7640 continue; 7641 } 7642 for(j = 0; j<rrlist[i]->data->rrsig_count; j++) { 7643 data->rr_len[*done] = rrlist[i]->data->rr_len[rrlist[i]->data->count + j]; 7644 data->rr_ttl[*done] = rrlist[i]->data->rr_ttl[rrlist[i]->data->count + j]; 7645 /* reference the rdata in the rrset, no need to 7646 * copy it, it is no longer needed at the end of 7647 * the routine */ 7648 data->rr_data[*done] = rrlist[i]->data->rr_data[rrlist[i]->data->count + j]; 7649 (*done)++; 7650 } 7651 } 7652 } 7653 7654 static void add_rrset_into_data(struct packed_rrset_data* data, 7655 size_t* done, struct auth_rrset* rrset, 7656 struct auth_zone* z, struct auth_data* node) 7657 { 7658 if(rrset) { 7659 size_t j; 7660 for(j = 0; j<rrset->data->count; j++) { 7661 if(rrsig_rdata_get_type_covered(rrset->data-> 7662 rr_data[j], rrset->data->rr_len[j]) == 7663 LDNS_RR_TYPE_ZONEMD && 7664 query_dname_compare(z->name, node->name)==0) { 7665 /* omit RRSIGs over type ZONEMD at apex */ 7666 continue; 7667 } 7668 data->rr_len[*done] = rrset->data->rr_len[j]; 7669 data->rr_ttl[*done] = rrset->data->rr_ttl[j]; 7670 /* reference the rdata in the rrset, no need to 7671 * copy it, it is no longer need at the end of 7672 * the routine */ 7673 data->rr_data[*done] = rrset->data->rr_data[j]; 7674 (*done)++; 7675 } 7676 } 7677 } 7678 7679 /** collate the RRSIGs using the simple scheme */ 7680 static int zonemd_simple_rrsig(struct auth_zone* z, int hashalgo, 7681 struct secalgo_hash* h, struct auth_data* node, 7682 struct auth_rrset* rrset, struct auth_rrset** rrlist, size_t rrnum, 7683 struct regional* region, struct sldns_buffer* buf, char** reason) 7684 { 7685 /* the rrset pointer can be NULL, this means it is type RRSIG and 7686 * there is no ordinary type RRSIG there. The RRSIGs are stored 7687 * with the RRsets in their data. 7688 * 7689 * The RRset pointer can be nonNULL. This happens if there is 7690 * no RR that is covered by the RRSIG for the domain. Then this 7691 * RRSIG RR is stored in an rrset of type RRSIG. The other RRSIGs 7692 * are stored in the rrset entries for the RRs in the rr list for 7693 * the domain node. We need to collate the rrset's data, if any, and 7694 * the rrlist's rrsigs */ 7695 /* if this is the apex, omit RRSIGs that cover type ZONEMD */ 7696 /* build rrsig rrset */ 7697 size_t done = 0; 7698 struct ub_packed_rrset_key key; 7699 struct packed_rrset_data data; 7700 memset(&key, 0, sizeof(key)); 7701 memset(&data, 0, sizeof(data)); 7702 key.entry.key = &key; 7703 key.entry.data = &data; 7704 key.rk.dname = node->name; 7705 key.rk.dname_len = node->namelen; 7706 key.rk.type = htons(LDNS_RR_TYPE_RRSIG); 7707 key.rk.rrset_class = htons(z->dclass); 7708 data.count = zonemd_simple_count_rrsig(rrset, rrlist, rrnum, z, node); 7709 if(!zonemd_simple_rrsig_allocs(region, &data, data.count)) { 7710 *reason = "out of memory"; 7711 regional_free_all(region); 7712 return 0; 7713 } 7714 /* all the RRSIGs stored in the other rrsets for this domain node */ 7715 add_rrlist_rrsigs_into_data(&data, &done, rrlist, rrnum, z, node); 7716 /* plus the RRSIGs stored in an rrset of type RRSIG for this node */ 7717 add_rrset_into_data(&data, &done, rrset, z, node); 7718 7719 /* canonicalize */ 7720 if(!rrset_canonicalize_to_buffer(region, buf, &key)) { 7721 *reason = "out of memory"; 7722 regional_free_all(region); 7723 return 0; 7724 } 7725 regional_free_all(region); 7726 7727 /* hash */ 7728 if(!zonemd_digest_update(hashalgo, h, sldns_buffer_begin(buf), 7729 sldns_buffer_limit(buf), reason)) { 7730 return 0; 7731 } 7732 return 1; 7733 } 7734 7735 /** collate a domain's rrsets using the simple scheme */ 7736 static int zonemd_simple_domain(struct auth_zone* z, int hashalgo, 7737 struct secalgo_hash* h, struct auth_data* node, 7738 struct regional* region, struct sldns_buffer* buf, char** reason) 7739 { 7740 #define rrlistsize 65536 7741 struct auth_rrset* rrlist[rrlistsize]; 7742 size_t i, rrnum = 0; 7743 /* see if the domain is out of scope, the zone origin, 7744 * that would be omitted */ 7745 if(!dname_subdomain_c(node->name, z->name)) 7746 return 1; /* continue */ 7747 /* loop over the rrsets in ascending order. */ 7748 rrnum = authdata_rrsets_to_list(rrlist, rrlistsize, node->rrsets); 7749 addrrsigtype_if_needed(rrlist, rrlistsize, &rrnum, node); 7750 qsort(rrlist, rrnum, sizeof(*rrlist), rrlist_compare); 7751 for(i=0; i<rrnum; i++) { 7752 if(rrlist[i] && rrlist[i]->type == LDNS_RR_TYPE_ZONEMD && 7753 query_dname_compare(z->name, node->name) == 0) { 7754 /* omit type ZONEMD at apex */ 7755 continue; 7756 } 7757 if(rrlist[i] == NULL || rrlist[i]->type == 7758 LDNS_RR_TYPE_RRSIG) { 7759 if(!zonemd_simple_rrsig(z, hashalgo, h, node, 7760 rrlist[i], rrlist, rrnum, region, buf, reason)) 7761 return 0; 7762 } else if(!zonemd_simple_rrset(z, hashalgo, h, node, 7763 rrlist[i], region, buf, reason)) { 7764 return 0; 7765 } 7766 } 7767 return 1; 7768 } 7769 7770 /** collate the zone using the simple scheme */ 7771 static int zonemd_simple_collate(struct auth_zone* z, int hashalgo, 7772 struct secalgo_hash* h, struct regional* region, 7773 struct sldns_buffer* buf, char** reason) 7774 { 7775 /* our tree is sorted in canonical order, so we can just loop over 7776 * the tree */ 7777 struct auth_data* n; 7778 RBTREE_FOR(n, struct auth_data*, &z->data) { 7779 if(!zonemd_simple_domain(z, hashalgo, h, n, region, buf, 7780 reason)) 7781 return 0; 7782 } 7783 return 1; 7784 } 7785 7786 int auth_zone_generate_zonemd_hash(struct auth_zone* z, int scheme, 7787 int hashalgo, uint8_t* hash, size_t hashlen, size_t* resultlen, 7788 struct regional* region, struct sldns_buffer* buf, char** reason) 7789 { 7790 struct secalgo_hash* h = zonemd_digest_init(hashalgo, reason); 7791 if(!h) { 7792 if(!*reason) 7793 *reason = "digest init fail"; 7794 return 0; 7795 } 7796 if(scheme == ZONEMD_SCHEME_SIMPLE) { 7797 if(!zonemd_simple_collate(z, hashalgo, h, region, buf, reason)) { 7798 if(!*reason) *reason = "scheme simple collate fail"; 7799 secalgo_hash_delete(h); 7800 return 0; 7801 } 7802 } 7803 if(!zonemd_digest_finish(hashalgo, h, hash, hashlen, resultlen, 7804 reason)) { 7805 secalgo_hash_delete(h); 7806 *reason = "digest finish fail"; 7807 return 0; 7808 } 7809 secalgo_hash_delete(h); 7810 return 1; 7811 } 7812 7813 int auth_zone_generate_zonemd_check(struct auth_zone* z, int scheme, 7814 int hashalgo, uint8_t* hash, size_t hashlen, struct regional* region, 7815 struct sldns_buffer* buf, char** reason) 7816 { 7817 uint8_t gen[512]; 7818 size_t genlen = 0; 7819 *reason = NULL; 7820 if(!zonemd_hashalgo_supported(hashalgo)) { 7821 /* allow it */ 7822 *reason = "unsupported algorithm"; 7823 return 1; 7824 } 7825 if(!zonemd_scheme_supported(scheme)) { 7826 /* allow it */ 7827 *reason = "unsupported scheme"; 7828 return 1; 7829 } 7830 if(hashlen < 12) { 7831 /* the ZONEMD draft requires digests to fail if too small */ 7832 *reason = "digest length too small, less than 12"; 7833 return 0; 7834 } 7835 /* generate digest */ 7836 if(!auth_zone_generate_zonemd_hash(z, scheme, hashalgo, gen, 7837 sizeof(gen), &genlen, region, buf, reason)) { 7838 /* reason filled in by zonemd hash routine */ 7839 return 0; 7840 } 7841 /* check digest length */ 7842 if(hashlen != genlen) { 7843 *reason = "incorrect digest length"; 7844 if(verbosity >= VERB_ALGO) { 7845 verbose(VERB_ALGO, "zonemd scheme=%d hashalgo=%d", 7846 scheme, hashalgo); 7847 log_hex("ZONEMD should be ", gen, genlen); 7848 log_hex("ZONEMD to check is", hash, hashlen); 7849 } 7850 return 0; 7851 } 7852 /* check digest */ 7853 if(memcmp(hash, gen, genlen) != 0) { 7854 *reason = "incorrect digest"; 7855 if(verbosity >= VERB_ALGO) { 7856 verbose(VERB_ALGO, "zonemd scheme=%d hashalgo=%d", 7857 scheme, hashalgo); 7858 log_hex("ZONEMD should be ", gen, genlen); 7859 log_hex("ZONEMD to check is", hash, hashlen); 7860 } 7861 return 0; 7862 } 7863 return 1; 7864 } 7865 7866 /** log auth zone message with zone name in front. */ 7867 static void auth_zone_log(uint8_t* name, enum verbosity_value level, 7868 const char* format, ...) ATTR_FORMAT(printf, 3, 4); 7869 static void auth_zone_log(uint8_t* name, enum verbosity_value level, 7870 const char* format, ...) 7871 { 7872 va_list args; 7873 va_start(args, format); 7874 if(verbosity >= level) { 7875 char str[LDNS_MAX_DOMAINLEN]; 7876 char msg[MAXSYSLOGMSGLEN]; 7877 dname_str(name, str); 7878 vsnprintf(msg, sizeof(msg), format, args); 7879 verbose(level, "auth zone %s %s", str, msg); 7880 } 7881 va_end(args); 7882 } 7883 7884 /** ZONEMD, dnssec verify the rrset with the dnskey */ 7885 static int zonemd_dnssec_verify_rrset(struct auth_zone* z, 7886 struct module_env* env, struct module_stack* mods, 7887 struct ub_packed_rrset_key* dnskey, struct auth_data* node, 7888 struct auth_rrset* rrset, char** why_bogus, uint8_t* sigalg, 7889 char* reasonbuf, size_t reasonlen) 7890 { 7891 struct ub_packed_rrset_key pk; 7892 enum sec_status sec; 7893 struct val_env* ve; 7894 int m; 7895 int verified = 0; 7896 m = modstack_find(mods, "validator"); 7897 if(m == -1) { 7898 auth_zone_log(z->name, VERB_ALGO, "zonemd dnssec verify: have " 7899 "DNSKEY chain of trust, but no validator module"); 7900 return 0; 7901 } 7902 ve = (struct val_env*)env->modinfo[m]; 7903 7904 memset(&pk, 0, sizeof(pk)); 7905 pk.entry.key = &pk; 7906 pk.entry.data = rrset->data; 7907 pk.rk.dname = node->name; 7908 pk.rk.dname_len = node->namelen; 7909 pk.rk.type = htons(rrset->type); 7910 pk.rk.rrset_class = htons(z->dclass); 7911 if(verbosity >= VERB_ALGO) { 7912 char typestr[32]; 7913 typestr[0]=0; 7914 sldns_wire2str_type_buf(rrset->type, typestr, sizeof(typestr)); 7915 auth_zone_log(z->name, VERB_ALGO, 7916 "zonemd: verify %s RRset with DNSKEY", typestr); 7917 } 7918 sec = dnskeyset_verify_rrset(env, ve, &pk, dnskey, sigalg, why_bogus, NULL, 7919 LDNS_SECTION_ANSWER, NULL, &verified, reasonbuf, reasonlen); 7920 if(sec == sec_status_secure) { 7921 return 1; 7922 } 7923 if(why_bogus) 7924 auth_zone_log(z->name, VERB_ALGO, "DNSSEC verify was bogus: %s", *why_bogus); 7925 return 0; 7926 } 7927 7928 /** check for nsec3, the RR with params equal, if bitmap has the type */ 7929 static int nsec3_of_param_has_type(struct auth_rrset* nsec3, int algo, 7930 size_t iter, uint8_t* salt, size_t saltlen, uint16_t rrtype) 7931 { 7932 int i, count = (int)nsec3->data->count; 7933 struct ub_packed_rrset_key pk; 7934 memset(&pk, 0, sizeof(pk)); 7935 pk.entry.data = nsec3->data; 7936 for(i=0; i<count; i++) { 7937 int rralgo; 7938 size_t rriter, rrsaltlen; 7939 uint8_t* rrsalt; 7940 if(!nsec3_get_params(&pk, i, &rralgo, &rriter, &rrsalt, 7941 &rrsaltlen)) 7942 continue; /* no parameters, malformed */ 7943 if(rralgo != algo || rriter != iter || rrsaltlen != saltlen) 7944 continue; /* different parameters */ 7945 if(saltlen != 0) { 7946 if(rrsalt == NULL || salt == NULL) 7947 continue; 7948 if(memcmp(rrsalt, salt, saltlen) != 0) 7949 continue; /* different salt parameters */ 7950 } 7951 if(nsec3_has_type(&pk, i, rrtype)) 7952 return 1; 7953 } 7954 return 0; 7955 } 7956 7957 /** Verify the absence of ZONEMD with DNSSEC by checking NSEC, NSEC3 type flag. 7958 * return false on failure, reason contains description of failure. */ 7959 static int zonemd_check_dnssec_absence(struct auth_zone* z, 7960 struct module_env* env, struct module_stack* mods, 7961 struct ub_packed_rrset_key* dnskey, struct auth_data* apex, 7962 char** reason, char** why_bogus, uint8_t* sigalg, char* reasonbuf, 7963 size_t reasonlen) 7964 { 7965 struct auth_rrset* nsec = NULL; 7966 if(!apex) { 7967 *reason = "zone has no apex domain but ZONEMD missing"; 7968 return 0; 7969 } 7970 nsec = az_domain_rrset(apex, LDNS_RR_TYPE_NSEC); 7971 if(nsec) { 7972 struct ub_packed_rrset_key pk; 7973 /* dnssec verify the NSEC */ 7974 if(!zonemd_dnssec_verify_rrset(z, env, mods, dnskey, apex, 7975 nsec, why_bogus, sigalg, reasonbuf, reasonlen)) { 7976 *reason = "DNSSEC verify failed for NSEC RRset"; 7977 return 0; 7978 } 7979 /* check type bitmap */ 7980 memset(&pk, 0, sizeof(pk)); 7981 pk.entry.data = nsec->data; 7982 if(nsec_has_type(&pk, LDNS_RR_TYPE_ZONEMD)) { 7983 *reason = "DNSSEC NSEC bitmap says type ZONEMD exists"; 7984 return 0; 7985 } 7986 auth_zone_log(z->name, VERB_ALGO, "zonemd DNSSEC NSEC verification of absence of ZONEMD secure"); 7987 } else { 7988 /* NSEC3 perhaps ? */ 7989 int algo; 7990 size_t iter, saltlen; 7991 uint8_t* salt; 7992 struct auth_rrset* nsec3param = az_domain_rrset(apex, 7993 LDNS_RR_TYPE_NSEC3PARAM); 7994 struct auth_data* match; 7995 struct auth_rrset* nsec3; 7996 if(!nsec3param) { 7997 *reason = "zone has no NSEC information but ZONEMD missing"; 7998 return 0; 7999 } 8000 if(!az_nsec3_param(z, &algo, &iter, &salt, &saltlen)) { 8001 *reason = "zone has no NSEC information but ZONEMD missing"; 8002 return 0; 8003 } 8004 /* find the NSEC3 record */ 8005 match = az_nsec3_find_exact(z, z->name, z->namelen, algo, 8006 iter, salt, saltlen); 8007 if(!match) { 8008 *reason = "zone has no NSEC3 domain for the apex but ZONEMD missing"; 8009 return 0; 8010 } 8011 nsec3 = az_domain_rrset(match, LDNS_RR_TYPE_NSEC3); 8012 if(!nsec3) { 8013 *reason = "zone has no NSEC3 RRset for the apex but ZONEMD missing"; 8014 return 0; 8015 } 8016 /* dnssec verify the NSEC3 */ 8017 if(!zonemd_dnssec_verify_rrset(z, env, mods, dnskey, match, 8018 nsec3, why_bogus, sigalg, reasonbuf, reasonlen)) { 8019 *reason = "DNSSEC verify failed for NSEC3 RRset"; 8020 return 0; 8021 } 8022 /* check type bitmap */ 8023 if(nsec3_of_param_has_type(nsec3, algo, iter, salt, saltlen, 8024 LDNS_RR_TYPE_ZONEMD)) { 8025 *reason = "DNSSEC NSEC3 bitmap says type ZONEMD exists"; 8026 return 0; 8027 } 8028 auth_zone_log(z->name, VERB_ALGO, "zonemd DNSSEC NSEC3 verification of absence of ZONEMD secure"); 8029 } 8030 8031 return 1; 8032 } 8033 8034 /** Verify the SOA and ZONEMD DNSSEC signatures. 8035 * return false on failure, reason contains description of failure. */ 8036 static int zonemd_check_dnssec_soazonemd(struct auth_zone* z, 8037 struct module_env* env, struct module_stack* mods, 8038 struct ub_packed_rrset_key* dnskey, struct auth_data* apex, 8039 struct auth_rrset* zonemd_rrset, char** reason, char** why_bogus, 8040 uint8_t* sigalg, char* reasonbuf, size_t reasonlen) 8041 { 8042 struct auth_rrset* soa; 8043 if(!apex) { 8044 *reason = "zone has no apex domain"; 8045 return 0; 8046 } 8047 soa = az_domain_rrset(apex, LDNS_RR_TYPE_SOA); 8048 if(!soa) { 8049 *reason = "zone has no SOA RRset"; 8050 return 0; 8051 } 8052 if(!zonemd_dnssec_verify_rrset(z, env, mods, dnskey, apex, soa, 8053 why_bogus, sigalg, reasonbuf, reasonlen)) { 8054 *reason = "DNSSEC verify failed for SOA RRset"; 8055 return 0; 8056 } 8057 if(!zonemd_dnssec_verify_rrset(z, env, mods, dnskey, apex, 8058 zonemd_rrset, why_bogus, sigalg, reasonbuf, reasonlen)) { 8059 *reason = "DNSSEC verify failed for ZONEMD RRset"; 8060 return 0; 8061 } 8062 auth_zone_log(z->name, VERB_ALGO, "zonemd DNSSEC verification of SOA and ZONEMD RRsets secure"); 8063 return 1; 8064 } 8065 8066 /** 8067 * Fail the ZONEMD verification. 8068 * @param z: auth zone that fails. 8069 * @param env: environment with config, to ignore failure or not. 8070 * @param reason: failure string description. 8071 * @param why_bogus: failure string for DNSSEC verification failure. 8072 * @param result: strdup result in here if not NULL. 8073 */ 8074 static void auth_zone_zonemd_fail(struct auth_zone* z, struct module_env* env, 8075 char* reason, char* why_bogus, char** result) 8076 { 8077 char zstr[LDNS_MAX_DOMAINLEN]; 8078 /* if fail: log reason, and depending on config also take action 8079 * and drop the zone, eg. it is gone from memory, set zone_expired */ 8080 dname_str(z->name, zstr); 8081 if(!reason) reason = "verification failed"; 8082 if(result) { 8083 if(why_bogus) { 8084 char res[1024]; 8085 snprintf(res, sizeof(res), "%s: %s", reason, 8086 why_bogus); 8087 *result = strdup(res); 8088 } else { 8089 *result = strdup(reason); 8090 } 8091 if(!*result) log_err("out of memory"); 8092 } else { 8093 log_warn("auth zone %s: ZONEMD verification failed: %s", zstr, reason); 8094 } 8095 8096 if(env->cfg->zonemd_permissive_mode) { 8097 verbose(VERB_ALGO, "zonemd-permissive-mode enabled, " 8098 "not blocking zone %s", zstr); 8099 return; 8100 } 8101 8102 /* expired means the zone gives servfail and is not used by 8103 * lookup if fallback_enabled*/ 8104 z->zone_expired = 1; 8105 } 8106 8107 /** 8108 * Verify the zonemd with DNSSEC and hash check, with given key. 8109 * @param z: auth zone. 8110 * @param env: environment with config and temp buffers. 8111 * @param mods: module stack with validator env for verification. 8112 * @param dnskey: dnskey that we can use, or NULL. If nonnull, the key 8113 * has been verified and is the start of the chain of trust. 8114 * @param is_insecure: if true, the dnskey is not used, the zone is insecure. 8115 * And dnssec is not used. It is DNSSEC secure insecure or not under 8116 * a trust anchor. 8117 * @param sigalg: if nonNULL provide algorithm downgrade protection. 8118 * Otherwise one algorithm is enough. Must have space of ALGO_NEEDS_MAX+1. 8119 * @param result: if not NULL result reason copied here. 8120 */ 8121 static void 8122 auth_zone_verify_zonemd_with_key(struct auth_zone* z, struct module_env* env, 8123 struct module_stack* mods, struct ub_packed_rrset_key* dnskey, 8124 int is_insecure, char** result, uint8_t* sigalg) 8125 { 8126 char reasonbuf[256]; 8127 char* reason = NULL, *why_bogus = NULL; 8128 struct auth_data* apex = NULL; 8129 struct auth_rrset* zonemd_rrset = NULL; 8130 int zonemd_absent = 0, zonemd_absence_dnssecok = 0; 8131 8132 /* see if ZONEMD is present or absent. */ 8133 apex = az_find_name(z, z->name, z->namelen); 8134 if(!apex) { 8135 zonemd_absent = 1; 8136 } else { 8137 zonemd_rrset = az_domain_rrset(apex, LDNS_RR_TYPE_ZONEMD); 8138 if(!zonemd_rrset || zonemd_rrset->data->count==0) { 8139 zonemd_absent = 1; 8140 zonemd_rrset = NULL; 8141 } 8142 } 8143 8144 /* if no DNSSEC, done. */ 8145 /* if no ZONEMD, and DNSSEC, use DNSKEY to verify NSEC or NSEC3 for 8146 * zone apex. Check ZONEMD bit is turned off or else fail */ 8147 /* if ZONEMD, and DNSSEC, check DNSSEC signature on SOA and ZONEMD, 8148 * or else fail */ 8149 if(!dnskey && !is_insecure) { 8150 auth_zone_zonemd_fail(z, env, "DNSKEY missing", NULL, result); 8151 return; 8152 } else if(!zonemd_rrset && dnskey && !is_insecure) { 8153 /* fetch, DNSSEC verify, and check NSEC/NSEC3 */ 8154 if(!zonemd_check_dnssec_absence(z, env, mods, dnskey, apex, 8155 &reason, &why_bogus, sigalg, reasonbuf, 8156 sizeof(reasonbuf))) { 8157 auth_zone_zonemd_fail(z, env, reason, why_bogus, result); 8158 return; 8159 } 8160 zonemd_absence_dnssecok = 1; 8161 } else if(zonemd_rrset && dnskey && !is_insecure) { 8162 /* check DNSSEC verify of SOA and ZONEMD */ 8163 if(!zonemd_check_dnssec_soazonemd(z, env, mods, dnskey, apex, 8164 zonemd_rrset, &reason, &why_bogus, sigalg, reasonbuf, 8165 sizeof(reasonbuf))) { 8166 auth_zone_zonemd_fail(z, env, reason, why_bogus, result); 8167 return; 8168 } 8169 } 8170 8171 if(zonemd_absent && z->zonemd_reject_absence) { 8172 auth_zone_zonemd_fail(z, env, "ZONEMD absent and that is not allowed by config", NULL, result); 8173 return; 8174 } 8175 if(zonemd_absent && zonemd_absence_dnssecok) { 8176 auth_zone_log(z->name, VERB_ALGO, "DNSSEC verified nonexistence of ZONEMD"); 8177 if(result) { 8178 *result = strdup("DNSSEC verified nonexistence of ZONEMD"); 8179 if(!*result) log_err("out of memory"); 8180 } 8181 return; 8182 } 8183 if(zonemd_absent) { 8184 auth_zone_log(z->name, VERB_ALGO, "no ZONEMD present"); 8185 if(result) { 8186 *result = strdup("no ZONEMD present"); 8187 if(!*result) log_err("out of memory"); 8188 } 8189 return; 8190 } 8191 8192 /* check ZONEMD checksum and report or else fail. */ 8193 if(!auth_zone_zonemd_check_hash(z, env, &reason)) { 8194 auth_zone_zonemd_fail(z, env, reason, NULL, result); 8195 return; 8196 } 8197 8198 /* success! log the success */ 8199 if(reason) 8200 auth_zone_log(z->name, VERB_ALGO, "ZONEMD %s", reason); 8201 else auth_zone_log(z->name, VERB_ALGO, "ZONEMD verification successful"); 8202 if(result) { 8203 if(reason) 8204 *result = strdup(reason); 8205 else *result = strdup("ZONEMD verification successful"); 8206 if(!*result) log_err("out of memory"); 8207 } 8208 } 8209 8210 /** 8211 * verify the zone DNSKEY rrset from the trust anchor 8212 * This is possible because the anchor is for the zone itself, and can 8213 * thus apply straight to the zone DNSKEY set. 8214 * @param z: the auth zone. 8215 * @param env: environment with time and temp buffers. 8216 * @param mods: module stack for validator environment for dnssec validation. 8217 * @param anchor: trust anchor to use 8218 * @param is_insecure: returned, true if the zone is securely insecure. 8219 * @param why_bogus: if the routine fails, returns the failure reason. 8220 * @param keystorage: where to store the ub_packed_rrset_key that is created 8221 * on success. A pointer to it is returned on success. 8222 * @param reasonbuf: buffer to use for fail reason string print. 8223 * @param reasonlen: length of reasonbuf. 8224 * @return the dnskey RRset, reference to zone data and keystorage, or 8225 * NULL on failure. 8226 */ 8227 static struct ub_packed_rrset_key* 8228 zonemd_get_dnskey_from_anchor(struct auth_zone* z, struct module_env* env, 8229 struct module_stack* mods, struct trust_anchor* anchor, 8230 int* is_insecure, char** why_bogus, 8231 struct ub_packed_rrset_key* keystorage, char* reasonbuf, 8232 size_t reasonlen) 8233 { 8234 struct auth_data* apex; 8235 struct auth_rrset* dnskey_rrset; 8236 enum sec_status sec; 8237 struct val_env* ve; 8238 int m; 8239 8240 apex = az_find_name(z, z->name, z->namelen); 8241 if(!apex) { 8242 *why_bogus = "have trust anchor, but zone has no apex domain for DNSKEY"; 8243 return 0; 8244 } 8245 dnskey_rrset = az_domain_rrset(apex, LDNS_RR_TYPE_DNSKEY); 8246 if(!dnskey_rrset || dnskey_rrset->data->count==0) { 8247 *why_bogus = "have trust anchor, but zone has no DNSKEY"; 8248 return 0; 8249 } 8250 8251 m = modstack_find(mods, "validator"); 8252 if(m == -1) { 8253 *why_bogus = "have trust anchor, but no validator module"; 8254 return 0; 8255 } 8256 ve = (struct val_env*)env->modinfo[m]; 8257 8258 memset(keystorage, 0, sizeof(*keystorage)); 8259 keystorage->entry.key = keystorage; 8260 keystorage->entry.data = dnskey_rrset->data; 8261 keystorage->rk.dname = apex->name; 8262 keystorage->rk.dname_len = apex->namelen; 8263 keystorage->rk.type = htons(LDNS_RR_TYPE_DNSKEY); 8264 keystorage->rk.rrset_class = htons(z->dclass); 8265 auth_zone_log(z->name, VERB_QUERY, 8266 "zonemd: verify DNSKEY RRset with trust anchor"); 8267 sec = val_verify_DNSKEY_with_TA(env, ve, keystorage, anchor->ds_rrset, 8268 anchor->dnskey_rrset, NULL, why_bogus, NULL, NULL, reasonbuf, 8269 reasonlen); 8270 regional_free_all(env->scratch); 8271 if(sec == sec_status_secure) { 8272 /* success */ 8273 *is_insecure = 0; 8274 return keystorage; 8275 } else if(sec == sec_status_insecure) { 8276 /* insecure */ 8277 *is_insecure = 1; 8278 } else { 8279 /* bogus */ 8280 *is_insecure = 0; 8281 auth_zone_log(z->name, VERB_ALGO, 8282 "zonemd: verify DNSKEY RRset with trust anchor failed: %s", *why_bogus); 8283 } 8284 return NULL; 8285 } 8286 8287 /** verify the DNSKEY from the zone with looked up DS record */ 8288 static struct ub_packed_rrset_key* 8289 auth_zone_verify_zonemd_key_with_ds(struct auth_zone* z, 8290 struct module_env* env, struct module_stack* mods, 8291 struct ub_packed_rrset_key* ds, int* is_insecure, char** why_bogus, 8292 struct ub_packed_rrset_key* keystorage, uint8_t* sigalg, 8293 char* reasonbuf, size_t reasonlen) 8294 { 8295 struct auth_data* apex; 8296 struct auth_rrset* dnskey_rrset; 8297 enum sec_status sec; 8298 struct val_env* ve; 8299 int m; 8300 8301 /* fetch DNSKEY from zone data */ 8302 apex = az_find_name(z, z->name, z->namelen); 8303 if(!apex) { 8304 *why_bogus = "in verifywithDS, zone has no apex"; 8305 return NULL; 8306 } 8307 dnskey_rrset = az_domain_rrset(apex, LDNS_RR_TYPE_DNSKEY); 8308 if(!dnskey_rrset || dnskey_rrset->data->count==0) { 8309 *why_bogus = "in verifywithDS, zone has no DNSKEY"; 8310 return NULL; 8311 } 8312 8313 m = modstack_find(mods, "validator"); 8314 if(m == -1) { 8315 *why_bogus = "in verifywithDS, have no validator module"; 8316 return NULL; 8317 } 8318 ve = (struct val_env*)env->modinfo[m]; 8319 8320 memset(keystorage, 0, sizeof(*keystorage)); 8321 keystorage->entry.key = keystorage; 8322 keystorage->entry.data = dnskey_rrset->data; 8323 keystorage->rk.dname = apex->name; 8324 keystorage->rk.dname_len = apex->namelen; 8325 keystorage->rk.type = htons(LDNS_RR_TYPE_DNSKEY); 8326 keystorage->rk.rrset_class = htons(z->dclass); 8327 auth_zone_log(z->name, VERB_QUERY, "zonemd: verify zone DNSKEY with DS"); 8328 sec = val_verify_DNSKEY_with_DS(env, ve, keystorage, ds, sigalg, 8329 why_bogus, NULL, NULL, reasonbuf, reasonlen); 8330 regional_free_all(env->scratch); 8331 if(sec == sec_status_secure) { 8332 /* success */ 8333 return keystorage; 8334 } else if(sec == sec_status_insecure) { 8335 /* insecure */ 8336 *is_insecure = 1; 8337 } else { 8338 /* bogus */ 8339 *is_insecure = 0; 8340 if(*why_bogus == NULL) 8341 *why_bogus = "verify failed"; 8342 auth_zone_log(z->name, VERB_ALGO, 8343 "zonemd: verify DNSKEY RRset with DS failed: %s", 8344 *why_bogus); 8345 } 8346 return NULL; 8347 } 8348 8349 /** callback for ZONEMD lookup of DNSKEY */ 8350 void auth_zonemd_dnskey_lookup_callback(void* arg, int rcode, sldns_buffer* buf, 8351 enum sec_status sec, char* why_bogus, int ATTR_UNUSED(was_ratelimited)) 8352 { 8353 struct auth_zone* z = (struct auth_zone*)arg; 8354 struct module_env* env; 8355 char reasonbuf[256]; 8356 char* reason = NULL, *ds_bogus = NULL, *typestr="DNSKEY"; 8357 struct ub_packed_rrset_key* dnskey = NULL, *ds = NULL; 8358 int is_insecure = 0, downprot; 8359 struct ub_packed_rrset_key keystorage; 8360 uint8_t sigalg[ALGO_NEEDS_MAX+1]; 8361 8362 lock_rw_wrlock(&z->lock); 8363 env = z->zonemd_callback_env; 8364 /* release the env variable so another worker can pick up the 8365 * ZONEMD verification task if it wants to */ 8366 z->zonemd_callback_env = NULL; 8367 if(!env || env->outnet->want_to_quit || z->zone_deleted) { 8368 lock_rw_unlock(&z->lock); 8369 return; /* stop on quit */ 8370 } 8371 if(z->zonemd_callback_qtype == LDNS_RR_TYPE_DS) 8372 typestr = "DS"; 8373 downprot = env->cfg->harden_algo_downgrade; 8374 8375 /* process result */ 8376 if(sec == sec_status_bogus) { 8377 reason = why_bogus; 8378 if(!reason) { 8379 if(z->zonemd_callback_qtype == LDNS_RR_TYPE_DNSKEY) 8380 reason = "lookup of DNSKEY was bogus"; 8381 else reason = "lookup of DS was bogus"; 8382 } 8383 auth_zone_log(z->name, VERB_ALGO, 8384 "zonemd lookup of %s was bogus: %s", typestr, reason); 8385 } else if(rcode == LDNS_RCODE_NOERROR) { 8386 uint16_t wanted_qtype = z->zonemd_callback_qtype; 8387 struct regional* temp = env->scratch; 8388 struct query_info rq; 8389 struct reply_info* rep; 8390 memset(&rq, 0, sizeof(rq)); 8391 rep = parse_reply_in_temp_region(buf, temp, &rq); 8392 if(rep && rq.qtype == wanted_qtype && 8393 query_dname_compare(z->name, rq.qname) == 0 && 8394 FLAGS_GET_RCODE(rep->flags) == LDNS_RCODE_NOERROR) { 8395 /* parsed successfully */ 8396 struct ub_packed_rrset_key* answer = 8397 reply_find_answer_rrset(&rq, rep); 8398 if(answer && sec == sec_status_secure) { 8399 if(z->zonemd_callback_qtype == LDNS_RR_TYPE_DNSKEY) 8400 dnskey = answer; 8401 else ds = answer; 8402 auth_zone_log(z->name, VERB_ALGO, 8403 "zonemd lookup of %s was secure", typestr); 8404 } else if(sec == sec_status_secure && !answer) { 8405 is_insecure = 1; 8406 auth_zone_log(z->name, VERB_ALGO, 8407 "zonemd lookup of %s has no content, but is secure, treat as insecure", typestr); 8408 } else if(sec == sec_status_insecure) { 8409 is_insecure = 1; 8410 auth_zone_log(z->name, VERB_ALGO, 8411 "zonemd lookup of %s was insecure", typestr); 8412 } else if(sec == sec_status_indeterminate) { 8413 is_insecure = 1; 8414 auth_zone_log(z->name, VERB_ALGO, 8415 "zonemd lookup of %s was indeterminate, treat as insecure", typestr); 8416 } else { 8417 auth_zone_log(z->name, VERB_ALGO, 8418 "zonemd lookup of %s has nodata", typestr); 8419 if(z->zonemd_callback_qtype == LDNS_RR_TYPE_DNSKEY) 8420 reason = "lookup of DNSKEY has nodata"; 8421 else reason = "lookup of DS has nodata"; 8422 } 8423 } else if(rep && rq.qtype == wanted_qtype && 8424 query_dname_compare(z->name, rq.qname) == 0 && 8425 FLAGS_GET_RCODE(rep->flags) == LDNS_RCODE_NXDOMAIN && 8426 sec == sec_status_secure) { 8427 /* secure nxdomain, so the zone is like some RPZ zone 8428 * that does not exist in the wider internet, with 8429 * a secure nxdomain answer outside of it. So we 8430 * treat the zonemd zone without a dnssec chain of 8431 * trust, as insecure. */ 8432 is_insecure = 1; 8433 auth_zone_log(z->name, VERB_ALGO, 8434 "zonemd lookup of %s was secure NXDOMAIN, treat as insecure", typestr); 8435 } else if(rep && rq.qtype == wanted_qtype && 8436 query_dname_compare(z->name, rq.qname) == 0 && 8437 FLAGS_GET_RCODE(rep->flags) == LDNS_RCODE_NXDOMAIN && 8438 sec == sec_status_insecure) { 8439 is_insecure = 1; 8440 auth_zone_log(z->name, VERB_ALGO, 8441 "zonemd lookup of %s was insecure NXDOMAIN, treat as insecure", typestr); 8442 } else if(rep && rq.qtype == wanted_qtype && 8443 query_dname_compare(z->name, rq.qname) == 0 && 8444 FLAGS_GET_RCODE(rep->flags) == LDNS_RCODE_NXDOMAIN && 8445 sec == sec_status_indeterminate) { 8446 is_insecure = 1; 8447 auth_zone_log(z->name, VERB_ALGO, 8448 "zonemd lookup of %s was indeterminate NXDOMAIN, treat as insecure", typestr); 8449 } else { 8450 auth_zone_log(z->name, VERB_ALGO, 8451 "zonemd lookup of %s has no answer", typestr); 8452 if(z->zonemd_callback_qtype == LDNS_RR_TYPE_DNSKEY) 8453 reason = "lookup of DNSKEY has no answer"; 8454 else reason = "lookup of DS has no answer"; 8455 } 8456 } else { 8457 auth_zone_log(z->name, VERB_ALGO, 8458 "zonemd lookup of %s failed", typestr); 8459 if(z->zonemd_callback_qtype == LDNS_RR_TYPE_DNSKEY) 8460 reason = "lookup of DNSKEY failed"; 8461 else reason = "lookup of DS failed"; 8462 } 8463 8464 if(!reason && !is_insecure && !dnskey && ds) { 8465 dnskey = auth_zone_verify_zonemd_key_with_ds(z, env, 8466 &env->mesh->mods, ds, &is_insecure, &ds_bogus, 8467 &keystorage, downprot?sigalg:NULL, reasonbuf, 8468 sizeof(reasonbuf)); 8469 if(!dnskey && !is_insecure && !reason) 8470 reason = "DNSKEY verify with DS failed"; 8471 } 8472 8473 if(reason) { 8474 auth_zone_zonemd_fail(z, env, reason, ds_bogus, NULL); 8475 lock_rw_unlock(&z->lock); 8476 regional_free_all(env->scratch); 8477 return; 8478 } 8479 8480 auth_zone_verify_zonemd_with_key(z, env, &env->mesh->mods, dnskey, 8481 is_insecure, NULL, downprot?sigalg:NULL); 8482 regional_free_all(env->scratch); 8483 lock_rw_unlock(&z->lock); 8484 } 8485 8486 /** lookup DNSKEY for ZONEMD verification */ 8487 static int 8488 zonemd_lookup_dnskey(struct auth_zone* z, struct module_env* env) 8489 { 8490 struct query_info qinfo; 8491 uint16_t qflags = BIT_RD; 8492 struct edns_data edns; 8493 sldns_buffer* buf = env->scratch_buffer; 8494 int fetch_ds = 0; 8495 8496 if(!z->fallback_enabled) { 8497 /* we cannot actually get the DNSKEY, because it is in the 8498 * zone we have ourselves, and it is not served yet 8499 * (possibly), so fetch type DS */ 8500 fetch_ds = 1; 8501 } 8502 if(z->zonemd_callback_env) { 8503 /* another worker is already working on the callback 8504 * for the DNSKEY lookup for ZONEMD verification. 8505 * We do not also have to do ZONEMD verification, let that 8506 * worker do it */ 8507 auth_zone_log(z->name, VERB_ALGO, 8508 "zonemd needs lookup of %s and that already is worked on by another worker", (fetch_ds?"DS":"DNSKEY")); 8509 return 1; 8510 } 8511 8512 /* use mesh_new_callback to lookup the DNSKEY, 8513 * and then wait for them to be looked up (in cache, or query) */ 8514 qinfo.qname_len = z->namelen; 8515 qinfo.qname = z->name; 8516 qinfo.qclass = z->dclass; 8517 if(fetch_ds) 8518 qinfo.qtype = LDNS_RR_TYPE_DS; 8519 else qinfo.qtype = LDNS_RR_TYPE_DNSKEY; 8520 qinfo.local_alias = NULL; 8521 if(verbosity >= VERB_ALGO) { 8522 char buf1[512]; 8523 char buf2[LDNS_MAX_DOMAINLEN]; 8524 dname_str(z->name, buf2); 8525 snprintf(buf1, sizeof(buf1), "auth zone %s: lookup %s " 8526 "for zonemd verification", buf2, 8527 (fetch_ds?"DS":"DNSKEY")); 8528 log_query_info(VERB_ALGO, buf1, &qinfo); 8529 } 8530 edns.edns_present = 1; 8531 edns.ext_rcode = 0; 8532 edns.edns_version = 0; 8533 edns.bits = EDNS_DO; 8534 edns.opt_list_in = NULL; 8535 edns.opt_list_out = NULL; 8536 edns.opt_list_inplace_cb_out = NULL; 8537 if(sldns_buffer_capacity(buf) < 65535) 8538 edns.udp_size = (uint16_t)sldns_buffer_capacity(buf); 8539 else edns.udp_size = 65535; 8540 8541 /* store the worker-specific module env for the callback. 8542 * We can then reference this when the callback executes */ 8543 z->zonemd_callback_env = env; 8544 z->zonemd_callback_qtype = qinfo.qtype; 8545 /* the callback can be called straight away */ 8546 lock_rw_unlock(&z->lock); 8547 if(!mesh_new_callback(env->mesh, &qinfo, qflags, &edns, buf, 0, 8548 &auth_zonemd_dnskey_lookup_callback, z, 0)) { 8549 lock_rw_wrlock(&z->lock); 8550 log_err("out of memory lookup of %s for zonemd", 8551 (fetch_ds?"DS":"DNSKEY")); 8552 return 0; 8553 } 8554 lock_rw_wrlock(&z->lock); 8555 return 1; 8556 } 8557 8558 void auth_zone_verify_zonemd(struct auth_zone* z, struct module_env* env, 8559 struct module_stack* mods, char** result, int offline, int only_online) 8560 { 8561 char reasonbuf[256]; 8562 char* reason = NULL, *why_bogus = NULL; 8563 struct trust_anchor* anchor = NULL; 8564 struct ub_packed_rrset_key* dnskey = NULL; 8565 struct ub_packed_rrset_key keystorage; 8566 int is_insecure = 0; 8567 /* verify the ZONEMD if present. 8568 * If not present check if absence is allowed by DNSSEC */ 8569 if(!z->zonemd_check) 8570 return; 8571 if(z->data.count == 0) 8572 return; /* no data */ 8573 8574 /* if zone is under a trustanchor */ 8575 /* is it equal to trustanchor - get dnskey's verified */ 8576 /* else, find chain of trust by fetching DNSKEYs lookup for zone */ 8577 /* result if that, if insecure, means no DNSSEC for the ZONEMD, 8578 * otherwise we have the zone DNSKEY for the DNSSEC verification. */ 8579 if(env->anchors) 8580 anchor = anchors_lookup(env->anchors, z->name, z->namelen, 8581 z->dclass); 8582 if(anchor && anchor->numDS == 0 && anchor->numDNSKEY == 0) { 8583 /* domain-insecure trust anchor for unsigned zones */ 8584 lock_basic_unlock(&anchor->lock); 8585 if(only_online) 8586 return; 8587 dnskey = NULL; 8588 is_insecure = 1; 8589 } else if(anchor && query_dname_compare(z->name, anchor->name) == 0) { 8590 if(only_online) { 8591 lock_basic_unlock(&anchor->lock); 8592 return; 8593 } 8594 /* equal to trustanchor, no need for online lookups */ 8595 dnskey = zonemd_get_dnskey_from_anchor(z, env, mods, anchor, 8596 &is_insecure, &why_bogus, &keystorage, reasonbuf, 8597 sizeof(reasonbuf)); 8598 lock_basic_unlock(&anchor->lock); 8599 if(!dnskey && !reason && !is_insecure) { 8600 reason = "verify DNSKEY RRset with trust anchor failed"; 8601 } 8602 } else if(anchor) { 8603 lock_basic_unlock(&anchor->lock); 8604 /* perform online lookups */ 8605 if(offline) 8606 return; 8607 /* setup online lookups, and wait for them */ 8608 if(zonemd_lookup_dnskey(z, env)) { 8609 /* wait for the lookup */ 8610 return; 8611 } 8612 reason = "could not lookup DNSKEY for chain of trust"; 8613 } else { 8614 /* the zone is not under a trust anchor */ 8615 if(only_online) 8616 return; 8617 dnskey = NULL; 8618 is_insecure = 1; 8619 } 8620 8621 if(reason) { 8622 auth_zone_zonemd_fail(z, env, reason, why_bogus, result); 8623 regional_free_all(env->scratch); 8624 return; 8625 } 8626 8627 auth_zone_verify_zonemd_with_key(z, env, mods, dnskey, is_insecure, 8628 result, NULL); 8629 regional_free_all(env->scratch); 8630 } 8631 8632 void auth_zones_pickup_zonemd_verify(struct auth_zones* az, 8633 struct module_env* env) 8634 { 8635 struct auth_zone key; 8636 uint8_t savezname[255+1]; 8637 size_t savezname_len; 8638 struct auth_zone* z; 8639 key.node.key = &key; 8640 lock_rw_rdlock(&az->lock); 8641 RBTREE_FOR(z, struct auth_zone*, &az->ztree) { 8642 lock_rw_wrlock(&z->lock); 8643 if(!z->zonemd_check) { 8644 lock_rw_unlock(&z->lock); 8645 continue; 8646 } 8647 key.dclass = z->dclass; 8648 key.namelabs = z->namelabs; 8649 if(z->namelen > sizeof(savezname)) { 8650 lock_rw_unlock(&z->lock); 8651 log_err("auth_zones_pickup_zonemd_verify: zone name too long"); 8652 continue; 8653 } 8654 savezname_len = z->namelen; 8655 memmove(savezname, z->name, z->namelen); 8656 lock_rw_unlock(&az->lock); 8657 auth_zone_verify_zonemd(z, env, &env->mesh->mods, NULL, 0, 1); 8658 lock_rw_unlock(&z->lock); 8659 lock_rw_rdlock(&az->lock); 8660 /* find the zone we had before, it is not deleted, 8661 * because we have a flag for that that is processed at 8662 * apply_cfg time */ 8663 key.namelen = savezname_len; 8664 key.name = savezname; 8665 z = (struct auth_zone*)rbtree_search(&az->ztree, &key); 8666 if(!z) 8667 break; 8668 } 8669 lock_rw_unlock(&az->lock); 8670 } 8671 8672 /** Get memory usage of auth rrset */ 8673 static size_t 8674 auth_rrset_get_mem(struct auth_rrset* rrset) 8675 { 8676 size_t m = sizeof(*rrset) + packed_rrset_sizeof(rrset->data); 8677 return m; 8678 } 8679 8680 /** Get memory usage of auth data */ 8681 static size_t 8682 auth_data_get_mem(struct auth_data* node) 8683 { 8684 size_t m = sizeof(*node) + node->namelen; 8685 struct auth_rrset* rrset; 8686 for(rrset = node->rrsets; rrset; rrset = rrset->next) { 8687 m += auth_rrset_get_mem(rrset); 8688 } 8689 return m; 8690 } 8691 8692 /** Get memory usage of auth zone */ 8693 static size_t 8694 auth_zone_get_mem(struct auth_zone* z) 8695 { 8696 size_t m = sizeof(*z) + z->namelen; 8697 struct auth_data* node; 8698 if(z->zonefile) 8699 m += strlen(z->zonefile)+1; 8700 RBTREE_FOR(node, struct auth_data*, &z->data) { 8701 m += auth_data_get_mem(node); 8702 } 8703 if(z->rpz) 8704 m += rpz_get_mem(z->rpz); 8705 return m; 8706 } 8707 8708 /** Get memory usage of list of auth addr */ 8709 static size_t 8710 auth_addrs_get_mem(struct auth_addr* list) 8711 { 8712 size_t m = 0; 8713 struct auth_addr* a; 8714 for(a = list; a; a = a->next) { 8715 m += sizeof(*a); 8716 } 8717 return m; 8718 } 8719 8720 /** Get memory usage of list of primaries for auth xfer */ 8721 static size_t 8722 auth_primaries_get_mem(struct auth_master* list) 8723 { 8724 size_t m = 0; 8725 struct auth_master* n; 8726 for(n = list; n; n = n->next) { 8727 m += sizeof(*n); 8728 m += auth_addrs_get_mem(n->list); 8729 if(n->host) 8730 m += strlen(n->host)+1; 8731 if(n->file) 8732 m += strlen(n->file)+1; 8733 } 8734 return m; 8735 } 8736 8737 /** Get memory usage or list of auth chunks */ 8738 static size_t 8739 auth_chunks_get_mem(struct auth_chunk* list) 8740 { 8741 size_t m = 0; 8742 struct auth_chunk* chunk; 8743 for(chunk = list; chunk; chunk = chunk->next) { 8744 m += sizeof(*chunk) + chunk->len; 8745 } 8746 return m; 8747 } 8748 8749 /** Get memory usage of auth xfer */ 8750 static size_t 8751 auth_xfer_get_mem(struct auth_xfer* xfr) 8752 { 8753 size_t m = sizeof(*xfr) + xfr->namelen; 8754 8755 /* auth_nextprobe */ 8756 m += comm_timer_get_mem(xfr->task_nextprobe->timer); 8757 8758 /* auth_probe */ 8759 m += auth_primaries_get_mem(xfr->task_probe->masters); 8760 m += comm_point_get_mem(xfr->task_probe->cp); 8761 m += comm_timer_get_mem(xfr->task_probe->timer); 8762 8763 /* auth_transfer */ 8764 m += auth_chunks_get_mem(xfr->task_transfer->chunks_first); 8765 m += auth_primaries_get_mem(xfr->task_transfer->masters); 8766 m += comm_point_get_mem(xfr->task_transfer->cp); 8767 m += comm_timer_get_mem(xfr->task_transfer->timer); 8768 8769 /* allow_notify_list */ 8770 m += auth_primaries_get_mem(xfr->allow_notify_list); 8771 8772 return m; 8773 } 8774 8775 /** Get memory usage of auth zones ztree */ 8776 static size_t 8777 az_ztree_get_mem(struct auth_zones* az) 8778 { 8779 size_t m = 0; 8780 struct auth_zone* z; 8781 RBTREE_FOR(z, struct auth_zone*, &az->ztree) { 8782 lock_rw_rdlock(&z->lock); 8783 m += auth_zone_get_mem(z); 8784 lock_rw_unlock(&z->lock); 8785 } 8786 return m; 8787 } 8788 8789 /** Get memory usage of auth zones xtree */ 8790 static size_t 8791 az_xtree_get_mem(struct auth_zones* az) 8792 { 8793 size_t m = 0; 8794 struct auth_xfer* xfr; 8795 RBTREE_FOR(xfr, struct auth_xfer*, &az->xtree) { 8796 lock_basic_lock(&xfr->lock); 8797 m += auth_xfer_get_mem(xfr); 8798 lock_basic_unlock(&xfr->lock); 8799 } 8800 return m; 8801 } 8802 8803 size_t auth_zones_get_mem(struct auth_zones* zones) 8804 { 8805 size_t m; 8806 if(!zones) return 0; 8807 m = sizeof(*zones); 8808 lock_rw_rdlock(&zones->rpz_lock); 8809 lock_rw_rdlock(&zones->lock); 8810 m += az_ztree_get_mem(zones); 8811 m += az_xtree_get_mem(zones); 8812 lock_rw_unlock(&zones->lock); 8813 lock_rw_unlock(&zones->rpz_lock); 8814 return m; 8815 } 8816 8817 void xfr_disown_tasks(struct auth_xfer* xfr, struct worker* worker) 8818 { 8819 if(xfr->task_nextprobe->worker == worker) { 8820 xfr_nextprobe_disown(xfr); 8821 } 8822 if(xfr->task_probe->worker == worker) { 8823 xfr_probe_disown(xfr); 8824 } 8825 if(xfr->task_transfer->worker == worker) { 8826 xfr_transfer_disown(xfr); 8827 } 8828 } 8829
Indexes created Sun Jun 14 00:25:39 UTC 2026