1/* 2 * services/authzone.c - authoritative zone that is locally hosted. 3 * 4 * Copyright (c) 2017, NLnet Labs. All rights reserved. 5 * 6 * This software is open source. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 12 * Redistributions of source code must retain the above copyright notice, 13 * this list of conditions and the following disclaimer. 14 * 15 * Redistributions in binary form must reproduce the above copyright notice, 16 * this list of conditions and the following disclaimer in the documentation 17 * and/or other materials provided with the distribution. 18 * 19 * Neither the name of the NLNET LABS nor the names of its contributors may 20 * be used to endorse or promote products derived from this software without 21 * specific prior written permission. 22 * 23 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 24 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 25 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 26 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 27 * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 28 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED 29 * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR 30 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF 31 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING 32 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS 33 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 34 */ 35 36/** 37 * \file 38 * 39 * This file contains the functions for an authority zone. This zone 40 * is queried by the iterator, just like a stub or forward zone, but then 41 * the data is locally held. 42 */ 43 44#include "config.h" 45#include "services/authzone.h" 46#include "util/data/dname.h" 47#include "util/data/msgparse.h" 48#include "util/data/msgreply.h" 49#include "util/data/msgencode.h" 50#include "util/data/packed_rrset.h" 51#include "util/regional.h" 52#include "util/net_help.h" 53#include "util/netevent.h" 54#include "util/config_file.h" 55#include "util/log.h" 56#include "util/module.h" 57#include "util/random.h" 58#include "services/cache/dns.h" 59#include "services/outside_network.h" 60#include "services/listen_dnsport.h" 61#include "services/mesh.h" 62#include "sldns/rrdef.h" 63#include "sldns/pkthdr.h" 64#include "sldns/sbuffer.h" 65#include "sldns/str2wire.h" 66#include "sldns/wire2str.h" 67#include "sldns/parseutil.h" 68#include "sldns/keyraw.h" 69#include "validator/val_nsec3.h" 70#include "validator/val_nsec.h" 71#include "validator/val_secalgo.h" 72#include "validator/val_sigcrypt.h" 73#include "validator/val_anchor.h" 74#include "validator/val_utils.h" 75#include <ctype.h> 76 77/** bytes to use for NSEC3 hash buffer. 20 for sha1 */ 78#define N3HASHBUFLEN 32 79/** max number of CNAMEs we are willing to follow (in one answer) */ 80#define MAX_CNAME_CHAIN 8 81/** timeout for probe packets for SOA */ 82#define AUTH_PROBE_TIMEOUT 100 /* msec */ 83/** when to stop with SOA probes (when exponential timeouts exceed this) */ 84#define AUTH_PROBE_TIMEOUT_STOP 1000 /* msec */ 85/* auth transfer timeout for TCP connections, in msec */ 86#define AUTH_TRANSFER_TIMEOUT 10000 /* msec */ 87/* auth transfer max backoff for failed transfers and probes */ 88#define AUTH_TRANSFER_MAX_BACKOFF 86400 /* sec */ 89/* auth http port number */ 90#define AUTH_HTTP_PORT 80 91/* auth https port number */ 92#define AUTH_HTTPS_PORT 443 93/* max depth for nested $INCLUDEs */ 94#define MAX_INCLUDE_DEPTH 10 95/** number of timeouts before we fallback from IXFR to AXFR, 96 * because some versions of servers (eg. dnsmasq) drop IXFR packets. */ 97#define NUM_TIMEOUTS_FALLBACK_IXFR 3 98 99/** pick up nextprobe task to start waiting to perform transfer actions */ 100static void xfr_set_timeout(struct auth_xfer* xfr, struct module_env* env, 101 int failure, int lookup_only); 102/** move to sending the probe packets, next if fails. task_probe */ 103static void xfr_probe_send_or_end(struct auth_xfer* xfr, 104 struct module_env* env); 105/** pick up probe task with specified(or NULL) destination first, 106 * or transfer task if nothing to probe, or false if already in progress */ 107static int xfr_start_probe(struct auth_xfer* xfr, struct module_env* env, 108 struct auth_master* spec); 109/** delete xfer structure (not its tree entry) */ 110static void auth_xfer_delete(struct auth_xfer* xfr); 111 112/** create new dns_msg */ 113static struct dns_msg* 114msg_create(struct regional* region, struct query_info* qinfo) 115{ 116 struct dns_msg* msg = (struct dns_msg*)regional_alloc(region, 117 sizeof(struct dns_msg)); 118 if(!msg) 119 return NULL; 120 msg->qinfo.qname = regional_alloc_init(region, qinfo->qname, 121 qinfo->qname_len); 122 if(!msg->qinfo.qname) 123 return NULL; 124 msg->qinfo.qname_len = qinfo->qname_len; 125 msg->qinfo.qtype = qinfo->qtype; 126 msg->qinfo.qclass = qinfo->qclass; 127 msg->qinfo.local_alias = NULL; 128 /* non-packed reply_info, because it needs to grow the array */ 129 msg->rep = (struct reply_info*)regional_alloc_zero(region, 130 sizeof(struct reply_info)-sizeof(struct rrset_ref)); 131 if(!msg->rep) 132 return NULL; 133 msg->rep->flags = (uint16_t)(BIT_QR | BIT_AA); 134 msg->rep->authoritative = 1; 135 msg->rep->reason_bogus = LDNS_EDE_NONE; 136 msg->rep->qdcount = 1; 137 /* rrsets is NULL, no rrsets yet */ 138 return msg; 139} 140 141/** grow rrset array by one in msg */ 142static int 143msg_grow_array(struct regional* region, struct dns_msg* msg) 144{ 145 if(msg->rep->rrsets == NULL) { 146 msg->rep->rrsets = regional_alloc_zero(region, 147 sizeof(struct ub_packed_rrset_key*)*(msg->rep->rrset_count+1)); 148 if(!msg->rep->rrsets) 149 return 0; 150 } else { 151 struct ub_packed_rrset_key** rrsets_old = msg->rep->rrsets; 152 msg->rep->rrsets = regional_alloc_zero(region, 153 sizeof(struct ub_packed_rrset_key*)*(msg->rep->rrset_count+1)); 154 if(!msg->rep->rrsets) 155 return 0; 156 memmove(msg->rep->rrsets, rrsets_old, 157 sizeof(struct ub_packed_rrset_key*)*msg->rep->rrset_count); 158 } 159 return 1; 160} 161 162/** get ttl of rrset */ 163static time_t 164get_rrset_ttl(struct ub_packed_rrset_key* k) 165{ 166 struct packed_rrset_data* d = (struct packed_rrset_data*) 167 k->entry.data; 168 return d->ttl; 169} 170 171/** Copy rrset into region from domain-datanode and packet rrset */ 172static struct ub_packed_rrset_key* 173auth_packed_rrset_copy_region(struct auth_zone* z, struct auth_data* node, 174 struct auth_rrset* rrset, struct regional* region, time_t adjust) 175{ 176 struct ub_packed_rrset_key key; 177 memset(&key, 0, sizeof(key)); 178 key.entry.key = &key; 179 key.entry.data = rrset->data; 180 key.rk.dname = node->name; 181 key.rk.dname_len = node->namelen; 182 key.rk.type = htons(rrset->type); 183 key.rk.rrset_class = htons(z->dclass); 184 key.entry.hash = rrset_key_hash(&key.rk); 185 return packed_rrset_copy_region(&key, region, adjust); 186} 187 188/** fix up msg->rep TTL and prefetch ttl */ 189static void 190msg_ttl(struct dns_msg* msg) 191{ 192 if(msg->rep->rrset_count == 0) return; 193 if(msg->rep->rrset_count == 1) { 194 msg->rep->ttl = get_rrset_ttl(msg->rep->rrsets[0]); 195 msg->rep->prefetch_ttl = PREFETCH_TTL_CALC(msg->rep->ttl); 196 msg->rep->serve_expired_ttl = msg->rep->ttl + SERVE_EXPIRED_TTL; 197 } else if(get_rrset_ttl(msg->rep->rrsets[msg->rep->rrset_count-1]) < 198 msg->rep->ttl) { 199 msg->rep->ttl = get_rrset_ttl(msg->rep->rrsets[ 200 msg->rep->rrset_count-1]); 201 msg->rep->prefetch_ttl = PREFETCH_TTL_CALC(msg->rep->ttl); 202 msg->rep->serve_expired_ttl = msg->rep->ttl + SERVE_EXPIRED_TTL; 203 } 204} 205 206/** see if rrset is a duplicate in the answer message */ 207static int 208msg_rrset_duplicate(struct dns_msg* msg, uint8_t* nm, size_t nmlen, 209 uint16_t type, uint16_t dclass) 210{ 211 size_t i; 212 for(i=0; i<msg->rep->rrset_count; i++) { 213 struct ub_packed_rrset_key* k = msg->rep->rrsets[i]; 214 if(ntohs(k->rk.type) == type && k->rk.dname_len == nmlen && 215 ntohs(k->rk.rrset_class) == dclass && 216 query_dname_compare(k->rk.dname, nm) == 0) 217 return 1; 218 } 219 return 0; 220} 221 222/** add rrset to answer section (no auth, add rrsets yet) */ 223static int 224msg_add_rrset_an(struct auth_zone* z, struct regional* region, 225 struct dns_msg* msg, struct auth_data* node, struct auth_rrset* rrset) 226{ 227 log_assert(msg->rep->ns_numrrsets == 0); 228 log_assert(msg->rep->ar_numrrsets == 0); 229 if(!rrset || !node) 230 return 1; 231 if(msg_rrset_duplicate(msg, node->name, node->namelen, rrset->type, 232 z->dclass)) 233 return 1; 234 /* grow array */ 235 if(!msg_grow_array(region, msg)) 236 return 0; 237 /* copy it */ 238 if(!(msg->rep->rrsets[msg->rep->rrset_count] = 239 auth_packed_rrset_copy_region(z, node, rrset, region, 0))) 240 return 0; 241 msg->rep->rrset_count++; 242 msg->rep->an_numrrsets++; 243 msg_ttl(msg); 244 return 1; 245} 246 247/** add rrset to authority section (no additional section rrsets yet) */ 248static int 249msg_add_rrset_ns(struct auth_zone* z, struct regional* region, 250 struct dns_msg* msg, struct auth_data* node, struct auth_rrset* rrset) 251{ 252 log_assert(msg->rep->ar_numrrsets == 0); 253 if(!rrset || !node) 254 return 1; 255 if(msg_rrset_duplicate(msg, node->name, node->namelen, rrset->type, 256 z->dclass)) 257 return 1; 258 /* grow array */ 259 if(!msg_grow_array(region, msg)) 260 return 0; 261 /* copy it */ 262 if(!(msg->rep->rrsets[msg->rep->rrset_count] = 263 auth_packed_rrset_copy_region(z, node, rrset, region, 0))) 264 return 0; 265 msg->rep->rrset_count++; 266 msg->rep->ns_numrrsets++; 267 msg_ttl(msg); 268 return 1; 269} 270 271/** add rrset to additional section */ 272static int 273msg_add_rrset_ar(struct auth_zone* z, struct regional* region, 274 struct dns_msg* msg, struct auth_data* node, struct auth_rrset* rrset) 275{ 276 if(!rrset || !node) 277 return 1; 278 if(msg_rrset_duplicate(msg, node->name, node->namelen, rrset->type, 279 z->dclass)) 280 return 1; 281 /* grow array */ 282 if(!msg_grow_array(region, msg)) 283 return 0; 284 /* copy it */ 285 if(!(msg->rep->rrsets[msg->rep->rrset_count] = 286 auth_packed_rrset_copy_region(z, node, rrset, region, 0))) 287 return 0; 288 msg->rep->rrset_count++; 289 msg->rep->ar_numrrsets++; 290 msg_ttl(msg); 291 return 1; 292} 293 294struct auth_zones* auth_zones_create(void) 295{ 296 struct auth_zones* az = (struct auth_zones*)calloc(1, sizeof(*az)); 297 if(!az) { 298 log_err("out of memory"); 299 return NULL; 300 } 301 rbtree_init(&az->ztree, &auth_zone_cmp); 302 rbtree_init(&az->xtree, &auth_xfer_cmp); 303 lock_rw_init(&az->lock); 304 lock_protect(&az->lock, &az->ztree, sizeof(az->ztree)); 305 lock_protect(&az->lock, &az->xtree, sizeof(az->xtree)); 306 /* also lock protects the rbnode's in struct auth_zone, auth_xfer */ 307 lock_rw_init(&az->rpz_lock); 308 lock_protect(&az->rpz_lock, &az->rpz_first, sizeof(az->rpz_first)); 309 return az; 310} 311 312int auth_zone_cmp(const void* z1, const void* z2) 313{ 314 /* first sort on class, so that hierarchy can be maintained within 315 * a class */ 316 struct auth_zone* a = (struct auth_zone*)z1; 317 struct auth_zone* b = (struct auth_zone*)z2; 318 int m; 319 if(a->dclass != b->dclass) { 320 if(a->dclass < b->dclass) 321 return -1; 322 return 1; 323 } 324 /* sorted such that higher zones sort before lower zones (their 325 * contents) */ 326 return dname_lab_cmp(a->name, a->namelabs, b->name, b->namelabs, &m); 327} 328 329int auth_data_cmp(const void* z1, const void* z2) 330{ 331 struct auth_data* a = (struct auth_data*)z1; 332 struct auth_data* b = (struct auth_data*)z2; 333 int m; 334 /* canonical sort, because DNSSEC needs that */ 335 return dname_canon_lab_cmp(a->name, a->namelabs, b->name, 336 b->namelabs, &m); 337} 338 339int auth_xfer_cmp(const void* z1, const void* z2) 340{ 341 /* first sort on class, so that hierarchy can be maintained within 342 * a class */ 343 struct auth_xfer* a = (struct auth_xfer*)z1; 344 struct auth_xfer* b = (struct auth_xfer*)z2; 345 int m; 346 if(a->dclass != b->dclass) { 347 if(a->dclass < b->dclass) 348 return -1; 349 return 1; 350 } 351 /* sorted such that higher zones sort before lower zones (their 352 * contents) */ 353 return dname_lab_cmp(a->name, a->namelabs, b->name, b->namelabs, &m); 354} 355 356/** delete auth rrset node */ 357static void 358auth_rrset_delete(struct auth_rrset* rrset) 359{ 360 if(!rrset) return; 361 free(rrset->data); 362 free(rrset); 363} 364 365/** delete auth data domain node */ 366static void 367auth_data_delete(struct auth_data* n) 368{ 369 struct auth_rrset* p, *np; 370 if(!n) return; 371 p = n->rrsets; 372 while(p) { 373 np = p->next; 374 auth_rrset_delete(p); 375 p = np; 376 } 377 free(n->name); 378 free(n); 379} 380 381/** helper traverse to delete zones */ 382static void 383auth_data_del(rbnode_type* n, void* ATTR_UNUSED(arg)) 384{ 385 struct auth_data* z = (struct auth_data*)n->key; 386 auth_data_delete(z); 387} 388 389/** delete an auth zone structure (tree remove must be done elsewhere) */ 390static void 391auth_zone_delete(struct auth_zone* z, struct auth_zones* az) 392{ 393 if(!z) return; 394 lock_rw_destroy(&z->lock); 395 traverse_postorder(&z->data, auth_data_del, NULL); 396 397 if(az && z->rpz) { 398 /* keep RPZ linked list intact */ 399 lock_rw_wrlock(&az->rpz_lock); 400 if(z->rpz_az_prev) 401 z->rpz_az_prev->rpz_az_next = z->rpz_az_next; 402 else 403 az->rpz_first = z->rpz_az_next; 404 if(z->rpz_az_next) 405 z->rpz_az_next->rpz_az_prev = z->rpz_az_prev; 406 lock_rw_unlock(&az->rpz_lock); 407 } 408 if(z->rpz) 409 rpz_delete(z->rpz); 410 free(z->name); 411 free(z->zonefile); 412 free(z); 413} 414 415struct auth_zone* 416auth_zone_create(struct auth_zones* az, uint8_t* nm, size_t nmlen, 417 uint16_t dclass) 418{ 419 struct auth_zone* z = (struct auth_zone*)calloc(1, sizeof(*z)); 420 if(!z) { 421 return NULL; 422 } 423 z->node.key = z; 424 z->dclass = dclass; 425 z->namelen = nmlen; 426 z->namelabs = dname_count_labels(nm); 427 z->name = memdup(nm, nmlen); 428 if(!z->name) { 429 free(z); 430 return NULL; 431 } 432 rbtree_init(&z->data, &auth_data_cmp); 433 lock_rw_init(&z->lock); 434 lock_protect(&z->lock, &z->name, sizeof(*z)-sizeof(rbnode_type)- 435 sizeof(&z->rpz_az_next)-sizeof(&z->rpz_az_prev)); 436 lock_rw_wrlock(&z->lock); 437 /* z lock protects all, except rbtree itself and the rpz linked list 438 * pointers, which are protected using az->lock */ 439 if(!rbtree_insert(&az->ztree, &z->node)) { 440 lock_rw_unlock(&z->lock); 441 auth_zone_delete(z, NULL); 442 log_warn("duplicate auth zone"); 443 return NULL; 444 } 445 return z; 446} 447 448struct auth_zone* 449auth_zone_find(struct auth_zones* az, uint8_t* nm, size_t nmlen, 450 uint16_t dclass) 451{ 452 struct auth_zone key; 453 key.node.key = &key; 454 key.dclass = dclass; 455 key.name = nm; 456 key.namelen = nmlen; 457 key.namelabs = dname_count_labels(nm); 458 return (struct auth_zone*)rbtree_search(&az->ztree, &key); 459} 460 461struct auth_xfer* 462auth_xfer_find(struct auth_zones* az, uint8_t* nm, size_t nmlen, 463 uint16_t dclass) 464{ 465 struct auth_xfer key; 466 key.node.key = &key; 467 key.dclass = dclass; 468 key.name = nm; 469 key.namelen = nmlen; 470 key.namelabs = dname_count_labels(nm); 471 return (struct auth_xfer*)rbtree_search(&az->xtree, &key); 472} 473 474/** find an auth zone or sorted less-or-equal, return true if exact */ 475static int 476auth_zone_find_less_equal(struct auth_zones* az, uint8_t* nm, size_t nmlen, 477 uint16_t dclass, struct auth_zone** z) 478{ 479 struct auth_zone key; 480 key.node.key = &key; 481 key.dclass = dclass; 482 key.name = nm; 483 key.namelen = nmlen; 484 key.namelabs = dname_count_labels(nm); 485 return rbtree_find_less_equal(&az->ztree, &key, (rbnode_type**)z); 486} 487 488 489/** find the auth zone that is above the given name */ 490struct auth_zone* 491auth_zones_find_zone(struct auth_zones* az, uint8_t* name, size_t name_len, 492 uint16_t dclass) 493{ 494 uint8_t* nm = name; 495 size_t nmlen = name_len; 496 struct auth_zone* z; 497 if(auth_zone_find_less_equal(az, nm, nmlen, dclass, &z)) { 498 /* exact match */ 499 return z; 500 } else { 501 /* less-or-nothing */ 502 if(!z) return NULL; /* nothing smaller, nothing above it */ 503 /* we found smaller name; smaller may be above the name, 504 * but not below it. */ 505 nm = dname_get_shared_topdomain(z->name, name); 506 dname_count_size_labels(nm, &nmlen); 507 z = NULL; 508 } 509 510 /* search up */ 511 while(!z) { 512 z = auth_zone_find(az, nm, nmlen, dclass); 513 if(z) return z; 514 if(dname_is_root(nm)) break; 515 dname_remove_label(&nm, &nmlen); 516 } 517 return NULL; 518} 519 520/** find or create zone with name str. caller must have lock on az. 521 * returns a wrlocked zone */ 522static struct auth_zone* 523auth_zones_find_or_add_zone(struct auth_zones* az, char* name) 524{ 525 uint8_t nm[LDNS_MAX_DOMAINLEN+1]; 526 size_t nmlen = sizeof(nm); 527 struct auth_zone* z; 528 529 if(sldns_str2wire_dname_buf(name, nm, &nmlen) != 0) { 530 log_err("cannot parse auth zone name: %s", name); 531 return 0; 532 } 533 z = auth_zone_find(az, nm, nmlen, LDNS_RR_CLASS_IN); 534 if(!z) { 535 /* not found, create the zone */ 536 z = auth_zone_create(az, nm, nmlen, LDNS_RR_CLASS_IN); 537 } else { 538 lock_rw_wrlock(&z->lock); 539 } 540 return z; 541} 542 543/** find or create xfer zone with name str. caller must have lock on az. 544 * returns a locked xfer */ 545static struct auth_xfer* 546auth_zones_find_or_add_xfer(struct auth_zones* az, struct auth_zone* z) 547{ 548 struct auth_xfer* x; 549 x = auth_xfer_find(az, z->name, z->namelen, z->dclass); 550 if(!x) { 551 /* not found, create the zone */ 552 x = auth_xfer_create(az, z); 553 } else { 554 lock_basic_lock(&x->lock); 555 } 556 return x; 557} 558 559int 560auth_zone_set_zonefile(struct auth_zone* z, char* zonefile) 561{ 562 if(z->zonefile) free(z->zonefile); 563 if(zonefile == NULL) { 564 z->zonefile = NULL; 565 } else { 566 z->zonefile = strdup(zonefile); 567 if(!z->zonefile) { 568 log_err("malloc failure"); 569 return 0; 570 } 571 } 572 return 1; 573} 574 575/** set auth zone fallback. caller must have lock on zone */ 576int 577auth_zone_set_fallback(struct auth_zone* z, char* fallbackstr) 578{ 579 if(strcmp(fallbackstr, "yes") != 0 && strcmp(fallbackstr, "no") != 0){ 580 log_err("auth zone fallback, expected yes or no, got %s", 581 fallbackstr); 582 return 0; 583 } 584 z->fallback_enabled = (strcmp(fallbackstr, "yes")==0); 585 return 1; 586} 587 588/** create domain with the given name */ 589static struct auth_data* 590az_domain_create(struct auth_zone* z, uint8_t* nm, size_t nmlen) 591{ 592 struct auth_data* n = (struct auth_data*)malloc(sizeof(*n)); 593 if(!n) return NULL; 594 memset(n, 0, sizeof(*n)); 595 n->node.key = n; 596 n->name = memdup(nm, nmlen); 597 if(!n->name) { 598 free(n); 599 return NULL; 600 } 601 n->namelen = nmlen; 602 n->namelabs = dname_count_labels(nm); 603 if(!rbtree_insert(&z->data, &n->node)) { 604 log_warn("duplicate auth domain name"); 605 free(n->name); 606 free(n); 607 return NULL; 608 } 609 return n; 610} 611 612/** find domain with exactly the given name */ 613static struct auth_data* 614az_find_name(struct auth_zone* z, uint8_t* nm, size_t nmlen) 615{ 616 struct auth_zone key; 617 key.node.key = &key; 618 key.name = nm; 619 key.namelen = nmlen; 620 key.namelabs = dname_count_labels(nm); 621 return (struct auth_data*)rbtree_search(&z->data, &key); 622} 623 624/** Find domain name (or closest match) */ 625static void 626az_find_domain(struct auth_zone* z, struct query_info* qinfo, int* node_exact, 627 struct auth_data** node) 628{ 629 struct auth_zone key; 630 key.node.key = &key; 631 key.name = qinfo->qname; 632 key.namelen = qinfo->qname_len; 633 key.namelabs = dname_count_labels(key.name); 634 *node_exact = rbtree_find_less_equal(&z->data, &key, 635 (rbnode_type**)node); 636} 637 638/** find or create domain with name in zone */ 639static struct auth_data* 640az_domain_find_or_create(struct auth_zone* z, uint8_t* dname, 641 size_t dname_len) 642{ 643 struct auth_data* n = az_find_name(z, dname, dname_len); 644 if(!n) { 645 n = az_domain_create(z, dname, dname_len); 646 } 647 return n; 648} 649 650/** find rrset of given type in the domain */ 651static struct auth_rrset* 652az_domain_rrset(struct auth_data* n, uint16_t t) 653{ 654 struct auth_rrset* rrset; 655 if(!n) return NULL; 656 rrset = n->rrsets; 657 while(rrset) { 658 if(rrset->type == t) 659 return rrset; 660 rrset = rrset->next; 661 } 662 return NULL; 663} 664 665/** remove rrset of this type from domain */ 666static void 667domain_remove_rrset(struct auth_data* node, uint16_t rr_type) 668{ 669 struct auth_rrset* rrset, *prev; 670 if(!node) return; 671 prev = NULL; 672 rrset = node->rrsets; 673 while(rrset) { 674 if(rrset->type == rr_type) { 675 /* found it, now delete it */ 676 if(prev) prev->next = rrset->next; 677 else node->rrsets = rrset->next; 678 auth_rrset_delete(rrset); 679 return; 680 } 681 prev = rrset; 682 rrset = rrset->next; 683 } 684} 685 686/** find an rrsig index in the rrset. returns true if found */ 687static int 688az_rrset_find_rrsig(struct packed_rrset_data* d, uint8_t* rdata, size_t len, 689 size_t* index) 690{ 691 size_t i; 692 for(i=d->count; i<d->count + d->rrsig_count; i++) { 693 if(d->rr_len[i] != len) 694 continue; 695 if(memcmp(d->rr_data[i], rdata, len) == 0) { 696 *index = i; 697 return 1; 698 } 699 } 700 return 0; 701} 702 703/** see if rdata is duplicate */ 704static int 705rdata_duplicate(struct packed_rrset_data* d, uint8_t* rdata, size_t len) 706{ 707 size_t i; 708 for(i=0; i<d->count + d->rrsig_count; i++) { 709 if(d->rr_len[i] != len) 710 continue; 711 if(memcmp(d->rr_data[i], rdata, len) == 0) 712 return 1; 713 } 714 return 0; 715} 716 717/** get rrsig type covered from rdata. 718 * @param rdata: rdata in wireformat, starting with 16bit rdlength. 719 * @param rdatalen: length of rdata buffer. 720 * @return type covered (or 0). 721 */ 722static uint16_t 723rrsig_rdata_get_type_covered(uint8_t* rdata, size_t rdatalen) 724{ 725 if(rdatalen < 4) 726 return 0; 727 return sldns_read_uint16(rdata+2); 728} 729 730/** remove RR from existing RRset. Also sig, if it is a signature. 731 * reallocates the packed rrset for a new one, false on alloc failure */ 732static int 733rrset_remove_rr(struct auth_rrset* rrset, size_t index) 734{ 735 struct packed_rrset_data* d, *old = rrset->data; 736 size_t i; 737 if(index >= old->count + old->rrsig_count) 738 return 0; /* index out of bounds */ 739 d = (struct packed_rrset_data*)calloc(1, packed_rrset_sizeof(old) - ( 740 sizeof(size_t) + sizeof(uint8_t*) + sizeof(time_t) + 741 old->rr_len[index])); 742 if(!d) { 743 log_err("malloc failure"); 744 return 0; 745 } 746 d->ttl = old->ttl; 747 d->count = old->count; 748 d->rrsig_count = old->rrsig_count; 749 if(index < d->count) d->count--; 750 else d->rrsig_count--; 751 d->trust = old->trust; 752 d->security = old->security; 753 754 /* set rr_len, needed for ptr_fixup */ 755 d->rr_len = (size_t*)((uint8_t*)d + 756 sizeof(struct packed_rrset_data)); 757 if(index > 0) 758 memmove(d->rr_len, old->rr_len, (index)*sizeof(size_t)); 759 if(index+1 < old->count+old->rrsig_count) 760 memmove(&d->rr_len[index], &old->rr_len[index+1], 761 (old->count+old->rrsig_count - (index+1))*sizeof(size_t)); 762 packed_rrset_ptr_fixup(d); 763 764 /* move over ttls */ 765 if(index > 0) 766 memmove(d->rr_ttl, old->rr_ttl, (index)*sizeof(time_t)); 767 if(index+1 < old->count+old->rrsig_count) 768 memmove(&d->rr_ttl[index], &old->rr_ttl[index+1], 769 (old->count+old->rrsig_count - (index+1))*sizeof(time_t)); 770 771 /* move over rr_data */ 772 for(i=0; i<d->count+d->rrsig_count; i++) { 773 size_t oldi; 774 if(i < index) oldi = i; 775 else oldi = i+1; 776 memmove(d->rr_data[i], old->rr_data[oldi], d->rr_len[i]); 777 } 778 779 /* recalc ttl (lowest of remaining RR ttls) */ 780 if(d->count + d->rrsig_count > 0) 781 d->ttl = d->rr_ttl[0]; 782 for(i=0; i<d->count+d->rrsig_count; i++) { 783 if(d->rr_ttl[i] < d->ttl) 784 d->ttl = d->rr_ttl[i]; 785 } 786 787 free(rrset->data); 788 rrset->data = d; 789 return 1; 790} 791 792/** add RR to existing RRset. If insert_sig is true, add to rrsigs. 793 * This reallocates the packed rrset for a new one */ 794static int 795rrset_add_rr(struct auth_rrset* rrset, uint32_t rr_ttl, uint8_t* rdata, 796 size_t rdatalen, int insert_sig) 797{ 798 struct packed_rrset_data* d, *old = rrset->data; 799 size_t total, old_total; 800 801 d = (struct packed_rrset_data*)calloc(1, packed_rrset_sizeof(old) 802 + sizeof(size_t) + sizeof(uint8_t*) + sizeof(time_t) 803 + rdatalen); 804 if(!d) { 805 log_err("out of memory"); 806 return 0; 807 } 808 /* copy base values */ 809 memcpy(d, old, sizeof(struct packed_rrset_data)); 810 if(!insert_sig) { 811 d->count++; 812 } else { 813 d->rrsig_count++; 814 } 815 old_total = old->count + old->rrsig_count; 816 total = d->count + d->rrsig_count; 817 /* set rr_len, needed for ptr_fixup */ 818 d->rr_len = (size_t*)((uint8_t*)d + 819 sizeof(struct packed_rrset_data)); 820 if(old->count != 0) 821 memmove(d->rr_len, old->rr_len, old->count*sizeof(size_t)); 822 if(old->rrsig_count != 0) 823 memmove(d->rr_len+d->count, old->rr_len+old->count, 824 old->rrsig_count*sizeof(size_t)); 825 if(!insert_sig) 826 d->rr_len[d->count-1] = rdatalen; 827 else d->rr_len[total-1] = rdatalen; 828 packed_rrset_ptr_fixup(d); 829 if((time_t)rr_ttl < d->ttl) 830 d->ttl = rr_ttl; 831 832 /* copy old values into new array */ 833 if(old->count != 0) { 834 memmove(d->rr_ttl, old->rr_ttl, old->count*sizeof(time_t)); 835 /* all the old rr pieces are allocated sequential, so we 836 * can copy them in one go */ 837 memmove(d->rr_data[0], old->rr_data[0], 838 (old->rr_data[old->count-1] - old->rr_data[0]) + 839 old->rr_len[old->count-1]); 840 } 841 if(old->rrsig_count != 0) { 842 memmove(d->rr_ttl+d->count, old->rr_ttl+old->count, 843 old->rrsig_count*sizeof(time_t)); 844 memmove(d->rr_data[d->count], old->rr_data[old->count], 845 (old->rr_data[old_total-1] - old->rr_data[old->count]) + 846 old->rr_len[old_total-1]); 847 } 848 849 /* insert new value */ 850 if(!insert_sig) { 851 d->rr_ttl[d->count-1] = rr_ttl; 852 memmove(d->rr_data[d->count-1], rdata, rdatalen); 853 } else { 854 d->rr_ttl[total-1] = rr_ttl; 855 memmove(d->rr_data[total-1], rdata, rdatalen); 856 } 857 858 rrset->data = d; 859 free(old); 860 return 1; 861} 862 863/** Create new rrset for node with packed rrset with one RR element */ 864static struct auth_rrset* 865rrset_create(struct auth_data* node, uint16_t rr_type, uint32_t rr_ttl, 866 uint8_t* rdata, size_t rdatalen) 867{ 868 struct auth_rrset* rrset = (struct auth_rrset*)calloc(1, 869 sizeof(*rrset)); 870 struct auth_rrset* p, *prev; 871 struct packed_rrset_data* d; 872 if(!rrset) { 873 log_err("out of memory"); 874 return NULL; 875 } 876 rrset->type = rr_type; 877 878 /* the rrset data structure, with one RR */ 879 d = (struct packed_rrset_data*)calloc(1, 880 sizeof(struct packed_rrset_data) + sizeof(size_t) + 881 sizeof(uint8_t*) + sizeof(time_t) + rdatalen); 882 if(!d) { 883 free(rrset); 884 log_err("out of memory"); 885 return NULL; 886 } 887 rrset->data = d; 888 d->ttl = rr_ttl; 889 d->trust = rrset_trust_prim_noglue; 890 d->rr_len = (size_t*)((uint8_t*)d + sizeof(struct packed_rrset_data)); 891 d->rr_data = (uint8_t**)&(d->rr_len[1]); 892 d->rr_ttl = (time_t*)&(d->rr_data[1]); 893 d->rr_data[0] = (uint8_t*)&(d->rr_ttl[1]); 894 895 /* insert the RR */ 896 d->rr_len[0] = rdatalen; 897 d->rr_ttl[0] = rr_ttl; 898 memmove(d->rr_data[0], rdata, rdatalen); 899 d->count++; 900 901 /* insert rrset into linked list for domain */ 902 /* find sorted place to link the rrset into the list */ 903 prev = NULL; 904 p = node->rrsets; 905 while(p && p->type<=rr_type) { 906 prev = p; 907 p = p->next; 908 } 909 /* so, prev is smaller, and p is larger than rr_type */ 910 rrset->next = p; 911 if(prev) prev->next = rrset; 912 else node->rrsets = rrset; 913 return rrset; 914} 915 916/** count number (and size) of rrsigs that cover a type */ 917static size_t 918rrsig_num_that_cover(struct auth_rrset* rrsig, uint16_t rr_type, size_t* sigsz) 919{ 920 struct packed_rrset_data* d = rrsig->data; 921 size_t i, num = 0; 922 *sigsz = 0; 923 log_assert(d && rrsig->type == LDNS_RR_TYPE_RRSIG); 924 for(i=0; i<d->count+d->rrsig_count; i++) { 925 if(rrsig_rdata_get_type_covered(d->rr_data[i], 926 d->rr_len[i]) == rr_type) { 927 num++; 928 (*sigsz) += d->rr_len[i]; 929 } 930 } 931 return num; 932} 933 934/** See if rrsig set has covered sigs for rrset and move them over */ 935static int 936rrset_moveover_rrsigs(struct auth_data* node, uint16_t rr_type, 937 struct auth_rrset* rrset, struct auth_rrset* rrsig) 938{ 939 size_t sigs, sigsz, i, j, total; 940 struct packed_rrset_data* sigold = rrsig->data; 941 struct packed_rrset_data* old = rrset->data; 942 struct packed_rrset_data* d, *sigd; 943 944 log_assert(rrset->type == rr_type); 945 log_assert(rrsig->type == LDNS_RR_TYPE_RRSIG); 946 sigs = rrsig_num_that_cover(rrsig, rr_type, &sigsz); 947 if(sigs == 0) { 948 /* 0 rrsigs to move over, done */ 949 return 1; 950 } 951 952 /* allocate rrset sigsz larger for extra sigs elements, and 953 * allocate rrsig sigsz smaller for less sigs elements. */ 954 d = (struct packed_rrset_data*)calloc(1, packed_rrset_sizeof(old) 955 + sigs*(sizeof(size_t) + sizeof(uint8_t*) + sizeof(time_t)) 956 + sigsz); 957 if(!d) { 958 log_err("out of memory"); 959 return 0; 960 } 961 /* copy base values */ 962 total = old->count + old->rrsig_count; 963 memcpy(d, old, sizeof(struct packed_rrset_data)); 964 d->rrsig_count += sigs; 965 /* setup rr_len */ 966 d->rr_len = (size_t*)((uint8_t*)d + 967 sizeof(struct packed_rrset_data)); 968 if(total != 0) 969 memmove(d->rr_len, old->rr_len, total*sizeof(size_t)); 970 j = d->count+d->rrsig_count-sigs; 971 for(i=0; i<sigold->count+sigold->rrsig_count; i++) { 972 if(rrsig_rdata_get_type_covered(sigold->rr_data[i], 973 sigold->rr_len[i]) == rr_type) { 974 d->rr_len[j] = sigold->rr_len[i]; 975 j++; 976 } 977 } 978 packed_rrset_ptr_fixup(d); 979 980 /* copy old values into new array */ 981 if(total != 0) { 982 memmove(d->rr_ttl, old->rr_ttl, total*sizeof(time_t)); 983 /* all the old rr pieces are allocated sequential, so we 984 * can copy them in one go */ 985 memmove(d->rr_data[0], old->rr_data[0], 986 (old->rr_data[total-1] - old->rr_data[0]) + 987 old->rr_len[total-1]); 988 } 989 990 /* move over the rrsigs to the larger rrset*/ 991 j = d->count+d->rrsig_count-sigs; 992 for(i=0; i<sigold->count+sigold->rrsig_count; i++) { 993 if(rrsig_rdata_get_type_covered(sigold->rr_data[i], 994 sigold->rr_len[i]) == rr_type) { 995 /* move this one over to location j */ 996 d->rr_ttl[j] = sigold->rr_ttl[i]; 997 memmove(d->rr_data[j], sigold->rr_data[i], 998 sigold->rr_len[i]); 999 if(d->rr_ttl[j] < d->ttl) 1000 d->ttl = d->rr_ttl[j]; 1001 j++; 1002 } 1003 } 1004 1005 /* put it in and deallocate the old rrset */ 1006 rrset->data = d; 1007 free(old); 1008 1009 /* now make rrsig set smaller */ 1010 if(sigold->count+sigold->rrsig_count == sigs) { 1011 /* remove all sigs from rrsig, remove it entirely */ 1012 domain_remove_rrset(node, LDNS_RR_TYPE_RRSIG); 1013 return 1; 1014 } 1015 log_assert(packed_rrset_sizeof(sigold) > sigs*(sizeof(size_t) + 1016 sizeof(uint8_t*) + sizeof(time_t)) + sigsz); 1017 sigd = (struct packed_rrset_data*)calloc(1, packed_rrset_sizeof(sigold) 1018 - sigs*(sizeof(size_t) + sizeof(uint8_t*) + sizeof(time_t)) 1019 - sigsz); 1020 if(!sigd) { 1021 /* no need to free up d, it has already been placed in the 1022 * node->rrset structure */ 1023 log_err("out of memory"); 1024 return 0; 1025 } 1026 /* copy base values */ 1027 memcpy(sigd, sigold, sizeof(struct packed_rrset_data)); 1028 /* in sigd the RRSIGs are stored in the base of the RR, in count */ 1029 sigd->count -= sigs; 1030 /* setup rr_len */ 1031 sigd->rr_len = (size_t*)((uint8_t*)sigd + 1032 sizeof(struct packed_rrset_data)); 1033 j = 0; 1034 for(i=0; i<sigold->count+sigold->rrsig_count; i++) { 1035 if(rrsig_rdata_get_type_covered(sigold->rr_data[i], 1036 sigold->rr_len[i]) != rr_type) { 1037 sigd->rr_len[j] = sigold->rr_len[i]; 1038 j++; 1039 } 1040 } 1041 packed_rrset_ptr_fixup(sigd); 1042 1043 /* copy old values into new rrsig array */ 1044 j = 0; 1045 for(i=0; i<sigold->count+sigold->rrsig_count; i++) { 1046 if(rrsig_rdata_get_type_covered(sigold->rr_data[i], 1047 sigold->rr_len[i]) != rr_type) { 1048 /* move this one over to location j */ 1049 sigd->rr_ttl[j] = sigold->rr_ttl[i]; 1050 memmove(sigd->rr_data[j], sigold->rr_data[i], 1051 sigold->rr_len[i]); 1052 if(j==0) sigd->ttl = sigd->rr_ttl[j]; 1053 else { 1054 if(sigd->rr_ttl[j] < sigd->ttl) 1055 sigd->ttl = sigd->rr_ttl[j]; 1056 } 1057 j++; 1058 } 1059 } 1060 1061 /* put it in and deallocate the old rrset */ 1062 rrsig->data = sigd; 1063 free(sigold); 1064 1065 return 1; 1066} 1067 1068/** copy the rrsigs from the rrset to the rrsig rrset, because the rrset 1069 * is going to be deleted. reallocates the RRSIG rrset data. */ 1070static int 1071rrsigs_copy_from_rrset_to_rrsigset(struct auth_rrset* rrset, 1072 struct auth_rrset* rrsigset) 1073{ 1074 size_t i; 1075 if(rrset->data->rrsig_count == 0) 1076 return 1; 1077 1078 /* move them over one by one, because there might be duplicates, 1079 * duplicates are ignored */ 1080 for(i=rrset->data->count; 1081 i<rrset->data->count+rrset->data->rrsig_count; i++) { 1082 uint8_t* rdata = rrset->data->rr_data[i]; 1083 size_t rdatalen = rrset->data->rr_len[i]; 1084 time_t rr_ttl = rrset->data->rr_ttl[i]; 1085 1086 if(rdata_duplicate(rrsigset->data, rdata, rdatalen)) { 1087 continue; 1088 } 1089 if(!rrset_add_rr(rrsigset, rr_ttl, rdata, rdatalen, 0)) 1090 return 0; 1091 } 1092 return 1; 1093} 1094 1095/** Add rr to node, ignores duplicate RRs, 1096 * rdata points to buffer with rdatalen octets, starts with 2bytelength. */ 1097static int 1098az_domain_add_rr(struct auth_data* node, uint16_t rr_type, uint32_t rr_ttl, 1099 uint8_t* rdata, size_t rdatalen, int* duplicate) 1100{ 1101 struct auth_rrset* rrset; 1102 /* packed rrsets have their rrsigs along with them, sort them out */ 1103 if(rr_type == LDNS_RR_TYPE_RRSIG) { 1104 uint16_t ctype = rrsig_rdata_get_type_covered(rdata, rdatalen); 1105 if((rrset=az_domain_rrset(node, ctype))!= NULL) { 1106 /* a node of the correct type exists, add the RRSIG 1107 * to the rrset of the covered data type */ 1108 if(rdata_duplicate(rrset->data, rdata, rdatalen)) { 1109 if(duplicate) *duplicate = 1; 1110 return 1; 1111 } 1112 if(!rrset_add_rr(rrset, rr_ttl, rdata, rdatalen, 1)) 1113 return 0; 1114 } else if((rrset=az_domain_rrset(node, rr_type))!= NULL) { 1115 /* add RRSIG to rrset of type RRSIG */ 1116 if(rdata_duplicate(rrset->data, rdata, rdatalen)) { 1117 if(duplicate) *duplicate = 1; 1118 return 1; 1119 } 1120 if(!rrset_add_rr(rrset, rr_ttl, rdata, rdatalen, 0)) 1121 return 0; 1122 } else { 1123 /* create rrset of type RRSIG */ 1124 if(!rrset_create(node, rr_type, rr_ttl, rdata, 1125 rdatalen)) 1126 return 0; 1127 } 1128 } else { 1129 /* normal RR type */ 1130 if((rrset=az_domain_rrset(node, rr_type))!= NULL) { 1131 /* add data to existing node with data type */ 1132 if(rdata_duplicate(rrset->data, rdata, rdatalen)) { 1133 if(duplicate) *duplicate = 1; 1134 return 1; 1135 } 1136 if(!rrset_add_rr(rrset, rr_ttl, rdata, rdatalen, 0)) 1137 return 0; 1138 } else { 1139 struct auth_rrset* rrsig; 1140 /* create new node with data type */ 1141 if(!(rrset=rrset_create(node, rr_type, rr_ttl, rdata, 1142 rdatalen))) 1143 return 0; 1144 1145 /* see if node of type RRSIG has signatures that 1146 * cover the data type, and move them over */ 1147 /* and then make the RRSIG type smaller */ 1148 if((rrsig=az_domain_rrset(node, LDNS_RR_TYPE_RRSIG)) 1149 != NULL) { 1150 if(!rrset_moveover_rrsigs(node, rr_type, 1151 rrset, rrsig)) 1152 return 0; 1153 } 1154 } 1155 } 1156 return 1; 1157} 1158 1159/** insert RR into zone, ignore duplicates */ 1160static int 1161az_insert_rr(struct auth_zone* z, uint8_t* rr, size_t rr_len, 1162 size_t dname_len, int* duplicate) 1163{ 1164 struct auth_data* node; 1165 uint8_t* dname = rr; 1166 uint16_t rr_type = sldns_wirerr_get_type(rr, rr_len, dname_len); 1167 uint16_t rr_class = sldns_wirerr_get_class(rr, rr_len, dname_len); 1168 uint32_t rr_ttl = sldns_wirerr_get_ttl(rr, rr_len, dname_len); 1169 size_t rdatalen = ((size_t)sldns_wirerr_get_rdatalen(rr, rr_len, 1170 dname_len))+2; 1171 /* rdata points to rdata prefixed with uint16 rdatalength */ 1172 uint8_t* rdata = sldns_wirerr_get_rdatawl(rr, rr_len, dname_len); 1173 1174 if(rr_class != z->dclass) { 1175 log_err("wrong class for RR"); 1176 return 0; 1177 } 1178 if(!(node=az_domain_find_or_create(z, dname, dname_len))) { 1179 log_err("cannot create domain"); 1180 return 0; 1181 } 1182 if(!az_domain_add_rr(node, rr_type, rr_ttl, rdata, rdatalen, 1183 duplicate)) { 1184 log_err("cannot add RR to domain"); 1185 return 0; 1186 } 1187 if(z->rpz) { 1188 if(!(rpz_insert_rr(z->rpz, z->name, z->namelen, dname, 1189 dname_len, rr_type, rr_class, rr_ttl, rdata, rdatalen, 1190 rr, rr_len))) 1191 return 0; 1192 } 1193 return 1; 1194} 1195 1196/** Remove rr from node, ignores nonexisting RRs, 1197 * rdata points to buffer with rdatalen octets, starts with 2bytelength. */ 1198static int 1199az_domain_remove_rr(struct auth_data* node, uint16_t rr_type, 1200 uint8_t* rdata, size_t rdatalen, int* nonexist) 1201{ 1202 struct auth_rrset* rrset; 1203 size_t index = 0; 1204 1205 /* find the plain RR of the given type */ 1206 if((rrset=az_domain_rrset(node, rr_type))!= NULL) { 1207 if(packed_rrset_find_rr(rrset->data, rdata, rdatalen, &index)) { 1208 if(rrset->data->count == 1 && 1209 rrset->data->rrsig_count == 0) { 1210 /* last RR, delete the rrset */ 1211 domain_remove_rrset(node, rr_type); 1212 } else if(rrset->data->count == 1 && 1213 rrset->data->rrsig_count != 0) { 1214 /* move RRSIGs to the RRSIG rrset, or 1215 * this one becomes that RRset */ 1216 struct auth_rrset* rrsigset = az_domain_rrset( 1217 node, LDNS_RR_TYPE_RRSIG); 1218 if(rrsigset) { 1219 /* move left over rrsigs to the 1220 * existing rrset of type RRSIG */ 1221 rrsigs_copy_from_rrset_to_rrsigset( 1222 rrset, rrsigset); 1223 /* and then delete the rrset */ 1224 domain_remove_rrset(node, rr_type); 1225 } else { 1226 /* no rrset of type RRSIG, this 1227 * set is now of that type, 1228 * just remove the rr */ 1229 if(!rrset_remove_rr(rrset, index)) 1230 return 0; 1231 rrset->type = LDNS_RR_TYPE_RRSIG; 1232 rrset->data->count = rrset->data->rrsig_count; 1233 rrset->data->rrsig_count = 0; 1234 } 1235 } else { 1236 /* remove the RR from the rrset */ 1237 if(!rrset_remove_rr(rrset, index)) 1238 return 0; 1239 } 1240 return 1; 1241 } 1242 /* rr not found in rrset */ 1243 } 1244 1245 /* is it a type RRSIG, look under the covered type */ 1246 if(rr_type == LDNS_RR_TYPE_RRSIG) { 1247 uint16_t ctype = rrsig_rdata_get_type_covered(rdata, rdatalen); 1248 if((rrset=az_domain_rrset(node, ctype))!= NULL) { 1249 if(az_rrset_find_rrsig(rrset->data, rdata, rdatalen, 1250 &index)) { 1251 /* rrsig should have d->count > 0, be 1252 * over some rr of that type */ 1253 /* remove the rrsig from the rrsigs list of the 1254 * rrset */ 1255 if(!rrset_remove_rr(rrset, index)) 1256 return 0; 1257 return 1; 1258 } 1259 } 1260 /* also RRSIG not found */ 1261 } 1262 1263 /* nothing found to delete */ 1264 if(nonexist) *nonexist = 1; 1265 return 1; 1266} 1267 1268/** remove RR from zone, ignore if it does not exist, false on alloc failure*/ 1269static int 1270az_remove_rr(struct auth_zone* z, uint8_t* rr, size_t rr_len, 1271 size_t dname_len, int* nonexist) 1272{ 1273 struct auth_data* node; 1274 uint8_t* dname = rr; 1275 uint16_t rr_type = sldns_wirerr_get_type(rr, rr_len, dname_len); 1276 uint16_t rr_class = sldns_wirerr_get_class(rr, rr_len, dname_len); 1277 size_t rdatalen = ((size_t)sldns_wirerr_get_rdatalen(rr, rr_len, 1278 dname_len))+2; 1279 /* rdata points to rdata prefixed with uint16 rdatalength */ 1280 uint8_t* rdata = sldns_wirerr_get_rdatawl(rr, rr_len, dname_len); 1281 1282 if(rr_class != z->dclass) { 1283 log_err("wrong class for RR"); 1284 /* really also a nonexisting entry, because no records 1285 * of that class in the zone, but return an error because 1286 * getting records of the wrong class is a failure of the 1287 * zone transfer */ 1288 return 0; 1289 } 1290 node = az_find_name(z, dname, dname_len); 1291 if(!node) { 1292 /* node with that name does not exist */ 1293 /* nonexisting entry, because no such name */ 1294 *nonexist = 1; 1295 return 1; 1296 } 1297 if(!az_domain_remove_rr(node, rr_type, rdata, rdatalen, nonexist)) { 1298 /* alloc failure or so */ 1299 return 0; 1300 } 1301 /* remove the node, if necessary */ 1302 /* an rrsets==NULL entry is not kept around for empty nonterminals, 1303 * and also parent nodes are not kept around, so we just delete it */ 1304 if(node->rrsets == NULL) { 1305 (void)rbtree_delete(&z->data, node); 1306 auth_data_delete(node); 1307 } 1308 if(z->rpz) { 1309 rpz_remove_rr(z->rpz, z->name, z->namelen, dname, dname_len, 1310 rr_type, rr_class, rdata, rdatalen); 1311 } 1312 return 1; 1313} 1314 1315/** decompress an RR into the buffer where it'll be an uncompressed RR 1316 * with uncompressed dname and uncompressed rdata (dnames) */ 1317static int 1318decompress_rr_into_buffer(struct sldns_buffer* buf, uint8_t* pkt, 1319 size_t pktlen, uint8_t* dname, uint16_t rr_type, uint16_t rr_class, 1320 uint32_t rr_ttl, uint8_t* rr_data, uint16_t rr_rdlen) 1321{ 1322 sldns_buffer pktbuf; 1323 size_t dname_len = 0; 1324 size_t rdlenpos; 1325 size_t rdlen; 1326 uint8_t* rd; 1327 const sldns_rr_descriptor* desc; 1328 sldns_buffer_init_frm_data(&pktbuf, pkt, pktlen); 1329 sldns_buffer_clear(buf); 1330 1331 /* decompress dname */ 1332 sldns_buffer_set_position(&pktbuf, 1333 (size_t)(dname - sldns_buffer_current(&pktbuf))); 1334 dname_len = pkt_dname_len(&pktbuf); 1335 if(dname_len == 0) return 0; /* parse fail on dname */ 1336 if(!sldns_buffer_available(buf, dname_len)) return 0; 1337 dname_pkt_copy(&pktbuf, sldns_buffer_current(buf), dname); 1338 sldns_buffer_skip(buf, (ssize_t)dname_len); 1339 1340 /* type, class, ttl and rdatalength fields */ 1341 if(!sldns_buffer_available(buf, 10)) return 0; 1342 sldns_buffer_write_u16(buf, rr_type); 1343 sldns_buffer_write_u16(buf, rr_class); 1344 sldns_buffer_write_u32(buf, rr_ttl); 1345 rdlenpos = sldns_buffer_position(buf); 1346 sldns_buffer_write_u16(buf, 0); /* rd length position */ 1347 1348 /* decompress rdata */ 1349 desc = sldns_rr_descript(rr_type); 1350 rd = rr_data; 1351 rdlen = rr_rdlen; 1352 if(rdlen > 0 && desc && desc->_dname_count > 0) { 1353 int count = (int)desc->_dname_count; 1354 int rdf = 0; 1355 size_t len; /* how much rdata to plain copy */ 1356 size_t uncompressed_len, compressed_len; 1357 size_t oldpos; 1358 /* decompress dnames. */ 1359 while(rdlen > 0 && count) { 1360 switch(desc->_wireformat[rdf]) { 1361 case LDNS_RDF_TYPE_DNAME: 1362 sldns_buffer_set_position(&pktbuf, 1363 (size_t)(rd - 1364 sldns_buffer_begin(&pktbuf))); 1365 oldpos = sldns_buffer_position(&pktbuf); 1366 /* moves pktbuf to right after the 1367 * compressed dname, and returns uncompressed 1368 * dname length */ 1369 uncompressed_len = pkt_dname_len(&pktbuf); 1370 if(!uncompressed_len) 1371 return 0; /* parse error in dname */ 1372 if(!sldns_buffer_available(buf, 1373 uncompressed_len)) 1374 /* dname too long for buffer */ 1375 return 0; 1376 dname_pkt_copy(&pktbuf, 1377 sldns_buffer_current(buf), rd); 1378 sldns_buffer_skip(buf, (ssize_t)uncompressed_len); 1379 compressed_len = sldns_buffer_position( 1380 &pktbuf) - oldpos; 1381 rd += compressed_len; 1382 rdlen -= compressed_len; 1383 count--; 1384 len = 0; 1385 break; 1386 case LDNS_RDF_TYPE_STR: 1387 len = rd[0] + 1; 1388 break; 1389 default: 1390 len = get_rdf_size(desc->_wireformat[rdf]); 1391 break; 1392 } 1393 if(len) { 1394 if(!sldns_buffer_available(buf, len)) 1395 return 0; /* too long for buffer */ 1396 sldns_buffer_write(buf, rd, len); 1397 rd += len; 1398 rdlen -= len; 1399 } 1400 rdf++; 1401 } 1402 } 1403 /* copy remaining data */ 1404 if(rdlen > 0) { 1405 if(!sldns_buffer_available(buf, rdlen)) return 0; 1406 sldns_buffer_write(buf, rd, rdlen); 1407 } 1408 /* fixup rdlength */ 1409 sldns_buffer_write_u16_at(buf, rdlenpos, 1410 sldns_buffer_position(buf)-rdlenpos-2); 1411 sldns_buffer_flip(buf); 1412 return 1; 1413} 1414 1415/** insert RR into zone, from packet, decompress RR, 1416 * if duplicate is nonNULL set the flag but otherwise ignore duplicates */ 1417static int 1418az_insert_rr_decompress(struct auth_zone* z, uint8_t* pkt, size_t pktlen, 1419 struct sldns_buffer* scratch_buffer, uint8_t* dname, uint16_t rr_type, 1420 uint16_t rr_class, uint32_t rr_ttl, uint8_t* rr_data, 1421 uint16_t rr_rdlen, int* duplicate) 1422{ 1423 uint8_t* rr; 1424 size_t rr_len; 1425 size_t dname_len; 1426 if(!decompress_rr_into_buffer(scratch_buffer, pkt, pktlen, dname, 1427 rr_type, rr_class, rr_ttl, rr_data, rr_rdlen)) { 1428 log_err("could not decompress RR"); 1429 return 0; 1430 } 1431 rr = sldns_buffer_begin(scratch_buffer); 1432 rr_len = sldns_buffer_limit(scratch_buffer); 1433 dname_len = dname_valid(rr, rr_len); 1434 return az_insert_rr(z, rr, rr_len, dname_len, duplicate); 1435} 1436 1437/** remove RR from zone, from packet, decompress RR, 1438 * if nonexist is nonNULL set the flag but otherwise ignore nonexisting entries*/ 1439static int 1440az_remove_rr_decompress(struct auth_zone* z, uint8_t* pkt, size_t pktlen, 1441 struct sldns_buffer* scratch_buffer, uint8_t* dname, uint16_t rr_type, 1442 uint16_t rr_class, uint32_t rr_ttl, uint8_t* rr_data, 1443 uint16_t rr_rdlen, int* nonexist) 1444{ 1445 uint8_t* rr; 1446 size_t rr_len; 1447 size_t dname_len; 1448 if(!decompress_rr_into_buffer(scratch_buffer, pkt, pktlen, dname, 1449 rr_type, rr_class, rr_ttl, rr_data, rr_rdlen)) { 1450 log_err("could not decompress RR"); 1451 return 0; 1452 } 1453 rr = sldns_buffer_begin(scratch_buffer); 1454 rr_len = sldns_buffer_limit(scratch_buffer); 1455 dname_len = dname_valid(rr, rr_len); 1456 return az_remove_rr(z, rr, rr_len, dname_len, nonexist); 1457} 1458 1459/** 1460 * Parse zonefile 1461 * @param z: zone to read in. 1462 * @param in: file to read from (just opened). 1463 * @param rr: buffer to use for RRs, 64k. 1464 * passed so that recursive includes can use the same buffer and do 1465 * not grow the stack too much. 1466 * @param rrbuflen: sizeof rr buffer. 1467 * @param state: parse state with $ORIGIN, $TTL and 'prev-dname' and so on, 1468 * that is kept between includes. 1469 * The lineno is set at 1 and then increased by the function. 1470 * @param fname: file name. 1471 * @param depth: recursion depth for includes 1472 * @param cfg: config for chroot. 1473 * returns false on failure, has printed an error message 1474 */ 1475static int 1476az_parse_file(struct auth_zone* z, FILE* in, uint8_t* rr, size_t rrbuflen, 1477 struct sldns_file_parse_state* state, char* fname, int depth, 1478 struct config_file* cfg) 1479{ 1480 size_t rr_len, dname_len; 1481 int status; 1482 state->lineno = 1; 1483 1484 while(!feof(in)) { 1485 rr_len = rrbuflen; 1486 dname_len = 0; 1487 status = sldns_fp2wire_rr_buf(in, rr, &rr_len, &dname_len, 1488 state); 1489 if(status == LDNS_WIREPARSE_ERR_INCLUDE && rr_len == 0) { 1490 /* we have $INCLUDE or $something */ 1491 if(strncmp((char*)rr, "$INCLUDE ", 9) == 0 || 1492 strncmp((char*)rr, "$INCLUDE\t", 9) == 0) { 1493 FILE* inc; 1494 int lineno_orig = state->lineno; 1495 char* incfile = (char*)rr + 8; 1496 if(depth > MAX_INCLUDE_DEPTH) { 1497 log_err("%s:%d max include depth" 1498 "exceeded", fname, state->lineno); 1499 return 0; 1500 } 1501 /* skip spaces */ 1502 while(*incfile == ' ' || *incfile == '\t') 1503 incfile++; 1504 /* adjust for chroot on include file */ 1505 if(cfg->chrootdir && cfg->chrootdir[0] && 1506 strncmp(incfile, cfg->chrootdir, 1507 strlen(cfg->chrootdir)) == 0) 1508 incfile += strlen(cfg->chrootdir); 1509 incfile = strdup(incfile); 1510 if(!incfile) { 1511 log_err("malloc failure"); 1512 return 0; 1513 } 1514 verbose(VERB_ALGO, "opening $INCLUDE %s", 1515 incfile); 1516 inc = fopen(incfile, "r"); 1517 if(!inc) { 1518 log_err("%s:%d cannot open include " 1519 "file %s: %s", fname, 1520 lineno_orig, incfile, 1521 strerror(errno)); 1522 free(incfile); 1523 return 0; 1524 } 1525 /* recurse read that file now */ 1526 if(!az_parse_file(z, inc, rr, rrbuflen, 1527 state, incfile, depth+1, cfg)) { 1528 log_err("%s:%d cannot parse include " 1529 "file %s", fname, 1530 lineno_orig, incfile); 1531 fclose(inc); 1532 free(incfile); 1533 return 0; 1534 } 1535 fclose(inc); 1536 verbose(VERB_ALGO, "done with $INCLUDE %s", 1537 incfile); 1538 free(incfile); 1539 state->lineno = lineno_orig; 1540 } 1541 continue; 1542 } 1543 if(status != 0) { 1544 log_err("parse error %s %d:%d: %s", fname, 1545 state->lineno, LDNS_WIREPARSE_OFFSET(status), 1546 sldns_get_errorstr_parse(status)); 1547 return 0; 1548 } 1549 if(rr_len == 0) { 1550 /* EMPTY line, TTL or ORIGIN */ 1551 continue; 1552 } 1553 /* insert wirerr in rrbuf */ 1554 if(!az_insert_rr(z, rr, rr_len, dname_len, NULL)) { 1555 char buf[17]; 1556 sldns_wire2str_type_buf(sldns_wirerr_get_type(rr, 1557 rr_len, dname_len), buf, sizeof(buf)); 1558 log_err("%s:%d cannot insert RR of type %s", 1559 fname, state->lineno, buf); 1560 return 0; 1561 } 1562 } 1563 return 1; 1564} 1565 1566int 1567auth_zone_read_zonefile(struct auth_zone* z, struct config_file* cfg) 1568{ 1569 uint8_t rr[LDNS_RR_BUF_SIZE]; 1570 struct sldns_file_parse_state state; 1571 char* zfilename; 1572 FILE* in; 1573 if(!z || !z->zonefile || z->zonefile[0]==0) 1574 return 1; /* no file, or "", nothing to read */ 1575 1576 zfilename = z->zonefile; 1577 if(cfg->chrootdir && cfg->chrootdir[0] && strncmp(zfilename, 1578 cfg->chrootdir, strlen(cfg->chrootdir)) == 0) 1579 zfilename += strlen(cfg->chrootdir); 1580 if(verbosity >= VERB_ALGO) { 1581 char nm[255+1]; 1582 dname_str(z->name, nm); 1583 verbose(VERB_ALGO, "read zonefile %s for %s", zfilename, nm); 1584 } 1585 in = fopen(zfilename, "r"); 1586 if(!in) { 1587 char* n = sldns_wire2str_dname(z->name, z->namelen); 1588 if(z->zone_is_slave && errno == ENOENT) { 1589 /* we fetch the zone contents later, no file yet */ 1590 verbose(VERB_ALGO, "no zonefile %s for %s", 1591 zfilename, n?n:"error"); 1592 free(n); 1593 return 1; 1594 } 1595 log_err("cannot open zonefile %s for %s: %s", 1596 zfilename, n?n:"error", strerror(errno)); 1597 free(n); 1598 return 0; 1599 } 1600 1601 /* clear the data tree */ 1602 traverse_postorder(&z->data, auth_data_del, NULL); 1603 rbtree_init(&z->data, &auth_data_cmp); 1604 /* clear the RPZ policies */ 1605 if(z->rpz) 1606 rpz_clear(z->rpz); 1607 1608 memset(&state, 0, sizeof(state)); 1609 /* default TTL to 3600 */ 1610 state.default_ttl = 3600; 1611 /* set $ORIGIN to the zone name */ 1612 if(z->namelen <= sizeof(state.origin)) { 1613 memcpy(state.origin, z->name, z->namelen); 1614 state.origin_len = z->namelen; 1615 } 1616 /* parse the (toplevel) file */ 1617 if(!az_parse_file(z, in, rr, sizeof(rr), &state, zfilename, 0, cfg)) { 1618 char* n = sldns_wire2str_dname(z->name, z->namelen); 1619 log_err("error parsing zonefile %s for %s", 1620 zfilename, n?n:"error"); 1621 free(n); 1622 fclose(in); 1623 return 0; 1624 } 1625 fclose(in); 1626 1627 if(z->rpz) 1628 rpz_finish_config(z->rpz); 1629 return 1; 1630} 1631 1632/** write buffer to file and check return codes */ 1633static int 1634write_out(FILE* out, const char* str, size_t len) 1635{ 1636 size_t r; 1637 if(len == 0) 1638 return 1; 1639 r = fwrite(str, 1, len, out); 1640 if(r == 0) { 1641 log_err("write failed: %s", strerror(errno)); 1642 return 0; 1643 } else if(r < len) { 1644 log_err("write failed: too short (disk full?)"); 1645 return 0; 1646 } 1647 return 1; 1648} 1649 1650/** convert auth rr to string */ 1651static int 1652auth_rr_to_string(uint8_t* nm, size_t nmlen, uint16_t tp, uint16_t cl, 1653 struct packed_rrset_data* data, size_t i, char* s, size_t buflen) 1654{ 1655 int w = 0; 1656 size_t slen = buflen, datlen; 1657 uint8_t* dat; 1658 if(i >= data->count) tp = LDNS_RR_TYPE_RRSIG; 1659 dat = nm; 1660 datlen = nmlen; 1661 w += sldns_wire2str_dname_scan(&dat, &datlen, &s, &slen, NULL, 0, NULL); 1662 w += sldns_str_print(&s, &slen, "\t"); 1663 w += sldns_str_print(&s, &slen, "%lu\t", (unsigned long)data->rr_ttl[i]); 1664 w += sldns_wire2str_class_print(&s, &slen, cl); 1665 w += sldns_str_print(&s, &slen, "\t"); 1666 w += sldns_wire2str_type_print(&s, &slen, tp); 1667 w += sldns_str_print(&s, &slen, "\t"); 1668 datlen = data->rr_len[i]-2; 1669 dat = data->rr_data[i]+2; 1670 w += sldns_wire2str_rdata_scan(&dat, &datlen, &s, &slen, tp, NULL, 0, NULL); 1671 1672 if(tp == LDNS_RR_TYPE_DNSKEY) { 1673 w += sldns_str_print(&s, &slen, " ;{id = %u}", 1674 sldns_calc_keytag_raw(data->rr_data[i]+2, 1675 data->rr_len[i]-2)); 1676 } 1677 w += sldns_str_print(&s, &slen, "\n"); 1678 1679 if(w >= (int)buflen) { 1680 log_nametypeclass(NO_VERBOSE, "RR too long to print", nm, tp, cl); 1681 return 0; 1682 } 1683 return 1; 1684} 1685 1686/** write rrset to file */ 1687static int 1688auth_zone_write_rrset(struct auth_zone* z, struct auth_data* node, 1689 struct auth_rrset* r, FILE* out) 1690{ 1691 size_t i, count = r->data->count + r->data->rrsig_count; 1692 char buf[LDNS_RR_BUF_SIZE]; 1693 for(i=0; i<count; i++) { 1694 if(!auth_rr_to_string(node->name, node->namelen, r->type, 1695 z->dclass, r->data, i, buf, sizeof(buf))) { 1696 verbose(VERB_ALGO, "failed to rr2str rr %d", (int)i); 1697 continue; 1698 } 1699 if(!write_out(out, buf, strlen(buf))) 1700 return 0; 1701 } 1702 return 1; 1703} 1704 1705/** write domain to file */ 1706static int 1707auth_zone_write_domain(struct auth_zone* z, struct auth_data* n, FILE* out) 1708{ 1709 struct auth_rrset* r; 1710 /* if this is zone apex, write SOA first */ 1711 if(z->namelen == n->namelen) { 1712 struct auth_rrset* soa = az_domain_rrset(n, LDNS_RR_TYPE_SOA); 1713 if(soa) { 1714 if(!auth_zone_write_rrset(z, n, soa, out)) 1715 return 0; 1716 } 1717 } 1718 /* write all the RRsets for this domain */ 1719 for(r = n->rrsets; r; r = r->next) { 1720 if(z->namelen == n->namelen && 1721 r->type == LDNS_RR_TYPE_SOA) 1722 continue; /* skip SOA here */ 1723 if(!auth_zone_write_rrset(z, n, r, out)) 1724 return 0; 1725 } 1726 return 1; 1727} 1728 1729int auth_zone_write_file(struct auth_zone* z, const char* fname) 1730{ 1731 FILE* out; 1732 struct auth_data* n; 1733 out = fopen(fname, "w"); 1734 if(!out) { 1735 log_err("could not open %s: %s", fname, strerror(errno)); 1736 return 0; 1737 } 1738 RBTREE_FOR(n, struct auth_data*, &z->data) { 1739 if(!auth_zone_write_domain(z, n, out)) { 1740 log_err("could not write domain to %s", fname); 1741 fclose(out); 1742 return 0; 1743 } 1744 } 1745 fclose(out); 1746 return 1; 1747} 1748 1749/** offline verify for zonemd, while reading a zone file to immediately 1750 * spot bad hashes in zonefile as they are read. 1751 * Creates temp buffers, but uses anchors and validation environment 1752 * from the module_env. */ 1753static void 1754zonemd_offline_verify(struct auth_zone* z, struct module_env* env_for_val, 1755 struct module_stack* mods) 1756{ 1757 struct module_env env; 1758 time_t now = 0; 1759 if(!z->zonemd_check) 1760 return; 1761 env = *env_for_val; 1762 env.scratch_buffer = sldns_buffer_new(env.cfg->msg_buffer_size); 1763 if(!env.scratch_buffer) { 1764 log_err("out of memory"); 1765 goto clean_exit; 1766 } 1767 env.scratch = regional_create(); 1768 if(!env.now) { 1769 env.now = &now; 1770 now = time(NULL); 1771 } 1772 if(!env.scratch) { 1773 log_err("out of memory"); 1774 goto clean_exit; 1775 } 1776 auth_zone_verify_zonemd(z, &env, mods, NULL, 1, 0); 1777 1778clean_exit: 1779 /* clean up and exit */ 1780 sldns_buffer_free(env.scratch_buffer); 1781 regional_destroy(env.scratch); 1782} 1783 1784/** read all auth zones from file (if they have) */ 1785static int 1786auth_zones_read_zones(struct auth_zones* az, struct config_file* cfg, 1787 struct module_env* env, struct module_stack* mods) 1788{ 1789 struct auth_zone* z; 1790 lock_rw_wrlock(&az->lock); 1791 RBTREE_FOR(z, struct auth_zone*, &az->ztree) { 1792 lock_rw_wrlock(&z->lock); 1793 if(!auth_zone_read_zonefile(z, cfg)) { 1794 lock_rw_unlock(&z->lock); 1795 lock_rw_unlock(&az->lock); 1796 return 0; 1797 } 1798 if(z->zonefile && z->zonefile[0]!=0 && env) 1799 zonemd_offline_verify(z, env, mods); 1800 lock_rw_unlock(&z->lock); 1801 } 1802 lock_rw_unlock(&az->lock); 1803 return 1; 1804} 1805 1806/** fetch the content of a ZONEMD RR from the rdata */ 1807static int zonemd_fetch_parameters(struct auth_rrset* zonemd_rrset, size_t i, 1808 uint32_t* serial, int* scheme, int* hashalgo, uint8_t** hash, 1809 size_t* hashlen) 1810{ 1811 size_t rr_len; 1812 uint8_t* rdata; 1813 if(i >= zonemd_rrset->data->count) 1814 return 0; 1815 rr_len = zonemd_rrset->data->rr_len[i]; 1816 if(rr_len < 2+4+1+1) 1817 return 0; /* too short, for rdlen+serial+scheme+algo */ 1818 rdata = zonemd_rrset->data->rr_data[i]; 1819 *serial = sldns_read_uint32(rdata+2); 1820 *scheme = rdata[6]; 1821 *hashalgo = rdata[7]; 1822 *hashlen = rr_len - 8; 1823 if(*hashlen == 0) 1824 *hash = NULL; 1825 else *hash = rdata+8; 1826 return 1; 1827} 1828 1829/** 1830 * See if the ZONEMD scheme, hash occurs more than once. 1831 * @param zonemd_rrset: the zonemd rrset to check with the RRs in it. 1832 * @param index: index of the original, this is allowed to have that 1833 * scheme and hashalgo, but other RRs should not have it. 1834 * @param scheme: the scheme to check for. 1835 * @param hashalgo: the hash algorithm to check for. 1836 * @return true if it occurs more than once. 1837 */ 1838static int zonemd_is_duplicate_scheme_hash(struct auth_rrset* zonemd_rrset, 1839 size_t index, int scheme, int hashalgo) 1840{ 1841 size_t j; 1842 for(j=0; j<zonemd_rrset->data->count; j++) { 1843 uint32_t serial2 = 0; 1844 int scheme2 = 0, hashalgo2 = 0; 1845 uint8_t* hash2 = NULL; 1846 size_t hashlen2 = 0; 1847 if(index == j) { 1848 /* this is the original */ 1849 continue; 1850 } 1851 if(!zonemd_fetch_parameters(zonemd_rrset, j, &serial2, 1852 &scheme2, &hashalgo2, &hash2, &hashlen2)) { 1853 /* malformed, skip it */ 1854 continue; 1855 } 1856 if(scheme == scheme2 && hashalgo == hashalgo2) { 1857 /* duplicate scheme, hash */ 1858 verbose(VERB_ALGO, "zonemd duplicate for scheme %d " 1859 "and hash %d", scheme, hashalgo); 1860 return 1; 1861 } 1862 } 1863 return 0; 1864} 1865 1866/** 1867 * Check ZONEMDs if present for the auth zone. Depending on config 1868 * it can warn or fail on that. Checks the hash of the ZONEMD. 1869 * @param z: auth zone to check for. 1870 * caller must hold lock on zone. 1871 * @param env: module env for temp buffers. 1872 * @param reason: returned on failure. 1873 * @return false on failure, true if hash checks out. 1874 */ 1875static int auth_zone_zonemd_check_hash(struct auth_zone* z, 1876 struct module_env* env, char** reason) 1877{ 1878 /* loop over ZONEMDs and see which one is valid. if not print 1879 * failure (depending on config) */ 1880 struct auth_data* apex; 1881 struct auth_rrset* zonemd_rrset; 1882 size_t i; 1883 struct regional* region = NULL; 1884 struct sldns_buffer* buf = NULL; 1885 uint32_t soa_serial = 0; 1886 char* unsupported_reason = NULL; 1887 int only_unsupported = 1; 1888 region = env->scratch; 1889 regional_free_all(region); 1890 buf = env->scratch_buffer; 1891 if(!auth_zone_get_serial(z, &soa_serial)) { 1892 *reason = "zone has no SOA serial"; 1893 return 0; 1894 } 1895 1896 apex = az_find_name(z, z->name, z->namelen); 1897 if(!apex) { 1898 *reason = "zone has no apex"; 1899 return 0; 1900 } 1901 zonemd_rrset = az_domain_rrset(apex, LDNS_RR_TYPE_ZONEMD); 1902 if(!zonemd_rrset || zonemd_rrset->data->count==0) { 1903 *reason = "zone has no ZONEMD"; 1904 return 0; /* no RRset or no RRs in rrset */ 1905 } 1906 1907 /* we have a ZONEMD, check if it is correct */ 1908 for(i=0; i<zonemd_rrset->data->count; i++) { 1909 uint32_t serial = 0; 1910 int scheme = 0, hashalgo = 0; 1911 uint8_t* hash = NULL; 1912 size_t hashlen = 0; 1913 if(!zonemd_fetch_parameters(zonemd_rrset, i, &serial, &scheme, 1914 &hashalgo, &hash, &hashlen)) { 1915 /* malformed RR */ 1916 *reason = "ZONEMD rdata malformed"; 1917 only_unsupported = 0; 1918 continue; 1919 } 1920 /* check for duplicates */ 1921 if(zonemd_is_duplicate_scheme_hash(zonemd_rrset, i, scheme, 1922 hashalgo)) { 1923 /* duplicate hash of the same scheme,hash 1924 * is not allowed. */ 1925 *reason = "ZONEMD RRSet contains more than one RR " 1926 "with the same scheme and hash algorithm"; 1927 only_unsupported = 0; 1928 continue; 1929 } 1930 regional_free_all(region); 1931 if(serial != soa_serial) { 1932 *reason = "ZONEMD serial is wrong"; 1933 only_unsupported = 0; 1934 continue; 1935 } 1936 *reason = NULL; 1937 if(auth_zone_generate_zonemd_check(z, scheme, hashalgo, 1938 hash, hashlen, region, buf, reason)) { 1939 /* success */ 1940 if(*reason) { 1941 if(!unsupported_reason) 1942 unsupported_reason = *reason; 1943 /* continue to check for valid ZONEMD */ 1944 if(verbosity >= VERB_ALGO) { 1945 char zstr[255+1]; 1946 dname_str(z->name, zstr); 1947 verbose(VERB_ALGO, "auth-zone %s ZONEMD %d %d is unsupported: %s", zstr, (int)scheme, (int)hashalgo, *reason); 1948 } 1949 *reason = NULL; 1950 continue; 1951 } 1952 if(verbosity >= VERB_ALGO) { 1953 char zstr[255+1]; 1954 dname_str(z->name, zstr); 1955 if(!*reason) 1956 verbose(VERB_ALGO, "auth-zone %s ZONEMD hash is correct", zstr); 1957 } 1958 return 1; 1959 } 1960 only_unsupported = 0; 1961 /* try next one */ 1962 } 1963 /* have we seen no failures but only unsupported algo, 1964 * and one unsupported algorithm, or more. */ 1965 if(only_unsupported && unsupported_reason) { 1966 /* only unsupported algorithms, with valid serial, not 1967 * malformed. Did not see supported algorithms, failed or 1968 * successful ones. */ 1969 *reason = unsupported_reason; 1970 return 1; 1971 } 1972 /* fail, we may have reason */ 1973 if(!*reason) 1974 *reason = "no ZONEMD records found"; 1975 if(verbosity >= VERB_ALGO) { 1976 char zstr[255+1]; 1977 dname_str(z->name, zstr); 1978 verbose(VERB_ALGO, "auth-zone %s ZONEMD failed: %s", zstr, *reason); 1979 } 1980 return 0; 1981} 1982 1983/** find the apex SOA RRset, if it exists */ 1984struct auth_rrset* auth_zone_get_soa_rrset(struct auth_zone* z) 1985{ 1986 struct auth_data* apex; 1987 struct auth_rrset* soa; 1988 apex = az_find_name(z, z->name, z->namelen); 1989 if(!apex) return NULL; 1990 soa = az_domain_rrset(apex, LDNS_RR_TYPE_SOA); 1991 return soa; 1992} 1993 1994/** find serial number of zone or false if none */ 1995int 1996auth_zone_get_serial(struct auth_zone* z, uint32_t* serial) 1997{ 1998 struct auth_data* apex; 1999 struct auth_rrset* soa; 2000 struct packed_rrset_data* d; 2001 apex = az_find_name(z, z->name, z->namelen); 2002 if(!apex) return 0; 2003 soa = az_domain_rrset(apex, LDNS_RR_TYPE_SOA); 2004 if(!soa || soa->data->count==0) 2005 return 0; /* no RRset or no RRs in rrset */ 2006 if(soa->data->rr_len[0] < 2+4*5) return 0; /* SOA too short */ 2007 d = soa->data; 2008 *serial = sldns_read_uint32(d->rr_data[0]+(d->rr_len[0]-20)); 2009 return 1; 2010} 2011 2012/** Find auth_zone SOA and populate the values in xfr(soa values). */ 2013int 2014xfr_find_soa(struct auth_zone* z, struct auth_xfer* xfr) 2015{ 2016 struct auth_data* apex; 2017 struct auth_rrset* soa; 2018 struct packed_rrset_data* d; 2019 apex = az_find_name(z, z->name, z->namelen); 2020 if(!apex) return 0; 2021 soa = az_domain_rrset(apex, LDNS_RR_TYPE_SOA); 2022 if(!soa || soa->data->count==0) 2023 return 0; /* no RRset or no RRs in rrset */ 2024 if(soa->data->rr_len[0] < 2+4*5) return 0; /* SOA too short */ 2025 /* SOA record ends with serial, refresh, retry, expiry, minimum, 2026 * as 4 byte fields */ 2027 d = soa->data; 2028 xfr->have_zone = 1; 2029 xfr->serial = sldns_read_uint32(d->rr_data[0]+(d->rr_len[0]-20)); 2030 xfr->refresh = sldns_read_uint32(d->rr_data[0]+(d->rr_len[0]-16)); 2031 xfr->retry = sldns_read_uint32(d->rr_data[0]+(d->rr_len[0]-12)); 2032 xfr->expiry = sldns_read_uint32(d->rr_data[0]+(d->rr_len[0]-8)); 2033 /* soa minimum at d->rr_len[0]-4 */ 2034 return 1; 2035} 2036 2037/** 2038 * Setup auth_xfer zone 2039 * This populates the have_zone, soa values, and so on times. 2040 * Doesn't do network traffic yet, can set option flags. 2041 * @param z: locked by caller, and modified for setup 2042 * @param x: locked by caller, and modified. 2043 * @return false on failure. 2044 */ 2045static int 2046auth_xfer_setup(struct auth_zone* z, struct auth_xfer* x) 2047{ 2048 /* for a zone without zone transfers, x==NULL, so skip them, 2049 * i.e. the zone config is fixed with no masters or urls */ 2050 if(!z || !x) return 1; 2051 if(!xfr_find_soa(z, x)) { 2052 return 1; 2053 } 2054 /* nothing for probe, nextprobe and transfer tasks */ 2055 return 1; 2056} 2057 2058/** 2059 * Setup all zones 2060 * @param az: auth zones structure 2061 * @return false on failure. 2062 */ 2063static int 2064auth_zones_setup_zones(struct auth_zones* az) 2065{ 2066 struct auth_zone* z; 2067 struct auth_xfer* x; 2068 lock_rw_wrlock(&az->lock); 2069 RBTREE_FOR(z, struct auth_zone*, &az->ztree) { 2070 lock_rw_wrlock(&z->lock); 2071 x = auth_xfer_find(az, z->name, z->namelen, z->dclass); 2072 if(x) { 2073 lock_basic_lock(&x->lock); 2074 } 2075 if(!auth_xfer_setup(z, x)) { 2076 if(x) { 2077 lock_basic_unlock(&x->lock); 2078 } 2079 lock_rw_unlock(&z->lock); 2080 lock_rw_unlock(&az->lock); 2081 return 0; 2082 } 2083 if(x) { 2084 lock_basic_unlock(&x->lock); 2085 } 2086 lock_rw_unlock(&z->lock); 2087 } 2088 lock_rw_unlock(&az->lock); 2089 return 1; 2090} 2091 2092/** set config items and create zones */ 2093static int 2094auth_zones_cfg(struct auth_zones* az, struct config_auth* c) 2095{ 2096 struct auth_zone* z; 2097 struct auth_xfer* x = NULL; 2098 2099 /* create zone */ 2100 if(c->isrpz) { 2101 /* if the rpz lock is needed, grab it before the other 2102 * locks to avoid a lock dependency cycle */ 2103 lock_rw_wrlock(&az->rpz_lock); 2104 } 2105 lock_rw_wrlock(&az->lock); 2106 if(!(z=auth_zones_find_or_add_zone(az, c->name))) { 2107 lock_rw_unlock(&az->lock); 2108 if(c->isrpz) { 2109 lock_rw_unlock(&az->rpz_lock); 2110 } 2111 return 0; 2112 } 2113 if(c->masters || c->urls) { 2114 if(!(x=auth_zones_find_or_add_xfer(az, z))) { 2115 lock_rw_unlock(&az->lock); 2116 lock_rw_unlock(&z->lock); 2117 if(c->isrpz) { 2118 lock_rw_unlock(&az->rpz_lock); 2119 } 2120 return 0; 2121 } 2122 } 2123 if(c->for_downstream) 2124 az->have_downstream = 1; 2125 lock_rw_unlock(&az->lock); 2126 2127 /* set options */ 2128 z->zone_deleted = 0; 2129 if(!auth_zone_set_zonefile(z, c->zonefile)) { 2130 if(x) { 2131 lock_basic_unlock(&x->lock); 2132 } 2133 lock_rw_unlock(&z->lock); 2134 if(c->isrpz) { 2135 lock_rw_unlock(&az->rpz_lock); 2136 } 2137 return 0; 2138 } 2139 z->for_downstream = c->for_downstream; 2140 z->for_upstream = c->for_upstream; 2141 z->fallback_enabled = c->fallback_enabled; 2142 z->zonemd_check = c->zonemd_check; 2143 z->zonemd_reject_absence = c->zonemd_reject_absence; 2144 if(c->isrpz && !z->rpz){ 2145 if(!(z->rpz = rpz_create(c))){ 2146 fatal_exit("Could not setup RPZ zones"); 2147 return 0; 2148 } 2149 lock_protect(&z->lock, &z->rpz->local_zones, sizeof(*z->rpz)); 2150 /* the az->rpz_lock is locked above */ 2151 z->rpz_az_next = az->rpz_first; 2152 if(az->rpz_first) 2153 az->rpz_first->rpz_az_prev = z; 2154 az->rpz_first = z; 2155 } else if(c->isrpz && z->rpz) { 2156 if(!rpz_config(z->rpz, c)) { 2157 log_err("Could not change rpz config"); 2158 if(x) { 2159 lock_basic_unlock(&x->lock); 2160 } 2161 lock_rw_unlock(&z->lock); 2162 lock_rw_unlock(&az->rpz_lock); 2163 return 0; 2164 } 2165 } 2166 if(c->isrpz) { 2167 lock_rw_unlock(&az->rpz_lock); 2168 } 2169 2170 /* xfer zone */ 2171 if(x) { 2172 z->zone_is_slave = 1; 2173 /* set options on xfer zone */ 2174 if(!xfer_set_masters(&x->task_probe->masters, c, 0)) { 2175 lock_basic_unlock(&x->lock); 2176 lock_rw_unlock(&z->lock); 2177 return 0; 2178 } 2179 if(!xfer_set_masters(&x->task_transfer->masters, c, 1)) { 2180 lock_basic_unlock(&x->lock); 2181 lock_rw_unlock(&z->lock); 2182 return 0; 2183 } 2184 lock_basic_unlock(&x->lock); 2185 } 2186 2187 lock_rw_unlock(&z->lock); 2188 return 1; 2189} 2190 2191/** set all auth zones deleted, then in auth_zones_cfg, it marks them 2192 * as nondeleted (if they are still in the config), and then later 2193 * we can find deleted zones */ 2194static void 2195az_setall_deleted(struct auth_zones* az) 2196{ 2197 struct auth_zone* z; 2198 lock_rw_wrlock(&az->lock); 2199 RBTREE_FOR(z, struct auth_zone*, &az->ztree) { 2200 lock_rw_wrlock(&z->lock); 2201 z->zone_deleted = 1; 2202 lock_rw_unlock(&z->lock); 2203 } 2204 lock_rw_unlock(&az->lock); 2205} 2206 2207/** find zones that are marked deleted and delete them. 2208 * This is called from apply_cfg, and there are no threads and no 2209 * workers, so the xfr can just be deleted. */ 2210static void 2211az_delete_deleted_zones(struct auth_zones* az) 2212{ 2213 struct auth_zone* z; 2214 struct auth_zone* delete_list = NULL, *next; 2215 struct auth_xfer* xfr; 2216 lock_rw_wrlock(&az->lock); 2217 RBTREE_FOR(z, struct auth_zone*, &az->ztree) { 2218 lock_rw_wrlock(&z->lock); 2219 if(z->zone_deleted) { 2220 /* we cannot alter the rbtree right now, but 2221 * we can put it on a linked list and then 2222 * delete it */ 2223 z->delete_next = delete_list; 2224 delete_list = z; 2225 } 2226 lock_rw_unlock(&z->lock); 2227 } 2228 /* now we are out of the tree loop and we can loop and delete 2229 * the zones */ 2230 z = delete_list; 2231 while(z) { 2232 next = z->delete_next; 2233 xfr = auth_xfer_find(az, z->name, z->namelen, z->dclass); 2234 if(xfr) { 2235 (void)rbtree_delete(&az->xtree, &xfr->node); 2236 auth_xfer_delete(xfr); 2237 } 2238 (void)rbtree_delete(&az->ztree, &z->node); 2239 auth_zone_delete(z, az); 2240 z = next; 2241 } 2242 lock_rw_unlock(&az->lock); 2243} 2244 2245int auth_zones_apply_cfg(struct auth_zones* az, struct config_file* cfg, 2246 int setup, int* is_rpz, struct module_env* env, 2247 struct module_stack* mods) 2248{ 2249 struct config_auth* p; 2250 az_setall_deleted(az); 2251 for(p = cfg->auths; p; p = p->next) { 2252 if(!p->name || p->name[0] == 0) { 2253 log_warn("auth-zone without a name, skipped"); 2254 continue; 2255 } 2256 *is_rpz = (*is_rpz || p->isrpz); 2257 if(!auth_zones_cfg(az, p)) { 2258 log_err("cannot config auth zone %s", p->name); 2259 return 0; 2260 } 2261 } 2262 az_delete_deleted_zones(az); 2263 if(!auth_zones_read_zones(az, cfg, env, mods)) 2264 return 0; 2265 if(setup) { 2266 if(!auth_zones_setup_zones(az)) 2267 return 0; 2268 } 2269 return 1; 2270} 2271 2272/** delete chunks 2273 * @param at: transfer structure with chunks list. The chunks and their 2274 * data are freed. 2275 */ 2276static void 2277auth_chunks_delete(struct auth_transfer* at) 2278{ 2279 if(at->chunks_first) { 2280 struct auth_chunk* c, *cn; 2281 c = at->chunks_first; 2282 while(c) { 2283 cn = c->next; 2284 free(c->data); 2285 free(c); 2286 c = cn; 2287 } 2288 } 2289 at->chunks_first = NULL; 2290 at->chunks_last = NULL; 2291} 2292 2293/** free master addr list */ 2294static void 2295auth_free_master_addrs(struct auth_addr* list) 2296{ 2297 struct auth_addr *n; 2298 while(list) { 2299 n = list->next; 2300 free(list); 2301 list = n; 2302 } 2303} 2304 2305/** free the masters list */ 2306static void 2307auth_free_masters(struct auth_master* list) 2308{ 2309 struct auth_master* n; 2310 while(list) { 2311 n = list->next; 2312 auth_free_master_addrs(list->list); 2313 free(list->host); 2314 free(list->file); 2315 free(list); 2316 list = n; 2317 } 2318} 2319 2320/** delete auth xfer structure 2321 * @param xfr: delete this xfer and its tasks. 2322 */ 2323static void 2324auth_xfer_delete(struct auth_xfer* xfr) 2325{ 2326 if(!xfr) return; 2327 lock_basic_destroy(&xfr->lock); 2328 free(xfr->name); 2329 if(xfr->task_nextprobe) { 2330 comm_timer_delete(xfr->task_nextprobe->timer); 2331 free(xfr->task_nextprobe); 2332 } 2333 if(xfr->task_probe) { 2334 auth_free_masters(xfr->task_probe->masters); 2335 comm_point_delete(xfr->task_probe->cp); 2336 comm_timer_delete(xfr->task_probe->timer); 2337 free(xfr->task_probe); 2338 } 2339 if(xfr->task_transfer) { 2340 auth_free_masters(xfr->task_transfer->masters); 2341 comm_point_delete(xfr->task_transfer->cp); 2342 comm_timer_delete(xfr->task_transfer->timer); 2343 if(xfr->task_transfer->chunks_first) { 2344 auth_chunks_delete(xfr->task_transfer); 2345 } 2346 free(xfr->task_transfer); 2347 } 2348 auth_free_masters(xfr->allow_notify_list); 2349 free(xfr); 2350} 2351 2352/** helper traverse to delete zones */ 2353static void 2354auth_zone_del(rbnode_type* n, void* ATTR_UNUSED(arg)) 2355{ 2356 struct auth_zone* z = (struct auth_zone*)n->key; 2357 auth_zone_delete(z, NULL); 2358} 2359 2360/** helper traverse to delete xfer zones */ 2361static void 2362auth_xfer_del(rbnode_type* n, void* ATTR_UNUSED(arg)) 2363{ 2364 struct auth_xfer* z = (struct auth_xfer*)n->key; 2365 auth_xfer_delete(z); 2366} 2367 2368void auth_zones_delete(struct auth_zones* az) 2369{ 2370 if(!az) return; 2371 lock_rw_destroy(&az->lock); 2372 lock_rw_destroy(&az->rpz_lock); 2373 traverse_postorder(&az->ztree, auth_zone_del, NULL); 2374 traverse_postorder(&az->xtree, auth_xfer_del, NULL); 2375 free(az); 2376} 2377 2378/** true if domain has only nsec3 */ 2379static int 2380domain_has_only_nsec3(struct auth_data* n) 2381{ 2382 struct auth_rrset* rrset = n->rrsets; 2383 int nsec3_seen = 0; 2384 while(rrset) { 2385 if(rrset->type == LDNS_RR_TYPE_NSEC3) { 2386 nsec3_seen = 1; 2387 } else if(rrset->type != LDNS_RR_TYPE_RRSIG) { 2388 return 0; 2389 } 2390 rrset = rrset->next; 2391 } 2392 return nsec3_seen; 2393} 2394 2395/** see if the domain has a wildcard child '*.domain' */ 2396static struct auth_data* 2397az_find_wildcard_domain(struct auth_zone* z, uint8_t* nm, size_t nmlen) 2398{ 2399 uint8_t wc[LDNS_MAX_DOMAINLEN]; 2400 if(nmlen+2 > sizeof(wc)) 2401 return NULL; /* result would be too long */ 2402 wc[0] = 1; /* length of wildcard label */ 2403 wc[1] = (uint8_t)'*'; /* wildcard label */ 2404 memmove(wc+2, nm, nmlen); 2405 return az_find_name(z, wc, nmlen+2); 2406} 2407 2408/** find wildcard between qname and cename */ 2409static struct auth_data* 2410az_find_wildcard(struct auth_zone* z, struct query_info* qinfo, 2411 struct auth_data* ce) 2412{ 2413 uint8_t* nm = qinfo->qname; 2414 size_t nmlen = qinfo->qname_len; 2415 struct auth_data* node; 2416 if(!dname_subdomain_c(nm, z->name)) 2417 return NULL; /* out of zone */ 2418 while((node=az_find_wildcard_domain(z, nm, nmlen))==NULL) { 2419 /* see if we can go up to find the wildcard */ 2420 if(nmlen == z->namelen) 2421 return NULL; /* top of zone reached */ 2422 if(ce && nmlen == ce->namelen) 2423 return NULL; /* ce reached */ 2424 if(dname_is_root(nm)) 2425 return NULL; /* cannot go up */ 2426 dname_remove_label(&nm, &nmlen); 2427 } 2428 return node; 2429} 2430 2431/** domain is not exact, find first candidate ce (name that matches 2432 * a part of qname) in tree */ 2433static struct auth_data* 2434az_find_candidate_ce(struct auth_zone* z, struct query_info* qinfo, 2435 struct auth_data* n) 2436{ 2437 uint8_t* nm; 2438 size_t nmlen; 2439 if(n) { 2440 nm = dname_get_shared_topdomain(qinfo->qname, n->name); 2441 } else { 2442 nm = qinfo->qname; 2443 } 2444 dname_count_size_labels(nm, &nmlen); 2445 n = az_find_name(z, nm, nmlen); 2446 /* delete labels and go up on name */ 2447 while(!n) { 2448 if(dname_is_root(nm)) 2449 return NULL; /* cannot go up */ 2450 dname_remove_label(&nm, &nmlen); 2451 n = az_find_name(z, nm, nmlen); 2452 } 2453 return n; 2454} 2455 2456/** go up the auth tree to next existing name. */ 2457static struct auth_data* 2458az_domain_go_up(struct auth_zone* z, struct auth_data* n) 2459{ 2460 uint8_t* nm = n->name; 2461 size_t nmlen = n->namelen; 2462 while(!dname_is_root(nm)) { 2463 dname_remove_label(&nm, &nmlen); 2464 if((n=az_find_name(z, nm, nmlen)) != NULL) 2465 return n; 2466 } 2467 return NULL; 2468} 2469 2470/** Find the closest encloser, an name that exists and is above the 2471 * qname. 2472 * return true if the node (param node) is existing, nonobscured and 2473 * can be used to generate answers from. It is then also node_exact. 2474 * returns false if the node is not good enough (or it wasn't node_exact) 2475 * in this case the ce can be filled. 2476 * if ce is NULL, no ce exists, and likely the zone is completely empty, 2477 * not even with a zone apex. 2478 * if ce is nonNULL it is the closest enclosing upper name (that exists 2479 * itself for answer purposes). That name may have DNAME, NS or wildcard 2480 * rrset is the closest DNAME or NS rrset that was found. 2481 */ 2482static int 2483az_find_ce(struct auth_zone* z, struct query_info* qinfo, 2484 struct auth_data* node, int node_exact, struct auth_data** ce, 2485 struct auth_rrset** rrset) 2486{ 2487 struct auth_data* n = node; 2488 struct auth_rrset* lookrrset; 2489 *ce = NULL; 2490 *rrset = NULL; 2491 if(!node_exact) { 2492 /* if not exact, lookup closest exact match */ 2493 n = az_find_candidate_ce(z, qinfo, n); 2494 } else { 2495 /* if exact, the node itself is the first candidate ce */ 2496 *ce = n; 2497 } 2498 2499 /* no direct answer from nsec3-only domains */ 2500 if(n && domain_has_only_nsec3(n)) { 2501 node_exact = 0; 2502 *ce = NULL; 2503 } 2504 2505 /* with exact matches, walk up the labels until we find the 2506 * delegation, or DNAME or zone end */ 2507 while(n) { 2508 /* see if the current candidate has issues */ 2509 /* not zone apex and has type NS */ 2510 if(n->namelen != z->namelen && 2511 (lookrrset=az_domain_rrset(n, LDNS_RR_TYPE_NS)) && 2512 /* delegate here, but DS at exact the dp has notype */ 2513 (qinfo->qtype != LDNS_RR_TYPE_DS || 2514 n->namelen != qinfo->qname_len)) { 2515 /* referral */ 2516 /* this is ce and the lowernode is nonexisting */ 2517 *ce = n; 2518 *rrset = lookrrset; 2519 node_exact = 0; 2520 } 2521 /* not equal to qname and has type DNAME */ 2522 if(n->namelen != qinfo->qname_len && 2523 (lookrrset=az_domain_rrset(n, LDNS_RR_TYPE_DNAME))) { 2524 /* this is ce and the lowernode is nonexisting */ 2525 *ce = n; 2526 *rrset = lookrrset; 2527 node_exact = 0; 2528 } 2529 2530 if(*ce == NULL && !domain_has_only_nsec3(n)) { 2531 /* if not found yet, this exact name must be 2532 * our lowest match (but not nsec3onlydomain) */ 2533 *ce = n; 2534 } 2535 2536 /* walk up the tree by removing labels from name and lookup */ 2537 n = az_domain_go_up(z, n); 2538 } 2539 /* found no problems, if it was an exact node, it is fine to use */ 2540 return node_exact; 2541} 2542 2543/** add additional A/AAAA from domain names in rrset rdata (+offset) 2544 * offset is number of bytes in rdata where the dname is located. */ 2545static int 2546az_add_additionals_from(struct auth_zone* z, struct regional* region, 2547 struct dns_msg* msg, struct auth_rrset* rrset, size_t offset) 2548{ 2549 struct packed_rrset_data* d = rrset->data; 2550 size_t i; 2551 if(!d) return 0; 2552 for(i=0; i<d->count; i++) { 2553 size_t dlen; 2554 struct auth_data* domain; 2555 struct auth_rrset* ref; 2556 if(d->rr_len[i] < 2+offset) 2557 continue; /* too short */ 2558 if(!(dlen = dname_valid(d->rr_data[i]+2+offset, 2559 d->rr_len[i]-2-offset))) 2560 continue; /* malformed */ 2561 domain = az_find_name(z, d->rr_data[i]+2+offset, dlen); 2562 if(!domain) 2563 continue; 2564 if((ref=az_domain_rrset(domain, LDNS_RR_TYPE_A)) != NULL) { 2565 if(!msg_add_rrset_ar(z, region, msg, domain, ref)) 2566 return 0; 2567 } 2568 if((ref=az_domain_rrset(domain, LDNS_RR_TYPE_AAAA)) != NULL) { 2569 if(!msg_add_rrset_ar(z, region, msg, domain, ref)) 2570 return 0; 2571 } 2572 } 2573 return 1; 2574} 2575 2576/** add negative SOA record (with negative TTL) */ 2577static int 2578az_add_negative_soa(struct auth_zone* z, struct regional* region, 2579 struct dns_msg* msg) 2580{ 2581 time_t minimum; 2582 size_t i; 2583 struct packed_rrset_data* d; 2584 struct auth_rrset* soa; 2585 struct auth_data* apex = az_find_name(z, z->name, z->namelen); 2586 if(!apex) return 0; 2587 soa = az_domain_rrset(apex, LDNS_RR_TYPE_SOA); 2588 if(!soa) return 0; 2589 /* must be first to put in message; we want to fix the TTL with 2590 * one RRset here, otherwise we'd need to loop over the RRs to get 2591 * the resulting lower TTL */ 2592 log_assert(msg->rep->rrset_count == 0); 2593 if(!msg_add_rrset_ns(z, region, msg, apex, soa)) return 0; 2594 /* fixup TTL */ 2595 d = (struct packed_rrset_data*)msg->rep->rrsets[msg->rep->rrset_count-1]->entry.data; 2596 /* last 4 bytes are minimum ttl in network format */ 2597 if(d->count == 0) return 0; 2598 if(d->rr_len[0] < 2+4) return 0; 2599 minimum = (time_t)sldns_read_uint32(d->rr_data[0]+(d->rr_len[0]-4)); 2600 minimum = d->ttl<minimum?d->ttl:minimum; 2601 d->ttl = minimum; 2602 for(i=0; i < d->count + d->rrsig_count; i++) 2603 d->rr_ttl[i] = minimum; 2604 msg->rep->ttl = get_rrset_ttl(msg->rep->rrsets[0]); 2605 msg->rep->prefetch_ttl = PREFETCH_TTL_CALC(msg->rep->ttl); 2606 msg->rep->serve_expired_ttl = msg->rep->ttl + SERVE_EXPIRED_TTL; 2607 return 1; 2608} 2609 2610/** See if the query goes to empty nonterminal (that has no auth_data, 2611 * but there are nodes underneath. We already checked that there are 2612 * not NS, or DNAME above, so that we only need to check if some node 2613 * exists below (with nonempty rr list), return true if emptynonterminal */ 2614static int 2615az_empty_nonterminal(struct auth_zone* z, struct query_info* qinfo, 2616 struct auth_data* node) 2617{ 2618 struct auth_data* next; 2619 if(!node) { 2620 /* no smaller was found, use first (smallest) node as the 2621 * next one */ 2622 next = (struct auth_data*)rbtree_first(&z->data); 2623 } else { 2624 next = (struct auth_data*)rbtree_next(&node->node); 2625 } 2626 while(next && (rbnode_type*)next != RBTREE_NULL && next->rrsets == NULL) { 2627 /* the next name has empty rrsets, is an empty nonterminal 2628 * itself, see if there exists something below it */ 2629 next = (struct auth_data*)rbtree_next(&node->node); 2630 } 2631 if((rbnode_type*)next == RBTREE_NULL || !next) { 2632 /* there is no next node, so something below it cannot 2633 * exist */ 2634 return 0; 2635 } 2636 /* a next node exists, if there was something below the query, 2637 * this node has to be it. See if it is below the query name */ 2638 if(dname_strict_subdomain_c(next->name, qinfo->qname)) 2639 return 1; 2640 return 0; 2641} 2642 2643/** create synth cname target name in buffer, or fail if too long */ 2644static size_t 2645synth_cname_buf(uint8_t* qname, size_t qname_len, size_t dname_len, 2646 uint8_t* dtarg, size_t dtarglen, uint8_t* buf, size_t buflen) 2647{ 2648 size_t newlen = qname_len + dtarglen - dname_len; 2649 if(newlen > buflen) { 2650 /* YXDOMAIN error */ 2651 return 0; 2652 } 2653 /* new name is concatenation of qname front (without DNAME owner) 2654 * and DNAME target name */ 2655 memcpy(buf, qname, qname_len-dname_len); 2656 memmove(buf+(qname_len-dname_len), dtarg, dtarglen); 2657 return newlen; 2658} 2659 2660/** create synthetic CNAME rrset for in a DNAME answer in region, 2661 * false on alloc failure, cname==NULL when name too long. */ 2662static int 2663create_synth_cname(uint8_t* qname, size_t qname_len, struct regional* region, 2664 struct auth_data* node, struct auth_rrset* dname, uint16_t dclass, 2665 struct ub_packed_rrset_key** cname) 2666{ 2667 uint8_t buf[LDNS_MAX_DOMAINLEN]; 2668 uint8_t* dtarg; 2669 size_t dtarglen, newlen; 2670 struct packed_rrset_data* d; 2671 2672 /* get DNAME target name */ 2673 if(dname->data->count < 1) return 0; 2674 if(dname->data->rr_len[0] < 3) return 0; /* at least rdatalen +1 */ 2675 dtarg = dname->data->rr_data[0]+2; 2676 dtarglen = dname->data->rr_len[0]-2; 2677 if(sldns_read_uint16(dname->data->rr_data[0]) != dtarglen) 2678 return 0; /* rdatalen in DNAME rdata is malformed */ 2679 if(dname_valid(dtarg, dtarglen) != dtarglen) 2680 return 0; /* DNAME RR has malformed rdata */ 2681 if(qname_len == 0) 2682 return 0; /* too short */ 2683 if(qname_len <= node->namelen) 2684 return 0; /* qname too short for dname removal */ 2685 2686 /* synthesize a CNAME */ 2687 newlen = synth_cname_buf(qname, qname_len, node->namelen, 2688 dtarg, dtarglen, buf, sizeof(buf)); 2689 if(newlen == 0) { 2690 /* YXDOMAIN error */ 2691 *cname = NULL; 2692 return 1; 2693 } 2694 *cname = (struct ub_packed_rrset_key*)regional_alloc(region, 2695 sizeof(struct ub_packed_rrset_key)); 2696 if(!*cname) 2697 return 0; /* out of memory */ 2698 memset(&(*cname)->entry, 0, sizeof((*cname)->entry)); 2699 (*cname)->entry.key = (*cname); 2700 (*cname)->rk.type = htons(LDNS_RR_TYPE_CNAME); 2701 (*cname)->rk.rrset_class = htons(dclass); 2702 (*cname)->rk.flags = 0; 2703 (*cname)->rk.dname = regional_alloc_init(region, qname, qname_len); 2704 if(!(*cname)->rk.dname) 2705 return 0; /* out of memory */ 2706 (*cname)->rk.dname_len = qname_len; 2707 (*cname)->entry.hash = rrset_key_hash(&(*cname)->rk); 2708 d = (struct packed_rrset_data*)regional_alloc_zero(region, 2709 sizeof(struct packed_rrset_data) + sizeof(size_t) + 2710 sizeof(uint8_t*) + sizeof(time_t) + sizeof(uint16_t) 2711 + newlen); 2712 if(!d) 2713 return 0; /* out of memory */ 2714 (*cname)->entry.data = d; 2715 d->ttl = dname->data->ttl; /* RFC6672: synth CNAME TTL == DNAME TTL */ 2716 d->count = 1; 2717 d->rrsig_count = 0; 2718 d->trust = rrset_trust_ans_noAA; 2719 d->rr_len = (size_t*)((uint8_t*)d + 2720 sizeof(struct packed_rrset_data)); 2721 d->rr_len[0] = newlen + sizeof(uint16_t); 2722 packed_rrset_ptr_fixup(d); 2723 d->rr_ttl[0] = d->ttl; 2724 sldns_write_uint16(d->rr_data[0], newlen); 2725 memmove(d->rr_data[0] + sizeof(uint16_t), buf, newlen); 2726 return 1; 2727} 2728 2729/** add a synthesized CNAME to the answer section */ 2730static int 2731add_synth_cname(struct auth_zone* z, uint8_t* qname, size_t qname_len, 2732 struct regional* region, struct dns_msg* msg, struct auth_data* dname, 2733 struct auth_rrset* rrset) 2734{ 2735 struct ub_packed_rrset_key* cname; 2736 /* synthesize a CNAME */ 2737 if(!create_synth_cname(qname, qname_len, region, dname, rrset, 2738 z->dclass, &cname)) { 2739 /* out of memory */ 2740 return 0; 2741 } 2742 if(!cname) { 2743 /* cname cannot be create because of YXDOMAIN */ 2744 msg->rep->flags |= LDNS_RCODE_YXDOMAIN; 2745 return 1; 2746 } 2747 /* add cname to message */ 2748 if(!msg_grow_array(region, msg)) 2749 return 0; 2750 msg->rep->rrsets[msg->rep->rrset_count] = cname; 2751 msg->rep->rrset_count++; 2752 msg->rep->an_numrrsets++; 2753 msg_ttl(msg); 2754 return 1; 2755} 2756 2757/** Change a dname to a different one, for wildcard namechange */ 2758static void 2759az_change_dnames(struct dns_msg* msg, uint8_t* oldname, uint8_t* newname, 2760 size_t newlen, int an_only) 2761{ 2762 size_t i; 2763 size_t start = 0, end = msg->rep->rrset_count; 2764 if(!an_only) start = msg->rep->an_numrrsets; 2765 if(an_only) end = msg->rep->an_numrrsets; 2766 for(i=start; i<end; i++) { 2767 /* allocated in region so we can change the ptrs */ 2768 if(query_dname_compare(msg->rep->rrsets[i]->rk.dname, oldname) 2769 == 0) { 2770 msg->rep->rrsets[i]->rk.dname = newname; 2771 msg->rep->rrsets[i]->rk.dname_len = newlen; 2772 msg->rep->rrsets[i]->entry.hash = rrset_key_hash(&msg->rep->rrsets[i]->rk); 2773 } 2774 } 2775} 2776 2777/** find NSEC record covering the query */ 2778static struct auth_rrset* 2779az_find_nsec_cover(struct auth_zone* z, struct auth_data** node) 2780{ 2781 uint8_t* nm = (*node)->name; 2782 size_t nmlen = (*node)->namelen; 2783 struct auth_rrset* rrset; 2784 /* find the NSEC for the smallest-or-equal node */ 2785 /* if node == NULL, we did not find a smaller name. But the zone 2786 * name is the smallest name and should have an NSEC. So there is 2787 * no NSEC to return (for a properly signed zone) */ 2788 /* for empty nonterminals, the auth-data node should not exist, 2789 * and thus we don't need to go rbtree_previous here to find 2790 * a domain with an NSEC record */ 2791 /* but there could be glue, and if this is node, then it has no NSEC. 2792 * Go up to find nonglue (previous) NSEC-holding nodes */ 2793 while((rrset=az_domain_rrset(*node, LDNS_RR_TYPE_NSEC)) == NULL) { 2794 if(dname_is_root(nm)) return NULL; 2795 if(nmlen == z->namelen) return NULL; 2796 dname_remove_label(&nm, &nmlen); 2797 /* adjust *node for the nsec rrset to find in */ 2798 *node = az_find_name(z, nm, nmlen); 2799 } 2800 return rrset; 2801} 2802 2803/** Find NSEC and add for wildcard denial */ 2804static int 2805az_nsec_wildcard_denial(struct auth_zone* z, struct regional* region, 2806 struct dns_msg* msg, uint8_t* cenm, size_t cenmlen) 2807{ 2808 struct query_info qinfo; 2809 int node_exact; 2810 struct auth_data* node; 2811 struct auth_rrset* nsec; 2812 uint8_t wc[LDNS_MAX_DOMAINLEN]; 2813 if(cenmlen+2 > sizeof(wc)) 2814 return 0; /* result would be too long */ 2815 wc[0] = 1; /* length of wildcard label */ 2816 wc[1] = (uint8_t)'*'; /* wildcard label */ 2817 memmove(wc+2, cenm, cenmlen); 2818 2819 /* we have '*.ce' in wc wildcard name buffer */ 2820 /* get nsec cover for that */ 2821 qinfo.qname = wc; 2822 qinfo.qname_len = cenmlen+2; 2823 qinfo.qtype = 0; 2824 qinfo.qclass = 0; 2825 az_find_domain(z, &qinfo, &node_exact, &node); 2826 if((nsec=az_find_nsec_cover(z, &node)) != NULL) { 2827 if(!msg_add_rrset_ns(z, region, msg, node, nsec)) return 0; 2828 } 2829 return 1; 2830} 2831 2832/** Find the NSEC3PARAM rrset (if any) and if true you have the parameters */ 2833static int 2834az_nsec3_param(struct auth_zone* z, int* algo, size_t* iter, uint8_t** salt, 2835 size_t* saltlen) 2836{ 2837 struct auth_data* apex; 2838 struct auth_rrset* param; 2839 size_t i; 2840 apex = az_find_name(z, z->name, z->namelen); 2841 if(!apex) return 0; 2842 param = az_domain_rrset(apex, LDNS_RR_TYPE_NSEC3PARAM); 2843 if(!param || param->data->count==0) 2844 return 0; /* no RRset or no RRs in rrset */ 2845 /* find out which NSEC3PARAM RR has supported parameters */ 2846 /* skip unknown flags (dynamic signer is recalculating nsec3 chain) */ 2847 for(i=0; i<param->data->count; i++) { 2848 uint8_t* rdata = param->data->rr_data[i]+2; 2849 size_t rdatalen = param->data->rr_len[i]; 2850 if(rdatalen < 2+5) 2851 continue; /* too short */ 2852 if(!nsec3_hash_algo_size_supported((int)(rdata[0]))) 2853 continue; /* unsupported algo */ 2854 if(rdatalen < (size_t)(2+5+(size_t)rdata[4])) 2855 continue; /* salt missing */ 2856 if((rdata[1]&NSEC3_UNKNOWN_FLAGS)!=0) 2857 continue; /* unknown flags */ 2858 *algo = (int)(rdata[0]); 2859 *iter = sldns_read_uint16(rdata+2); 2860 *saltlen = rdata[4]; 2861 if(*saltlen == 0) 2862 *salt = NULL; 2863 else *salt = rdata+5; 2864 return 1; 2865 } 2866 /* no supported params */ 2867 return 0; 2868} 2869 2870/** Hash a name with nsec3param into buffer, it has zone name appended. 2871 * return length of hash */ 2872static size_t 2873az_nsec3_hash(uint8_t* buf, size_t buflen, uint8_t* nm, size_t nmlen, 2874 int algo, size_t iter, uint8_t* salt, size_t saltlen) 2875{ 2876 size_t hlen = nsec3_hash_algo_size_supported(algo); 2877 /* buffer has domain name, nsec3hash, and 256 is for max saltlen 2878 * (salt has 0-255 length) */ 2879 unsigned char p[LDNS_MAX_DOMAINLEN+1+N3HASHBUFLEN+256]; 2880 size_t i; 2881 if(nmlen+saltlen > sizeof(p) || hlen+saltlen > sizeof(p)) 2882 return 0; 2883 if(hlen > buflen) 2884 return 0; /* somehow too large for destination buffer */ 2885 /* hashfunc(name, salt) */ 2886 memmove(p, nm, nmlen); 2887 query_dname_tolower(p); 2888 if(salt && saltlen > 0) 2889 memmove(p+nmlen, salt, saltlen); 2890 (void)secalgo_nsec3_hash(algo, p, nmlen+saltlen, (unsigned char*)buf); 2891 for(i=0; i<iter; i++) { 2892 /* hashfunc(hash, salt) */ 2893 memmove(p, buf, hlen); 2894 if(salt && saltlen > 0) 2895 memmove(p+hlen, salt, saltlen); 2896 (void)secalgo_nsec3_hash(algo, p, hlen+saltlen, 2897 (unsigned char*)buf); 2898 } 2899 return hlen; 2900} 2901 2902/** Hash name and return b32encoded hashname for lookup, zone name appended */ 2903static int 2904az_nsec3_hashname(struct auth_zone* z, uint8_t* hashname, size_t* hashnmlen, 2905 uint8_t* nm, size_t nmlen, int algo, size_t iter, uint8_t* salt, 2906 size_t saltlen) 2907{ 2908 uint8_t hash[N3HASHBUFLEN]; 2909 size_t hlen; 2910 int ret; 2911 hlen = az_nsec3_hash(hash, sizeof(hash), nm, nmlen, algo, iter, 2912 salt, saltlen); 2913 if(!hlen) return 0; 2914 /* b32 encode */ 2915 if(*hashnmlen < hlen*2+1+z->namelen) /* approx b32 as hexb16 */ 2916 return 0; 2917 ret = sldns_b32_ntop_extended_hex(hash, hlen, (char*)(hashname+1), 2918 (*hashnmlen)-1); 2919 if(ret<1) 2920 return 0; 2921 hashname[0] = (uint8_t)ret; 2922 ret++; 2923 if((*hashnmlen) - ret < z->namelen) 2924 return 0; 2925 memmove(hashname+ret, z->name, z->namelen); 2926 *hashnmlen = z->namelen+(size_t)ret; 2927 return 1; 2928} 2929 2930/** Find the datanode that covers the nsec3hash-name */ 2931static struct auth_data* 2932az_nsec3_findnode(struct auth_zone* z, uint8_t* hashnm, size_t hashnmlen) 2933{ 2934 struct query_info qinfo; 2935 struct auth_data* node; 2936 int node_exact; 2937 qinfo.qclass = 0; 2938 qinfo.qtype = 0; 2939 qinfo.qname = hashnm; 2940 qinfo.qname_len = hashnmlen; 2941 /* because canonical ordering and b32 nsec3 ordering are the same. 2942 * this is a good lookup to find the nsec3 name. */ 2943 az_find_domain(z, &qinfo, &node_exact, &node); 2944 /* but we may have to skip non-nsec3 nodes */ 2945 /* this may be a lot, the way to speed that up is to have a 2946 * separate nsec3 tree with nsec3 nodes */ 2947 while(node && (rbnode_type*)node != RBTREE_NULL && 2948 !az_domain_rrset(node, LDNS_RR_TYPE_NSEC3)) { 2949 node = (struct auth_data*)rbtree_previous(&node->node); 2950 } 2951 if((rbnode_type*)node == RBTREE_NULL) 2952 node = NULL; 2953 return node; 2954} 2955 2956/** Find cover for hashed(nm, nmlen) (or NULL) */ 2957static struct auth_data* 2958az_nsec3_find_cover(struct auth_zone* z, uint8_t* nm, size_t nmlen, 2959 int algo, size_t iter, uint8_t* salt, size_t saltlen) 2960{ 2961 struct auth_data* node; 2962 uint8_t hname[LDNS_MAX_DOMAINLEN]; 2963 size_t hlen = sizeof(hname); 2964 if(!az_nsec3_hashname(z, hname, &hlen, nm, nmlen, algo, iter, 2965 salt, saltlen)) 2966 return NULL; 2967 node = az_nsec3_findnode(z, hname, hlen); 2968 if(node) 2969 return node; 2970 /* we did not find any, perhaps because the NSEC3 hash is before 2971 * the first hash, we have to find the 'last hash' in the zone */ 2972 node = (struct auth_data*)rbtree_last(&z->data); 2973 while(node && (rbnode_type*)node != RBTREE_NULL && 2974 !az_domain_rrset(node, LDNS_RR_TYPE_NSEC3)) { 2975 node = (struct auth_data*)rbtree_previous(&node->node); 2976 } 2977 if((rbnode_type*)node == RBTREE_NULL) 2978 node = NULL; 2979 return node; 2980} 2981 2982/** Find exact match for hashed(nm, nmlen) NSEC3 record or NULL */ 2983static struct auth_data* 2984az_nsec3_find_exact(struct auth_zone* z, uint8_t* nm, size_t nmlen, 2985 int algo, size_t iter, uint8_t* salt, size_t saltlen) 2986{ 2987 struct auth_data* node; 2988 uint8_t hname[LDNS_MAX_DOMAINLEN]; 2989 size_t hlen = sizeof(hname); 2990 if(!az_nsec3_hashname(z, hname, &hlen, nm, nmlen, algo, iter, 2991 salt, saltlen)) 2992 return NULL; 2993 node = az_find_name(z, hname, hlen); 2994 if(az_domain_rrset(node, LDNS_RR_TYPE_NSEC3)) 2995 return node; 2996 return NULL; 2997} 2998 2999/** Return nextcloser name (as a ref into the qname). This is one label 3000 * more than the cenm (cename must be a suffix of qname) */ 3001static void 3002az_nsec3_get_nextcloser(uint8_t* cenm, uint8_t* qname, size_t qname_len, 3003 uint8_t** nx, size_t* nxlen) 3004{ 3005 int celabs = dname_count_labels(cenm); 3006 int qlabs = dname_count_labels(qname); 3007 int strip = qlabs - celabs -1; 3008 log_assert(dname_strict_subdomain(qname, qlabs, cenm, celabs)); 3009 *nx = qname; 3010 *nxlen = qname_len; 3011 if(strip>0) 3012 dname_remove_labels(nx, nxlen, strip); 3013} 3014 3015/** Find the closest encloser that has exact NSEC3. 3016 * updated cenm to the new name. If it went up no-exact-ce is true. */ 3017static struct auth_data* 3018az_nsec3_find_ce(struct auth_zone* z, uint8_t** cenm, size_t* cenmlen, 3019 int* no_exact_ce, int algo, size_t iter, uint8_t* salt, size_t saltlen) 3020{ 3021 struct auth_data* node; 3022 while((node = az_nsec3_find_exact(z, *cenm, *cenmlen, 3023 algo, iter, salt, saltlen)) == NULL) { 3024 if(*cenmlen == z->namelen) { 3025 /* next step up would take us out of the zone. fail */ 3026 return NULL; 3027 } 3028 *no_exact_ce = 1; 3029 dname_remove_label(cenm, cenmlen); 3030 } 3031 return node; 3032} 3033 3034/* Insert NSEC3 record in authority section, if NULL does nothing */ 3035static int 3036az_nsec3_insert(struct auth_zone* z, struct regional* region, 3037 struct dns_msg* msg, struct auth_data* node) 3038{ 3039 struct auth_rrset* nsec3; 3040 if(!node) return 1; /* no node, skip this */ 3041 nsec3 = az_domain_rrset(node, LDNS_RR_TYPE_NSEC3); 3042 if(!nsec3) return 1; /* if no nsec3 RR, skip it */ 3043 if(!msg_add_rrset_ns(z, region, msg, node, nsec3)) return 0; 3044 return 1; 3045} 3046 3047/** add NSEC3 records to the zone for the nsec3 proof. 3048 * Specify with the flags with parts of the proof are required. 3049 * the ce is the exact matching name (for notype) but also delegation points. 3050 * qname is the one where the nextcloser name can be derived from. 3051 * If NSEC3 is not properly there (in the zone) nothing is added. 3052 * always enabled: include nsec3 proving about the Closest Encloser. 3053 * that is an exact match that should exist for it. 3054 * If that does not exist, a higher exact match + nxproof is enabled 3055 * (for some sort of opt-out empty nonterminal cases). 3056 * nodataproof: search for exact match and include that instead. 3057 * ceproof: include ce proof NSEC3 (omitted for wildcard replies). 3058 * nxproof: include denial of the qname. 3059 * wcproof: include denial of wildcard (wildcard.ce). 3060 */ 3061static int 3062az_add_nsec3_proof(struct auth_zone* z, struct regional* region, 3063 struct dns_msg* msg, uint8_t* cenm, size_t cenmlen, uint8_t* qname, 3064 size_t qname_len, int nodataproof, int ceproof, int nxproof, 3065 int wcproof) 3066{ 3067 int algo; 3068 size_t iter, saltlen; 3069 uint8_t* salt; 3070 int no_exact_ce = 0; 3071 struct auth_data* node; 3072 3073 /* find parameters of nsec3 proof */ 3074 if(!az_nsec3_param(z, &algo, &iter, &salt, &saltlen)) 3075 return 1; /* no nsec3 */ 3076 if(nodataproof) { 3077 /* see if the node has a hash of itself for the nodata 3078 * proof nsec3, this has to be an exact match nsec3. */ 3079 struct auth_data* match; 3080 match = az_nsec3_find_exact(z, qname, qname_len, algo, 3081 iter, salt, saltlen); 3082 if(match) { 3083 if(!az_nsec3_insert(z, region, msg, match)) 3084 return 0; 3085 /* only nodata NSEC3 needed, no CE or others. */ 3086 return 1; 3087 } 3088 } 3089 /* find ce that has an NSEC3 */ 3090 if(ceproof) { 3091 node = az_nsec3_find_ce(z, &cenm, &cenmlen, &no_exact_ce, 3092 algo, iter, salt, saltlen); 3093 if(no_exact_ce) nxproof = 1; 3094 if(!az_nsec3_insert(z, region, msg, node)) 3095 return 0; 3096 } 3097 3098 if(nxproof) { 3099 uint8_t* nx; 3100 size_t nxlen; 3101 /* create nextcloser domain name */ 3102 az_nsec3_get_nextcloser(cenm, qname, qname_len, &nx, &nxlen); 3103 /* find nsec3 that matches or covers it */ 3104 node = az_nsec3_find_cover(z, nx, nxlen, algo, iter, salt, 3105 saltlen); 3106 if(!az_nsec3_insert(z, region, msg, node)) 3107 return 0; 3108 } 3109 if(wcproof) { 3110 /* create wildcard name *.ce */ 3111 uint8_t wc[LDNS_MAX_DOMAINLEN]; 3112 size_t wclen; 3113 if(cenmlen+2 > sizeof(wc)) 3114 return 0; /* result would be too long */ 3115 wc[0] = 1; /* length of wildcard label */ 3116 wc[1] = (uint8_t)'*'; /* wildcard label */ 3117 memmove(wc+2, cenm, cenmlen); 3118 wclen = cenmlen+2; 3119 /* find nsec3 that matches or covers it */ 3120 node = az_nsec3_find_cover(z, wc, wclen, algo, iter, salt, 3121 saltlen); 3122 if(!az_nsec3_insert(z, region, msg, node)) 3123 return 0; 3124 } 3125 return 1; 3126} 3127 3128/** generate answer for positive answer */ 3129static int 3130az_generate_positive_answer(struct auth_zone* z, struct regional* region, 3131 struct dns_msg* msg, struct auth_data* node, struct auth_rrset* rrset) 3132{ 3133 if(!msg_add_rrset_an(z, region, msg, node, rrset)) return 0; 3134 /* see if we want additional rrs */ 3135 if(rrset->type == LDNS_RR_TYPE_MX) { 3136 if(!az_add_additionals_from(z, region, msg, rrset, 2)) 3137 return 0; 3138 } else if(rrset->type == LDNS_RR_TYPE_SRV) { 3139 if(!az_add_additionals_from(z, region, msg, rrset, 6)) 3140 return 0; 3141 } else if(rrset->type == LDNS_RR_TYPE_NS) { 3142 if(!az_add_additionals_from(z, region, msg, rrset, 0)) 3143 return 0; 3144 } 3145 return 1; 3146} 3147 3148/** generate answer for type ANY answer */ 3149static int 3150az_generate_any_answer(struct auth_zone* z, struct regional* region, 3151 struct dns_msg* msg, struct auth_data* node) 3152{ 3153 struct auth_rrset* rrset; 3154 int added = 0; 3155 /* add a couple (at least one) RRs */ 3156 if((rrset=az_domain_rrset(node, LDNS_RR_TYPE_SOA)) != NULL) { 3157 if(!msg_add_rrset_an(z, region, msg, node, rrset)) return 0; 3158 added++; 3159 } 3160 if((rrset=az_domain_rrset(node, LDNS_RR_TYPE_MX)) != NULL) { 3161 if(!msg_add_rrset_an(z, region, msg, node, rrset)) return 0; 3162 added++; 3163 } 3164 if((rrset=az_domain_rrset(node, LDNS_RR_TYPE_A)) != NULL) { 3165 if(!msg_add_rrset_an(z, region, msg, node, rrset)) return 0; 3166 added++; 3167 } 3168 if((rrset=az_domain_rrset(node, LDNS_RR_TYPE_AAAA)) != NULL) { 3169 if(!msg_add_rrset_an(z, region, msg, node, rrset)) return 0; 3170 added++; 3171 } 3172 if(added == 0 && node && node->rrsets) { 3173 if(!msg_add_rrset_an(z, region, msg, node, 3174 node->rrsets)) return 0; 3175 } 3176 return 1; 3177} 3178 3179/** follow cname chain and add more data to the answer section */ 3180static int 3181follow_cname_chain(struct auth_zone* z, uint16_t qtype, 3182 struct regional* region, struct dns_msg* msg, 3183 struct packed_rrset_data* d) 3184{ 3185 int maxchain = 0; 3186 /* see if we can add the target of the CNAME into the answer */ 3187 while(maxchain++ < MAX_CNAME_CHAIN) { 3188 struct auth_data* node; 3189 struct auth_rrset* rrset; 3190 size_t clen; 3191 /* d has cname rdata */ 3192 if(d->count == 0) break; /* no CNAME */ 3193 if(d->rr_len[0] < 2+1) break; /* too small */ 3194 if((clen=dname_valid(d->rr_data[0]+2, d->rr_len[0]-2))==0) 3195 break; /* malformed */ 3196 if(!dname_subdomain_c(d->rr_data[0]+2, z->name)) 3197 break; /* target out of zone */ 3198 if((node = az_find_name(z, d->rr_data[0]+2, clen))==NULL) 3199 break; /* no such target name */ 3200 if((rrset=az_domain_rrset(node, qtype))!=NULL) { 3201 /* done we found the target */ 3202 if(!msg_add_rrset_an(z, region, msg, node, rrset)) 3203 return 0; 3204 break; 3205 } 3206 if((rrset=az_domain_rrset(node, LDNS_RR_TYPE_CNAME))==NULL) 3207 break; /* no further CNAME chain, notype */ 3208 if(!msg_add_rrset_an(z, region, msg, node, rrset)) return 0; 3209 d = rrset->data; 3210 } 3211 return 1; 3212} 3213 3214/** generate answer for cname answer */ 3215static int 3216az_generate_cname_answer(struct auth_zone* z, struct query_info* qinfo, 3217 struct regional* region, struct dns_msg* msg, 3218 struct auth_data* node, struct auth_rrset* rrset) 3219{ 3220 if(!msg_add_rrset_an(z, region, msg, node, rrset)) return 0; 3221 if(!rrset) return 1; 3222 if(!follow_cname_chain(z, qinfo->qtype, region, msg, rrset->data)) 3223 return 0; 3224 return 1; 3225} 3226 3227/** generate answer for notype answer */ 3228static int 3229az_generate_notype_answer(struct auth_zone* z, struct regional* region, 3230 struct dns_msg* msg, struct auth_data* node) 3231{ 3232 struct auth_rrset* rrset; 3233 if(!az_add_negative_soa(z, region, msg)) return 0; 3234 /* DNSSEC denial NSEC */ 3235 if((rrset=az_domain_rrset(node, LDNS_RR_TYPE_NSEC))!=NULL) { 3236 if(!msg_add_rrset_ns(z, region, msg, node, rrset)) return 0; 3237 } else if(node) { 3238 /* DNSSEC denial NSEC3 */ 3239 if(!az_add_nsec3_proof(z, region, msg, node->name, 3240 node->namelen, msg->qinfo.qname, 3241 msg->qinfo.qname_len, 1, 1, 0, 0)) 3242 return 0; 3243 } 3244 return 1; 3245} 3246 3247/** generate answer for referral answer */ 3248static int 3249az_generate_referral_answer(struct auth_zone* z, struct regional* region, 3250 struct dns_msg* msg, struct auth_data* ce, struct auth_rrset* rrset) 3251{ 3252 struct auth_rrset* ds, *nsec; 3253 /* turn off AA flag, referral is nonAA because it leaves the zone */ 3254 log_assert(ce); 3255 msg->rep->flags &= ~BIT_AA; 3256 if(!msg_add_rrset_ns(z, region, msg, ce, rrset)) return 0; 3257 /* add DS or deny it */ 3258 if((ds=az_domain_rrset(ce, LDNS_RR_TYPE_DS))!=NULL) { 3259 if(!msg_add_rrset_ns(z, region, msg, ce, ds)) return 0; 3260 } else { 3261 /* deny the DS */ 3262 if((nsec=az_domain_rrset(ce, LDNS_RR_TYPE_NSEC))!=NULL) { 3263 if(!msg_add_rrset_ns(z, region, msg, ce, nsec)) 3264 return 0; 3265 } else { 3266 if(!az_add_nsec3_proof(z, region, msg, ce->name, 3267 ce->namelen, msg->qinfo.qname, 3268 msg->qinfo.qname_len, 1, 1, 0, 0)) 3269 return 0; 3270 } 3271 } 3272 /* add additional rrs for type NS */ 3273 if(!az_add_additionals_from(z, region, msg, rrset, 0)) return 0; 3274 return 1; 3275} 3276 3277/** generate answer for DNAME answer */ 3278static int 3279az_generate_dname_answer(struct auth_zone* z, struct query_info* qinfo, 3280 struct regional* region, struct dns_msg* msg, struct auth_data* ce, 3281 struct auth_rrset* rrset) 3282{ 3283 log_assert(ce); 3284 /* add the DNAME and then a CNAME */ 3285 if(!msg_add_rrset_an(z, region, msg, ce, rrset)) return 0; 3286 if(!add_synth_cname(z, qinfo->qname, qinfo->qname_len, region, 3287 msg, ce, rrset)) return 0; 3288 if(FLAGS_GET_RCODE(msg->rep->flags) == LDNS_RCODE_YXDOMAIN) 3289 return 1; 3290 if(msg->rep->rrset_count == 0 || 3291 !msg->rep->rrsets[msg->rep->rrset_count-1]) 3292 return 0; 3293 if(!follow_cname_chain(z, qinfo->qtype, region, msg, 3294 (struct packed_rrset_data*)msg->rep->rrsets[ 3295 msg->rep->rrset_count-1]->entry.data)) 3296 return 0; 3297 return 1; 3298} 3299 3300/** generate answer for wildcard answer */ 3301static int 3302az_generate_wildcard_answer(struct auth_zone* z, struct query_info* qinfo, 3303 struct regional* region, struct dns_msg* msg, struct auth_data* ce, 3304 struct auth_data* wildcard, struct auth_data* node) 3305{ 3306 struct auth_rrset* rrset, *nsec; 3307 int insert_ce = 0; 3308 if((rrset=az_domain_rrset(wildcard, qinfo->qtype)) != NULL) { 3309 /* wildcard has type, add it */ 3310 if(!msg_add_rrset_an(z, region, msg, wildcard, rrset)) 3311 return 0; 3312 az_change_dnames(msg, wildcard->name, msg->qinfo.qname, 3313 msg->qinfo.qname_len, 1); 3314 } else if((rrset=az_domain_rrset(wildcard, LDNS_RR_TYPE_CNAME))!=NULL) { 3315 /* wildcard has cname instead, do that */ 3316 if(!msg_add_rrset_an(z, region, msg, wildcard, rrset)) 3317 return 0; 3318 az_change_dnames(msg, wildcard->name, msg->qinfo.qname, 3319 msg->qinfo.qname_len, 1); 3320 if(!follow_cname_chain(z, qinfo->qtype, region, msg, 3321 rrset->data)) 3322 return 0; 3323 } else if(qinfo->qtype == LDNS_RR_TYPE_ANY && wildcard->rrsets) { 3324 /* add ANY rrsets from wildcard node */ 3325 if(!az_generate_any_answer(z, region, msg, wildcard)) 3326 return 0; 3327 az_change_dnames(msg, wildcard->name, msg->qinfo.qname, 3328 msg->qinfo.qname_len, 1); 3329 } else { 3330 /* wildcard has nodata, notype answer */ 3331 /* call other notype routine for dnssec notype denials */ 3332 if(!az_generate_notype_answer(z, region, msg, wildcard)) 3333 return 0; 3334 /* because the notype, there is no positive data with an 3335 * RRSIG that indicates the wildcard position. Thus the 3336 * wildcard qname denial needs to have a CE nsec3. */ 3337 insert_ce = 1; 3338 } 3339 3340 /* ce and node for dnssec denial of wildcard original name */ 3341 if((nsec=az_find_nsec_cover(z, &node)) != NULL) { 3342 if(!msg_add_rrset_ns(z, region, msg, node, nsec)) return 0; 3343 } else if(ce) { 3344 uint8_t* wildup = wildcard->name; 3345 size_t wilduplen= wildcard->namelen; 3346 dname_remove_label(&wildup, &wilduplen); 3347 if(!az_add_nsec3_proof(z, region, msg, wildup, 3348 wilduplen, msg->qinfo.qname, 3349 msg->qinfo.qname_len, 0, insert_ce, 1, 0)) 3350 return 0; 3351 } 3352 3353 /* fixup name of wildcard from *.zone to qname, use already allocated 3354 * pointer to msg qname */ 3355 az_change_dnames(msg, wildcard->name, msg->qinfo.qname, 3356 msg->qinfo.qname_len, 0); 3357 return 1; 3358} 3359 3360/** generate answer for nxdomain answer */ 3361static int 3362az_generate_nxdomain_answer(struct auth_zone* z, struct regional* region, 3363 struct dns_msg* msg, struct auth_data* ce, struct auth_data* node) 3364{ 3365 struct auth_rrset* nsec; 3366 msg->rep->flags |= LDNS_RCODE_NXDOMAIN; 3367 if(!az_add_negative_soa(z, region, msg)) return 0; 3368 if((nsec=az_find_nsec_cover(z, &node)) != NULL) { 3369 if(!msg_add_rrset_ns(z, region, msg, node, nsec)) return 0; 3370 if(ce && !az_nsec_wildcard_denial(z, region, msg, ce->name, 3371 ce->namelen)) return 0; 3372 } else if(ce) { 3373 if(!az_add_nsec3_proof(z, region, msg, ce->name, 3374 ce->namelen, msg->qinfo.qname, 3375 msg->qinfo.qname_len, 0, 1, 1, 1)) 3376 return 0; 3377 } 3378 return 1; 3379} 3380 3381/** Create answers when an exact match exists for the domain name */ 3382static int 3383az_generate_answer_with_node(struct auth_zone* z, struct query_info* qinfo, 3384 struct regional* region, struct dns_msg* msg, struct auth_data* node) 3385{ 3386 struct auth_rrset* rrset; 3387 /* positive answer, rrset we are looking for exists */ 3388 if((rrset=az_domain_rrset(node, qinfo->qtype)) != NULL) { 3389 return az_generate_positive_answer(z, region, msg, node, rrset); 3390 } 3391 /* CNAME? */ 3392 if((rrset=az_domain_rrset(node, LDNS_RR_TYPE_CNAME)) != NULL) { 3393 return az_generate_cname_answer(z, qinfo, region, msg, 3394 node, rrset); 3395 } 3396 /* type ANY ? */ 3397 if(qinfo->qtype == LDNS_RR_TYPE_ANY) { 3398 return az_generate_any_answer(z, region, msg, node); 3399 } 3400 /* NOERROR/NODATA (no such type at domain name) */ 3401 return az_generate_notype_answer(z, region, msg, node); 3402} 3403 3404/** Generate answer without an existing-node that we can use. 3405 * So it'll be a referral, DNAME or nxdomain */ 3406static int 3407az_generate_answer_nonexistnode(struct auth_zone* z, struct query_info* qinfo, 3408 struct regional* region, struct dns_msg* msg, struct auth_data* ce, 3409 struct auth_rrset* rrset, struct auth_data* node) 3410{ 3411 struct auth_data* wildcard; 3412 3413 /* we do not have an exact matching name (that exists) */ 3414 /* see if we have a NS or DNAME in the ce */ 3415 if(ce && rrset && rrset->type == LDNS_RR_TYPE_NS) { 3416 return az_generate_referral_answer(z, region, msg, ce, rrset); 3417 } 3418 if(ce && rrset && rrset->type == LDNS_RR_TYPE_DNAME) { 3419 return az_generate_dname_answer(z, qinfo, region, msg, ce, 3420 rrset); 3421 } 3422 /* if there is an empty nonterminal, wildcard and nxdomain don't 3423 * happen, it is a notype answer */ 3424 if(az_empty_nonterminal(z, qinfo, node)) { 3425 return az_generate_notype_answer(z, region, msg, node); 3426 } 3427 /* see if we have a wildcard under the ce */ 3428 if((wildcard=az_find_wildcard(z, qinfo, ce)) != NULL) { 3429 return az_generate_wildcard_answer(z, qinfo, region, msg, 3430 ce, wildcard, node); 3431 } 3432 /* generate nxdomain answer */ 3433 return az_generate_nxdomain_answer(z, region, msg, ce, node); 3434} 3435 3436/** Lookup answer in a zone. */ 3437static int 3438auth_zone_generate_answer(struct auth_zone* z, struct query_info* qinfo, 3439 struct regional* region, struct dns_msg** msg, int* fallback) 3440{ 3441 struct auth_data* node, *ce; 3442 struct auth_rrset* rrset; 3443 int node_exact, node_exists; 3444 /* does the zone want fallback in case of failure? */ 3445 *fallback = z->fallback_enabled; 3446 if(!(*msg=msg_create(region, qinfo))) return 0; 3447 3448 /* lookup if there is a matching domain name for the query */ 3449 az_find_domain(z, qinfo, &node_exact, &node); 3450 3451 /* see if node exists for generating answers from (i.e. not glue and 3452 * obscured by NS or DNAME or NSEC3-only), and also return the 3453 * closest-encloser from that, closest node that should be used 3454 * to generate answers from that is above the query */ 3455 node_exists = az_find_ce(z, qinfo, node, node_exact, &ce, &rrset); 3456 3457 if(verbosity >= VERB_ALGO) { 3458 char zname[256], qname[256], nname[256], cename[256], 3459 tpstr[32], rrstr[32]; 3460 sldns_wire2str_dname_buf(qinfo->qname, qinfo->qname_len, qname, 3461 sizeof(qname)); 3462 sldns_wire2str_type_buf(qinfo->qtype, tpstr, sizeof(tpstr)); 3463 sldns_wire2str_dname_buf(z->name, z->namelen, zname, 3464 sizeof(zname)); 3465 if(node) 3466 sldns_wire2str_dname_buf(node->name, node->namelen, 3467 nname, sizeof(nname)); 3468 else snprintf(nname, sizeof(nname), "NULL"); 3469 if(ce) 3470 sldns_wire2str_dname_buf(ce->name, ce->namelen, 3471 cename, sizeof(cename)); 3472 else snprintf(cename, sizeof(cename), "NULL"); 3473 if(rrset) sldns_wire2str_type_buf(rrset->type, rrstr, 3474 sizeof(rrstr)); 3475 else snprintf(rrstr, sizeof(rrstr), "NULL"); 3476 log_info("auth_zone %s query %s %s, domain %s %s %s, " 3477 "ce %s, rrset %s", zname, qname, tpstr, nname, 3478 (node_exact?"exact":"notexact"), 3479 (node_exists?"exist":"notexist"), cename, rrstr); 3480 } 3481 3482 if(node_exists) { 3483 /* the node is fine, generate answer from node */ 3484 return az_generate_answer_with_node(z, qinfo, region, *msg, 3485 node); 3486 } 3487 return az_generate_answer_nonexistnode(z, qinfo, region, *msg, 3488 ce, rrset, node); 3489} 3490 3491int auth_zones_lookup(struct auth_zones* az, struct query_info* qinfo, 3492 struct regional* region, struct dns_msg** msg, int* fallback, 3493 uint8_t* dp_nm, size_t dp_nmlen) 3494{ 3495 int r; 3496 struct auth_zone* z; 3497 /* find the zone that should contain the answer. */ 3498 lock_rw_rdlock(&az->lock); 3499 z = auth_zone_find(az, dp_nm, dp_nmlen, qinfo->qclass); 3500 if(!z) { 3501 lock_rw_unlock(&az->lock); 3502 /* no auth zone, fallback to internet */ 3503 *fallback = 1; 3504 return 0; 3505 } 3506 lock_rw_rdlock(&z->lock); 3507 lock_rw_unlock(&az->lock); 3508 3509 /* if not for upstream queries, fallback */ 3510 if(!z->for_upstream) { 3511 lock_rw_unlock(&z->lock); 3512 *fallback = 1; 3513 return 0; 3514 } 3515 if(z->zone_expired) { 3516 *fallback = z->fallback_enabled; 3517 lock_rw_unlock(&z->lock); 3518 return 0; 3519 } 3520 /* see what answer that zone would generate */ 3521 r = auth_zone_generate_answer(z, qinfo, region, msg, fallback); 3522 lock_rw_unlock(&z->lock); 3523 return r; 3524} 3525 3526/** encode auth answer */ 3527static void 3528auth_answer_encode(struct query_info* qinfo, struct module_env* env, 3529 struct edns_data* edns, struct comm_reply* repinfo, sldns_buffer* buf, 3530 struct regional* temp, struct dns_msg* msg) 3531{ 3532 uint16_t udpsize; 3533 udpsize = edns->udp_size; 3534 edns->edns_version = EDNS_ADVERTISED_VERSION; 3535 edns->udp_size = EDNS_ADVERTISED_SIZE; 3536 edns->ext_rcode = 0; 3537 edns->bits &= EDNS_DO; 3538 3539 if(!inplace_cb_reply_local_call(env, qinfo, NULL, msg->rep, 3540 (int)FLAGS_GET_RCODE(msg->rep->flags), edns, repinfo, temp, env->now_tv) 3541 || !reply_info_answer_encode(qinfo, msg->rep, 3542 *(uint16_t*)sldns_buffer_begin(buf), 3543 sldns_buffer_read_u16_at(buf, 2), 3544 buf, 0, 0, temp, udpsize, edns, 3545 (int)(edns->bits&EDNS_DO), 0)) { 3546 error_encode(buf, (LDNS_RCODE_SERVFAIL|BIT_AA), qinfo, 3547 *(uint16_t*)sldns_buffer_begin(buf), 3548 sldns_buffer_read_u16_at(buf, 2), edns); 3549 } 3550} 3551 3552/** encode auth error answer */ 3553static void 3554auth_error_encode(struct query_info* qinfo, struct module_env* env, 3555 struct edns_data* edns, struct comm_reply* repinfo, sldns_buffer* buf, 3556 struct regional* temp, int rcode) 3557{ 3558 edns->edns_version = EDNS_ADVERTISED_VERSION; 3559 edns->udp_size = EDNS_ADVERTISED_SIZE; 3560 edns->ext_rcode = 0; 3561 edns->bits &= EDNS_DO; 3562 3563 if(!inplace_cb_reply_local_call(env, qinfo, NULL, NULL, 3564 rcode, edns, repinfo, temp, env->now_tv)) 3565 edns->opt_list_inplace_cb_out = NULL; 3566 error_encode(buf, rcode|BIT_AA, qinfo, 3567 *(uint16_t*)sldns_buffer_begin(buf), 3568 sldns_buffer_read_u16_at(buf, 2), edns); 3569} 3570 3571int auth_zones_answer(struct auth_zones* az, struct module_env* env, 3572 struct query_info* qinfo, struct edns_data* edns, 3573 struct comm_reply* repinfo, struct sldns_buffer* buf, struct regional* temp) 3574{ 3575 struct dns_msg* msg = NULL; 3576 struct auth_zone* z; 3577 int r; 3578 int fallback = 0; 3579 3580 lock_rw_rdlock(&az->lock); 3581 if(!az->have_downstream) { 3582 /* no downstream auth zones */ 3583 lock_rw_unlock(&az->lock); 3584 return 0; 3585 } 3586 if(qinfo->qtype == LDNS_RR_TYPE_DS) { 3587 uint8_t* delname = qinfo->qname; 3588 size_t delnamelen = qinfo->qname_len; 3589 dname_remove_label(&delname, &delnamelen); 3590 z = auth_zones_find_zone(az, delname, delnamelen, 3591 qinfo->qclass); 3592 } else { 3593 z = auth_zones_find_zone(az, qinfo->qname, qinfo->qname_len, 3594 qinfo->qclass); 3595 } 3596 if(!z) { 3597 /* no zone above it */ 3598 lock_rw_unlock(&az->lock); 3599 return 0; 3600 } 3601 lock_rw_rdlock(&z->lock); 3602 lock_rw_unlock(&az->lock); 3603 if(!z->for_downstream) { 3604 lock_rw_unlock(&z->lock); 3605 return 0; 3606 } 3607 if(z->zone_expired) { 3608 if(z->fallback_enabled) { 3609 lock_rw_unlock(&z->lock); 3610 return 0; 3611 } 3612 lock_rw_unlock(&z->lock); 3613 lock_rw_wrlock(&az->lock); 3614 az->num_query_down++; 3615 lock_rw_unlock(&az->lock); 3616 auth_error_encode(qinfo, env, edns, repinfo, buf, temp, 3617 LDNS_RCODE_SERVFAIL); 3618 return 1; 3619 } 3620 3621 /* answer it from zone z */ 3622 r = auth_zone_generate_answer(z, qinfo, temp, &msg, &fallback); 3623 lock_rw_unlock(&z->lock); 3624 if(!r && fallback) { 3625 /* fallback to regular answering (recursive) */ 3626 return 0; 3627 } 3628 lock_rw_wrlock(&az->lock); 3629 az->num_query_down++; 3630 lock_rw_unlock(&az->lock); 3631 3632 /* encode answer */ 3633 if(!r) 3634 auth_error_encode(qinfo, env, edns, repinfo, buf, temp, 3635 LDNS_RCODE_SERVFAIL); 3636 else auth_answer_encode(qinfo, env, edns, repinfo, buf, temp, msg); 3637 3638 return 1; 3639} 3640 3641int auth_zones_can_fallback(struct auth_zones* az, uint8_t* nm, size_t nmlen, 3642 uint16_t dclass) 3643{ 3644 int r; 3645 struct auth_zone* z; 3646 lock_rw_rdlock(&az->lock); 3647 z = auth_zone_find(az, nm, nmlen, dclass); 3648 if(!z) { 3649 lock_rw_unlock(&az->lock); 3650 /* no such auth zone, fallback */ 3651 return 1; 3652 } 3653 lock_rw_rdlock(&z->lock); 3654 lock_rw_unlock(&az->lock); 3655 r = z->fallback_enabled || (!z->for_upstream); 3656 lock_rw_unlock(&z->lock); 3657 return r; 3658} 3659 3660int 3661auth_zone_parse_notify_serial(sldns_buffer* pkt, uint32_t *serial) 3662{ 3663 struct query_info q; 3664 uint16_t rdlen; 3665 memset(&q, 0, sizeof(q)); 3666 sldns_buffer_set_position(pkt, 0); 3667 if(!query_info_parse(&q, pkt)) return 0; 3668 if(LDNS_ANCOUNT(sldns_buffer_begin(pkt)) == 0) return 0; 3669 /* skip name of RR in answer section */ 3670 if(sldns_buffer_remaining(pkt) < 1) return 0; 3671 if(pkt_dname_len(pkt) == 0) return 0; 3672 /* check type */ 3673 if(sldns_buffer_remaining(pkt) < 10 /* type,class,ttl,rdatalen*/) 3674 return 0; 3675 if(sldns_buffer_read_u16(pkt) != LDNS_RR_TYPE_SOA) return 0; 3676 sldns_buffer_skip(pkt, 2); /* class */ 3677 sldns_buffer_skip(pkt, 4); /* ttl */ 3678 rdlen = sldns_buffer_read_u16(pkt); /* rdatalen */ 3679 if(sldns_buffer_remaining(pkt) < rdlen) return 0; 3680 if(rdlen < 22) return 0; /* bad soa length */ 3681 sldns_buffer_skip(pkt, (ssize_t)(rdlen-20)); 3682 *serial = sldns_buffer_read_u32(pkt); 3683 /* return true when has serial in answer section */ 3684 return 1; 3685} 3686 3687/** see if addr appears in the list */ 3688static int 3689addr_in_list(struct auth_addr* list, struct sockaddr_storage* addr, 3690 socklen_t addrlen) 3691{ 3692 struct auth_addr* p; 3693 for(p=list; p; p=p->next) { 3694 if(sockaddr_cmp_addr(addr, addrlen, &p->addr, p->addrlen)==0) 3695 return 1; 3696 } 3697 return 0; 3698} 3699 3700/** check if an address matches a master specification (or one of its 3701 * addresses in the addr list) */ 3702static int 3703addr_matches_master(struct auth_master* master, struct sockaddr_storage* addr, 3704 socklen_t addrlen, struct auth_master** fromhost) 3705{ 3706 struct sockaddr_storage a; 3707 socklen_t alen = 0; 3708 int net = 0; 3709 if(addr_in_list(master->list, addr, addrlen)) { 3710 *fromhost = master; 3711 return 1; 3712 } 3713 /* compare address (but not port number, that is the destination 3714 * port of the master, the port number of the received notify is 3715 * allowed to by any port on that master) */ 3716 if(extstrtoaddr(master->host, &a, &alen, UNBOUND_DNS_PORT) && 3717 sockaddr_cmp_addr(addr, addrlen, &a, alen)==0) { 3718 *fromhost = master; 3719 return 1; 3720 } 3721 /* prefixes, addr/len, like 10.0.0.0/8 */ 3722 /* not http and has a / and there is one / */ 3723 if(master->allow_notify && !master->http && 3724 strchr(master->host, '/') != NULL && 3725 strchr(master->host, '/') == strrchr(master->host, '/') && 3726 netblockstrtoaddr(master->host, UNBOUND_DNS_PORT, &a, &alen, 3727 &net) && alen == addrlen) { 3728 if(addr_in_common(addr, (addr_is_ip6(addr, addrlen)?128:32), 3729 &a, net, alen) >= net) { 3730 *fromhost = NULL; /* prefix does not have destination 3731 to send the probe or transfer with */ 3732 return 1; /* matches the netblock */ 3733 } 3734 } 3735 return 0; 3736} 3737 3738/** check access list for notifies */ 3739static int 3740az_xfr_allowed_notify(struct auth_xfer* xfr, struct sockaddr_storage* addr, 3741 socklen_t addrlen, struct auth_master** fromhost) 3742{ 3743 struct auth_master* p; 3744 for(p=xfr->allow_notify_list; p; p=p->next) { 3745 if(addr_matches_master(p, addr, addrlen, fromhost)) { 3746 return 1; 3747 } 3748 } 3749 return 0; 3750} 3751 3752/** see if the serial means the zone has to be updated, i.e. the serial 3753 * is newer than the zone serial, or we have no zone */ 3754static int 3755xfr_serial_means_update(struct auth_xfer* xfr, uint32_t serial) 3756{ 3757 if(!xfr->have_zone) 3758 return 1; /* no zone, anything is better */ 3759 if(xfr->zone_expired) 3760 return 1; /* expired, the sent serial is better than expired 3761 data */ 3762 if(compare_serial(xfr->serial, serial) < 0) 3763 return 1; /* our serial is smaller than the sent serial, 3764 the data is newer, fetch it */ 3765 return 0; 3766} 3767 3768/** note notify serial, updates the notify information in the xfr struct */ 3769static void 3770xfr_note_notify_serial(struct auth_xfer* xfr, int has_serial, uint32_t serial) 3771{ 3772 if(xfr->notify_received && xfr->notify_has_serial && has_serial) { 3773 /* see if this serial is newer */ 3774 if(compare_serial(xfr->notify_serial, serial) < 0) 3775 xfr->notify_serial = serial; 3776 } else if(xfr->notify_received && xfr->notify_has_serial && 3777 !has_serial) { 3778 /* remove serial, we have notify without serial */ 3779 xfr->notify_has_serial = 0; 3780 xfr->notify_serial = 0; 3781 } else if(xfr->notify_received && !xfr->notify_has_serial) { 3782 /* we already have notify without serial, keep it 3783 * that way; no serial check when current operation 3784 * is done */ 3785 } else { 3786 xfr->notify_received = 1; 3787 xfr->notify_has_serial = has_serial; 3788 xfr->notify_serial = serial; 3789 } 3790} 3791 3792/** process a notify serial, start new probe or note serial. xfr is locked */ 3793static void 3794xfr_process_notify(struct auth_xfer* xfr, struct module_env* env, 3795 int has_serial, uint32_t serial, struct auth_master* fromhost) 3796{ 3797 /* if the serial of notify is older than we have, don't fetch 3798 * a zone, we already have it */ 3799 if(has_serial && !xfr_serial_means_update(xfr, serial)) { 3800 lock_basic_unlock(&xfr->lock); 3801 return; 3802 } 3803 /* start new probe with this addr src, or note serial */ 3804 if(!xfr_start_probe(xfr, env, fromhost)) { 3805 /* not started because already in progress, note the serial */ 3806 xfr_note_notify_serial(xfr, has_serial, serial); 3807 lock_basic_unlock(&xfr->lock); 3808 } 3809 /* successful end of start_probe unlocked xfr->lock */ 3810} 3811 3812int auth_zones_notify(struct auth_zones* az, struct module_env* env, 3813 uint8_t* nm, size_t nmlen, uint16_t dclass, 3814 struct sockaddr_storage* addr, socklen_t addrlen, int has_serial, 3815 uint32_t serial, int* refused) 3816{ 3817 struct auth_xfer* xfr; 3818 struct auth_master* fromhost = NULL; 3819 /* see which zone this is */ 3820 lock_rw_rdlock(&az->lock); 3821 xfr = auth_xfer_find(az, nm, nmlen, dclass); 3822 if(!xfr) { 3823 lock_rw_unlock(&az->lock); 3824 /* no such zone, refuse the notify */ 3825 *refused = 1; 3826 return 0; 3827 } 3828 lock_basic_lock(&xfr->lock); 3829 lock_rw_unlock(&az->lock); 3830 3831 /* check access list for notifies */ 3832 if(!az_xfr_allowed_notify(xfr, addr, addrlen, &fromhost)) { 3833 lock_basic_unlock(&xfr->lock); 3834 /* notify not allowed, refuse the notify */ 3835 *refused = 1; 3836 return 0; 3837 } 3838 3839 /* process the notify */ 3840 xfr_process_notify(xfr, env, has_serial, serial, fromhost); 3841 return 1; 3842} 3843 3844int auth_zones_startprobesequence(struct auth_zones* az, 3845 struct module_env* env, uint8_t* nm, size_t nmlen, uint16_t dclass) 3846{ 3847 struct auth_xfer* xfr; 3848 lock_rw_rdlock(&az->lock); 3849 xfr = auth_xfer_find(az, nm, nmlen, dclass); 3850 if(!xfr) { 3851 lock_rw_unlock(&az->lock); 3852 return 0; 3853 } 3854 lock_basic_lock(&xfr->lock); 3855 lock_rw_unlock(&az->lock); 3856 3857 xfr_process_notify(xfr, env, 0, 0, NULL); 3858 return 1; 3859} 3860 3861/** set a zone expired */ 3862static void 3863auth_xfer_set_expired(struct auth_xfer* xfr, struct module_env* env, 3864 int expired) 3865{ 3866 struct auth_zone* z; 3867 3868 /* expire xfr */ 3869 lock_basic_lock(&xfr->lock); 3870 xfr->zone_expired = expired; 3871 lock_basic_unlock(&xfr->lock); 3872 3873 /* find auth_zone */ 3874 lock_rw_rdlock(&env->auth_zones->lock); 3875 z = auth_zone_find(env->auth_zones, xfr->name, xfr->namelen, 3876 xfr->dclass); 3877 if(!z) { 3878 lock_rw_unlock(&env->auth_zones->lock); 3879 return; 3880 } 3881 lock_rw_wrlock(&z->lock); 3882 lock_rw_unlock(&env->auth_zones->lock); 3883 3884 /* expire auth_zone */ 3885 z->zone_expired = expired; 3886 lock_rw_unlock(&z->lock); 3887} 3888 3889/** find master (from notify or probe) in list of masters */ 3890static struct auth_master* 3891find_master_by_host(struct auth_master* list, char* host) 3892{ 3893 struct auth_master* p; 3894 for(p=list; p; p=p->next) { 3895 if(strcmp(p->host, host) == 0) 3896 return p; 3897 } 3898 return NULL; 3899} 3900 3901/** delete the looked up auth_addrs for all the masters in the list */ 3902static void 3903xfr_masterlist_free_addrs(struct auth_master* list) 3904{ 3905 struct auth_master* m; 3906 for(m=list; m; m=m->next) { 3907 if(m->list) { 3908 auth_free_master_addrs(m->list); 3909 m->list = NULL; 3910 } 3911 } 3912} 3913 3914/** copy a list of auth_addrs */ 3915static struct auth_addr* 3916auth_addr_list_copy(struct auth_addr* source) 3917{ 3918 struct auth_addr* list = NULL, *last = NULL; 3919 struct auth_addr* p; 3920 for(p=source; p; p=p->next) { 3921 struct auth_addr* a = (struct auth_addr*)memdup(p, sizeof(*p)); 3922 if(!a) { 3923 log_err("malloc failure"); 3924 auth_free_master_addrs(list); 3925 return NULL; 3926 } 3927 a->next = NULL; 3928 if(last) last->next = a; 3929 if(!list) list = a; 3930 last = a; 3931 } 3932 return list; 3933} 3934 3935/** copy a master to a new structure, NULL on alloc failure */ 3936static struct auth_master* 3937auth_master_copy(struct auth_master* o) 3938{ 3939 struct auth_master* m; 3940 if(!o) return NULL; 3941 m = (struct auth_master*)memdup(o, sizeof(*o)); 3942 if(!m) { 3943 log_err("malloc failure"); 3944 return NULL; 3945 } 3946 m->next = NULL; 3947 if(m->host) { 3948 m->host = strdup(m->host); 3949 if(!m->host) { 3950 free(m); 3951 log_err("malloc failure"); 3952 return NULL; 3953 } 3954 } 3955 if(m->file) { 3956 m->file = strdup(m->file); 3957 if(!m->file) { 3958 free(m->host); 3959 free(m); 3960 log_err("malloc failure"); 3961 return NULL; 3962 } 3963 } 3964 if(m->list) { 3965 m->list = auth_addr_list_copy(m->list); 3966 if(!m->list) { 3967 free(m->file); 3968 free(m->host); 3969 free(m); 3970 return NULL; 3971 } 3972 } 3973 return m; 3974} 3975 3976/** copy the master addresses from the task_probe lookups to the allow_notify 3977 * list of masters */ 3978static void 3979probe_copy_masters_for_allow_notify(struct auth_xfer* xfr) 3980{ 3981 struct auth_master* list = NULL, *last = NULL; 3982 struct auth_master* p; 3983 /* build up new list with copies */ 3984 for(p = xfr->task_transfer->masters; p; p=p->next) { 3985 struct auth_master* m = auth_master_copy(p); 3986 if(!m) { 3987 auth_free_masters(list); 3988 /* failed because of malloc failure, use old list */ 3989 return; 3990 } 3991 m->next = NULL; 3992 if(last) last->next = m; 3993 if(!list) list = m; 3994 last = m; 3995 } 3996 /* success, replace list */ 3997 auth_free_masters(xfr->allow_notify_list); 3998 xfr->allow_notify_list = list; 3999} 4000 4001/** start the lookups for task_transfer */ 4002static void 4003xfr_transfer_start_lookups(struct auth_xfer* xfr) 4004{ 4005 /* delete all the looked up addresses in the list */ 4006 xfr->task_transfer->scan_addr = NULL; 4007 xfr_masterlist_free_addrs(xfr->task_transfer->masters); 4008 4009 /* start lookup at the first master */ 4010 xfr->task_transfer->lookup_target = xfr->task_transfer->masters; 4011 xfr->task_transfer->lookup_aaaa = 0; 4012} 4013 4014/** move to the next lookup of hostname for task_transfer */ 4015static void 4016xfr_transfer_move_to_next_lookup(struct auth_xfer* xfr, struct module_env* env) 4017{ 4018 if(!xfr->task_transfer->lookup_target) 4019 return; /* already at end of list */ 4020 if(!xfr->task_transfer->lookup_aaaa && env->cfg->do_ip6) { 4021 /* move to lookup AAAA */ 4022 xfr->task_transfer->lookup_aaaa = 1; 4023 return; 4024 } 4025 xfr->task_transfer->lookup_target = 4026 xfr->task_transfer->lookup_target->next; 4027 xfr->task_transfer->lookup_aaaa = 0; 4028 if(!env->cfg->do_ip4 && xfr->task_transfer->lookup_target!=NULL) 4029 xfr->task_transfer->lookup_aaaa = 1; 4030} 4031 4032/** start the lookups for task_probe */ 4033static void 4034xfr_probe_start_lookups(struct auth_xfer* xfr) 4035{ 4036 /* delete all the looked up addresses in the list */ 4037 xfr->task_probe->scan_addr = NULL; 4038 xfr_masterlist_free_addrs(xfr->task_probe->masters); 4039 4040 /* start lookup at the first master */ 4041 xfr->task_probe->lookup_target = xfr->task_probe->masters; 4042 xfr->task_probe->lookup_aaaa = 0; 4043} 4044 4045/** move to the next lookup of hostname for task_probe */ 4046static void 4047xfr_probe_move_to_next_lookup(struct auth_xfer* xfr, struct module_env* env) 4048{ 4049 if(!xfr->task_probe->lookup_target) 4050 return; /* already at end of list */ 4051 if(!xfr->task_probe->lookup_aaaa && env->cfg->do_ip6) { 4052 /* move to lookup AAAA */ 4053 xfr->task_probe->lookup_aaaa = 1; 4054 return; 4055 } 4056 xfr->task_probe->lookup_target = xfr->task_probe->lookup_target->next; 4057 xfr->task_probe->lookup_aaaa = 0; 4058 if(!env->cfg->do_ip4 && xfr->task_probe->lookup_target!=NULL) 4059 xfr->task_probe->lookup_aaaa = 1; 4060} 4061 4062/** start the iteration of the task_transfer list of masters */ 4063static void 4064xfr_transfer_start_list(struct auth_xfer* xfr, struct auth_master* spec) 4065{ 4066 if(spec) { 4067 xfr->task_transfer->scan_specific = find_master_by_host( 4068 xfr->task_transfer->masters, spec->host); 4069 if(xfr->task_transfer->scan_specific) { 4070 xfr->task_transfer->scan_target = NULL; 4071 xfr->task_transfer->scan_addr = NULL; 4072 if(xfr->task_transfer->scan_specific->list) 4073 xfr->task_transfer->scan_addr = 4074 xfr->task_transfer->scan_specific->list; 4075 return; 4076 } 4077 } 4078 /* no specific (notified) host to scan */ 4079 xfr->task_transfer->scan_specific = NULL; 4080 xfr->task_transfer->scan_addr = NULL; 4081 /* pick up first scan target */ 4082 xfr->task_transfer->scan_target = xfr->task_transfer->masters; 4083 if(xfr->task_transfer->scan_target && xfr->task_transfer-> 4084 scan_target->list) 4085 xfr->task_transfer->scan_addr = 4086 xfr->task_transfer->scan_target->list; 4087} 4088 4089/** start the iteration of the task_probe list of masters */ 4090static void 4091xfr_probe_start_list(struct auth_xfer* xfr, struct auth_master* spec) 4092{ 4093 if(spec) { 4094 xfr->task_probe->scan_specific = find_master_by_host( 4095 xfr->task_probe->masters, spec->host); 4096 if(xfr->task_probe->scan_specific) { 4097 xfr->task_probe->scan_target = NULL; 4098 xfr->task_probe->scan_addr = NULL; 4099 if(xfr->task_probe->scan_specific->list) 4100 xfr->task_probe->scan_addr = 4101 xfr->task_probe->scan_specific->list; 4102 return; 4103 } 4104 } 4105 /* no specific (notified) host to scan */ 4106 xfr->task_probe->scan_specific = NULL; 4107 xfr->task_probe->scan_addr = NULL; 4108 /* pick up first scan target */ 4109 xfr->task_probe->scan_target = xfr->task_probe->masters; 4110 if(xfr->task_probe->scan_target && xfr->task_probe->scan_target->list) 4111 xfr->task_probe->scan_addr = 4112 xfr->task_probe->scan_target->list; 4113} 4114 4115/** pick up the master that is being scanned right now, task_transfer */ 4116static struct auth_master* 4117xfr_transfer_current_master(struct auth_xfer* xfr) 4118{ 4119 if(xfr->task_transfer->scan_specific) 4120 return xfr->task_transfer->scan_specific; 4121 return xfr->task_transfer->scan_target; 4122} 4123 4124/** pick up the master that is being scanned right now, task_probe */ 4125static struct auth_master* 4126xfr_probe_current_master(struct auth_xfer* xfr) 4127{ 4128 if(xfr->task_probe->scan_specific) 4129 return xfr->task_probe->scan_specific; 4130 return xfr->task_probe->scan_target; 4131} 4132 4133/** true if at end of list, task_transfer */ 4134static int 4135xfr_transfer_end_of_list(struct auth_xfer* xfr) 4136{ 4137 return !xfr->task_transfer->scan_specific && 4138 !xfr->task_transfer->scan_target; 4139} 4140 4141/** true if at end of list, task_probe */ 4142static int 4143xfr_probe_end_of_list(struct auth_xfer* xfr) 4144{ 4145 return !xfr->task_probe->scan_specific && !xfr->task_probe->scan_target; 4146} 4147 4148/** move to next master in list, task_transfer */ 4149static void 4150xfr_transfer_nextmaster(struct auth_xfer* xfr) 4151{ 4152 if(!xfr->task_transfer->scan_specific && 4153 !xfr->task_transfer->scan_target) 4154 return; 4155 if(xfr->task_transfer->scan_addr) { 4156 xfr->task_transfer->scan_addr = 4157 xfr->task_transfer->scan_addr->next; 4158 if(xfr->task_transfer->scan_addr) 4159 return; 4160 } 4161 if(xfr->task_transfer->scan_specific) { 4162 xfr->task_transfer->scan_specific = NULL; 4163 xfr->task_transfer->scan_target = xfr->task_transfer->masters; 4164 if(xfr->task_transfer->scan_target && xfr->task_transfer-> 4165 scan_target->list) 4166 xfr->task_transfer->scan_addr = 4167 xfr->task_transfer->scan_target->list; 4168 return; 4169 } 4170 if(!xfr->task_transfer->scan_target) 4171 return; 4172 xfr->task_transfer->scan_target = xfr->task_transfer->scan_target->next; 4173 if(xfr->task_transfer->scan_target && xfr->task_transfer-> 4174 scan_target->list) 4175 xfr->task_transfer->scan_addr = 4176 xfr->task_transfer->scan_target->list; 4177 return; 4178} 4179 4180/** move to next master in list, task_probe */ 4181static void 4182xfr_probe_nextmaster(struct auth_xfer* xfr) 4183{ 4184 if(!xfr->task_probe->scan_specific && !xfr->task_probe->scan_target) 4185 return; 4186 if(xfr->task_probe->scan_addr) { 4187 xfr->task_probe->scan_addr = xfr->task_probe->scan_addr->next; 4188 if(xfr->task_probe->scan_addr) 4189 return; 4190 } 4191 if(xfr->task_probe->scan_specific) { 4192 xfr->task_probe->scan_specific = NULL; 4193 xfr->task_probe->scan_target = xfr->task_probe->masters; 4194 if(xfr->task_probe->scan_target && xfr->task_probe-> 4195 scan_target->list) 4196 xfr->task_probe->scan_addr = 4197 xfr->task_probe->scan_target->list; 4198 return; 4199 } 4200 if(!xfr->task_probe->scan_target) 4201 return; 4202 xfr->task_probe->scan_target = xfr->task_probe->scan_target->next; 4203 if(xfr->task_probe->scan_target && xfr->task_probe-> 4204 scan_target->list) 4205 xfr->task_probe->scan_addr = 4206 xfr->task_probe->scan_target->list; 4207 return; 4208} 4209 4210/** create SOA probe packet for xfr */ 4211static void 4212xfr_create_soa_probe_packet(struct auth_xfer* xfr, sldns_buffer* buf, 4213 uint16_t id) 4214{ 4215 struct query_info qinfo; 4216 4217 memset(&qinfo, 0, sizeof(qinfo)); 4218 qinfo.qname = xfr->name; 4219 qinfo.qname_len = xfr->namelen; 4220 qinfo.qtype = LDNS_RR_TYPE_SOA; 4221 qinfo.qclass = xfr->dclass; 4222 qinfo_query_encode(buf, &qinfo); 4223 sldns_buffer_write_u16_at(buf, 0, id); 4224} 4225 4226/** create IXFR/AXFR packet for xfr */ 4227static void 4228xfr_create_ixfr_packet(struct auth_xfer* xfr, sldns_buffer* buf, uint16_t id, 4229 struct auth_master* master) 4230{ 4231 struct query_info qinfo; 4232 uint32_t serial; 4233 int have_zone; 4234 have_zone = xfr->have_zone; 4235 serial = xfr->serial; 4236 4237 memset(&qinfo, 0, sizeof(qinfo)); 4238 qinfo.qname = xfr->name; 4239 qinfo.qname_len = xfr->namelen; 4240 xfr->task_transfer->got_xfr_serial = 0; 4241 xfr->task_transfer->rr_scan_num = 0; 4242 xfr->task_transfer->incoming_xfr_serial = 0; 4243 xfr->task_transfer->on_ixfr_is_axfr = 0; 4244 xfr->task_transfer->on_ixfr = 1; 4245 qinfo.qtype = LDNS_RR_TYPE_IXFR; 4246 if(!have_zone || xfr->task_transfer->ixfr_fail || !master->ixfr) { 4247 qinfo.qtype = LDNS_RR_TYPE_AXFR; 4248 xfr->task_transfer->ixfr_fail = 0; 4249 xfr->task_transfer->on_ixfr = 0; 4250 } 4251 4252 qinfo.qclass = xfr->dclass; 4253 qinfo_query_encode(buf, &qinfo); 4254 sldns_buffer_write_u16_at(buf, 0, id); 4255 4256 /* append serial for IXFR */ 4257 if(qinfo.qtype == LDNS_RR_TYPE_IXFR) { 4258 size_t end = sldns_buffer_limit(buf); 4259 sldns_buffer_clear(buf); 4260 sldns_buffer_set_position(buf, end); 4261 /* auth section count 1 */ 4262 sldns_buffer_write_u16_at(buf, LDNS_NSCOUNT_OFF, 1); 4263 /* write SOA */ 4264 sldns_buffer_write_u8(buf, 0xC0); /* compressed ptr to qname */ 4265 sldns_buffer_write_u8(buf, 0x0C); 4266 sldns_buffer_write_u16(buf, LDNS_RR_TYPE_SOA); 4267 sldns_buffer_write_u16(buf, qinfo.qclass); 4268 sldns_buffer_write_u32(buf, 0); /* ttl */ 4269 sldns_buffer_write_u16(buf, 22); /* rdata length */ 4270 sldns_buffer_write_u8(buf, 0); /* . */ 4271 sldns_buffer_write_u8(buf, 0); /* . */ 4272 sldns_buffer_write_u32(buf, serial); /* serial */ 4273 sldns_buffer_write_u32(buf, 0); /* refresh */ 4274 sldns_buffer_write_u32(buf, 0); /* retry */ 4275 sldns_buffer_write_u32(buf, 0); /* expire */ 4276 sldns_buffer_write_u32(buf, 0); /* minimum */ 4277 sldns_buffer_flip(buf); 4278 } 4279} 4280 4281/** check if returned packet is OK */ 4282static int 4283check_packet_ok(sldns_buffer* pkt, uint16_t qtype, struct auth_xfer* xfr, 4284 uint32_t* serial) 4285{ 4286 /* parse to see if packet worked, valid reply */ 4287 4288 /* check serial number of SOA */ 4289 if(sldns_buffer_limit(pkt) < LDNS_HEADER_SIZE) 4290 return 0; 4291 4292 /* check ID */ 4293 if(LDNS_ID_WIRE(sldns_buffer_begin(pkt)) != xfr->task_probe->id) 4294 return 0; 4295 4296 /* check flag bits and rcode */ 4297 if(!LDNS_QR_WIRE(sldns_buffer_begin(pkt))) 4298 return 0; 4299 if(LDNS_OPCODE_WIRE(sldns_buffer_begin(pkt)) != LDNS_PACKET_QUERY) 4300 return 0; 4301 if(LDNS_RCODE_WIRE(sldns_buffer_begin(pkt)) != LDNS_RCODE_NOERROR) 4302 return 0; 4303 4304 /* check qname */ 4305 if(LDNS_QDCOUNT(sldns_buffer_begin(pkt)) != 1) 4306 return 0; 4307 sldns_buffer_skip(pkt, LDNS_HEADER_SIZE); 4308 if(sldns_buffer_remaining(pkt) < xfr->namelen) 4309 return 0; 4310 if(query_dname_compare(sldns_buffer_current(pkt), xfr->name) != 0) 4311 return 0; 4312 sldns_buffer_skip(pkt, (ssize_t)xfr->namelen); 4313 4314 /* check qtype, qclass */ 4315 if(sldns_buffer_remaining(pkt) < 4) 4316 return 0; 4317 if(sldns_buffer_read_u16(pkt) != qtype) 4318 return 0; 4319 if(sldns_buffer_read_u16(pkt) != xfr->dclass) 4320 return 0; 4321 4322 if(serial) { 4323 uint16_t rdlen; 4324 /* read serial number, from answer section SOA */ 4325 if(LDNS_ANCOUNT(sldns_buffer_begin(pkt)) == 0) 4326 return 0; 4327 /* read from first record SOA record */ 4328 if(sldns_buffer_remaining(pkt) < 1) 4329 return 0; 4330 if(dname_pkt_compare(pkt, sldns_buffer_current(pkt), 4331 xfr->name) != 0) 4332 return 0; 4333 if(!pkt_dname_len(pkt)) 4334 return 0; 4335 /* type, class, ttl, rdatalen */ 4336 if(sldns_buffer_remaining(pkt) < 4+4+2) 4337 return 0; 4338 if(sldns_buffer_read_u16(pkt) != qtype) 4339 return 0; 4340 if(sldns_buffer_read_u16(pkt) != xfr->dclass) 4341 return 0; 4342 sldns_buffer_skip(pkt, 4); /* ttl */ 4343 rdlen = sldns_buffer_read_u16(pkt); 4344 if(sldns_buffer_remaining(pkt) < rdlen) 4345 return 0; 4346 if(sldns_buffer_remaining(pkt) < 1) 4347 return 0; 4348 if(!pkt_dname_len(pkt)) /* soa name */ 4349 return 0; 4350 if(sldns_buffer_remaining(pkt) < 1) 4351 return 0; 4352 if(!pkt_dname_len(pkt)) /* soa name */ 4353 return 0; 4354 if(sldns_buffer_remaining(pkt) < 20) 4355 return 0; 4356 *serial = sldns_buffer_read_u32(pkt); 4357 } 4358 return 1; 4359} 4360 4361/** read one line from chunks into buffer at current position */ 4362static int 4363chunkline_get_line(struct auth_chunk** chunk, size_t* chunk_pos, 4364 sldns_buffer* buf) 4365{ 4366 int readsome = 0; 4367 while(*chunk) { 4368 /* more text in this chunk? */ 4369 if(*chunk_pos < (*chunk)->len) { 4370 readsome = 1; 4371 while(*chunk_pos < (*chunk)->len) { 4372 char c = (char)((*chunk)->data[*chunk_pos]); 4373 (*chunk_pos)++; 4374 if(sldns_buffer_remaining(buf) < 2) { 4375 /* buffer too short */ 4376 verbose(VERB_ALGO, "http chunkline, " 4377 "line too long"); 4378 return 0; 4379 } 4380 sldns_buffer_write_u8(buf, (uint8_t)c); 4381 if(c == '\n') { 4382 /* we are done */ 4383 return 1; 4384 } 4385 } 4386 } 4387 /* move to next chunk */ 4388 *chunk = (*chunk)->next; 4389 *chunk_pos = 0; 4390 } 4391 /* no more text */ 4392 if(readsome) return 1; 4393 return 0; 4394} 4395 4396/** count number of open and closed parenthesis in a chunkline */ 4397static int 4398chunkline_count_parens(sldns_buffer* buf, size_t start) 4399{ 4400 size_t end = sldns_buffer_position(buf); 4401 size_t i; 4402 int count = 0; 4403 int squote = 0, dquote = 0; 4404 for(i=start; i<end; i++) { 4405 char c = (char)sldns_buffer_read_u8_at(buf, i); 4406 if(squote && c != '\'') continue; 4407 if(dquote && c != '"') continue; 4408 if(c == '"') 4409 dquote = !dquote; /* skip quoted part */ 4410 else if(c == '\'') 4411 squote = !squote; /* skip quoted part */ 4412 else if(c == '(') 4413 count ++; 4414 else if(c == ')') 4415 count --; 4416 else if(c == ';') { 4417 /* rest is a comment */ 4418 return count; 4419 } 4420 } 4421 return count; 4422} 4423 4424/** remove trailing ;... comment from a line in the chunkline buffer */ 4425static void 4426chunkline_remove_trailcomment(sldns_buffer* buf, size_t start) 4427{ 4428 size_t end = sldns_buffer_position(buf); 4429 size_t i; 4430 int squote = 0, dquote = 0; 4431 for(i=start; i<end; i++) { 4432 char c = (char)sldns_buffer_read_u8_at(buf, i); 4433 if(squote && c != '\'') continue; 4434 if(dquote && c != '"') continue; 4435 if(c == '"') 4436 dquote = !dquote; /* skip quoted part */ 4437 else if(c == '\'') 4438 squote = !squote; /* skip quoted part */ 4439 else if(c == ';') { 4440 /* rest is a comment */ 4441 sldns_buffer_set_position(buf, i); 4442 return; 4443 } 4444 } 4445 /* nothing to remove */ 4446} 4447 4448/** see if a chunkline is a comment line (or empty line) */ 4449static int 4450chunkline_is_comment_line_or_empty(sldns_buffer* buf) 4451{ 4452 size_t i, end = sldns_buffer_limit(buf); 4453 for(i=0; i<end; i++) { 4454 char c = (char)sldns_buffer_read_u8_at(buf, i); 4455 if(c == ';') 4456 return 1; /* comment */ 4457 else if(c != ' ' && c != '\t' && c != '\r' && c != '\n') 4458 return 0; /* not a comment */ 4459 } 4460 return 1; /* empty */ 4461} 4462 4463/** find a line with ( ) collated */ 4464static int 4465chunkline_get_line_collated(struct auth_chunk** chunk, size_t* chunk_pos, 4466 sldns_buffer* buf) 4467{ 4468 size_t pos; 4469 int parens = 0; 4470 sldns_buffer_clear(buf); 4471 pos = sldns_buffer_position(buf); 4472 if(!chunkline_get_line(chunk, chunk_pos, buf)) { 4473 if(sldns_buffer_position(buf) < sldns_buffer_limit(buf)) 4474 sldns_buffer_write_u8_at(buf, sldns_buffer_position(buf), 0); 4475 else sldns_buffer_write_u8_at(buf, sldns_buffer_position(buf)-1, 0); 4476 sldns_buffer_flip(buf); 4477 return 0; 4478 } 4479 parens += chunkline_count_parens(buf, pos); 4480 while(parens > 0) { 4481 chunkline_remove_trailcomment(buf, pos); 4482 pos = sldns_buffer_position(buf); 4483 if(!chunkline_get_line(chunk, chunk_pos, buf)) { 4484 if(sldns_buffer_position(buf) < sldns_buffer_limit(buf)) 4485 sldns_buffer_write_u8_at(buf, sldns_buffer_position(buf), 0); 4486 else sldns_buffer_write_u8_at(buf, sldns_buffer_position(buf)-1, 0); 4487 sldns_buffer_flip(buf); 4488 return 0; 4489 } 4490 parens += chunkline_count_parens(buf, pos); 4491 } 4492 4493 if(sldns_buffer_remaining(buf) < 1) { 4494 verbose(VERB_ALGO, "http chunkline: " 4495 "line too long"); 4496 return 0; 4497 } 4498 sldns_buffer_write_u8_at(buf, sldns_buffer_position(buf), 0); 4499 sldns_buffer_flip(buf); 4500 return 1; 4501} 4502 4503/** process $ORIGIN for http, 0 nothing, 1 done, 2 error */ 4504static int 4505http_parse_origin(sldns_buffer* buf, struct sldns_file_parse_state* pstate) 4506{ 4507 char* line = (char*)sldns_buffer_begin(buf); 4508 if(strncmp(line, "$ORIGIN", 7) == 0 && 4509 isspace((unsigned char)line[7])) { 4510 int s; 4511 pstate->origin_len = sizeof(pstate->origin); 4512 s = sldns_str2wire_dname_buf(sldns_strip_ws(line+8), 4513 pstate->origin, &pstate->origin_len); 4514 if(s) { 4515 pstate->origin_len = 0; 4516 return 2; 4517 } 4518 return 1; 4519 } 4520 return 0; 4521} 4522 4523/** process $TTL for http, 0 nothing, 1 done, 2 error */ 4524static int 4525http_parse_ttl(sldns_buffer* buf, struct sldns_file_parse_state* pstate) 4526{ 4527 char* line = (char*)sldns_buffer_begin(buf); 4528 if(strncmp(line, "$TTL", 4) == 0 && 4529 isspace((unsigned char)line[4])) { 4530 const char* end = NULL; 4531 int overflow = 0; 4532 pstate->default_ttl = sldns_str2period( 4533 sldns_strip_ws(line+5), &end, &overflow); 4534 if(overflow) { 4535 return 2; 4536 } 4537 return 1; 4538 } 4539 return 0; 4540} 4541 4542/** find noncomment RR line in chunks, collates lines if ( ) format */ 4543static int 4544chunkline_non_comment_RR(struct auth_chunk** chunk, size_t* chunk_pos, 4545 sldns_buffer* buf, struct sldns_file_parse_state* pstate) 4546{ 4547 int ret; 4548 while(chunkline_get_line_collated(chunk, chunk_pos, buf)) { 4549 if(chunkline_is_comment_line_or_empty(buf)) { 4550 /* a comment, go to next line */ 4551 continue; 4552 } 4553 if((ret=http_parse_origin(buf, pstate))!=0) { 4554 if(ret == 2) 4555 return 0; 4556 continue; /* $ORIGIN has been handled */ 4557 } 4558 if((ret=http_parse_ttl(buf, pstate))!=0) { 4559 if(ret == 2) 4560 return 0; 4561 continue; /* $TTL has been handled */ 4562 } 4563 return 1; 4564 } 4565 /* no noncomments, fail */ 4566 return 0; 4567} 4568 4569/** check syntax of chunklist zonefile, parse first RR, return false on 4570 * failure and return a string in the scratch buffer (first RR string) 4571 * on failure. */ 4572static int 4573http_zonefile_syntax_check(struct auth_xfer* xfr, sldns_buffer* buf) 4574{ 4575 uint8_t rr[LDNS_RR_BUF_SIZE]; 4576 size_t rr_len, dname_len = 0; 4577 struct sldns_file_parse_state pstate; 4578 struct auth_chunk* chunk; 4579 size_t chunk_pos; 4580 int e; 4581 memset(&pstate, 0, sizeof(pstate)); 4582 pstate.default_ttl = 3600; 4583 if(xfr->namelen < sizeof(pstate.origin)) { 4584 pstate.origin_len = xfr->namelen; 4585 memmove(pstate.origin, xfr->name, xfr->namelen); 4586 } 4587 chunk = xfr->task_transfer->chunks_first; 4588 chunk_pos = 0; 4589 if(!chunkline_non_comment_RR(&chunk, &chunk_pos, buf, &pstate)) { 4590 return 0; 4591 } 4592 rr_len = sizeof(rr); 4593 e=sldns_str2wire_rr_buf((char*)sldns_buffer_begin(buf), rr, &rr_len, 4594 &dname_len, pstate.default_ttl, 4595 pstate.origin_len?pstate.origin:NULL, pstate.origin_len, 4596 pstate.prev_rr_len?pstate.prev_rr:NULL, pstate.prev_rr_len); 4597 if(e != 0) { 4598 log_err("parse failure on first RR[%d]: %s", 4599 LDNS_WIREPARSE_OFFSET(e), 4600 sldns_get_errorstr_parse(LDNS_WIREPARSE_ERROR(e))); 4601 return 0; 4602 } 4603 /* check that class is correct */ 4604 if(sldns_wirerr_get_class(rr, rr_len, dname_len) != xfr->dclass) { 4605 log_err("parse failure: first record in downloaded zonefile " 4606 "from wrong RR class"); 4607 return 0; 4608 } 4609 return 1; 4610} 4611 4612/** sum sizes of chunklist */ 4613static size_t 4614chunklist_sum(struct auth_chunk* list) 4615{ 4616 struct auth_chunk* p; 4617 size_t s = 0; 4618 for(p=list; p; p=p->next) { 4619 s += p->len; 4620 } 4621 return s; 4622} 4623 4624/** remove newlines from collated line */ 4625static void 4626chunkline_newline_removal(sldns_buffer* buf) 4627{ 4628 size_t i, end=sldns_buffer_limit(buf); 4629 for(i=0; i<end; i++) { 4630 char c = (char)sldns_buffer_read_u8_at(buf, i); 4631 if(c == '\n' && i==end-1) { 4632 sldns_buffer_write_u8_at(buf, i, 0); 4633 sldns_buffer_set_limit(buf, end-1); 4634 return; 4635 } 4636 if(c == '\n') 4637 sldns_buffer_write_u8_at(buf, i, (uint8_t)' '); 4638 } 4639} 4640 4641/** for http download, parse and add RR to zone */ 4642static int 4643http_parse_add_rr(struct auth_xfer* xfr, struct auth_zone* z, 4644 sldns_buffer* buf, struct sldns_file_parse_state* pstate) 4645{ 4646 uint8_t rr[LDNS_RR_BUF_SIZE]; 4647 size_t rr_len, dname_len = 0; 4648 int e; 4649 char* line = (char*)sldns_buffer_begin(buf); 4650 rr_len = sizeof(rr); 4651 e = sldns_str2wire_rr_buf(line, rr, &rr_len, &dname_len, 4652 pstate->default_ttl, 4653 pstate->origin_len?pstate->origin:NULL, pstate->origin_len, 4654 pstate->prev_rr_len?pstate->prev_rr:NULL, pstate->prev_rr_len); 4655 if(e != 0) { 4656 log_err("%s/%s parse failure RR[%d]: %s in '%s'", 4657 xfr->task_transfer->master->host, 4658 xfr->task_transfer->master->file, 4659 LDNS_WIREPARSE_OFFSET(e), 4660 sldns_get_errorstr_parse(LDNS_WIREPARSE_ERROR(e)), 4661 line); 4662 return 0; 4663 } 4664 if(rr_len == 0) 4665 return 1; /* empty line or so */ 4666 4667 /* set prev */ 4668 if(dname_len < sizeof(pstate->prev_rr)) { 4669 memmove(pstate->prev_rr, rr, dname_len); 4670 pstate->prev_rr_len = dname_len; 4671 } 4672 4673 return az_insert_rr(z, rr, rr_len, dname_len, NULL); 4674} 4675 4676/** RR list iterator, returns RRs from answer section one by one from the 4677 * dns packets in the chunklist */ 4678static void 4679chunk_rrlist_start(struct auth_xfer* xfr, struct auth_chunk** rr_chunk, 4680 int* rr_num, size_t* rr_pos) 4681{ 4682 *rr_chunk = xfr->task_transfer->chunks_first; 4683 *rr_num = 0; 4684 *rr_pos = 0; 4685} 4686 4687/** RR list iterator, see if we are at the end of the list */ 4688static int 4689chunk_rrlist_end(struct auth_chunk* rr_chunk, int rr_num) 4690{ 4691 while(rr_chunk) { 4692 if(rr_chunk->len < LDNS_HEADER_SIZE) 4693 return 1; 4694 if(rr_num < (int)LDNS_ANCOUNT(rr_chunk->data)) 4695 return 0; 4696 /* no more RRs in this chunk */ 4697 /* continue with next chunk, see if it has RRs */ 4698 rr_chunk = rr_chunk->next; 4699 rr_num = 0; 4700 } 4701 return 1; 4702} 4703 4704/** RR list iterator, move to next RR */ 4705static void 4706chunk_rrlist_gonext(struct auth_chunk** rr_chunk, int* rr_num, 4707 size_t* rr_pos, size_t rr_nextpos) 4708{ 4709 /* already at end of chunks? */ 4710 if(!*rr_chunk) 4711 return; 4712 /* move within this chunk */ 4713 if((*rr_chunk)->len >= LDNS_HEADER_SIZE && 4714 (*rr_num)+1 < (int)LDNS_ANCOUNT((*rr_chunk)->data)) { 4715 (*rr_num) += 1; 4716 *rr_pos = rr_nextpos; 4717 return; 4718 } 4719 /* no more RRs in this chunk */ 4720 /* continue with next chunk, see if it has RRs */ 4721 if(*rr_chunk) 4722 *rr_chunk = (*rr_chunk)->next; 4723 while(*rr_chunk) { 4724 *rr_num = 0; 4725 *rr_pos = 0; 4726 if((*rr_chunk)->len >= LDNS_HEADER_SIZE && 4727 LDNS_ANCOUNT((*rr_chunk)->data) > 0) { 4728 return; 4729 } 4730 *rr_chunk = (*rr_chunk)->next; 4731 } 4732} 4733 4734/** RR iterator, get current RR information, false on parse error */ 4735static int 4736chunk_rrlist_get_current(struct auth_chunk* rr_chunk, int rr_num, 4737 size_t rr_pos, uint8_t** rr_dname, uint16_t* rr_type, 4738 uint16_t* rr_class, uint32_t* rr_ttl, uint16_t* rr_rdlen, 4739 uint8_t** rr_rdata, size_t* rr_nextpos) 4740{ 4741 sldns_buffer pkt; 4742 /* integrity checks on position */ 4743 if(!rr_chunk) return 0; 4744 if(rr_chunk->len < LDNS_HEADER_SIZE) return 0; 4745 if(rr_num >= (int)LDNS_ANCOUNT(rr_chunk->data)) return 0; 4746 if(rr_pos >= rr_chunk->len) return 0; 4747 4748 /* fetch rr information */ 4749 sldns_buffer_init_frm_data(&pkt, rr_chunk->data, rr_chunk->len); 4750 if(rr_pos == 0) { 4751 size_t i; 4752 /* skip question section */ 4753 sldns_buffer_set_position(&pkt, LDNS_HEADER_SIZE); 4754 for(i=0; i<LDNS_QDCOUNT(rr_chunk->data); i++) { 4755 if(pkt_dname_len(&pkt) == 0) return 0; 4756 if(sldns_buffer_remaining(&pkt) < 4) return 0; 4757 sldns_buffer_skip(&pkt, 4); /* type and class */ 4758 } 4759 } else { 4760 sldns_buffer_set_position(&pkt, rr_pos); 4761 } 4762 *rr_dname = sldns_buffer_current(&pkt); 4763 if(pkt_dname_len(&pkt) == 0) return 0; 4764 if(sldns_buffer_remaining(&pkt) < 10) return 0; 4765 *rr_type = sldns_buffer_read_u16(&pkt); 4766 *rr_class = sldns_buffer_read_u16(&pkt); 4767 *rr_ttl = sldns_buffer_read_u32(&pkt); 4768 *rr_rdlen = sldns_buffer_read_u16(&pkt); 4769 if(sldns_buffer_remaining(&pkt) < (*rr_rdlen)) return 0; 4770 *rr_rdata = sldns_buffer_current(&pkt); 4771 sldns_buffer_skip(&pkt, (ssize_t)(*rr_rdlen)); 4772 *rr_nextpos = sldns_buffer_position(&pkt); 4773 return 1; 4774} 4775 4776/** print log message where we are in parsing the zone transfer */ 4777static void 4778log_rrlist_position(const char* label, struct auth_chunk* rr_chunk, 4779 uint8_t* rr_dname, uint16_t rr_type, size_t rr_counter) 4780{ 4781 sldns_buffer pkt; 4782 size_t dlen; 4783 uint8_t buf[256]; 4784 char str[256]; 4785 char typestr[32]; 4786 sldns_buffer_init_frm_data(&pkt, rr_chunk->data, rr_chunk->len); 4787 sldns_buffer_set_position(&pkt, (size_t)(rr_dname - 4788 sldns_buffer_begin(&pkt))); 4789 if((dlen=pkt_dname_len(&pkt)) == 0) return; 4790 if(dlen >= sizeof(buf)) return; 4791 dname_pkt_copy(&pkt, buf, rr_dname); 4792 dname_str(buf, str); 4793 (void)sldns_wire2str_type_buf(rr_type, typestr, sizeof(typestr)); 4794 verbose(VERB_ALGO, "%s at[%d] %s %s", label, (int)rr_counter, 4795 str, typestr); 4796} 4797 4798/** check that start serial is OK for ixfr. we are at rr_counter == 0, 4799 * and we are going to check rr_counter == 1 (has to be type SOA) serial */ 4800static int 4801ixfr_start_serial(struct auth_chunk* rr_chunk, int rr_num, size_t rr_pos, 4802 uint8_t* rr_dname, uint16_t rr_type, uint16_t rr_class, 4803 uint32_t rr_ttl, uint16_t rr_rdlen, uint8_t* rr_rdata, 4804 size_t rr_nextpos, uint32_t transfer_serial, uint32_t xfr_serial) 4805{ 4806 uint32_t startserial; 4807 /* move forward on RR */ 4808 chunk_rrlist_gonext(&rr_chunk, &rr_num, &rr_pos, rr_nextpos); 4809 if(chunk_rrlist_end(rr_chunk, rr_num)) { 4810 /* no second SOA */ 4811 verbose(VERB_OPS, "IXFR has no second SOA record"); 4812 return 0; 4813 } 4814 if(!chunk_rrlist_get_current(rr_chunk, rr_num, rr_pos, 4815 &rr_dname, &rr_type, &rr_class, &rr_ttl, &rr_rdlen, 4816 &rr_rdata, &rr_nextpos)) { 4817 verbose(VERB_OPS, "IXFR cannot parse second SOA record"); 4818 /* failed to parse RR */ 4819 return 0; 4820 } 4821 if(rr_type != LDNS_RR_TYPE_SOA) { 4822 verbose(VERB_OPS, "IXFR second record is not type SOA"); 4823 return 0; 4824 } 4825 if(rr_rdlen < 22) { 4826 verbose(VERB_OPS, "IXFR, second SOA has short rdlength"); 4827 return 0; /* bad SOA rdlen */ 4828 } 4829 startserial = sldns_read_uint32(rr_rdata+rr_rdlen-20); 4830 if(startserial == transfer_serial) { 4831 /* empty AXFR, not an IXFR */ 4832 verbose(VERB_OPS, "IXFR second serial same as first"); 4833 return 0; 4834 } 4835 if(startserial != xfr_serial) { 4836 /* wrong start serial, it does not match the serial in 4837 * memory */ 4838 verbose(VERB_OPS, "IXFR is from serial %u to %u but %u " 4839 "in memory, rejecting the zone transfer", 4840 (unsigned)startserial, (unsigned)transfer_serial, 4841 (unsigned)xfr_serial); 4842 return 0; 4843 } 4844 /* everything OK in second SOA serial */ 4845 return 1; 4846} 4847 4848/** apply IXFR to zone in memory. z is locked. false on failure(mallocfail) */ 4849static int 4850apply_ixfr(struct auth_xfer* xfr, struct auth_zone* z, 4851 struct sldns_buffer* scratch_buffer) 4852{ 4853 struct auth_chunk* rr_chunk; 4854 int rr_num; 4855 size_t rr_pos; 4856 uint8_t* rr_dname, *rr_rdata; 4857 uint16_t rr_type, rr_class, rr_rdlen; 4858 uint32_t rr_ttl; 4859 size_t rr_nextpos; 4860 int have_transfer_serial = 0; 4861 uint32_t transfer_serial = 0; 4862 size_t rr_counter = 0; 4863 int delmode = 0; 4864 int softfail = 0; 4865 4866 /* start RR iterator over chunklist of packets */ 4867 chunk_rrlist_start(xfr, &rr_chunk, &rr_num, &rr_pos); 4868 while(!chunk_rrlist_end(rr_chunk, rr_num)) { 4869 if(!chunk_rrlist_get_current(rr_chunk, rr_num, rr_pos, 4870 &rr_dname, &rr_type, &rr_class, &rr_ttl, &rr_rdlen, 4871 &rr_rdata, &rr_nextpos)) { 4872 /* failed to parse RR */ 4873 return 0; 4874 } 4875 if(verbosity>=7) log_rrlist_position("apply ixfr", 4876 rr_chunk, rr_dname, rr_type, rr_counter); 4877 /* twiddle add/del mode and check for start and end */ 4878 if(rr_counter == 0 && rr_type != LDNS_RR_TYPE_SOA) 4879 return 0; 4880 if(rr_counter == 1 && rr_type != LDNS_RR_TYPE_SOA) { 4881 /* this is an AXFR returned from the IXFR master */ 4882 /* but that should already have been detected, by 4883 * on_ixfr_is_axfr */ 4884 return 0; 4885 } 4886 if(rr_type == LDNS_RR_TYPE_SOA) { 4887 uint32_t serial; 4888 if(rr_rdlen < 22) return 0; /* bad SOA rdlen */ 4889 serial = sldns_read_uint32(rr_rdata+rr_rdlen-20); 4890 if(have_transfer_serial == 0) { 4891 have_transfer_serial = 1; 4892 transfer_serial = serial; 4893 delmode = 1; /* gets negated below */ 4894 /* check second RR before going any further */ 4895 if(!ixfr_start_serial(rr_chunk, rr_num, rr_pos, 4896 rr_dname, rr_type, rr_class, rr_ttl, 4897 rr_rdlen, rr_rdata, rr_nextpos, 4898 transfer_serial, xfr->serial)) { 4899 return 0; 4900 } 4901 } else if(transfer_serial == serial) { 4902 have_transfer_serial++; 4903 if(rr_counter == 1) { 4904 /* empty AXFR, with SOA; SOA; */ 4905 /* should have been detected by 4906 * on_ixfr_is_axfr */ 4907 return 0; 4908 } 4909 if(have_transfer_serial == 3) { 4910 /* see serial three times for end */ 4911 /* eg. IXFR: 4912 * SOA 3 start 4913 * SOA 1 second RR, followed by del 4914 * SOA 2 followed by add 4915 * SOA 2 followed by del 4916 * SOA 3 followed by add 4917 * SOA 3 end */ 4918 /* ended by SOA record */ 4919 xfr->serial = transfer_serial; 4920 break; 4921 } 4922 } 4923 /* twiddle add/del mode */ 4924 /* switch from delete part to add part and back again 4925 * just before the soa, it gets deleted and added too 4926 * this means we switch to delete mode for the final 4927 * SOA(so skip that one) */ 4928 delmode = !delmode; 4929 } 4930 /* process this RR */ 4931 /* if the RR is deleted twice or added twice, then we 4932 * softfail, and continue with the rest of the IXFR, so 4933 * that we serve something fairly nice during the refetch */ 4934 if(verbosity>=7) log_rrlist_position((delmode?"del":"add"), 4935 rr_chunk, rr_dname, rr_type, rr_counter); 4936 if(delmode) { 4937 /* delete this RR */ 4938 int nonexist = 0; 4939 if(!az_remove_rr_decompress(z, rr_chunk->data, 4940 rr_chunk->len, scratch_buffer, rr_dname, 4941 rr_type, rr_class, rr_ttl, rr_rdata, rr_rdlen, 4942 &nonexist)) { 4943 /* failed, malloc error or so */ 4944 return 0; 4945 } 4946 if(nonexist) { 4947 /* it was removal of a nonexisting RR */ 4948 if(verbosity>=4) log_rrlist_position( 4949 "IXFR error nonexistent RR", 4950 rr_chunk, rr_dname, rr_type, rr_counter); 4951 softfail = 1; 4952 } 4953 } else if(rr_counter != 0) { 4954 /* skip first SOA RR for addition, it is added in 4955 * the addition part near the end of the ixfr, when 4956 * that serial is seen the second time. */ 4957 int duplicate = 0; 4958 /* add this RR */ 4959 if(!az_insert_rr_decompress(z, rr_chunk->data, 4960 rr_chunk->len, scratch_buffer, rr_dname, 4961 rr_type, rr_class, rr_ttl, rr_rdata, rr_rdlen, 4962 &duplicate)) { 4963 /* failed, malloc error or so */ 4964 return 0; 4965 } 4966 if(duplicate) { 4967 /* it was a duplicate */ 4968 if(verbosity>=4) log_rrlist_position( 4969 "IXFR error duplicate RR", 4970 rr_chunk, rr_dname, rr_type, rr_counter); 4971 softfail = 1; 4972 } 4973 } 4974 4975 rr_counter++; 4976 chunk_rrlist_gonext(&rr_chunk, &rr_num, &rr_pos, rr_nextpos); 4977 } 4978 if(softfail) { 4979 verbose(VERB_ALGO, "IXFR did not apply cleanly, fetching full zone"); 4980 return 0; 4981 } 4982 return 1; 4983} 4984 4985/** apply AXFR to zone in memory. z is locked. false on failure(mallocfail) */ 4986static int 4987apply_axfr(struct auth_xfer* xfr, struct auth_zone* z, 4988 struct sldns_buffer* scratch_buffer) 4989{ 4990 struct auth_chunk* rr_chunk; 4991 int rr_num; 4992 size_t rr_pos; 4993 uint8_t* rr_dname, *rr_rdata; 4994 uint16_t rr_type, rr_class, rr_rdlen; 4995 uint32_t rr_ttl; 4996 uint32_t serial = 0; 4997 size_t rr_nextpos; 4998 size_t rr_counter = 0; 4999 int have_end_soa = 0; 5000 5001 /* clear the data tree */ 5002 traverse_postorder(&z->data, auth_data_del, NULL); 5003 rbtree_init(&z->data, &auth_data_cmp); 5004 /* clear the RPZ policies */ 5005 if(z->rpz) 5006 rpz_clear(z->rpz); 5007 5008 xfr->have_zone = 0; 5009 xfr->serial = 0; 5010 5011 /* insert all RRs in to the zone */ 5012 /* insert the SOA only once, skip the last one */ 5013 /* start RR iterator over chunklist of packets */ 5014 chunk_rrlist_start(xfr, &rr_chunk, &rr_num, &rr_pos); 5015 while(!chunk_rrlist_end(rr_chunk, rr_num)) { 5016 if(!chunk_rrlist_get_current(rr_chunk, rr_num, rr_pos, 5017 &rr_dname, &rr_type, &rr_class, &rr_ttl, &rr_rdlen, 5018 &rr_rdata, &rr_nextpos)) { 5019 /* failed to parse RR */ 5020 return 0; 5021 } 5022 if(verbosity>=7) log_rrlist_position("apply_axfr", 5023 rr_chunk, rr_dname, rr_type, rr_counter); 5024 if(rr_type == LDNS_RR_TYPE_SOA) { 5025 if(rr_counter != 0) { 5026 /* end of the axfr */ 5027 have_end_soa = 1; 5028 break; 5029 } 5030 if(rr_rdlen < 22) return 0; /* bad SOA rdlen */ 5031 serial = sldns_read_uint32(rr_rdata+rr_rdlen-20); 5032 } 5033 5034 /* add this RR */ 5035 if(!az_insert_rr_decompress(z, rr_chunk->data, rr_chunk->len, 5036 scratch_buffer, rr_dname, rr_type, rr_class, rr_ttl, 5037 rr_rdata, rr_rdlen, NULL)) { 5038 /* failed, malloc error or so */ 5039 return 0; 5040 } 5041 5042 rr_counter++; 5043 chunk_rrlist_gonext(&rr_chunk, &rr_num, &rr_pos, rr_nextpos); 5044 } 5045 if(!have_end_soa) { 5046 log_err("no end SOA record for AXFR"); 5047 return 0; 5048 } 5049 5050 xfr->serial = serial; 5051 xfr->have_zone = 1; 5052 return 1; 5053} 5054 5055/** apply HTTP to zone in memory. z is locked. false on failure(mallocfail) */ 5056static int 5057apply_http(struct auth_xfer* xfr, struct auth_zone* z, 5058 struct sldns_buffer* scratch_buffer) 5059{ 5060 /* parse data in chunks */ 5061 /* parse RR's and read into memory. ignore $INCLUDE from the 5062 * downloaded file*/ 5063 struct sldns_file_parse_state pstate; 5064 struct auth_chunk* chunk; 5065 size_t chunk_pos; 5066 int ret; 5067 memset(&pstate, 0, sizeof(pstate)); 5068 pstate.default_ttl = 3600; 5069 if(xfr->namelen < sizeof(pstate.origin)) { 5070 pstate.origin_len = xfr->namelen; 5071 memmove(pstate.origin, xfr->name, xfr->namelen); 5072 } 5073 5074 if(verbosity >= VERB_ALGO) 5075 verbose(VERB_ALGO, "http download %s of size %d", 5076 xfr->task_transfer->master->file, 5077 (int)chunklist_sum(xfr->task_transfer->chunks_first)); 5078 if(xfr->task_transfer->chunks_first && verbosity >= VERB_ALGO) { 5079 char preview[1024]; 5080 if(xfr->task_transfer->chunks_first->len+1 > sizeof(preview)) { 5081 memmove(preview, xfr->task_transfer->chunks_first->data, 5082 sizeof(preview)-1); 5083 preview[sizeof(preview)-1]=0; 5084 } else { 5085 memmove(preview, xfr->task_transfer->chunks_first->data, 5086 xfr->task_transfer->chunks_first->len); 5087 preview[xfr->task_transfer->chunks_first->len]=0; 5088 } 5089 log_info("auth zone http downloaded content preview: %s", 5090 preview); 5091 } 5092 5093 /* perhaps a little syntax check before we try to apply the data? */ 5094 if(!http_zonefile_syntax_check(xfr, scratch_buffer)) { 5095 log_err("http download %s/%s does not contain a zonefile, " 5096 "but got '%s'", xfr->task_transfer->master->host, 5097 xfr->task_transfer->master->file, 5098 sldns_buffer_begin(scratch_buffer)); 5099 return 0; 5100 } 5101 5102 /* clear the data tree */ 5103 traverse_postorder(&z->data, auth_data_del, NULL); 5104 rbtree_init(&z->data, &auth_data_cmp); 5105 /* clear the RPZ policies */ 5106 if(z->rpz) 5107 rpz_clear(z->rpz); 5108 5109 xfr->have_zone = 0; 5110 xfr->serial = 0; 5111 5112 chunk = xfr->task_transfer->chunks_first; 5113 chunk_pos = 0; 5114 pstate.lineno = 0; 5115 while(chunkline_get_line_collated(&chunk, &chunk_pos, scratch_buffer)) { 5116 /* process this line */ 5117 pstate.lineno++; 5118 chunkline_newline_removal(scratch_buffer); 5119 if(chunkline_is_comment_line_or_empty(scratch_buffer)) { 5120 continue; 5121 } 5122 /* parse line and add RR */ 5123 if((ret=http_parse_origin(scratch_buffer, &pstate))!=0) { 5124 if(ret == 2) { 5125 verbose(VERB_ALGO, "error parsing ORIGIN on line [%s:%d] %s", 5126 xfr->task_transfer->master->file, 5127 pstate.lineno, 5128 sldns_buffer_begin(scratch_buffer)); 5129 return 0; 5130 } 5131 continue; /* $ORIGIN has been handled */ 5132 } 5133 if((ret=http_parse_ttl(scratch_buffer, &pstate))!=0) { 5134 if(ret == 2) { 5135 verbose(VERB_ALGO, "error parsing TTL on line [%s:%d] %s", 5136 xfr->task_transfer->master->file, 5137 pstate.lineno, 5138 sldns_buffer_begin(scratch_buffer)); 5139 return 0; 5140 } 5141 continue; /* $TTL has been handled */ 5142 } 5143 if(!http_parse_add_rr(xfr, z, scratch_buffer, &pstate)) { 5144 verbose(VERB_ALGO, "error parsing line [%s:%d] %s", 5145 xfr->task_transfer->master->file, 5146 pstate.lineno, 5147 sldns_buffer_begin(scratch_buffer)); 5148 return 0; 5149 } 5150 } 5151 return 1; 5152} 5153 5154/** write http chunks to zonefile to create downloaded file */ 5155static int 5156auth_zone_write_chunks(struct auth_xfer* xfr, const char* fname) 5157{ 5158 FILE* out; 5159 struct auth_chunk* p; 5160 out = fopen(fname, "w"); 5161 if(!out) { 5162 log_err("could not open %s: %s", fname, strerror(errno)); 5163 return 0; 5164 } 5165 for(p = xfr->task_transfer->chunks_first; p ; p = p->next) { 5166 if(!write_out(out, (char*)p->data, p->len)) { 5167 log_err("could not write http download to %s", fname); 5168 fclose(out); 5169 return 0; 5170 } 5171 } 5172 fclose(out); 5173 return 1; 5174} 5175 5176/** write to zonefile after zone has been updated */ 5177static void 5178xfr_write_after_update(struct auth_xfer* xfr, struct module_env* env) 5179{ 5180 struct config_file* cfg = env->cfg; 5181 struct auth_zone* z; 5182 char tmpfile[1024]; 5183 char* zfilename; 5184 lock_basic_unlock(&xfr->lock); 5185 5186 /* get lock again, so it is a readlock and concurrently queries 5187 * can be answered */ 5188 lock_rw_rdlock(&env->auth_zones->lock); 5189 z = auth_zone_find(env->auth_zones, xfr->name, xfr->namelen, 5190 xfr->dclass); 5191 if(!z) { 5192 lock_rw_unlock(&env->auth_zones->lock); 5193 /* the zone is gone, ignore xfr results */ 5194 lock_basic_lock(&xfr->lock); 5195 return; 5196 } 5197 lock_rw_rdlock(&z->lock); 5198 lock_basic_lock(&xfr->lock); 5199 lock_rw_unlock(&env->auth_zones->lock); 5200 5201 if(z->zonefile == NULL || z->zonefile[0] == 0) { 5202 lock_rw_unlock(&z->lock); 5203 /* no write needed, no zonefile set */ 5204 return; 5205 } 5206 zfilename = z->zonefile; 5207 if(cfg->chrootdir && cfg->chrootdir[0] && strncmp(zfilename, 5208 cfg->chrootdir, strlen(cfg->chrootdir)) == 0) 5209 zfilename += strlen(cfg->chrootdir); 5210 if(verbosity >= VERB_ALGO) { 5211 char nm[255+1]; 5212 dname_str(z->name, nm); 5213 verbose(VERB_ALGO, "write zonefile %s for %s", zfilename, nm); 5214 } 5215 5216 /* write to tempfile first */ 5217 if((size_t)strlen(zfilename) + 16 > sizeof(tmpfile)) { 5218 verbose(VERB_ALGO, "tmpfilename too long, cannot update " 5219 " zonefile %s", zfilename); 5220 lock_rw_unlock(&z->lock); 5221 return; 5222 } 5223 snprintf(tmpfile, sizeof(tmpfile), "%s.tmp%u", zfilename, 5224 (unsigned)getpid()); 5225 if(xfr->task_transfer->master->http) { 5226 /* use the stored chunk list to write them */ 5227 if(!auth_zone_write_chunks(xfr, tmpfile)) { 5228 unlink(tmpfile); 5229 lock_rw_unlock(&z->lock); 5230 return; 5231 } 5232 } else if(!auth_zone_write_file(z, tmpfile)) { 5233 unlink(tmpfile); 5234 lock_rw_unlock(&z->lock); 5235 return; 5236 } 5237#ifdef UB_ON_WINDOWS 5238 (void)unlink(zfilename); /* windows does not replace file with rename() */ 5239#endif 5240 if(rename(tmpfile, zfilename) < 0) { 5241 log_err("could not rename(%s, %s): %s", tmpfile, zfilename, 5242 strerror(errno)); 5243 unlink(tmpfile); 5244 lock_rw_unlock(&z->lock); 5245 return; 5246 } 5247 lock_rw_unlock(&z->lock); 5248} 5249 5250/** reacquire locks and structures. Starts with no locks, ends 5251 * with xfr and z locks, if fail, no z lock */ 5252static int xfr_process_reacquire_locks(struct auth_xfer* xfr, 5253 struct module_env* env, struct auth_zone** z) 5254{ 5255 /* release xfr lock, then, while holding az->lock grab both 5256 * z->lock and xfr->lock */ 5257 lock_rw_rdlock(&env->auth_zones->lock); 5258 *z = auth_zone_find(env->auth_zones, xfr->name, xfr->namelen, 5259 xfr->dclass); 5260 if(!*z) { 5261 lock_rw_unlock(&env->auth_zones->lock); 5262 lock_basic_lock(&xfr->lock); 5263 *z = NULL; 5264 return 0; 5265 } 5266 lock_rw_wrlock(&(*z)->lock); 5267 lock_basic_lock(&xfr->lock); 5268 lock_rw_unlock(&env->auth_zones->lock); 5269 return 1; 5270} 5271 5272/** process chunk list and update zone in memory, 5273 * return false if it did not work */ 5274static int 5275xfr_process_chunk_list(struct auth_xfer* xfr, struct module_env* env, 5276 int* ixfr_fail) 5277{ 5278 struct auth_zone* z; 5279 5280 /* obtain locks and structures */ 5281 lock_basic_unlock(&xfr->lock); 5282 if(!xfr_process_reacquire_locks(xfr, env, &z)) { 5283 /* the zone is gone, ignore xfr results */ 5284 return 0; 5285 } 5286 /* holding xfr and z locks */ 5287 5288 /* apply data */ 5289 if(xfr->task_transfer->master->http) { 5290 if(!apply_http(xfr, z, env->scratch_buffer)) { 5291 lock_rw_unlock(&z->lock); 5292 verbose(VERB_ALGO, "http from %s: could not store data", 5293 xfr->task_transfer->master->host); 5294 return 0; 5295 } 5296 } else if(xfr->task_transfer->on_ixfr && 5297 !xfr->task_transfer->on_ixfr_is_axfr) { 5298 if(!apply_ixfr(xfr, z, env->scratch_buffer)) { 5299 lock_rw_unlock(&z->lock); 5300 verbose(VERB_ALGO, "xfr from %s: could not store IXFR" 5301 " data", xfr->task_transfer->master->host); 5302 *ixfr_fail = 1; 5303 return 0; 5304 } 5305 } else { 5306 if(!apply_axfr(xfr, z, env->scratch_buffer)) { 5307 lock_rw_unlock(&z->lock); 5308 verbose(VERB_ALGO, "xfr from %s: could not store AXFR" 5309 " data", xfr->task_transfer->master->host); 5310 return 0; 5311 } 5312 } 5313 xfr->zone_expired = 0; 5314 z->zone_expired = 0; 5315 if(!xfr_find_soa(z, xfr)) { 5316 lock_rw_unlock(&z->lock); 5317 verbose(VERB_ALGO, "xfr from %s: no SOA in zone after update" 5318 " (or malformed RR)", xfr->task_transfer->master->host); 5319 return 0; 5320 } 5321 5322 /* release xfr lock while verifying zonemd because it may have 5323 * to spawn lookups in the state machines */ 5324 lock_basic_unlock(&xfr->lock); 5325 /* holding z lock */ 5326 auth_zone_verify_zonemd(z, env, &env->mesh->mods, NULL, 0, 0); 5327 if(z->zone_expired) { 5328 char zname[256]; 5329 /* ZONEMD must have failed */ 5330 /* reacquire locks, so we hold xfr lock on exit of routine, 5331 * and both xfr and z again after releasing xfr for potential 5332 * state machine mesh callbacks */ 5333 lock_rw_unlock(&z->lock); 5334 if(!xfr_process_reacquire_locks(xfr, env, &z)) 5335 return 0; 5336 dname_str(xfr->name, zname); 5337 verbose(VERB_ALGO, "xfr from %s: ZONEMD failed for %s, transfer is failed", xfr->task_transfer->master->host, zname); 5338 xfr->zone_expired = 1; 5339 lock_rw_unlock(&z->lock); 5340 return 0; 5341 } 5342 /* reacquire locks, so we hold xfr lock on exit of routine, 5343 * and both xfr and z again after releasing xfr for potential 5344 * state machine mesh callbacks */ 5345 lock_rw_unlock(&z->lock); 5346 if(!xfr_process_reacquire_locks(xfr, env, &z)) 5347 return 0; 5348 /* holding xfr and z locks */ 5349 5350 if(xfr->have_zone) 5351 xfr->lease_time = *env->now; 5352 5353 if(z->rpz) 5354 rpz_finish_config(z->rpz); 5355 5356 /* unlock */ 5357 lock_rw_unlock(&z->lock); 5358 5359 if(verbosity >= VERB_QUERY && xfr->have_zone) { 5360 char zname[256]; 5361 dname_str(xfr->name, zname); 5362 verbose(VERB_QUERY, "auth zone %s updated to serial %u", zname, 5363 (unsigned)xfr->serial); 5364 } 5365 /* see if we need to write to a zonefile */ 5366 xfr_write_after_update(xfr, env); 5367 return 1; 5368} 5369 5370/** disown task_transfer. caller must hold xfr.lock */ 5371static void 5372xfr_transfer_disown(struct auth_xfer* xfr) 5373{ 5374 /* remove timer (from this worker's event base) */ 5375 comm_timer_delete(xfr->task_transfer->timer); 5376 xfr->task_transfer->timer = NULL; 5377 /* remove the commpoint */ 5378 comm_point_delete(xfr->task_transfer->cp); 5379 xfr->task_transfer->cp = NULL; 5380 /* we don't own this item anymore */ 5381 xfr->task_transfer->worker = NULL; 5382 xfr->task_transfer->env = NULL; 5383} 5384 5385/** lookup a host name for its addresses, if needed */ 5386static int 5387xfr_transfer_lookup_host(struct auth_xfer* xfr, struct module_env* env) 5388{ 5389 struct sockaddr_storage addr; 5390 socklen_t addrlen = 0; 5391 struct auth_master* master = xfr->task_transfer->lookup_target; 5392 struct query_info qinfo; 5393 uint16_t qflags = BIT_RD; 5394 uint8_t dname[LDNS_MAX_DOMAINLEN+1]; 5395 struct edns_data edns; 5396 sldns_buffer* buf = env->scratch_buffer; 5397 if(!master) return 0; 5398 if(extstrtoaddr(master->host, &addr, &addrlen, UNBOUND_DNS_PORT)) { 5399 /* not needed, host is in IP addr format */ 5400 return 0; 5401 } 5402 if(master->allow_notify) 5403 return 0; /* allow-notifies are not transferred from, no 5404 lookup is needed */ 5405 5406 /* use mesh_new_callback to probe for non-addr hosts, 5407 * and then wait for them to be looked up (in cache, or query) */ 5408 qinfo.qname_len = sizeof(dname); 5409 if(sldns_str2wire_dname_buf(master->host, dname, &qinfo.qname_len) 5410 != 0) { 5411 log_err("cannot parse host name of master %s", master->host); 5412 return 0; 5413 } 5414 qinfo.qname = dname; 5415 qinfo.qclass = xfr->dclass; 5416 qinfo.qtype = LDNS_RR_TYPE_A; 5417 if(xfr->task_transfer->lookup_aaaa) 5418 qinfo.qtype = LDNS_RR_TYPE_AAAA; 5419 qinfo.local_alias = NULL; 5420 if(verbosity >= VERB_ALGO) { 5421 char buf1[512]; 5422 char buf2[LDNS_MAX_DOMAINLEN+1]; 5423 dname_str(xfr->name, buf2); 5424 snprintf(buf1, sizeof(buf1), "auth zone %s: master lookup" 5425 " for task_transfer", buf2); 5426 log_query_info(VERB_ALGO, buf1, &qinfo); 5427 } 5428 edns.edns_present = 1; 5429 edns.ext_rcode = 0; 5430 edns.edns_version = 0; 5431 edns.bits = EDNS_DO; 5432 edns.opt_list_in = NULL; 5433 edns.opt_list_out = NULL; 5434 edns.opt_list_inplace_cb_out = NULL; 5435 edns.padding_block_size = 0; 5436 edns.cookie_present = 0; 5437 edns.cookie_valid = 0; 5438 if(sldns_buffer_capacity(buf) < 65535) 5439 edns.udp_size = (uint16_t)sldns_buffer_capacity(buf); 5440 else edns.udp_size = 65535; 5441 5442 /* unlock xfr during mesh_new_callback() because the callback can be 5443 * called straight away */ 5444 lock_basic_unlock(&xfr->lock); 5445 if(!mesh_new_callback(env->mesh, &qinfo, qflags, &edns, buf, 0, 5446 &auth_xfer_transfer_lookup_callback, xfr, 0)) { 5447 lock_basic_lock(&xfr->lock); 5448 log_err("out of memory lookup up master %s", master->host); 5449 return 0; 5450 } 5451 lock_basic_lock(&xfr->lock); 5452 return 1; 5453} 5454 5455/** initiate TCP to the target and fetch zone. 5456 * returns true if that was successfully started, and timeout setup. */ 5457static int 5458xfr_transfer_init_fetch(struct auth_xfer* xfr, struct module_env* env) 5459{ 5460 struct sockaddr_storage addr; 5461 socklen_t addrlen = 0; 5462 struct auth_master* master = xfr->task_transfer->master; 5463 char *auth_name = NULL; 5464 struct timeval t; 5465 int timeout; 5466 if(!master) return 0; 5467 if(master->allow_notify) return 0; /* only for notify */ 5468 5469 /* get master addr */ 5470 if(xfr->task_transfer->scan_addr) { 5471 addrlen = xfr->task_transfer->scan_addr->addrlen; 5472 memmove(&addr, &xfr->task_transfer->scan_addr->addr, addrlen); 5473 } else { 5474 if(!authextstrtoaddr(master->host, &addr, &addrlen, &auth_name)) { 5475 /* the ones that are not in addr format are supposed 5476 * to be looked up. The lookup has failed however, 5477 * so skip them */ 5478 char zname[255+1]; 5479 dname_str(xfr->name, zname); 5480 log_err("%s: failed lookup, cannot transfer from master %s", 5481 zname, master->host); 5482 return 0; 5483 } 5484 } 5485 5486 /* remove previous TCP connection (if any) */ 5487 if(xfr->task_transfer->cp) { 5488 comm_point_delete(xfr->task_transfer->cp); 5489 xfr->task_transfer->cp = NULL; 5490 } 5491 if(!xfr->task_transfer->timer) { 5492 xfr->task_transfer->timer = comm_timer_create(env->worker_base, 5493 auth_xfer_transfer_timer_callback, xfr); 5494 if(!xfr->task_transfer->timer) { 5495 log_err("malloc failure"); 5496 return 0; 5497 } 5498 } 5499 timeout = AUTH_TRANSFER_TIMEOUT; 5500#ifndef S_SPLINT_S 5501 t.tv_sec = timeout/1000; 5502 t.tv_usec = (timeout%1000)*1000; 5503#endif 5504 5505 if(master->http) { 5506 /* perform http fetch */ 5507 /* store http port number into sockaddr, 5508 * unless someone used unbound's host@port notation */ 5509 xfr->task_transfer->on_ixfr = 0; 5510 if(strchr(master->host, '@') == NULL) 5511 sockaddr_store_port(&addr, addrlen, master->port); 5512 xfr->task_transfer->cp = outnet_comm_point_for_http( 5513 env->outnet, auth_xfer_transfer_http_callback, xfr, 5514 &addr, addrlen, -1, master->ssl, master->host, 5515 master->file, env->cfg); 5516 if(!xfr->task_transfer->cp) { 5517 char zname[255+1], as[256]; 5518 dname_str(xfr->name, zname); 5519 addr_to_str(&addr, addrlen, as, sizeof(as)); 5520 verbose(VERB_ALGO, "cannot create http cp " 5521 "connection for %s to %s", zname, as); 5522 return 0; 5523 } 5524 comm_timer_set(xfr->task_transfer->timer, &t); 5525 if(verbosity >= VERB_ALGO) { 5526 char zname[255+1], as[256]; 5527 dname_str(xfr->name, zname); 5528 addr_to_str(&addr, addrlen, as, sizeof(as)); 5529 verbose(VERB_ALGO, "auth zone %s transfer next HTTP fetch from %s started", zname, as); 5530 } 5531 /* Create or refresh the list of allow_notify addrs */ 5532 probe_copy_masters_for_allow_notify(xfr); 5533 return 1; 5534 } 5535 5536 /* perform AXFR/IXFR */ 5537 /* set the packet to be written */ 5538 /* create new ID */ 5539 xfr->task_transfer->id = GET_RANDOM_ID(env->rnd); 5540 xfr_create_ixfr_packet(xfr, env->scratch_buffer, 5541 xfr->task_transfer->id, master); 5542 5543 /* connect on fd */ 5544 xfr->task_transfer->cp = outnet_comm_point_for_tcp(env->outnet, 5545 auth_xfer_transfer_tcp_callback, xfr, &addr, addrlen, 5546 env->scratch_buffer, -1, 5547 auth_name != NULL, auth_name); 5548 if(!xfr->task_transfer->cp) { 5549 char zname[255+1], as[256]; 5550 dname_str(xfr->name, zname); 5551 addr_to_str(&addr, addrlen, as, sizeof(as)); 5552 verbose(VERB_ALGO, "cannot create tcp cp connection for " 5553 "xfr %s to %s", zname, as); 5554 return 0; 5555 } 5556 comm_timer_set(xfr->task_transfer->timer, &t); 5557 if(verbosity >= VERB_ALGO) { 5558 char zname[255+1], as[256]; 5559 dname_str(xfr->name, zname); 5560 addr_to_str(&addr, addrlen, as, sizeof(as)); 5561 verbose(VERB_ALGO, "auth zone %s transfer next %s fetch from %s started", zname, 5562 (xfr->task_transfer->on_ixfr?"IXFR":"AXFR"), as); 5563 } 5564 return 1; 5565} 5566 5567/** perform next lookup, next transfer TCP, or end and resume wait time task */ 5568static void 5569xfr_transfer_nexttarget_or_end(struct auth_xfer* xfr, struct module_env* env) 5570{ 5571 log_assert(xfr->task_transfer->worker == env->worker); 5572 5573 /* are we performing lookups? */ 5574 while(xfr->task_transfer->lookup_target) { 5575 if(xfr_transfer_lookup_host(xfr, env)) { 5576 /* wait for lookup to finish, 5577 * note that the hostname may be in unbound's cache 5578 * and we may then get an instant cache response, 5579 * and that calls the callback just like a full 5580 * lookup and lookup failures also call callback */ 5581 if(verbosity >= VERB_ALGO) { 5582 char zname[255+1]; 5583 dname_str(xfr->name, zname); 5584 verbose(VERB_ALGO, "auth zone %s transfer next target lookup", zname); 5585 } 5586 lock_basic_unlock(&xfr->lock); 5587 return; 5588 } 5589 xfr_transfer_move_to_next_lookup(xfr, env); 5590 } 5591 5592 /* initiate TCP and fetch the zone from the master */ 5593 /* and set timeout on it */ 5594 while(!xfr_transfer_end_of_list(xfr)) { 5595 xfr->task_transfer->master = xfr_transfer_current_master(xfr); 5596 if(xfr_transfer_init_fetch(xfr, env)) { 5597 /* successfully started, wait for callback */ 5598 lock_basic_unlock(&xfr->lock); 5599 return; 5600 } 5601 /* failed to fetch, next master */ 5602 xfr_transfer_nextmaster(xfr); 5603 } 5604 if(verbosity >= VERB_ALGO) { 5605 char zname[255+1]; 5606 dname_str(xfr->name, zname); 5607 verbose(VERB_ALGO, "auth zone %s transfer failed, wait", zname); 5608 } 5609 5610 /* we failed to fetch the zone, move to wait task 5611 * use the shorter retry timeout */ 5612 xfr_transfer_disown(xfr); 5613 5614 /* pick up the nextprobe task and wait */ 5615 if(xfr->task_nextprobe->worker == NULL) 5616 xfr_set_timeout(xfr, env, 1, 0); 5617 lock_basic_unlock(&xfr->lock); 5618} 5619 5620/** add addrs from A or AAAA rrset to the master */ 5621static void 5622xfr_master_add_addrs(struct auth_master* m, struct ub_packed_rrset_key* rrset, 5623 uint16_t rrtype) 5624{ 5625 size_t i; 5626 struct packed_rrset_data* data; 5627 if(!m || !rrset) return; 5628 if(rrtype != LDNS_RR_TYPE_A && rrtype != LDNS_RR_TYPE_AAAA) 5629 return; 5630 data = (struct packed_rrset_data*)rrset->entry.data; 5631 for(i=0; i<data->count; i++) { 5632 struct auth_addr* a; 5633 size_t len = data->rr_len[i] - 2; 5634 uint8_t* rdata = data->rr_data[i]+2; 5635 if(rrtype == LDNS_RR_TYPE_A && len != INET_SIZE) 5636 continue; /* wrong length for A */ 5637 if(rrtype == LDNS_RR_TYPE_AAAA && len != INET6_SIZE) 5638 continue; /* wrong length for AAAA */ 5639 5640 /* add and alloc it */ 5641 a = (struct auth_addr*)calloc(1, sizeof(*a)); 5642 if(!a) { 5643 log_err("out of memory"); 5644 return; 5645 } 5646 if(rrtype == LDNS_RR_TYPE_A) { 5647 struct sockaddr_in* sa; 5648 a->addrlen = (socklen_t)sizeof(*sa); 5649 sa = (struct sockaddr_in*)&a->addr; 5650 sa->sin_family = AF_INET; 5651 sa->sin_port = (in_port_t)htons(UNBOUND_DNS_PORT); 5652 memmove(&sa->sin_addr, rdata, INET_SIZE); 5653 } else { 5654 struct sockaddr_in6* sa; 5655 a->addrlen = (socklen_t)sizeof(*sa); 5656 sa = (struct sockaddr_in6*)&a->addr; 5657 sa->sin6_family = AF_INET6; 5658 sa->sin6_port = (in_port_t)htons(UNBOUND_DNS_PORT); 5659 memmove(&sa->sin6_addr, rdata, INET6_SIZE); 5660 } 5661 if(verbosity >= VERB_ALGO) { 5662 char s[64]; 5663 addr_to_str(&a->addr, a->addrlen, s, sizeof(s)); 5664 verbose(VERB_ALGO, "auth host %s lookup %s", 5665 m->host, s); 5666 } 5667 /* append to list */ 5668 a->next = m->list; 5669 m->list = a; 5670 } 5671} 5672 5673/** callback for task_transfer lookup of host name, of A or AAAA */ 5674void auth_xfer_transfer_lookup_callback(void* arg, int rcode, sldns_buffer* buf, 5675 enum sec_status ATTR_UNUSED(sec), char* ATTR_UNUSED(why_bogus), 5676 int ATTR_UNUSED(was_ratelimited)) 5677{ 5678 struct auth_xfer* xfr = (struct auth_xfer*)arg; 5679 struct module_env* env; 5680 log_assert(xfr->task_transfer); 5681 lock_basic_lock(&xfr->lock); 5682 env = xfr->task_transfer->env; 5683 if(!env || env->outnet->want_to_quit) { 5684 lock_basic_unlock(&xfr->lock); 5685 return; /* stop on quit */ 5686 } 5687 5688 /* process result */ 5689 if(rcode == LDNS_RCODE_NOERROR) { 5690 uint16_t wanted_qtype = LDNS_RR_TYPE_A; 5691 struct regional* temp = env->scratch; 5692 struct query_info rq; 5693 struct reply_info* rep; 5694 if(xfr->task_transfer->lookup_aaaa) 5695 wanted_qtype = LDNS_RR_TYPE_AAAA; 5696 memset(&rq, 0, sizeof(rq)); 5697 rep = parse_reply_in_temp_region(buf, temp, &rq); 5698 if(rep && rq.qtype == wanted_qtype && 5699 FLAGS_GET_RCODE(rep->flags) == LDNS_RCODE_NOERROR) { 5700 /* parsed successfully */ 5701 struct ub_packed_rrset_key* answer = 5702 reply_find_answer_rrset(&rq, rep); 5703 if(answer) { 5704 xfr_master_add_addrs(xfr->task_transfer-> 5705 lookup_target, answer, wanted_qtype); 5706 } else { 5707 if(verbosity >= VERB_ALGO) { 5708 char zname[255+1]; 5709 dname_str(xfr->name, zname); 5710 verbose(VERB_ALGO, "auth zone %s host %s type %s transfer lookup has nodata", zname, xfr->task_transfer->lookup_target->host, (xfr->task_transfer->lookup_aaaa?"AAAA":"A")); 5711 } 5712 } 5713 } else { 5714 if(verbosity >= VERB_ALGO) { 5715 char zname[255+1]; 5716 dname_str(xfr->name, zname); 5717 verbose(VERB_ALGO, "auth zone %s host %s type %s transfer lookup has no answer", zname, xfr->task_transfer->lookup_target->host, (xfr->task_transfer->lookup_aaaa?"AAAA":"A")); 5718 } 5719 } 5720 regional_free_all(temp); 5721 } else { 5722 if(verbosity >= VERB_ALGO) { 5723 char zname[255+1]; 5724 dname_str(xfr->name, zname); 5725 verbose(VERB_ALGO, "auth zone %s host %s type %s transfer lookup failed", zname, xfr->task_transfer->lookup_target->host, (xfr->task_transfer->lookup_aaaa?"AAAA":"A")); 5726 } 5727 } 5728 if(xfr->task_transfer->lookup_target->list && 5729 xfr->task_transfer->lookup_target == xfr_transfer_current_master(xfr)) 5730 xfr->task_transfer->scan_addr = xfr->task_transfer->lookup_target->list; 5731 5732 /* move to lookup AAAA after A lookup, move to next hostname lookup, 5733 * or move to fetch the zone, or, if nothing to do, end task_transfer */ 5734 xfr_transfer_move_to_next_lookup(xfr, env); 5735 xfr_transfer_nexttarget_or_end(xfr, env); 5736} 5737 5738/** check if xfer (AXFR or IXFR) packet is OK. 5739 * return false if we lost connection (SERVFAIL, or unreadable). 5740 * return false if we need to move from IXFR to AXFR, with gonextonfail 5741 * set to false, so the same master is tried again, but with AXFR. 5742 * return true if fine to link into data. 5743 * return true with transferdone=true when the transfer has ended. 5744 */ 5745static int 5746check_xfer_packet(sldns_buffer* pkt, struct auth_xfer* xfr, 5747 int* gonextonfail, int* transferdone) 5748{ 5749 uint8_t* wire = sldns_buffer_begin(pkt); 5750 int i; 5751 if(sldns_buffer_limit(pkt) < LDNS_HEADER_SIZE) { 5752 verbose(VERB_ALGO, "xfr to %s failed, packet too small", 5753 xfr->task_transfer->master->host); 5754 return 0; 5755 } 5756 if(!LDNS_QR_WIRE(wire)) { 5757 verbose(VERB_ALGO, "xfr to %s failed, packet has no QR flag", 5758 xfr->task_transfer->master->host); 5759 return 0; 5760 } 5761 if(LDNS_TC_WIRE(wire)) { 5762 verbose(VERB_ALGO, "xfr to %s failed, packet has TC flag", 5763 xfr->task_transfer->master->host); 5764 return 0; 5765 } 5766 /* check ID */ 5767 if(LDNS_ID_WIRE(wire) != xfr->task_transfer->id) { 5768 verbose(VERB_ALGO, "xfr to %s failed, packet wrong ID", 5769 xfr->task_transfer->master->host); 5770 return 0; 5771 } 5772 if(LDNS_RCODE_WIRE(wire) != LDNS_RCODE_NOERROR) { 5773 char rcode[32]; 5774 sldns_wire2str_rcode_buf((int)LDNS_RCODE_WIRE(wire), rcode, 5775 sizeof(rcode)); 5776 /* if we are doing IXFR, check for fallback */ 5777 if(xfr->task_transfer->on_ixfr) { 5778 if(LDNS_RCODE_WIRE(wire) == LDNS_RCODE_NOTIMPL || 5779 LDNS_RCODE_WIRE(wire) == LDNS_RCODE_SERVFAIL || 5780 LDNS_RCODE_WIRE(wire) == LDNS_RCODE_REFUSED || 5781 LDNS_RCODE_WIRE(wire) == LDNS_RCODE_FORMERR) { 5782 verbose(VERB_ALGO, "xfr to %s, fallback " 5783 "from IXFR to AXFR (with rcode %s)", 5784 xfr->task_transfer->master->host, 5785 rcode); 5786 xfr->task_transfer->ixfr_fail = 1; 5787 *gonextonfail = 0; 5788 return 0; 5789 } 5790 } 5791 verbose(VERB_ALGO, "xfr to %s failed, packet with rcode %s", 5792 xfr->task_transfer->master->host, rcode); 5793 return 0; 5794 } 5795 if(LDNS_OPCODE_WIRE(wire) != LDNS_PACKET_QUERY) { 5796 verbose(VERB_ALGO, "xfr to %s failed, packet with bad opcode", 5797 xfr->task_transfer->master->host); 5798 return 0; 5799 } 5800 if(LDNS_QDCOUNT(wire) > 1) { 5801 verbose(VERB_ALGO, "xfr to %s failed, packet has qdcount %d", 5802 xfr->task_transfer->master->host, 5803 (int)LDNS_QDCOUNT(wire)); 5804 return 0; 5805 } 5806 5807 /* check qname */ 5808 sldns_buffer_set_position(pkt, LDNS_HEADER_SIZE); 5809 for(i=0; i<(int)LDNS_QDCOUNT(wire); i++) { 5810 size_t pos = sldns_buffer_position(pkt); 5811 uint16_t qtype, qclass; 5812 if(pkt_dname_len(pkt) == 0) { 5813 verbose(VERB_ALGO, "xfr to %s failed, packet with " 5814 "malformed dname", 5815 xfr->task_transfer->master->host); 5816 return 0; 5817 } 5818 if(dname_pkt_compare(pkt, sldns_buffer_at(pkt, pos), 5819 xfr->name) != 0) { 5820 verbose(VERB_ALGO, "xfr to %s failed, packet with " 5821 "wrong qname", 5822 xfr->task_transfer->master->host); 5823 return 0; 5824 } 5825 if(sldns_buffer_remaining(pkt) < 4) { 5826 verbose(VERB_ALGO, "xfr to %s failed, packet with " 5827 "truncated query RR", 5828 xfr->task_transfer->master->host); 5829 return 0; 5830 } 5831 qtype = sldns_buffer_read_u16(pkt); 5832 qclass = sldns_buffer_read_u16(pkt); 5833 if(qclass != xfr->dclass) { 5834 verbose(VERB_ALGO, "xfr to %s failed, packet with " 5835 "wrong qclass", 5836 xfr->task_transfer->master->host); 5837 return 0; 5838 } 5839 if(xfr->task_transfer->on_ixfr) { 5840 if(qtype != LDNS_RR_TYPE_IXFR) { 5841 verbose(VERB_ALGO, "xfr to %s failed, packet " 5842 "with wrong qtype, expected IXFR", 5843 xfr->task_transfer->master->host); 5844 return 0; 5845 } 5846 } else { 5847 if(qtype != LDNS_RR_TYPE_AXFR) { 5848 verbose(VERB_ALGO, "xfr to %s failed, packet " 5849 "with wrong qtype, expected AXFR", 5850 xfr->task_transfer->master->host); 5851 return 0; 5852 } 5853 } 5854 } 5855 5856 /* check parse of RRs in packet, store first SOA serial 5857 * to be able to detect last SOA (with that serial) to see if done */ 5858 /* also check for IXFR 'zone up to date' reply */ 5859 for(i=0; i<(int)LDNS_ANCOUNT(wire); i++) { 5860 size_t pos = sldns_buffer_position(pkt); 5861 uint16_t tp, rdlen; 5862 if(pkt_dname_len(pkt) == 0) { 5863 verbose(VERB_ALGO, "xfr to %s failed, packet with " 5864 "malformed dname in answer section", 5865 xfr->task_transfer->master->host); 5866 return 0; 5867 } 5868 if(sldns_buffer_remaining(pkt) < 10) { 5869 verbose(VERB_ALGO, "xfr to %s failed, packet with " 5870 "truncated RR", 5871 xfr->task_transfer->master->host); 5872 return 0; 5873 } 5874 tp = sldns_buffer_read_u16(pkt); 5875 (void)sldns_buffer_read_u16(pkt); /* class */ 5876 (void)sldns_buffer_read_u32(pkt); /* ttl */ 5877 rdlen = sldns_buffer_read_u16(pkt); 5878 if(sldns_buffer_remaining(pkt) < rdlen) { 5879 verbose(VERB_ALGO, "xfr to %s failed, packet with " 5880 "truncated RR rdata", 5881 xfr->task_transfer->master->host); 5882 return 0; 5883 } 5884 5885 /* RR parses (haven't checked rdata itself), now look at 5886 * SOA records to see serial number */ 5887 if(xfr->task_transfer->rr_scan_num == 0 && 5888 tp != LDNS_RR_TYPE_SOA) { 5889 verbose(VERB_ALGO, "xfr to %s failed, packet with " 5890 "malformed zone transfer, no start SOA", 5891 xfr->task_transfer->master->host); 5892 return 0; 5893 } 5894 if(xfr->task_transfer->rr_scan_num == 1 && 5895 tp != LDNS_RR_TYPE_SOA) { 5896 /* second RR is not a SOA record, this is not an IXFR 5897 * the master is replying with an AXFR */ 5898 xfr->task_transfer->on_ixfr_is_axfr = 1; 5899 } 5900 if(tp == LDNS_RR_TYPE_SOA) { 5901 uint32_t serial; 5902 if(rdlen < 22) { 5903 verbose(VERB_ALGO, "xfr to %s failed, packet " 5904 "with SOA with malformed rdata", 5905 xfr->task_transfer->master->host); 5906 return 0; 5907 } 5908 if(dname_pkt_compare(pkt, sldns_buffer_at(pkt, pos), 5909 xfr->name) != 0) { 5910 verbose(VERB_ALGO, "xfr to %s failed, packet " 5911 "with SOA with wrong dname", 5912 xfr->task_transfer->master->host); 5913 return 0; 5914 } 5915 5916 /* read serial number of SOA */ 5917 serial = sldns_buffer_read_u32_at(pkt, 5918 sldns_buffer_position(pkt)+rdlen-20); 5919 5920 /* check for IXFR 'zone has SOA x' reply */ 5921 if(xfr->task_transfer->on_ixfr && 5922 xfr->task_transfer->rr_scan_num == 0 && 5923 LDNS_ANCOUNT(wire)==1) { 5924 verbose(VERB_ALGO, "xfr to %s ended, " 5925 "IXFR reply that zone has serial %u," 5926 " fallback from IXFR to AXFR", 5927 xfr->task_transfer->master->host, 5928 (unsigned)serial); 5929 xfr->task_transfer->ixfr_fail = 1; 5930 *gonextonfail = 0; 5931 return 0; 5932 } 5933 5934 /* if first SOA, store serial number */ 5935 if(xfr->task_transfer->got_xfr_serial == 0) { 5936 xfr->task_transfer->got_xfr_serial = 1; 5937 xfr->task_transfer->incoming_xfr_serial = 5938 serial; 5939 verbose(VERB_ALGO, "xfr %s: contains " 5940 "SOA serial %u", 5941 xfr->task_transfer->master->host, 5942 (unsigned)serial); 5943 /* see if end of AXFR */ 5944 } else if(!xfr->task_transfer->on_ixfr || 5945 xfr->task_transfer->on_ixfr_is_axfr) { 5946 /* second SOA with serial is the end 5947 * for AXFR */ 5948 *transferdone = 1; 5949 verbose(VERB_ALGO, "xfr %s: last AXFR packet", 5950 xfr->task_transfer->master->host); 5951 /* for IXFR, count SOA records with that serial */ 5952 } else if(xfr->task_transfer->incoming_xfr_serial == 5953 serial && xfr->task_transfer->got_xfr_serial 5954 == 1) { 5955 xfr->task_transfer->got_xfr_serial++; 5956 /* if not first soa, if serial==firstserial, the 5957 * third time we are at the end, for IXFR */ 5958 } else if(xfr->task_transfer->incoming_xfr_serial == 5959 serial && xfr->task_transfer->got_xfr_serial 5960 == 2) { 5961 verbose(VERB_ALGO, "xfr %s: last IXFR packet", 5962 xfr->task_transfer->master->host); 5963 *transferdone = 1; 5964 /* continue parse check, if that succeeds, 5965 * transfer is done */ 5966 } 5967 } 5968 xfr->task_transfer->rr_scan_num++; 5969 5970 /* skip over RR rdata to go to the next RR */ 5971 sldns_buffer_skip(pkt, (ssize_t)rdlen); 5972 } 5973 5974 /* check authority section */ 5975 /* we skip over the RRs checking packet format */ 5976 for(i=0; i<(int)LDNS_NSCOUNT(wire); i++) { 5977 uint16_t rdlen; 5978 if(pkt_dname_len(pkt) == 0) { 5979 verbose(VERB_ALGO, "xfr to %s failed, packet with " 5980 "malformed dname in authority section", 5981 xfr->task_transfer->master->host); 5982 return 0; 5983 } 5984 if(sldns_buffer_remaining(pkt) < 10) { 5985 verbose(VERB_ALGO, "xfr to %s failed, packet with " 5986 "truncated RR", 5987 xfr->task_transfer->master->host); 5988 return 0; 5989 } 5990 (void)sldns_buffer_read_u16(pkt); /* type */ 5991 (void)sldns_buffer_read_u16(pkt); /* class */ 5992 (void)sldns_buffer_read_u32(pkt); /* ttl */ 5993 rdlen = sldns_buffer_read_u16(pkt); 5994 if(sldns_buffer_remaining(pkt) < rdlen) { 5995 verbose(VERB_ALGO, "xfr to %s failed, packet with " 5996 "truncated RR rdata", 5997 xfr->task_transfer->master->host); 5998 return 0; 5999 } 6000 /* skip over RR rdata to go to the next RR */ 6001 sldns_buffer_skip(pkt, (ssize_t)rdlen); 6002 } 6003 6004 /* check additional section */ 6005 for(i=0; i<(int)LDNS_ARCOUNT(wire); i++) { 6006 uint16_t rdlen; 6007 if(pkt_dname_len(pkt) == 0) { 6008 verbose(VERB_ALGO, "xfr to %s failed, packet with " 6009 "malformed dname in additional section", 6010 xfr->task_transfer->master->host); 6011 return 0; 6012 } 6013 if(sldns_buffer_remaining(pkt) < 10) { 6014 verbose(VERB_ALGO, "xfr to %s failed, packet with " 6015 "truncated RR", 6016 xfr->task_transfer->master->host); 6017 return 0; 6018 } 6019 (void)sldns_buffer_read_u16(pkt); /* type */ 6020 (void)sldns_buffer_read_u16(pkt); /* class */ 6021 (void)sldns_buffer_read_u32(pkt); /* ttl */ 6022 rdlen = sldns_buffer_read_u16(pkt); 6023 if(sldns_buffer_remaining(pkt) < rdlen) { 6024 verbose(VERB_ALGO, "xfr to %s failed, packet with " 6025 "truncated RR rdata", 6026 xfr->task_transfer->master->host); 6027 return 0; 6028 } 6029 /* skip over RR rdata to go to the next RR */ 6030 sldns_buffer_skip(pkt, (ssize_t)rdlen); 6031 } 6032 6033 return 1; 6034} 6035 6036/** Link the data from this packet into the worklist of transferred data */ 6037static int 6038xfer_link_data(sldns_buffer* pkt, struct auth_xfer* xfr) 6039{ 6040 /* alloc it */ 6041 struct auth_chunk* e; 6042 e = (struct auth_chunk*)calloc(1, sizeof(*e)); 6043 if(!e) return 0; 6044 e->next = NULL; 6045 e->len = sldns_buffer_limit(pkt); 6046 e->data = memdup(sldns_buffer_begin(pkt), e->len); 6047 if(!e->data) { 6048 free(e); 6049 return 0; 6050 } 6051 6052 /* alloc succeeded, link into list */ 6053 if(!xfr->task_transfer->chunks_first) 6054 xfr->task_transfer->chunks_first = e; 6055 if(xfr->task_transfer->chunks_last) 6056 xfr->task_transfer->chunks_last->next = e; 6057 xfr->task_transfer->chunks_last = e; 6058 return 1; 6059} 6060 6061/** task transfer. the list of data is complete. process it and if failed 6062 * move to next master, if succeeded, end the task transfer */ 6063static void 6064process_list_end_transfer(struct auth_xfer* xfr, struct module_env* env) 6065{ 6066 int ixfr_fail = 0; 6067 if(xfr_process_chunk_list(xfr, env, &ixfr_fail)) { 6068 /* it worked! */ 6069 auth_chunks_delete(xfr->task_transfer); 6070 6071 /* we fetched the zone, move to wait task */ 6072 xfr_transfer_disown(xfr); 6073 6074 if(xfr->notify_received && (!xfr->notify_has_serial || 6075 (xfr->notify_has_serial && 6076 xfr_serial_means_update(xfr, xfr->notify_serial)))) { 6077 uint32_t sr = xfr->notify_serial; 6078 int has_sr = xfr->notify_has_serial; 6079 /* we received a notify while probe/transfer was 6080 * in progress. start a new probe and transfer */ 6081 xfr->notify_received = 0; 6082 xfr->notify_has_serial = 0; 6083 xfr->notify_serial = 0; 6084 if(!xfr_start_probe(xfr, env, NULL)) { 6085 /* if we couldn't start it, already in 6086 * progress; restore notify serial, 6087 * while xfr still locked */ 6088 xfr->notify_received = 1; 6089 xfr->notify_has_serial = has_sr; 6090 xfr->notify_serial = sr; 6091 lock_basic_unlock(&xfr->lock); 6092 } 6093 return; 6094 } else { 6095 /* pick up the nextprobe task and wait (normail wait time) */ 6096 if(xfr->task_nextprobe->worker == NULL) 6097 xfr_set_timeout(xfr, env, 0, 0); 6098 } 6099 lock_basic_unlock(&xfr->lock); 6100 return; 6101 } 6102 /* processing failed */ 6103 /* when done, delete data from list */ 6104 auth_chunks_delete(xfr->task_transfer); 6105 if(ixfr_fail) { 6106 xfr->task_transfer->ixfr_fail = 1; 6107 } else { 6108 xfr_transfer_nextmaster(xfr); 6109 } 6110 xfr_transfer_nexttarget_or_end(xfr, env); 6111} 6112 6113/** callback for the task_transfer timer */ 6114void 6115auth_xfer_transfer_timer_callback(void* arg) 6116{ 6117 struct auth_xfer* xfr = (struct auth_xfer*)arg; 6118 struct module_env* env; 6119 int gonextonfail = 1; 6120 log_assert(xfr->task_transfer); 6121 lock_basic_lock(&xfr->lock); 6122 env = xfr->task_transfer->env; 6123 if(!env || env->outnet->want_to_quit) { 6124 lock_basic_unlock(&xfr->lock); 6125 return; /* stop on quit */ 6126 } 6127 6128 verbose(VERB_ALGO, "xfr stopped, connection timeout to %s", 6129 xfr->task_transfer->master->host); 6130 6131 /* see if IXFR caused the failure, if so, try AXFR */ 6132 if(xfr->task_transfer->on_ixfr) { 6133 xfr->task_transfer->ixfr_possible_timeout_count++; 6134 if(xfr->task_transfer->ixfr_possible_timeout_count >= 6135 NUM_TIMEOUTS_FALLBACK_IXFR) { 6136 verbose(VERB_ALGO, "xfr to %s, fallback " 6137 "from IXFR to AXFR (because of timeouts)", 6138 xfr->task_transfer->master->host); 6139 xfr->task_transfer->ixfr_fail = 1; 6140 gonextonfail = 0; 6141 } 6142 } 6143 6144 /* delete transferred data from list */ 6145 auth_chunks_delete(xfr->task_transfer); 6146 comm_point_delete(xfr->task_transfer->cp); 6147 xfr->task_transfer->cp = NULL; 6148 if(gonextonfail) 6149 xfr_transfer_nextmaster(xfr); 6150 xfr_transfer_nexttarget_or_end(xfr, env); 6151} 6152 6153/** callback for task_transfer tcp connections */ 6154int 6155auth_xfer_transfer_tcp_callback(struct comm_point* c, void* arg, int err, 6156 struct comm_reply* ATTR_UNUSED(repinfo)) 6157{ 6158 struct auth_xfer* xfr = (struct auth_xfer*)arg; 6159 struct module_env* env; 6160 int gonextonfail = 1; 6161 int transferdone = 0; 6162 log_assert(xfr->task_transfer); 6163 lock_basic_lock(&xfr->lock); 6164 env = xfr->task_transfer->env; 6165 if(!env || env->outnet->want_to_quit) { 6166 lock_basic_unlock(&xfr->lock); 6167 return 0; /* stop on quit */ 6168 } 6169 /* stop the timer */ 6170 comm_timer_disable(xfr->task_transfer->timer); 6171 6172 if(err != NETEVENT_NOERROR) { 6173 /* connection failed, closed, or timeout */ 6174 /* stop this transfer, cleanup 6175 * and continue task_transfer*/ 6176 verbose(VERB_ALGO, "xfr stopped, connection lost to %s", 6177 xfr->task_transfer->master->host); 6178 6179 /* see if IXFR caused the failure, if so, try AXFR */ 6180 if(xfr->task_transfer->on_ixfr) { 6181 xfr->task_transfer->ixfr_possible_timeout_count++; 6182 if(xfr->task_transfer->ixfr_possible_timeout_count >= 6183 NUM_TIMEOUTS_FALLBACK_IXFR) { 6184 verbose(VERB_ALGO, "xfr to %s, fallback " 6185 "from IXFR to AXFR (because of timeouts)", 6186 xfr->task_transfer->master->host); 6187 xfr->task_transfer->ixfr_fail = 1; 6188 gonextonfail = 0; 6189 } 6190 } 6191 6192 failed: 6193 /* delete transferred data from list */ 6194 auth_chunks_delete(xfr->task_transfer); 6195 comm_point_delete(xfr->task_transfer->cp); 6196 xfr->task_transfer->cp = NULL; 6197 if(gonextonfail) 6198 xfr_transfer_nextmaster(xfr); 6199 xfr_transfer_nexttarget_or_end(xfr, env); 6200 return 0; 6201 } 6202 /* note that IXFR worked without timeout */ 6203 if(xfr->task_transfer->on_ixfr) 6204 xfr->task_transfer->ixfr_possible_timeout_count = 0; 6205 6206 /* handle returned packet */ 6207 /* if it fails, cleanup and end this transfer */ 6208 /* if it needs to fallback from IXFR to AXFR, do that */ 6209 if(!check_xfer_packet(c->buffer, xfr, &gonextonfail, &transferdone)) { 6210 goto failed; 6211 } 6212 /* if it is good, link it into the list of data */ 6213 /* if the link into list of data fails (malloc fail) cleanup and end */ 6214 if(!xfer_link_data(c->buffer, xfr)) { 6215 verbose(VERB_ALGO, "xfr stopped to %s, malloc failed", 6216 xfr->task_transfer->master->host); 6217 goto failed; 6218 } 6219 /* if the transfer is done now, disconnect and process the list */ 6220 if(transferdone) { 6221 comm_point_delete(xfr->task_transfer->cp); 6222 xfr->task_transfer->cp = NULL; 6223 process_list_end_transfer(xfr, env); 6224 return 0; 6225 } 6226 6227 /* if we want to read more messages, setup the commpoint to read 6228 * a DNS packet, and the timeout */ 6229 lock_basic_unlock(&xfr->lock); 6230 c->tcp_is_reading = 1; 6231 sldns_buffer_clear(c->buffer); 6232 comm_point_start_listening(c, -1, AUTH_TRANSFER_TIMEOUT); 6233 return 0; 6234} 6235 6236/** callback for task_transfer http connections */ 6237int 6238auth_xfer_transfer_http_callback(struct comm_point* c, void* arg, int err, 6239 struct comm_reply* repinfo) 6240{ 6241 struct auth_xfer* xfr = (struct auth_xfer*)arg; 6242 struct module_env* env; 6243 log_assert(xfr->task_transfer); 6244 lock_basic_lock(&xfr->lock); 6245 env = xfr->task_transfer->env; 6246 if(!env || env->outnet->want_to_quit) { 6247 lock_basic_unlock(&xfr->lock); 6248 return 0; /* stop on quit */ 6249 } 6250 verbose(VERB_ALGO, "auth zone transfer http callback"); 6251 /* stop the timer */ 6252 comm_timer_disable(xfr->task_transfer->timer); 6253 6254 if(err != NETEVENT_NOERROR && err != NETEVENT_DONE) { 6255 /* connection failed, closed, or timeout */ 6256 /* stop this transfer, cleanup 6257 * and continue task_transfer*/ 6258 verbose(VERB_ALGO, "http stopped, connection lost to %s", 6259 xfr->task_transfer->master->host); 6260 failed: 6261 /* delete transferred data from list */ 6262 auth_chunks_delete(xfr->task_transfer); 6263 if(repinfo) repinfo->c = NULL; /* signal cp deleted to 6264 the routine calling this callback */ 6265 comm_point_delete(xfr->task_transfer->cp); 6266 xfr->task_transfer->cp = NULL; 6267 xfr_transfer_nextmaster(xfr); 6268 xfr_transfer_nexttarget_or_end(xfr, env); 6269 return 0; 6270 } 6271 6272 /* if it is good, link it into the list of data */ 6273 /* if the link into list of data fails (malloc fail) cleanup and end */ 6274 if(sldns_buffer_limit(c->buffer) > 0) { 6275 verbose(VERB_ALGO, "auth zone http queued up %d bytes", 6276 (int)sldns_buffer_limit(c->buffer)); 6277 if(!xfer_link_data(c->buffer, xfr)) { 6278 verbose(VERB_ALGO, "http stopped to %s, malloc failed", 6279 xfr->task_transfer->master->host); 6280 goto failed; 6281 } 6282 } 6283 /* if the transfer is done now, disconnect and process the list */ 6284 if(err == NETEVENT_DONE) { 6285 if(repinfo) repinfo->c = NULL; /* signal cp deleted to 6286 the routine calling this callback */ 6287 comm_point_delete(xfr->task_transfer->cp); 6288 xfr->task_transfer->cp = NULL; 6289 process_list_end_transfer(xfr, env); 6290 return 0; 6291 } 6292 6293 /* if we want to read more messages, setup the commpoint to read 6294 * a DNS packet, and the timeout */ 6295 lock_basic_unlock(&xfr->lock); 6296 c->tcp_is_reading = 1; 6297 sldns_buffer_clear(c->buffer); 6298 comm_point_start_listening(c, -1, AUTH_TRANSFER_TIMEOUT); 6299 return 0; 6300} 6301 6302 6303/** start transfer task by this worker , xfr is locked. */ 6304static void 6305xfr_start_transfer(struct auth_xfer* xfr, struct module_env* env, 6306 struct auth_master* master) 6307{ 6308 log_assert(xfr->task_transfer != NULL); 6309 log_assert(xfr->task_transfer->worker == NULL); 6310 log_assert(xfr->task_transfer->chunks_first == NULL); 6311 log_assert(xfr->task_transfer->chunks_last == NULL); 6312 xfr->task_transfer->worker = env->worker; 6313 xfr->task_transfer->env = env; 6314 6315 /* init transfer process */ 6316 /* find that master in the transfer's list of masters? */ 6317 xfr_transfer_start_list(xfr, master); 6318 /* start lookup for hostnames in transfer master list */ 6319 xfr_transfer_start_lookups(xfr); 6320 6321 /* initiate TCP, and set timeout on it */ 6322 xfr_transfer_nexttarget_or_end(xfr, env); 6323} 6324 6325/** disown task_probe. caller must hold xfr.lock */ 6326static void 6327xfr_probe_disown(struct auth_xfer* xfr) 6328{ 6329 /* remove timer (from this worker's event base) */ 6330 comm_timer_delete(xfr->task_probe->timer); 6331 xfr->task_probe->timer = NULL; 6332 /* remove the commpoint */ 6333 comm_point_delete(xfr->task_probe->cp); 6334 xfr->task_probe->cp = NULL; 6335 /* we don't own this item anymore */ 6336 xfr->task_probe->worker = NULL; 6337 xfr->task_probe->env = NULL; 6338} 6339 6340/** send the UDP probe to the master, this is part of task_probe */ 6341static int 6342xfr_probe_send_probe(struct auth_xfer* xfr, struct module_env* env, 6343 int timeout) 6344{ 6345 struct sockaddr_storage addr; 6346 socklen_t addrlen = 0; 6347 struct timeval t; 6348 /* pick master */ 6349 struct auth_master* master = xfr_probe_current_master(xfr); 6350 char *auth_name = NULL; 6351 if(!master) return 0; 6352 if(master->allow_notify) return 0; /* only for notify */ 6353 if(master->http) return 0; /* only masters get SOA UDP probe, 6354 not urls, if those are in this list */ 6355 6356 /* get master addr */ 6357 if(xfr->task_probe->scan_addr) { 6358 addrlen = xfr->task_probe->scan_addr->addrlen; 6359 memmove(&addr, &xfr->task_probe->scan_addr->addr, addrlen); 6360 } else { 6361 if(!authextstrtoaddr(master->host, &addr, &addrlen, &auth_name)) { 6362 /* the ones that are not in addr format are supposed 6363 * to be looked up. The lookup has failed however, 6364 * so skip them */ 6365 char zname[255+1]; 6366 dname_str(xfr->name, zname); 6367 log_err("%s: failed lookup, cannot probe to master %s", 6368 zname, master->host); 6369 return 0; 6370 } 6371 if (auth_name != NULL) { 6372 if (addr.ss_family == AF_INET 6373 && (int)ntohs(((struct sockaddr_in *)&addr)->sin_port) 6374 == env->cfg->ssl_port) 6375 ((struct sockaddr_in *)&addr)->sin_port 6376 = htons((uint16_t)env->cfg->port); 6377 else if (addr.ss_family == AF_INET6 6378 && (int)ntohs(((struct sockaddr_in6 *)&addr)->sin6_port) 6379 == env->cfg->ssl_port) 6380 ((struct sockaddr_in6 *)&addr)->sin6_port 6381 = htons((uint16_t)env->cfg->port); 6382 } 6383 } 6384 6385 /* create packet */ 6386 /* create new ID for new probes, but not on timeout retries, 6387 * this means we'll accept replies to previous retries to same ip */ 6388 if(timeout == AUTH_PROBE_TIMEOUT) 6389 xfr->task_probe->id = GET_RANDOM_ID(env->rnd); 6390 xfr_create_soa_probe_packet(xfr, env->scratch_buffer, 6391 xfr->task_probe->id); 6392 /* we need to remove the cp if we have a different ip4/ip6 type now */ 6393 if(xfr->task_probe->cp && 6394 ((xfr->task_probe->cp_is_ip6 && !addr_is_ip6(&addr, addrlen)) || 6395 (!xfr->task_probe->cp_is_ip6 && addr_is_ip6(&addr, addrlen))) 6396 ) { 6397 comm_point_delete(xfr->task_probe->cp); 6398 xfr->task_probe->cp = NULL; 6399 } 6400 if(!xfr->task_probe->cp) { 6401 if(addr_is_ip6(&addr, addrlen)) 6402 xfr->task_probe->cp_is_ip6 = 1; 6403 else xfr->task_probe->cp_is_ip6 = 0; 6404 xfr->task_probe->cp = outnet_comm_point_for_udp(env->outnet, 6405 auth_xfer_probe_udp_callback, xfr, &addr, addrlen); 6406 if(!xfr->task_probe->cp) { 6407 char zname[255+1], as[256]; 6408 dname_str(xfr->name, zname); 6409 addr_to_str(&addr, addrlen, as, sizeof(as)); 6410 verbose(VERB_ALGO, "cannot create udp cp for " 6411 "probe %s to %s", zname, as); 6412 return 0; 6413 } 6414 } 6415 if(!xfr->task_probe->timer) { 6416 xfr->task_probe->timer = comm_timer_create(env->worker_base, 6417 auth_xfer_probe_timer_callback, xfr); 6418 if(!xfr->task_probe->timer) { 6419 log_err("malloc failure"); 6420 return 0; 6421 } 6422 } 6423 6424 /* send udp packet */ 6425 if(!comm_point_send_udp_msg(xfr->task_probe->cp, env->scratch_buffer, 6426 (struct sockaddr*)&addr, addrlen, 0)) { 6427 char zname[255+1], as[256]; 6428 dname_str(xfr->name, zname); 6429 addr_to_str(&addr, addrlen, as, sizeof(as)); 6430 verbose(VERB_ALGO, "failed to send soa probe for %s to %s", 6431 zname, as); 6432 return 0; 6433 } 6434 if(verbosity >= VERB_ALGO) { 6435 char zname[255+1], as[256]; 6436 dname_str(xfr->name, zname); 6437 addr_to_str(&addr, addrlen, as, sizeof(as)); 6438 verbose(VERB_ALGO, "auth zone %s soa probe sent to %s", zname, 6439 as); 6440 } 6441 xfr->task_probe->timeout = timeout; 6442#ifndef S_SPLINT_S 6443 t.tv_sec = timeout/1000; 6444 t.tv_usec = (timeout%1000)*1000; 6445#endif 6446 comm_timer_set(xfr->task_probe->timer, &t); 6447 6448 return 1; 6449} 6450 6451/** callback for task_probe timer */ 6452void 6453auth_xfer_probe_timer_callback(void* arg) 6454{ 6455 struct auth_xfer* xfr = (struct auth_xfer*)arg; 6456 struct module_env* env; 6457 log_assert(xfr->task_probe); 6458 lock_basic_lock(&xfr->lock); 6459 env = xfr->task_probe->env; 6460 if(!env || env->outnet->want_to_quit) { 6461 lock_basic_unlock(&xfr->lock); 6462 return; /* stop on quit */ 6463 } 6464 6465 if(verbosity >= VERB_ALGO) { 6466 char zname[255+1]; 6467 dname_str(xfr->name, zname); 6468 verbose(VERB_ALGO, "auth zone %s soa probe timeout", zname); 6469 } 6470 if(xfr->task_probe->timeout <= AUTH_PROBE_TIMEOUT_STOP) { 6471 /* try again with bigger timeout */ 6472 if(xfr_probe_send_probe(xfr, env, xfr->task_probe->timeout*2)) { 6473 lock_basic_unlock(&xfr->lock); 6474 return; 6475 } 6476 } 6477 /* delete commpoint so a new one is created, with a fresh port nr */ 6478 comm_point_delete(xfr->task_probe->cp); 6479 xfr->task_probe->cp = NULL; 6480 6481 /* too many timeouts (or fail to send), move to next or end */ 6482 xfr_probe_nextmaster(xfr); 6483 xfr_probe_send_or_end(xfr, env); 6484} 6485 6486/** callback for task_probe udp packets */ 6487int 6488auth_xfer_probe_udp_callback(struct comm_point* c, void* arg, int err, 6489 struct comm_reply* repinfo) 6490{ 6491 struct auth_xfer* xfr = (struct auth_xfer*)arg; 6492 struct module_env* env; 6493 log_assert(xfr->task_probe); 6494 lock_basic_lock(&xfr->lock); 6495 env = xfr->task_probe->env; 6496 if(!env || env->outnet->want_to_quit) { 6497 lock_basic_unlock(&xfr->lock); 6498 return 0; /* stop on quit */ 6499 } 6500 6501 /* the comm_point_udp_callback is in a for loop for NUM_UDP_PER_SELECT 6502 * and we set rep.c=NULL to stop if from looking inside the commpoint*/ 6503 repinfo->c = NULL; 6504 /* stop the timer */ 6505 comm_timer_disable(xfr->task_probe->timer); 6506 6507 /* see if we got a packet and what that means */ 6508 if(err == NETEVENT_NOERROR) { 6509 uint32_t serial = 0; 6510 if(check_packet_ok(c->buffer, LDNS_RR_TYPE_SOA, xfr, 6511 &serial)) { 6512 /* successful lookup */ 6513 if(verbosity >= VERB_ALGO) { 6514 char buf[256]; 6515 dname_str(xfr->name, buf); 6516 verbose(VERB_ALGO, "auth zone %s: soa probe " 6517 "serial is %u", buf, (unsigned)serial); 6518 } 6519 /* see if this serial indicates that the zone has 6520 * to be updated */ 6521 if(xfr_serial_means_update(xfr, serial)) { 6522 /* if updated, start the transfer task, if needed */ 6523 verbose(VERB_ALGO, "auth_zone updated, start transfer"); 6524 if(xfr->task_transfer->worker == NULL) { 6525 struct auth_master* master = 6526 xfr_probe_current_master(xfr); 6527 /* if we have download URLs use them 6528 * in preference to this master we 6529 * just probed the SOA from */ 6530 if(xfr->task_transfer->masters && 6531 xfr->task_transfer->masters->http) 6532 master = NULL; 6533 xfr_probe_disown(xfr); 6534 xfr_start_transfer(xfr, env, master); 6535 return 0; 6536 6537 } 6538 /* other tasks are running, we don't do this anymore */ 6539 xfr_probe_disown(xfr); 6540 lock_basic_unlock(&xfr->lock); 6541 /* return, we don't sent a reply to this udp packet, 6542 * and we setup the tasks to do next */ 6543 return 0; 6544 } else { 6545 verbose(VERB_ALGO, "auth_zone master reports unchanged soa serial"); 6546 /* we if cannot find updates amongst the 6547 * masters, this means we then have a new lease 6548 * on the zone */ 6549 xfr->task_probe->have_new_lease = 1; 6550 } 6551 } else { 6552 if(verbosity >= VERB_ALGO) { 6553 char buf[256]; 6554 dname_str(xfr->name, buf); 6555 verbose(VERB_ALGO, "auth zone %s: bad reply to soa probe", buf); 6556 } 6557 } 6558 } else { 6559 if(verbosity >= VERB_ALGO) { 6560 char buf[256]; 6561 dname_str(xfr->name, buf); 6562 verbose(VERB_ALGO, "auth zone %s: soa probe failed", buf); 6563 } 6564 } 6565 6566 /* failed lookup or not an update */ 6567 /* delete commpoint so a new one is created, with a fresh port nr */ 6568 comm_point_delete(xfr->task_probe->cp); 6569 xfr->task_probe->cp = NULL; 6570 6571 /* if the result was not a successful probe, we need 6572 * to send the next one */ 6573 xfr_probe_nextmaster(xfr); 6574 xfr_probe_send_or_end(xfr, env); 6575 return 0; 6576} 6577 6578/** lookup a host name for its addresses, if needed */ 6579static int 6580xfr_probe_lookup_host(struct auth_xfer* xfr, struct module_env* env) 6581{ 6582 struct sockaddr_storage addr; 6583 socklen_t addrlen = 0; 6584 struct auth_master* master = xfr->task_probe->lookup_target; 6585 struct query_info qinfo; 6586 uint16_t qflags = BIT_RD; 6587 uint8_t dname[LDNS_MAX_DOMAINLEN+1]; 6588 struct edns_data edns; 6589 sldns_buffer* buf = env->scratch_buffer; 6590 if(!master) return 0; 6591 if(extstrtoaddr(master->host, &addr, &addrlen, UNBOUND_DNS_PORT)) { 6592 /* not needed, host is in IP addr format */ 6593 return 0; 6594 } 6595 if(master->allow_notify && !master->http && 6596 strchr(master->host, '/') != NULL && 6597 strchr(master->host, '/') == strrchr(master->host, '/')) { 6598 return 0; /* is IP/prefix format, not something to look up */ 6599 } 6600 6601 /* use mesh_new_callback to probe for non-addr hosts, 6602 * and then wait for them to be looked up (in cache, or query) */ 6603 qinfo.qname_len = sizeof(dname); 6604 if(sldns_str2wire_dname_buf(master->host, dname, &qinfo.qname_len) 6605 != 0) { 6606 log_err("cannot parse host name of master %s", master->host); 6607 return 0; 6608 } 6609 qinfo.qname = dname; 6610 qinfo.qclass = xfr->dclass; 6611 qinfo.qtype = LDNS_RR_TYPE_A; 6612 if(xfr->task_probe->lookup_aaaa) 6613 qinfo.qtype = LDNS_RR_TYPE_AAAA; 6614 qinfo.local_alias = NULL; 6615 if(verbosity >= VERB_ALGO) { 6616 char buf1[512]; 6617 char buf2[LDNS_MAX_DOMAINLEN+1]; 6618 dname_str(xfr->name, buf2); 6619 snprintf(buf1, sizeof(buf1), "auth zone %s: master lookup" 6620 " for task_probe", buf2); 6621 log_query_info(VERB_ALGO, buf1, &qinfo); 6622 } 6623 edns.edns_present = 1; 6624 edns.ext_rcode = 0; 6625 edns.edns_version = 0; 6626 edns.bits = EDNS_DO; 6627 edns.opt_list_in = NULL; 6628 edns.opt_list_out = NULL; 6629 edns.opt_list_inplace_cb_out = NULL; 6630 edns.padding_block_size = 0; 6631 edns.cookie_present = 0; 6632 edns.cookie_valid = 0; 6633 if(sldns_buffer_capacity(buf) < 65535) 6634 edns.udp_size = (uint16_t)sldns_buffer_capacity(buf); 6635 else edns.udp_size = 65535; 6636 6637 /* unlock xfr during mesh_new_callback() because the callback can be 6638 * called straight away */ 6639 lock_basic_unlock(&xfr->lock); 6640 if(!mesh_new_callback(env->mesh, &qinfo, qflags, &edns, buf, 0, 6641 &auth_xfer_probe_lookup_callback, xfr, 0)) { 6642 lock_basic_lock(&xfr->lock); 6643 log_err("out of memory lookup up master %s", master->host); 6644 return 0; 6645 } 6646 lock_basic_lock(&xfr->lock); 6647 return 1; 6648} 6649 6650/** move to sending the probe packets, next if fails. task_probe */ 6651static void 6652xfr_probe_send_or_end(struct auth_xfer* xfr, struct module_env* env) 6653{ 6654 /* are we doing hostname lookups? */ 6655 while(xfr->task_probe->lookup_target) { 6656 if(xfr_probe_lookup_host(xfr, env)) { 6657 /* wait for lookup to finish, 6658 * note that the hostname may be in unbound's cache 6659 * and we may then get an instant cache response, 6660 * and that calls the callback just like a full 6661 * lookup and lookup failures also call callback */ 6662 if(verbosity >= VERB_ALGO) { 6663 char zname[255+1]; 6664 dname_str(xfr->name, zname); 6665 verbose(VERB_ALGO, "auth zone %s probe next target lookup", zname); 6666 } 6667 lock_basic_unlock(&xfr->lock); 6668 return; 6669 } 6670 xfr_probe_move_to_next_lookup(xfr, env); 6671 } 6672 /* probe of list has ended. Create or refresh the list of of 6673 * allow_notify addrs */ 6674 probe_copy_masters_for_allow_notify(xfr); 6675 if(verbosity >= VERB_ALGO) { 6676 char zname[255+1]; 6677 dname_str(xfr->name, zname); 6678 verbose(VERB_ALGO, "auth zone %s probe: notify addrs updated", zname); 6679 } 6680 if(xfr->task_probe->only_lookup) { 6681 /* only wanted lookups for copy, stop probe and start wait */ 6682 xfr->task_probe->only_lookup = 0; 6683 if(verbosity >= VERB_ALGO) { 6684 char zname[255+1]; 6685 dname_str(xfr->name, zname); 6686 verbose(VERB_ALGO, "auth zone %s probe: finished only_lookup", zname); 6687 } 6688 xfr_probe_disown(xfr); 6689 if(xfr->task_nextprobe->worker == NULL) 6690 xfr_set_timeout(xfr, env, 0, 0); 6691 lock_basic_unlock(&xfr->lock); 6692 return; 6693 } 6694 6695 /* send probe packets */ 6696 while(!xfr_probe_end_of_list(xfr)) { 6697 if(xfr_probe_send_probe(xfr, env, AUTH_PROBE_TIMEOUT)) { 6698 /* successfully sent probe, wait for callback */ 6699 lock_basic_unlock(&xfr->lock); 6700 return; 6701 } 6702 /* failed to send probe, next master */ 6703 xfr_probe_nextmaster(xfr); 6704 } 6705 6706 /* done with probe sequence, wait */ 6707 if(xfr->task_probe->have_new_lease) { 6708 /* if zone not updated, start the wait timer again */ 6709 if(verbosity >= VERB_ALGO) { 6710 char zname[255+1]; 6711 dname_str(xfr->name, zname); 6712 verbose(VERB_ALGO, "auth_zone %s unchanged, new lease, wait", zname); 6713 } 6714 xfr_probe_disown(xfr); 6715 if(xfr->have_zone) 6716 xfr->lease_time = *env->now; 6717 if(xfr->task_nextprobe->worker == NULL) 6718 xfr_set_timeout(xfr, env, 0, 0); 6719 } else { 6720 if(verbosity >= VERB_ALGO) { 6721 char zname[255+1]; 6722 dname_str(xfr->name, zname); 6723 verbose(VERB_ALGO, "auth zone %s soa probe failed, wait to retry", zname); 6724 } 6725 /* we failed to send this as well, move to the wait task, 6726 * use the shorter retry timeout */ 6727 xfr_probe_disown(xfr); 6728 /* pick up the nextprobe task and wait */ 6729 if(xfr->task_nextprobe->worker == NULL) 6730 xfr_set_timeout(xfr, env, 1, 0); 6731 } 6732 6733 lock_basic_unlock(&xfr->lock); 6734} 6735 6736/** callback for task_probe lookup of host name, of A or AAAA */ 6737void auth_xfer_probe_lookup_callback(void* arg, int rcode, sldns_buffer* buf, 6738 enum sec_status ATTR_UNUSED(sec), char* ATTR_UNUSED(why_bogus), 6739 int ATTR_UNUSED(was_ratelimited)) 6740{ 6741 struct auth_xfer* xfr = (struct auth_xfer*)arg; 6742 struct module_env* env; 6743 log_assert(xfr->task_probe); 6744 lock_basic_lock(&xfr->lock); 6745 env = xfr->task_probe->env; 6746 if(!env || env->outnet->want_to_quit) { 6747 lock_basic_unlock(&xfr->lock); 6748 return; /* stop on quit */ 6749 } 6750 6751 /* process result */ 6752 if(rcode == LDNS_RCODE_NOERROR) { 6753 uint16_t wanted_qtype = LDNS_RR_TYPE_A; 6754 struct regional* temp = env->scratch; 6755 struct query_info rq; 6756 struct reply_info* rep; 6757 if(xfr->task_probe->lookup_aaaa) 6758 wanted_qtype = LDNS_RR_TYPE_AAAA; 6759 memset(&rq, 0, sizeof(rq)); 6760 rep = parse_reply_in_temp_region(buf, temp, &rq); 6761 if(rep && rq.qtype == wanted_qtype && 6762 FLAGS_GET_RCODE(rep->flags) == LDNS_RCODE_NOERROR) { 6763 /* parsed successfully */ 6764 struct ub_packed_rrset_key* answer = 6765 reply_find_answer_rrset(&rq, rep); 6766 if(answer) { 6767 xfr_master_add_addrs(xfr->task_probe-> 6768 lookup_target, answer, wanted_qtype); 6769 } else { 6770 if(verbosity >= VERB_ALGO) { 6771 char zname[255+1]; 6772 dname_str(xfr->name, zname); 6773 verbose(VERB_ALGO, "auth zone %s host %s type %s probe lookup has nodata", zname, xfr->task_probe->lookup_target->host, (xfr->task_probe->lookup_aaaa?"AAAA":"A")); 6774 } 6775 } 6776 } else { 6777 if(verbosity >= VERB_ALGO) { 6778 char zname[255+1]; 6779 dname_str(xfr->name, zname); 6780 verbose(VERB_ALGO, "auth zone %s host %s type %s probe lookup has no address", zname, xfr->task_probe->lookup_target->host, (xfr->task_probe->lookup_aaaa?"AAAA":"A")); 6781 } 6782 } 6783 regional_free_all(temp); 6784 } else { 6785 if(verbosity >= VERB_ALGO) { 6786 char zname[255+1]; 6787 dname_str(xfr->name, zname); 6788 verbose(VERB_ALGO, "auth zone %s host %s type %s probe lookup failed", zname, xfr->task_probe->lookup_target->host, (xfr->task_probe->lookup_aaaa?"AAAA":"A")); 6789 } 6790 } 6791 if(xfr->task_probe->lookup_target->list && 6792 xfr->task_probe->lookup_target == xfr_probe_current_master(xfr)) 6793 xfr->task_probe->scan_addr = xfr->task_probe->lookup_target->list; 6794 6795 /* move to lookup AAAA after A lookup, move to next hostname lookup, 6796 * or move to send the probes, or, if nothing to do, end task_probe */ 6797 xfr_probe_move_to_next_lookup(xfr, env); 6798 xfr_probe_send_or_end(xfr, env); 6799} 6800 6801/** disown task_nextprobe. caller must hold xfr.lock */ 6802static void 6803xfr_nextprobe_disown(struct auth_xfer* xfr) 6804{ 6805 /* delete the timer, because the next worker to pick this up may 6806 * not have the same event base */ 6807 comm_timer_delete(xfr->task_nextprobe->timer); 6808 xfr->task_nextprobe->timer = NULL; 6809 xfr->task_nextprobe->next_probe = 0; 6810 /* we don't own this item anymore */ 6811 xfr->task_nextprobe->worker = NULL; 6812 xfr->task_nextprobe->env = NULL; 6813} 6814 6815/** xfer nextprobe timeout callback, this is part of task_nextprobe */ 6816void 6817auth_xfer_timer(void* arg) 6818{ 6819 struct auth_xfer* xfr = (struct auth_xfer*)arg; 6820 struct module_env* env; 6821 log_assert(xfr->task_nextprobe); 6822 lock_basic_lock(&xfr->lock); 6823 env = xfr->task_nextprobe->env; 6824 if(!env || env->outnet->want_to_quit) { 6825 lock_basic_unlock(&xfr->lock); 6826 return; /* stop on quit */ 6827 } 6828 6829 /* see if zone has expired, and if so, also set auth_zone expired */ 6830 if(xfr->have_zone && !xfr->zone_expired && 6831 *env->now >= xfr->lease_time + xfr->expiry) { 6832 lock_basic_unlock(&xfr->lock); 6833 auth_xfer_set_expired(xfr, env, 1); 6834 lock_basic_lock(&xfr->lock); 6835 } 6836 6837 xfr_nextprobe_disown(xfr); 6838 6839 if(!xfr_start_probe(xfr, env, NULL)) { 6840 /* not started because already in progress */ 6841 lock_basic_unlock(&xfr->lock); 6842 } 6843} 6844 6845/** return true if there are probe (SOA UDP query) targets in the master list*/ 6846static int 6847have_probe_targets(struct auth_master* list) 6848{ 6849 struct auth_master* p; 6850 for(p=list; p; p = p->next) { 6851 if(!p->allow_notify && p->host) 6852 return 1; 6853 } 6854 return 0; 6855} 6856 6857/** start task_probe if possible, if no masters for probe start task_transfer 6858 * returns true if task has been started, and false if the task is already 6859 * in progress. */ 6860static int 6861xfr_start_probe(struct auth_xfer* xfr, struct module_env* env, 6862 struct auth_master* spec) 6863{ 6864 /* see if we need to start a probe (or maybe it is already in 6865 * progress (due to notify)) */ 6866 if(xfr->task_probe->worker == NULL) { 6867 if(!have_probe_targets(xfr->task_probe->masters) && 6868 !(xfr->task_probe->only_lookup && 6869 xfr->task_probe->masters != NULL)) { 6870 /* useless to pick up task_probe, no masters to 6871 * probe. Instead attempt to pick up task transfer */ 6872 if(xfr->task_transfer->worker == NULL) { 6873 xfr_start_transfer(xfr, env, spec); 6874 return 1; 6875 } 6876 /* task transfer already in progress */ 6877 return 0; 6878 } 6879 6880 /* pick up the probe task ourselves */ 6881 xfr->task_probe->worker = env->worker; 6882 xfr->task_probe->env = env; 6883 xfr->task_probe->cp = NULL; 6884 6885 /* start the task */ 6886 /* have not seen a new lease yet, this scan */ 6887 xfr->task_probe->have_new_lease = 0; 6888 /* if this was a timeout, no specific first master to scan */ 6889 /* otherwise, spec is nonNULL the notified master, scan 6890 * first and also transfer first from it */ 6891 xfr_probe_start_list(xfr, spec); 6892 /* setup to start the lookup of hostnames of masters afresh */ 6893 xfr_probe_start_lookups(xfr); 6894 /* send the probe packet or next send, or end task */ 6895 xfr_probe_send_or_end(xfr, env); 6896 return 1; 6897 } 6898 return 0; 6899} 6900 6901/** for task_nextprobe. 6902 * determine next timeout for auth_xfer. Also (re)sets timer. 6903 * @param xfr: task structure 6904 * @param env: module environment, with worker and time. 6905 * @param failure: set true if timer should be set for failure retry. 6906 * @param lookup_only: only perform lookups when timer done, 0 sec timeout 6907 */ 6908static void 6909xfr_set_timeout(struct auth_xfer* xfr, struct module_env* env, 6910 int failure, int lookup_only) 6911{ 6912 struct timeval tv; 6913 log_assert(xfr->task_nextprobe != NULL); 6914 log_assert(xfr->task_nextprobe->worker == NULL || 6915 xfr->task_nextprobe->worker == env->worker); 6916 /* normally, nextprobe = startoflease + refresh, 6917 * but if expiry is sooner, use that one. 6918 * after a failure, use the retry timer instead. */ 6919 xfr->task_nextprobe->next_probe = *env->now; 6920 if(xfr->lease_time && !failure) 6921 xfr->task_nextprobe->next_probe = xfr->lease_time; 6922 6923 if(!failure) { 6924 xfr->task_nextprobe->backoff = 0; 6925 } else { 6926 if(xfr->task_nextprobe->backoff == 0) 6927 xfr->task_nextprobe->backoff = 3; 6928 else xfr->task_nextprobe->backoff *= 2; 6929 if(xfr->task_nextprobe->backoff > AUTH_TRANSFER_MAX_BACKOFF) 6930 xfr->task_nextprobe->backoff = 6931 AUTH_TRANSFER_MAX_BACKOFF; 6932 } 6933 6934 if(xfr->have_zone) { 6935 time_t wait = xfr->refresh; 6936 if(failure) wait = xfr->retry; 6937 if(xfr->expiry < wait) 6938 xfr->task_nextprobe->next_probe += xfr->expiry; 6939 else xfr->task_nextprobe->next_probe += wait; 6940 if(failure) 6941 xfr->task_nextprobe->next_probe += 6942 xfr->task_nextprobe->backoff; 6943 /* put the timer exactly on expiry, if possible */ 6944 if(xfr->lease_time && xfr->lease_time+xfr->expiry < 6945 xfr->task_nextprobe->next_probe && 6946 xfr->lease_time+xfr->expiry > *env->now) 6947 xfr->task_nextprobe->next_probe = 6948 xfr->lease_time+xfr->expiry; 6949 } else { 6950 xfr->task_nextprobe->next_probe += 6951 xfr->task_nextprobe->backoff; 6952 } 6953 6954 if(!xfr->task_nextprobe->timer) { 6955 xfr->task_nextprobe->timer = comm_timer_create( 6956 env->worker_base, auth_xfer_timer, xfr); 6957 if(!xfr->task_nextprobe->timer) { 6958 /* failed to malloc memory. likely zone transfer 6959 * also fails for that. skip the timeout */ 6960 char zname[255+1]; 6961 dname_str(xfr->name, zname); 6962 log_err("cannot allocate timer, no refresh for %s", 6963 zname); 6964 return; 6965 } 6966 } 6967 xfr->task_nextprobe->worker = env->worker; 6968 xfr->task_nextprobe->env = env; 6969 if(*(xfr->task_nextprobe->env->now) <= xfr->task_nextprobe->next_probe) 6970 tv.tv_sec = xfr->task_nextprobe->next_probe - 6971 *(xfr->task_nextprobe->env->now); 6972 else tv.tv_sec = 0; 6973 if(tv.tv_sec != 0 && lookup_only && xfr->task_probe->masters) { 6974 /* don't lookup_only, if lookup timeout is 0 anyway, 6975 * or if we don't have masters to lookup */ 6976 tv.tv_sec = 0; 6977 if(xfr->task_probe->worker == NULL) 6978 xfr->task_probe->only_lookup = 1; 6979 } 6980 if(verbosity >= VERB_ALGO) { 6981 char zname[255+1]; 6982 dname_str(xfr->name, zname); 6983 verbose(VERB_ALGO, "auth zone %s timeout in %d seconds", 6984 zname, (int)tv.tv_sec); 6985 } 6986 tv.tv_usec = 0; 6987 comm_timer_set(xfr->task_nextprobe->timer, &tv); 6988} 6989 6990/** initial pick up of worker timeouts, ties events to worker event loop */ 6991void 6992auth_xfer_pickup_initial(struct auth_zones* az, struct module_env* env) 6993{ 6994 struct auth_xfer* x; 6995 lock_rw_wrlock(&az->lock); 6996 RBTREE_FOR(x, struct auth_xfer*, &az->xtree) { 6997 lock_basic_lock(&x->lock); 6998 /* set lease_time, because we now have timestamp in env, 6999 * (not earlier during startup and apply_cfg), and this 7000 * notes the start time when the data was acquired */ 7001 if(x->have_zone) 7002 x->lease_time = *env->now; 7003 if(x->task_nextprobe && x->task_nextprobe->worker == NULL) { 7004 xfr_set_timeout(x, env, 0, 1); 7005 } 7006 lock_basic_unlock(&x->lock); 7007 } 7008 lock_rw_unlock(&az->lock); 7009} 7010 7011void auth_zones_cleanup(struct auth_zones* az) 7012{ 7013 struct auth_xfer* x; 7014 lock_rw_wrlock(&az->lock); 7015 RBTREE_FOR(x, struct auth_xfer*, &az->xtree) { 7016 lock_basic_lock(&x->lock); 7017 if(x->task_nextprobe && x->task_nextprobe->worker != NULL) { 7018 xfr_nextprobe_disown(x); 7019 } 7020 if(x->task_probe && x->task_probe->worker != NULL) { 7021 xfr_probe_disown(x); 7022 } 7023 if(x->task_transfer && x->task_transfer->worker != NULL) { 7024 auth_chunks_delete(x->task_transfer); 7025 xfr_transfer_disown(x); 7026 } 7027 lock_basic_unlock(&x->lock); 7028 } 7029 lock_rw_unlock(&az->lock); 7030} 7031 7032/** 7033 * malloc the xfer and tasks 7034 * @param z: auth_zone with name of zone. 7035 */ 7036static struct auth_xfer* 7037auth_xfer_new(struct auth_zone* z) 7038{ 7039 struct auth_xfer* xfr; 7040 xfr = (struct auth_xfer*)calloc(1, sizeof(*xfr)); 7041 if(!xfr) return NULL; 7042 xfr->name = memdup(z->name, z->namelen); 7043 if(!xfr->name) { 7044 free(xfr); 7045 return NULL; 7046 } 7047 xfr->node.key = xfr; 7048 xfr->namelen = z->namelen; 7049 xfr->namelabs = z->namelabs; 7050 xfr->dclass = z->dclass; 7051 7052 xfr->task_nextprobe = (struct auth_nextprobe*)calloc(1, 7053 sizeof(struct auth_nextprobe)); 7054 if(!xfr->task_nextprobe) { 7055 free(xfr->name); 7056 free(xfr); 7057 return NULL; 7058 } 7059 xfr->task_probe = (struct auth_probe*)calloc(1, 7060 sizeof(struct auth_probe)); 7061 if(!xfr->task_probe) { 7062 free(xfr->task_nextprobe); 7063 free(xfr->name); 7064 free(xfr); 7065 return NULL; 7066 } 7067 xfr->task_transfer = (struct auth_transfer*)calloc(1, 7068 sizeof(struct auth_transfer)); 7069 if(!xfr->task_transfer) { 7070 free(xfr->task_probe); 7071 free(xfr->task_nextprobe); 7072 free(xfr->name); 7073 free(xfr); 7074 return NULL; 7075 } 7076 7077 lock_basic_init(&xfr->lock); 7078 lock_protect(&xfr->lock, &xfr->name, sizeof(xfr->name)); 7079 lock_protect(&xfr->lock, &xfr->namelen, sizeof(xfr->namelen)); 7080 lock_protect(&xfr->lock, xfr->name, xfr->namelen); 7081 lock_protect(&xfr->lock, &xfr->namelabs, sizeof(xfr->namelabs)); 7082 lock_protect(&xfr->lock, &xfr->dclass, sizeof(xfr->dclass)); 7083 lock_protect(&xfr->lock, &xfr->notify_received, sizeof(xfr->notify_received)); 7084 lock_protect(&xfr->lock, &xfr->notify_serial, sizeof(xfr->notify_serial)); 7085 lock_protect(&xfr->lock, &xfr->zone_expired, sizeof(xfr->zone_expired)); 7086 lock_protect(&xfr->lock, &xfr->have_zone, sizeof(xfr->have_zone)); 7087 lock_protect(&xfr->lock, &xfr->serial, sizeof(xfr->serial)); 7088 lock_protect(&xfr->lock, &xfr->retry, sizeof(xfr->retry)); 7089 lock_protect(&xfr->lock, &xfr->refresh, sizeof(xfr->refresh)); 7090 lock_protect(&xfr->lock, &xfr->expiry, sizeof(xfr->expiry)); 7091 lock_protect(&xfr->lock, &xfr->lease_time, sizeof(xfr->lease_time)); 7092 lock_protect(&xfr->lock, &xfr->task_nextprobe->worker, 7093 sizeof(xfr->task_nextprobe->worker)); 7094 lock_protect(&xfr->lock, &xfr->task_probe->worker, 7095 sizeof(xfr->task_probe->worker)); 7096 lock_protect(&xfr->lock, &xfr->task_transfer->worker, 7097 sizeof(xfr->task_transfer->worker)); 7098 lock_basic_lock(&xfr->lock); 7099 return xfr; 7100} 7101 7102/** Create auth_xfer structure. 7103 * This populates the have_zone, soa values, and so on times. 7104 * and sets the timeout, if a zone transfer is needed a short timeout is set. 7105 * For that the auth_zone itself must exist (and read in zonefile) 7106 * returns false on alloc failure. */ 7107struct auth_xfer* 7108auth_xfer_create(struct auth_zones* az, struct auth_zone* z) 7109{ 7110 struct auth_xfer* xfr; 7111 7112 /* malloc it */ 7113 xfr = auth_xfer_new(z); 7114 if(!xfr) { 7115 log_err("malloc failure"); 7116 return NULL; 7117 } 7118 /* insert in tree */ 7119 (void)rbtree_insert(&az->xtree, &xfr->node); 7120 return xfr; 7121} 7122 7123/** create new auth_master structure */ 7124static struct auth_master* 7125auth_master_new(struct auth_master*** list) 7126{ 7127 struct auth_master *m; 7128 m = (struct auth_master*)calloc(1, sizeof(*m)); 7129 if(!m) { 7130 log_err("malloc failure"); 7131 return NULL; 7132 } 7133 /* set first pointer to m, or next pointer of previous element to m */ 7134 (**list) = m; 7135 /* store m's next pointer as future point to store at */ 7136 (*list) = &(m->next); 7137 return m; 7138} 7139 7140/** dup_prefix : create string from initial part of other string, malloced */ 7141static char* 7142dup_prefix(char* str, size_t num) 7143{ 7144 char* result; 7145 size_t len = strlen(str); 7146 if(len < num) num = len; /* not more than strlen */ 7147 result = (char*)malloc(num+1); 7148 if(!result) { 7149 log_err("malloc failure"); 7150 return result; 7151 } 7152 memmove(result, str, num); 7153 result[num] = 0; 7154 return result; 7155} 7156 7157/** dup string and print error on error */ 7158static char* 7159dup_all(char* str) 7160{ 7161 char* result = strdup(str); 7162 if(!result) { 7163 log_err("malloc failure"); 7164 return NULL; 7165 } 7166 return result; 7167} 7168 7169/** find first of two characters */ 7170static char* 7171str_find_first_of_chars(char* s, char a, char b) 7172{ 7173 char* ra = strchr(s, a); 7174 char* rb = strchr(s, b); 7175 if(!ra) return rb; 7176 if(!rb) return ra; 7177 if(ra < rb) return ra; 7178 return rb; 7179} 7180 7181/** parse URL into host and file parts, false on malloc or parse error */ 7182static int 7183parse_url(char* url, char** host, char** file, int* port, int* ssl) 7184{ 7185 char* p = url; 7186 /* parse http://www.example.com/file.htm 7187 * or http://127.0.0.1 (index.html) 7188 * or https://[::1@1234]/a/b/c/d */ 7189 *ssl = 1; 7190 *port = AUTH_HTTPS_PORT; 7191 7192 /* parse http:// or https:// */ 7193 if(strncmp(p, "http://", 7) == 0) { 7194 p += 7; 7195 *ssl = 0; 7196 *port = AUTH_HTTP_PORT; 7197 } else if(strncmp(p, "https://", 8) == 0) { 7198 p += 8; 7199 } else if(strstr(p, "://") && strchr(p, '/') > strstr(p, "://") && 7200 strchr(p, ':') >= strstr(p, "://")) { 7201 char* uri = dup_prefix(p, (size_t)(strstr(p, "://")-p)); 7202 log_err("protocol %s:// not supported (for url %s)", 7203 uri?uri:"", p); 7204 free(uri); 7205 return 0; 7206 } 7207 7208 /* parse hostname part */ 7209 if(p[0] == '[') { 7210 char* end = strchr(p, ']'); 7211 p++; /* skip over [ */ 7212 if(end) { 7213 *host = dup_prefix(p, (size_t)(end-p)); 7214 if(!*host) return 0; 7215 p = end+1; /* skip over ] */ 7216 } else { 7217 *host = dup_all(p); 7218 if(!*host) return 0; 7219 p = end; 7220 } 7221 } else { 7222 char* end = str_find_first_of_chars(p, ':', '/'); 7223 if(end) { 7224 *host = dup_prefix(p, (size_t)(end-p)); 7225 if(!*host) return 0; 7226 } else { 7227 *host = dup_all(p); 7228 if(!*host) return 0; 7229 } 7230 p = end; /* at next : or / or NULL */ 7231 } 7232 7233 /* parse port number */ 7234 if(p && p[0] == ':') { 7235 char* end = NULL; 7236 *port = strtol(p+1, &end, 10); 7237 p = end; 7238 } 7239 7240 /* parse filename part */ 7241 while(p && *p == '/') 7242 p++; 7243 if(!p || p[0] == 0) 7244 *file = strdup("/"); 7245 else *file = strdup(p); 7246 if(!*file) { 7247 log_err("malloc failure"); 7248 return 0; 7249 } 7250 return 1; 7251} 7252 7253int 7254xfer_set_masters(struct auth_master** list, struct config_auth* c, 7255 int with_http) 7256{ 7257 struct auth_master* m; 7258 struct config_strlist* p; 7259 /* list points to the first, or next pointer for the new element */ 7260 while(*list) { 7261 list = &( (*list)->next ); 7262 } 7263 if(with_http) 7264 for(p = c->urls; p; p = p->next) { 7265 m = auth_master_new(&list); 7266 if(!m) return 0; 7267 m->http = 1; 7268 if(!parse_url(p->str, &m->host, &m->file, &m->port, &m->ssl)) 7269 return 0; 7270 } 7271 for(p = c->masters; p; p = p->next) { 7272 m = auth_master_new(&list); 7273 if(!m) return 0; 7274 m->ixfr = 1; /* this flag is not configurable */ 7275 m->host = strdup(p->str); 7276 if(!m->host) { 7277 log_err("malloc failure"); 7278 return 0; 7279 } 7280 } 7281 for(p = c->allow_notify; p; p = p->next) { 7282 m = auth_master_new(&list); 7283 if(!m) return 0; 7284 m->allow_notify = 1; 7285 m->host = strdup(p->str); 7286 if(!m->host) { 7287 log_err("malloc failure"); 7288 return 0; 7289 } 7290 } 7291 return 1; 7292} 7293 7294#define SERIAL_BITS 32 7295int 7296compare_serial(uint32_t a, uint32_t b) 7297{ 7298 const uint32_t cutoff = ((uint32_t) 1 << (SERIAL_BITS - 1)); 7299 7300 if (a == b) { 7301 return 0; 7302 } else if ((a < b && b - a < cutoff) || (a > b && a - b > cutoff)) { 7303 return -1; 7304 } else { 7305 return 1; 7306 } 7307} 7308 7309int zonemd_hashalgo_supported(int hashalgo) 7310{ 7311 if(hashalgo == ZONEMD_ALGO_SHA384) return 1; 7312 if(hashalgo == ZONEMD_ALGO_SHA512) return 1; 7313 return 0; 7314} 7315 7316int zonemd_scheme_supported(int scheme) 7317{ 7318 if(scheme == ZONEMD_SCHEME_SIMPLE) return 1; 7319 return 0; 7320} 7321 7322/** initialize hash for hashing with zonemd hash algo */ 7323static struct secalgo_hash* zonemd_digest_init(int hashalgo, char** reason) 7324{ 7325 struct secalgo_hash *h; 7326 if(hashalgo == ZONEMD_ALGO_SHA384) { 7327 /* sha384 */ 7328 h = secalgo_hash_create_sha384(); 7329 if(!h) 7330 *reason = "digest sha384 could not be created"; 7331 return h; 7332 } else if(hashalgo == ZONEMD_ALGO_SHA512) { 7333 /* sha512 */ 7334 h = secalgo_hash_create_sha512(); 7335 if(!h) 7336 *reason = "digest sha512 could not be created"; 7337 return h; 7338 } 7339 /* unknown hash algo */ 7340 *reason = "unsupported algorithm"; 7341 return NULL; 7342} 7343 7344/** update the hash for zonemd */ 7345static int zonemd_digest_update(int hashalgo, struct secalgo_hash* h, 7346 uint8_t* data, size_t len, char** reason) 7347{ 7348 if(hashalgo == ZONEMD_ALGO_SHA384) { 7349 if(!secalgo_hash_update(h, data, len)) { 7350 *reason = "digest sha384 failed"; 7351 return 0; 7352 } 7353 return 1; 7354 } else if(hashalgo == ZONEMD_ALGO_SHA512) { 7355 if(!secalgo_hash_update(h, data, len)) { 7356 *reason = "digest sha512 failed"; 7357 return 0; 7358 } 7359 return 1; 7360 } 7361 /* unknown hash algo */ 7362 *reason = "unsupported algorithm"; 7363 return 0; 7364} 7365 7366/** finish the hash for zonemd */ 7367static int zonemd_digest_finish(int hashalgo, struct secalgo_hash* h, 7368 uint8_t* result, size_t hashlen, size_t* resultlen, char** reason) 7369{ 7370 if(hashalgo == ZONEMD_ALGO_SHA384) { 7371 if(hashlen < 384/8) { 7372 *reason = "digest buffer too small for sha384"; 7373 return 0; 7374 } 7375 if(!secalgo_hash_final(h, result, hashlen, resultlen)) { 7376 *reason = "digest sha384 finish failed"; 7377 return 0; 7378 } 7379 return 1; 7380 } else if(hashalgo == ZONEMD_ALGO_SHA512) { 7381 if(hashlen < 512/8) { 7382 *reason = "digest buffer too small for sha512"; 7383 return 0; 7384 } 7385 if(!secalgo_hash_final(h, result, hashlen, resultlen)) { 7386 *reason = "digest sha512 finish failed"; 7387 return 0; 7388 } 7389 return 1; 7390 } 7391 /* unknown algo */ 7392 *reason = "unsupported algorithm"; 7393 return 0; 7394} 7395 7396/** add rrsets from node to the list */ 7397static size_t authdata_rrsets_to_list(struct auth_rrset** array, 7398 size_t arraysize, struct auth_rrset* first) 7399{ 7400 struct auth_rrset* rrset = first; 7401 size_t num = 0; 7402 while(rrset) { 7403 if(num >= arraysize) 7404 return num; 7405 array[num] = rrset; 7406 num++; 7407 rrset = rrset->next; 7408 } 7409 return num; 7410} 7411 7412/** compare rr list entries */ 7413static int rrlist_compare(const void* arg1, const void* arg2) 7414{ 7415 struct auth_rrset* r1 = *(struct auth_rrset**)arg1; 7416 struct auth_rrset* r2 = *(struct auth_rrset**)arg2; 7417 uint16_t t1, t2; 7418 if(r1 == NULL) t1 = LDNS_RR_TYPE_RRSIG; 7419 else t1 = r1->type; 7420 if(r2 == NULL) t2 = LDNS_RR_TYPE_RRSIG; 7421 else t2 = r2->type; 7422 if(t1 < t2) 7423 return -1; 7424 if(t1 > t2) 7425 return 1; 7426 return 0; 7427} 7428 7429/** add type RRSIG to rr list if not one there already, 7430 * this is to perform RRSIG collate processing at that point. */ 7431static void addrrsigtype_if_needed(struct auth_rrset** array, 7432 size_t arraysize, size_t* rrnum, struct auth_data* node) 7433{ 7434 if(az_domain_rrset(node, LDNS_RR_TYPE_RRSIG)) 7435 return; /* already one there */ 7436 if((*rrnum) >= arraysize) 7437 return; /* array too small? */ 7438 array[*rrnum] = NULL; /* nothing there, but need entry in list */ 7439 (*rrnum)++; 7440} 7441 7442/** collate the RRs in an RRset using the simple scheme */ 7443static int zonemd_simple_rrset(struct auth_zone* z, int hashalgo, 7444 struct secalgo_hash* h, struct auth_data* node, 7445 struct auth_rrset* rrset, struct regional* region, 7446 struct sldns_buffer* buf, char** reason) 7447{ 7448 /* canonicalize */ 7449 struct ub_packed_rrset_key key; 7450 memset(&key, 0, sizeof(key)); 7451 key.entry.key = &key; 7452 key.entry.data = rrset->data; 7453 key.rk.dname = node->name; 7454 key.rk.dname_len = node->namelen; 7455 key.rk.type = htons(rrset->type); 7456 key.rk.rrset_class = htons(z->dclass); 7457 if(!rrset_canonicalize_to_buffer(region, buf, &key)) { 7458 *reason = "out of memory"; 7459 return 0; 7460 } 7461 regional_free_all(region); 7462 7463 /* hash */ 7464 if(!zonemd_digest_update(hashalgo, h, sldns_buffer_begin(buf), 7465 sldns_buffer_limit(buf), reason)) { 7466 return 0; 7467 } 7468 return 1; 7469} 7470 7471/** count number of RRSIGs in a domain name rrset list */ 7472static size_t zonemd_simple_count_rrsig(struct auth_rrset* rrset, 7473 struct auth_rrset** rrlist, size_t rrnum, 7474 struct auth_zone* z, struct auth_data* node) 7475{ 7476 size_t i, count = 0; 7477 if(rrset) { 7478 size_t j; 7479 for(j = 0; j<rrset->data->count; j++) { 7480 if(rrsig_rdata_get_type_covered(rrset->data-> 7481 rr_data[j], rrset->data->rr_len[j]) == 7482 LDNS_RR_TYPE_ZONEMD && 7483 query_dname_compare(z->name, node->name)==0) { 7484 /* omit RRSIGs over type ZONEMD at apex */ 7485 continue; 7486 } 7487 count++; 7488 } 7489 } 7490 for(i=0; i<rrnum; i++) { 7491 if(rrlist[i] && rrlist[i]->type == LDNS_RR_TYPE_ZONEMD && 7492 query_dname_compare(z->name, node->name)==0) { 7493 /* omit RRSIGs over type ZONEMD at apex */ 7494 continue; 7495 } 7496 count += (rrlist[i]?rrlist[i]->data->rrsig_count:0); 7497 } 7498 return count; 7499} 7500 7501/** allocate sparse rrset data for the number of entries in tepm region */ 7502static int zonemd_simple_rrsig_allocs(struct regional* region, 7503 struct packed_rrset_data* data, size_t count) 7504{ 7505 data->rr_len = regional_alloc(region, sizeof(*data->rr_len) * count); 7506 if(!data->rr_len) { 7507 return 0; 7508 } 7509 data->rr_ttl = regional_alloc(region, sizeof(*data->rr_ttl) * count); 7510 if(!data->rr_ttl) { 7511 return 0; 7512 } 7513 data->rr_data = regional_alloc(region, sizeof(*data->rr_data) * count); 7514 if(!data->rr_data) { 7515 return 0; 7516 } 7517 return 1; 7518} 7519 7520/** add the RRSIGs from the rrs in the domain into the data */ 7521static void add_rrlist_rrsigs_into_data(struct packed_rrset_data* data, 7522 size_t* done, struct auth_rrset** rrlist, size_t rrnum, 7523 struct auth_zone* z, struct auth_data* node) 7524{ 7525 size_t i; 7526 for(i=0; i<rrnum; i++) { 7527 size_t j; 7528 if(!rrlist[i]) 7529 continue; 7530 if(rrlist[i]->type == LDNS_RR_TYPE_ZONEMD && 7531 query_dname_compare(z->name, node->name)==0) { 7532 /* omit RRSIGs over type ZONEMD at apex */ 7533 continue; 7534 } 7535 for(j = 0; j<rrlist[i]->data->rrsig_count; j++) { 7536 data->rr_len[*done] = rrlist[i]->data->rr_len[rrlist[i]->data->count + j]; 7537 data->rr_ttl[*done] = rrlist[i]->data->rr_ttl[rrlist[i]->data->count + j]; 7538 /* reference the rdata in the rrset, no need to 7539 * copy it, it is no longer needed at the end of 7540 * the routine */ 7541 data->rr_data[*done] = rrlist[i]->data->rr_data[rrlist[i]->data->count + j]; 7542 (*done)++; 7543 } 7544 } 7545} 7546 7547static void add_rrset_into_data(struct packed_rrset_data* data, 7548 size_t* done, struct auth_rrset* rrset, 7549 struct auth_zone* z, struct auth_data* node) 7550{ 7551 if(rrset) { 7552 size_t j; 7553 for(j = 0; j<rrset->data->count; j++) { 7554 if(rrsig_rdata_get_type_covered(rrset->data-> 7555 rr_data[j], rrset->data->rr_len[j]) == 7556 LDNS_RR_TYPE_ZONEMD && 7557 query_dname_compare(z->name, node->name)==0) { 7558 /* omit RRSIGs over type ZONEMD at apex */ 7559 continue; 7560 } 7561 data->rr_len[*done] = rrset->data->rr_len[j]; 7562 data->rr_ttl[*done] = rrset->data->rr_ttl[j]; 7563 /* reference the rdata in the rrset, no need to 7564 * copy it, it is no longer need at the end of 7565 * the routine */ 7566 data->rr_data[*done] = rrset->data->rr_data[j]; 7567 (*done)++; 7568 } 7569 } 7570} 7571 7572/** collate the RRSIGs using the simple scheme */ 7573static int zonemd_simple_rrsig(struct auth_zone* z, int hashalgo, 7574 struct secalgo_hash* h, struct auth_data* node, 7575 struct auth_rrset* rrset, struct auth_rrset** rrlist, size_t rrnum, 7576 struct regional* region, struct sldns_buffer* buf, char** reason) 7577{ 7578 /* the rrset pointer can be NULL, this means it is type RRSIG and 7579 * there is no ordinary type RRSIG there. The RRSIGs are stored 7580 * with the RRsets in their data. 7581 * 7582 * The RRset pointer can be nonNULL. This happens if there is 7583 * no RR that is covered by the RRSIG for the domain. Then this 7584 * RRSIG RR is stored in an rrset of type RRSIG. The other RRSIGs 7585 * are stored in the rrset entries for the RRs in the rr list for 7586 * the domain node. We need to collate the rrset's data, if any, and 7587 * the rrlist's rrsigs */ 7588 /* if this is the apex, omit RRSIGs that cover type ZONEMD */ 7589 /* build rrsig rrset */ 7590 size_t done = 0; 7591 struct ub_packed_rrset_key key; 7592 struct packed_rrset_data data; 7593 memset(&key, 0, sizeof(key)); 7594 memset(&data, 0, sizeof(data)); 7595 key.entry.key = &key; 7596 key.entry.data = &data; 7597 key.rk.dname = node->name; 7598 key.rk.dname_len = node->namelen; 7599 key.rk.type = htons(LDNS_RR_TYPE_RRSIG); 7600 key.rk.rrset_class = htons(z->dclass); 7601 data.count = zonemd_simple_count_rrsig(rrset, rrlist, rrnum, z, node); 7602 if(!zonemd_simple_rrsig_allocs(region, &data, data.count)) { 7603 *reason = "out of memory"; 7604 regional_free_all(region); 7605 return 0; 7606 } 7607 /* all the RRSIGs stored in the other rrsets for this domain node */ 7608 add_rrlist_rrsigs_into_data(&data, &done, rrlist, rrnum, z, node); 7609 /* plus the RRSIGs stored in an rrset of type RRSIG for this node */ 7610 add_rrset_into_data(&data, &done, rrset, z, node); 7611 7612 /* canonicalize */ 7613 if(!rrset_canonicalize_to_buffer(region, buf, &key)) { 7614 *reason = "out of memory"; 7615 regional_free_all(region); 7616 return 0; 7617 } 7618 regional_free_all(region); 7619 7620 /* hash */ 7621 if(!zonemd_digest_update(hashalgo, h, sldns_buffer_begin(buf), 7622 sldns_buffer_limit(buf), reason)) { 7623 return 0; 7624 } 7625 return 1; 7626} 7627 7628/** collate a domain's rrsets using the simple scheme */ 7629static int zonemd_simple_domain(struct auth_zone* z, int hashalgo, 7630 struct secalgo_hash* h, struct auth_data* node, 7631 struct regional* region, struct sldns_buffer* buf, char** reason) 7632{ 7633 const size_t rrlistsize = 65536; 7634 struct auth_rrset* rrlist[rrlistsize]; 7635 size_t i, rrnum = 0; 7636 /* see if the domain is out of scope, the zone origin, 7637 * that would be omitted */ 7638 if(!dname_subdomain_c(node->name, z->name)) 7639 return 1; /* continue */ 7640 /* loop over the rrsets in ascending order. */ 7641 rrnum = authdata_rrsets_to_list(rrlist, rrlistsize, node->rrsets); 7642 addrrsigtype_if_needed(rrlist, rrlistsize, &rrnum, node); 7643 qsort(rrlist, rrnum, sizeof(*rrlist), rrlist_compare); 7644 for(i=0; i<rrnum; i++) { 7645 if(rrlist[i] && rrlist[i]->type == LDNS_RR_TYPE_ZONEMD && 7646 query_dname_compare(z->name, node->name) == 0) { 7647 /* omit type ZONEMD at apex */ 7648 continue; 7649 } 7650 if(rrlist[i] == NULL || rrlist[i]->type == 7651 LDNS_RR_TYPE_RRSIG) { 7652 if(!zonemd_simple_rrsig(z, hashalgo, h, node, 7653 rrlist[i], rrlist, rrnum, region, buf, reason)) 7654 return 0; 7655 } else if(!zonemd_simple_rrset(z, hashalgo, h, node, 7656 rrlist[i], region, buf, reason)) { 7657 return 0; 7658 } 7659 } 7660 return 1; 7661} 7662 7663/** collate the zone using the simple scheme */ 7664static int zonemd_simple_collate(struct auth_zone* z, int hashalgo, 7665 struct secalgo_hash* h, struct regional* region, 7666 struct sldns_buffer* buf, char** reason) 7667{ 7668 /* our tree is sorted in canonical order, so we can just loop over 7669 * the tree */ 7670 struct auth_data* n; 7671 RBTREE_FOR(n, struct auth_data*, &z->data) { 7672 if(!zonemd_simple_domain(z, hashalgo, h, n, region, buf, 7673 reason)) 7674 return 0; 7675 } 7676 return 1; 7677} 7678 7679int auth_zone_generate_zonemd_hash(struct auth_zone* z, int scheme, 7680 int hashalgo, uint8_t* hash, size_t hashlen, size_t* resultlen, 7681 struct regional* region, struct sldns_buffer* buf, char** reason) 7682{ 7683 struct secalgo_hash* h = zonemd_digest_init(hashalgo, reason); 7684 if(!h) { 7685 if(!*reason) 7686 *reason = "digest init fail"; 7687 return 0; 7688 } 7689 if(scheme == ZONEMD_SCHEME_SIMPLE) { 7690 if(!zonemd_simple_collate(z, hashalgo, h, region, buf, reason)) { 7691 if(!*reason) *reason = "scheme simple collate fail"; 7692 secalgo_hash_delete(h); 7693 return 0; 7694 } 7695 } 7696 if(!zonemd_digest_finish(hashalgo, h, hash, hashlen, resultlen, 7697 reason)) { 7698 secalgo_hash_delete(h); 7699 *reason = "digest finish fail"; 7700 return 0; 7701 } 7702 secalgo_hash_delete(h); 7703 return 1; 7704} 7705 7706int auth_zone_generate_zonemd_check(struct auth_zone* z, int scheme, 7707 int hashalgo, uint8_t* hash, size_t hashlen, struct regional* region, 7708 struct sldns_buffer* buf, char** reason) 7709{ 7710 uint8_t gen[512]; 7711 size_t genlen = 0; 7712 *reason = NULL; 7713 if(!zonemd_hashalgo_supported(hashalgo)) { 7714 /* allow it */ 7715 *reason = "unsupported algorithm"; 7716 return 1; 7717 } 7718 if(!zonemd_scheme_supported(scheme)) { 7719 /* allow it */ 7720 *reason = "unsupported scheme"; 7721 return 1; 7722 } 7723 if(hashlen < 12) { 7724 /* the ZONEMD draft requires digests to fail if too small */ 7725 *reason = "digest length too small, less than 12"; 7726 return 0; 7727 } 7728 /* generate digest */ 7729 if(!auth_zone_generate_zonemd_hash(z, scheme, hashalgo, gen, 7730 sizeof(gen), &genlen, region, buf, reason)) { 7731 /* reason filled in by zonemd hash routine */ 7732 return 0; 7733 } 7734 /* check digest length */ 7735 if(hashlen != genlen) { 7736 *reason = "incorrect digest length"; 7737 if(verbosity >= VERB_ALGO) { 7738 verbose(VERB_ALGO, "zonemd scheme=%d hashalgo=%d", 7739 scheme, hashalgo); 7740 log_hex("ZONEMD should be ", gen, genlen); 7741 log_hex("ZONEMD to check is", hash, hashlen); 7742 } 7743 return 0; 7744 } 7745 /* check digest */ 7746 if(memcmp(hash, gen, genlen) != 0) { 7747 *reason = "incorrect digest"; 7748 if(verbosity >= VERB_ALGO) { 7749 verbose(VERB_ALGO, "zonemd scheme=%d hashalgo=%d", 7750 scheme, hashalgo); 7751 log_hex("ZONEMD should be ", gen, genlen); 7752 log_hex("ZONEMD to check is", hash, hashlen); 7753 } 7754 return 0; 7755 } 7756 return 1; 7757} 7758 7759/** log auth zone message with zone name in front. */ 7760static void auth_zone_log(uint8_t* name, enum verbosity_value level, 7761 const char* format, ...) ATTR_FORMAT(printf, 3, 4); 7762static void auth_zone_log(uint8_t* name, enum verbosity_value level, 7763 const char* format, ...) 7764{ 7765 va_list args; 7766 va_start(args, format); 7767 if(verbosity >= level) { 7768 char str[255+1]; 7769 char msg[MAXSYSLOGMSGLEN]; 7770 dname_str(name, str); 7771 vsnprintf(msg, sizeof(msg), format, args); 7772 verbose(level, "auth zone %s %s", str, msg); 7773 } 7774 va_end(args); 7775} 7776 7777/** ZONEMD, dnssec verify the rrset with the dnskey */ 7778static int zonemd_dnssec_verify_rrset(struct auth_zone* z, 7779 struct module_env* env, struct module_stack* mods, 7780 struct ub_packed_rrset_key* dnskey, struct auth_data* node, 7781 struct auth_rrset* rrset, char** why_bogus, uint8_t* sigalg) 7782{ 7783 struct ub_packed_rrset_key pk; 7784 enum sec_status sec; 7785 struct val_env* ve; 7786 int m; 7787 int verified = 0; 7788 m = modstack_find(mods, "validator"); 7789 if(m == -1) { 7790 auth_zone_log(z->name, VERB_ALGO, "zonemd dnssec verify: have " 7791 "DNSKEY chain of trust, but no validator module"); 7792 return 0; 7793 } 7794 ve = (struct val_env*)env->modinfo[m]; 7795 7796 memset(&pk, 0, sizeof(pk)); 7797 pk.entry.key = &pk; 7798 pk.entry.data = rrset->data; 7799 pk.rk.dname = node->name; 7800 pk.rk.dname_len = node->namelen; 7801 pk.rk.type = htons(rrset->type); 7802 pk.rk.rrset_class = htons(z->dclass); 7803 if(verbosity >= VERB_ALGO) { 7804 char typestr[32]; 7805 typestr[0]=0; 7806 sldns_wire2str_type_buf(rrset->type, typestr, sizeof(typestr)); 7807 auth_zone_log(z->name, VERB_ALGO, 7808 "zonemd: verify %s RRset with DNSKEY", typestr); 7809 } 7810 sec = dnskeyset_verify_rrset(env, ve, &pk, dnskey, sigalg, why_bogus, NULL, 7811 LDNS_SECTION_ANSWER, NULL, &verified); 7812 if(sec == sec_status_secure) { 7813 return 1; 7814 } 7815 if(why_bogus) 7816 auth_zone_log(z->name, VERB_ALGO, "DNSSEC verify was bogus: %s", *why_bogus); 7817 return 0; 7818} 7819 7820/** check for nsec3, the RR with params equal, if bitmap has the type */ 7821static int nsec3_of_param_has_type(struct auth_rrset* nsec3, int algo, 7822 size_t iter, uint8_t* salt, size_t saltlen, uint16_t rrtype) 7823{ 7824 int i, count = (int)nsec3->data->count; 7825 struct ub_packed_rrset_key pk; 7826 memset(&pk, 0, sizeof(pk)); 7827 pk.entry.data = nsec3->data; 7828 for(i=0; i<count; i++) { 7829 int rralgo; 7830 size_t rriter, rrsaltlen; 7831 uint8_t* rrsalt; 7832 if(!nsec3_get_params(&pk, i, &rralgo, &rriter, &rrsalt, 7833 &rrsaltlen)) 7834 continue; /* no parameters, malformed */ 7835 if(rralgo != algo || rriter != iter || rrsaltlen != saltlen) 7836 continue; /* different parameters */ 7837 if(saltlen != 0) { 7838 if(rrsalt == NULL || salt == NULL) 7839 continue; 7840 if(memcmp(rrsalt, salt, saltlen) != 0) 7841 continue; /* different salt parameters */ 7842 } 7843 if(nsec3_has_type(&pk, i, rrtype)) 7844 return 1; 7845 } 7846 return 0; 7847} 7848 7849/** Verify the absence of ZONEMD with DNSSEC by checking NSEC, NSEC3 type flag. 7850 * return false on failure, reason contains description of failure. */ 7851static int zonemd_check_dnssec_absence(struct auth_zone* z, 7852 struct module_env* env, struct module_stack* mods, 7853 struct ub_packed_rrset_key* dnskey, struct auth_data* apex, 7854 char** reason, char** why_bogus, uint8_t* sigalg) 7855{ 7856 struct auth_rrset* nsec = NULL; 7857 if(!apex) { 7858 *reason = "zone has no apex domain but ZONEMD missing"; 7859 return 0; 7860 } 7861 nsec = az_domain_rrset(apex, LDNS_RR_TYPE_NSEC); 7862 if(nsec) { 7863 struct ub_packed_rrset_key pk; 7864 /* dnssec verify the NSEC */ 7865 if(!zonemd_dnssec_verify_rrset(z, env, mods, dnskey, apex, 7866 nsec, why_bogus, sigalg)) { 7867 *reason = "DNSSEC verify failed for NSEC RRset"; 7868 return 0; 7869 } 7870 /* check type bitmap */ 7871 memset(&pk, 0, sizeof(pk)); 7872 pk.entry.data = nsec->data; 7873 if(nsec_has_type(&pk, LDNS_RR_TYPE_ZONEMD)) { 7874 *reason = "DNSSEC NSEC bitmap says type ZONEMD exists"; 7875 return 0; 7876 } 7877 auth_zone_log(z->name, VERB_ALGO, "zonemd DNSSEC NSEC verification of absence of ZONEMD secure"); 7878 } else { 7879 /* NSEC3 perhaps ? */ 7880 int algo; 7881 size_t iter, saltlen; 7882 uint8_t* salt; 7883 struct auth_rrset* nsec3param = az_domain_rrset(apex, 7884 LDNS_RR_TYPE_NSEC3PARAM); 7885 struct auth_data* match; 7886 struct auth_rrset* nsec3; 7887 if(!nsec3param) { 7888 *reason = "zone has no NSEC information but ZONEMD missing"; 7889 return 0; 7890 } 7891 if(!az_nsec3_param(z, &algo, &iter, &salt, &saltlen)) { 7892 *reason = "zone has no NSEC information but ZONEMD missing"; 7893 return 0; 7894 } 7895 /* find the NSEC3 record */ 7896 match = az_nsec3_find_exact(z, z->name, z->namelen, algo, 7897 iter, salt, saltlen); 7898 if(!match) { 7899 *reason = "zone has no NSEC3 domain for the apex but ZONEMD missing"; 7900 return 0; 7901 } 7902 nsec3 = az_domain_rrset(match, LDNS_RR_TYPE_NSEC3); 7903 if(!nsec3) { 7904 *reason = "zone has no NSEC3 RRset for the apex but ZONEMD missing"; 7905 return 0; 7906 } 7907 /* dnssec verify the NSEC3 */ 7908 if(!zonemd_dnssec_verify_rrset(z, env, mods, dnskey, match, 7909 nsec3, why_bogus, sigalg)) { 7910 *reason = "DNSSEC verify failed for NSEC3 RRset"; 7911 return 0; 7912 } 7913 /* check type bitmap */ 7914 if(nsec3_of_param_has_type(nsec3, algo, iter, salt, saltlen, 7915 LDNS_RR_TYPE_ZONEMD)) { 7916 *reason = "DNSSEC NSEC3 bitmap says type ZONEMD exists"; 7917 return 0; 7918 } 7919 auth_zone_log(z->name, VERB_ALGO, "zonemd DNSSEC NSEC3 verification of absence of ZONEMD secure"); 7920 } 7921 7922 return 1; 7923} 7924 7925/** Verify the SOA and ZONEMD DNSSEC signatures. 7926 * return false on failure, reason contains description of failure. */ 7927static int zonemd_check_dnssec_soazonemd(struct auth_zone* z, 7928 struct module_env* env, struct module_stack* mods, 7929 struct ub_packed_rrset_key* dnskey, struct auth_data* apex, 7930 struct auth_rrset* zonemd_rrset, char** reason, char** why_bogus, 7931 uint8_t* sigalg) 7932{ 7933 struct auth_rrset* soa; 7934 if(!apex) { 7935 *reason = "zone has no apex domain"; 7936 return 0; 7937 } 7938 soa = az_domain_rrset(apex, LDNS_RR_TYPE_SOA); 7939 if(!soa) { 7940 *reason = "zone has no SOA RRset"; 7941 return 0; 7942 } 7943 if(!zonemd_dnssec_verify_rrset(z, env, mods, dnskey, apex, soa, 7944 why_bogus, sigalg)) { 7945 *reason = "DNSSEC verify failed for SOA RRset"; 7946 return 0; 7947 } 7948 if(!zonemd_dnssec_verify_rrset(z, env, mods, dnskey, apex, 7949 zonemd_rrset, why_bogus, sigalg)) { 7950 *reason = "DNSSEC verify failed for ZONEMD RRset"; 7951 return 0; 7952 } 7953 auth_zone_log(z->name, VERB_ALGO, "zonemd DNSSEC verification of SOA and ZONEMD RRsets secure"); 7954 return 1; 7955} 7956 7957/** 7958 * Fail the ZONEMD verification. 7959 * @param z: auth zone that fails. 7960 * @param env: environment with config, to ignore failure or not. 7961 * @param reason: failure string description. 7962 * @param why_bogus: failure string for DNSSEC verification failure. 7963 * @param result: strdup result in here if not NULL. 7964 */ 7965static void auth_zone_zonemd_fail(struct auth_zone* z, struct module_env* env, 7966 char* reason, char* why_bogus, char** result) 7967{ 7968 char zstr[255+1]; 7969 /* if fail: log reason, and depending on config also take action 7970 * and drop the zone, eg. it is gone from memory, set zone_expired */ 7971 dname_str(z->name, zstr); 7972 if(!reason) reason = "verification failed"; 7973 if(result) { 7974 if(why_bogus) { 7975 char res[1024]; 7976 snprintf(res, sizeof(res), "%s: %s", reason, 7977 why_bogus); 7978 *result = strdup(res); 7979 } else { 7980 *result = strdup(reason); 7981 } 7982 if(!*result) log_err("out of memory"); 7983 } else { 7984 log_warn("auth zone %s: ZONEMD verification failed: %s", zstr, reason); 7985 } 7986 7987 if(env->cfg->zonemd_permissive_mode) { 7988 verbose(VERB_ALGO, "zonemd-permissive-mode enabled, " 7989 "not blocking zone %s", zstr); 7990 return; 7991 } 7992 7993 /* expired means the zone gives servfail and is not used by 7994 * lookup if fallback_enabled*/ 7995 z->zone_expired = 1; 7996} 7997 7998/** 7999 * Verify the zonemd with DNSSEC and hash check, with given key. 8000 * @param z: auth zone. 8001 * @param env: environment with config and temp buffers. 8002 * @param mods: module stack with validator env for verification. 8003 * @param dnskey: dnskey that we can use, or NULL. If nonnull, the key 8004 * has been verified and is the start of the chain of trust. 8005 * @param is_insecure: if true, the dnskey is not used, the zone is insecure. 8006 * And dnssec is not used. It is DNSSEC secure insecure or not under 8007 * a trust anchor. 8008 * @param sigalg: if nonNULL provide algorithm downgrade protection. 8009 * Otherwise one algorithm is enough. Must have space of ALGO_NEEDS_MAX+1. 8010 * @param result: if not NULL result reason copied here. 8011 */ 8012static void 8013auth_zone_verify_zonemd_with_key(struct auth_zone* z, struct module_env* env, 8014 struct module_stack* mods, struct ub_packed_rrset_key* dnskey, 8015 int is_insecure, char** result, uint8_t* sigalg) 8016{ 8017 char* reason = NULL, *why_bogus = NULL; 8018 struct auth_data* apex = NULL; 8019 struct auth_rrset* zonemd_rrset = NULL; 8020 int zonemd_absent = 0, zonemd_absence_dnssecok = 0; 8021 8022 /* see if ZONEMD is present or absent. */ 8023 apex = az_find_name(z, z->name, z->namelen); 8024 if(!apex) { 8025 zonemd_absent = 1; 8026 } else { 8027 zonemd_rrset = az_domain_rrset(apex, LDNS_RR_TYPE_ZONEMD); 8028 if(!zonemd_rrset || zonemd_rrset->data->count==0) { 8029 zonemd_absent = 1; 8030 zonemd_rrset = NULL; 8031 } 8032 } 8033 8034 /* if no DNSSEC, done. */ 8035 /* if no ZONEMD, and DNSSEC, use DNSKEY to verify NSEC or NSEC3 for 8036 * zone apex. Check ZONEMD bit is turned off or else fail */ 8037 /* if ZONEMD, and DNSSEC, check DNSSEC signature on SOA and ZONEMD, 8038 * or else fail */ 8039 if(!dnskey && !is_insecure) { 8040 auth_zone_zonemd_fail(z, env, "DNSKEY missing", NULL, result); 8041 return; 8042 } else if(!zonemd_rrset && dnskey && !is_insecure) { 8043 /* fetch, DNSSEC verify, and check NSEC/NSEC3 */ 8044 if(!zonemd_check_dnssec_absence(z, env, mods, dnskey, apex, 8045 &reason, &why_bogus, sigalg)) { 8046 auth_zone_zonemd_fail(z, env, reason, why_bogus, result); 8047 return; 8048 } 8049 zonemd_absence_dnssecok = 1; 8050 } else if(zonemd_rrset && dnskey && !is_insecure) { 8051 /* check DNSSEC verify of SOA and ZONEMD */ 8052 if(!zonemd_check_dnssec_soazonemd(z, env, mods, dnskey, apex, 8053 zonemd_rrset, &reason, &why_bogus, sigalg)) { 8054 auth_zone_zonemd_fail(z, env, reason, why_bogus, result); 8055 return; 8056 } 8057 } 8058 8059 if(zonemd_absent && z->zonemd_reject_absence) { 8060 auth_zone_zonemd_fail(z, env, "ZONEMD absent and that is not allowed by config", NULL, result); 8061 return; 8062 } 8063 if(zonemd_absent && zonemd_absence_dnssecok) { 8064 auth_zone_log(z->name, VERB_ALGO, "DNSSEC verified nonexistence of ZONEMD"); 8065 if(result) { 8066 *result = strdup("DNSSEC verified nonexistence of ZONEMD"); 8067 if(!*result) log_err("out of memory"); 8068 } 8069 return; 8070 } 8071 if(zonemd_absent) { 8072 auth_zone_log(z->name, VERB_ALGO, "no ZONEMD present"); 8073 if(result) { 8074 *result = strdup("no ZONEMD present"); 8075 if(!*result) log_err("out of memory"); 8076 } 8077 return; 8078 } 8079 8080 /* check ZONEMD checksum and report or else fail. */ 8081 if(!auth_zone_zonemd_check_hash(z, env, &reason)) { 8082 auth_zone_zonemd_fail(z, env, reason, NULL, result); 8083 return; 8084 } 8085 8086 /* success! log the success */ 8087 if(reason) 8088 auth_zone_log(z->name, VERB_ALGO, "ZONEMD %s", reason); 8089 else auth_zone_log(z->name, VERB_ALGO, "ZONEMD verification successful"); 8090 if(result) { 8091 if(reason) 8092 *result = strdup(reason); 8093 else *result = strdup("ZONEMD verification successful"); 8094 if(!*result) log_err("out of memory"); 8095 } 8096} 8097 8098/** 8099 * verify the zone DNSKEY rrset from the trust anchor 8100 * This is possible because the anchor is for the zone itself, and can 8101 * thus apply straight to the zone DNSKEY set. 8102 * @param z: the auth zone. 8103 * @param env: environment with time and temp buffers. 8104 * @param mods: module stack for validator environment for dnssec validation. 8105 * @param anchor: trust anchor to use 8106 * @param is_insecure: returned, true if the zone is securely insecure. 8107 * @param why_bogus: if the routine fails, returns the failure reason. 8108 * @param keystorage: where to store the ub_packed_rrset_key that is created 8109 * on success. A pointer to it is returned on success. 8110 * @return the dnskey RRset, reference to zone data and keystorage, or 8111 * NULL on failure. 8112 */ 8113static struct ub_packed_rrset_key* 8114zonemd_get_dnskey_from_anchor(struct auth_zone* z, struct module_env* env, 8115 struct module_stack* mods, struct trust_anchor* anchor, 8116 int* is_insecure, char** why_bogus, 8117 struct ub_packed_rrset_key* keystorage) 8118{ 8119 struct auth_data* apex; 8120 struct auth_rrset* dnskey_rrset; 8121 enum sec_status sec; 8122 struct val_env* ve; 8123 int m; 8124 8125 apex = az_find_name(z, z->name, z->namelen); 8126 if(!apex) { 8127 *why_bogus = "have trust anchor, but zone has no apex domain for DNSKEY"; 8128 return 0; 8129 } 8130 dnskey_rrset = az_domain_rrset(apex, LDNS_RR_TYPE_DNSKEY); 8131 if(!dnskey_rrset || dnskey_rrset->data->count==0) { 8132 *why_bogus = "have trust anchor, but zone has no DNSKEY"; 8133 return 0; 8134 } 8135 8136 m = modstack_find(mods, "validator"); 8137 if(m == -1) { 8138 *why_bogus = "have trust anchor, but no validator module"; 8139 return 0; 8140 } 8141 ve = (struct val_env*)env->modinfo[m]; 8142 8143 memset(keystorage, 0, sizeof(*keystorage)); 8144 keystorage->entry.key = keystorage; 8145 keystorage->entry.data = dnskey_rrset->data; 8146 keystorage->rk.dname = apex->name; 8147 keystorage->rk.dname_len = apex->namelen; 8148 keystorage->rk.type = htons(LDNS_RR_TYPE_DNSKEY); 8149 keystorage->rk.rrset_class = htons(z->dclass); 8150 auth_zone_log(z->name, VERB_QUERY, 8151 "zonemd: verify DNSKEY RRset with trust anchor"); 8152 sec = val_verify_DNSKEY_with_TA(env, ve, keystorage, anchor->ds_rrset, 8153 anchor->dnskey_rrset, NULL, why_bogus, NULL, NULL); 8154 regional_free_all(env->scratch); 8155 if(sec == sec_status_secure) { 8156 /* success */ 8157 *is_insecure = 0; 8158 return keystorage; 8159 } else if(sec == sec_status_insecure) { 8160 /* insecure */ 8161 *is_insecure = 1; 8162 } else { 8163 /* bogus */ 8164 *is_insecure = 0; 8165 auth_zone_log(z->name, VERB_ALGO, 8166 "zonemd: verify DNSKEY RRset with trust anchor failed: %s", *why_bogus); 8167 } 8168 return NULL; 8169} 8170 8171/** verify the DNSKEY from the zone with looked up DS record */ 8172static struct ub_packed_rrset_key* 8173auth_zone_verify_zonemd_key_with_ds(struct auth_zone* z, 8174 struct module_env* env, struct module_stack* mods, 8175 struct ub_packed_rrset_key* ds, int* is_insecure, char** why_bogus, 8176 struct ub_packed_rrset_key* keystorage, uint8_t* sigalg) 8177{ 8178 struct auth_data* apex; 8179 struct auth_rrset* dnskey_rrset; 8180 enum sec_status sec; 8181 struct val_env* ve; 8182 int m; 8183 8184 /* fetch DNSKEY from zone data */ 8185 apex = az_find_name(z, z->name, z->namelen); 8186 if(!apex) { 8187 *why_bogus = "in verifywithDS, zone has no apex"; 8188 return NULL; 8189 } 8190 dnskey_rrset = az_domain_rrset(apex, LDNS_RR_TYPE_DNSKEY); 8191 if(!dnskey_rrset || dnskey_rrset->data->count==0) { 8192 *why_bogus = "in verifywithDS, zone has no DNSKEY"; 8193 return NULL; 8194 } 8195 8196 m = modstack_find(mods, "validator"); 8197 if(m == -1) { 8198 *why_bogus = "in verifywithDS, have no validator module"; 8199 return NULL; 8200 } 8201 ve = (struct val_env*)env->modinfo[m]; 8202 8203 memset(keystorage, 0, sizeof(*keystorage)); 8204 keystorage->entry.key = keystorage; 8205 keystorage->entry.data = dnskey_rrset->data; 8206 keystorage->rk.dname = apex->name; 8207 keystorage->rk.dname_len = apex->namelen; 8208 keystorage->rk.type = htons(LDNS_RR_TYPE_DNSKEY); 8209 keystorage->rk.rrset_class = htons(z->dclass); 8210 auth_zone_log(z->name, VERB_QUERY, "zonemd: verify zone DNSKEY with DS"); 8211 sec = val_verify_DNSKEY_with_DS(env, ve, keystorage, ds, sigalg, 8212 why_bogus, NULL, NULL); 8213 regional_free_all(env->scratch); 8214 if(sec == sec_status_secure) { 8215 /* success */ 8216 return keystorage; 8217 } else if(sec == sec_status_insecure) { 8218 /* insecure */ 8219 *is_insecure = 1; 8220 } else { 8221 /* bogus */ 8222 *is_insecure = 0; 8223 if(*why_bogus == NULL) 8224 *why_bogus = "verify failed"; 8225 auth_zone_log(z->name, VERB_ALGO, 8226 "zonemd: verify DNSKEY RRset with DS failed: %s", 8227 *why_bogus); 8228 } 8229 return NULL; 8230} 8231 8232/** callback for ZONEMD lookup of DNSKEY */ 8233void auth_zonemd_dnskey_lookup_callback(void* arg, int rcode, sldns_buffer* buf, 8234 enum sec_status sec, char* why_bogus, int ATTR_UNUSED(was_ratelimited)) 8235{ 8236 struct auth_zone* z = (struct auth_zone*)arg; 8237 struct module_env* env; 8238 char* reason = NULL, *ds_bogus = NULL, *typestr="DNSKEY"; 8239 struct ub_packed_rrset_key* dnskey = NULL, *ds = NULL; 8240 int is_insecure = 0, downprot; 8241 struct ub_packed_rrset_key keystorage; 8242 uint8_t sigalg[ALGO_NEEDS_MAX+1]; 8243 8244 lock_rw_wrlock(&z->lock); 8245 env = z->zonemd_callback_env; 8246 /* release the env variable so another worker can pick up the 8247 * ZONEMD verification task if it wants to */ 8248 z->zonemd_callback_env = NULL; 8249 if(!env || env->outnet->want_to_quit || z->zone_deleted) { 8250 lock_rw_unlock(&z->lock); 8251 return; /* stop on quit */ 8252 } 8253 if(z->zonemd_callback_qtype == LDNS_RR_TYPE_DS) 8254 typestr = "DS"; 8255 downprot = env->cfg->harden_algo_downgrade; 8256 8257 /* process result */ 8258 if(sec == sec_status_bogus) { 8259 reason = why_bogus; 8260 if(!reason) { 8261 if(z->zonemd_callback_qtype == LDNS_RR_TYPE_DNSKEY) 8262 reason = "lookup of DNSKEY was bogus"; 8263 else reason = "lookup of DS was bogus"; 8264 } 8265 auth_zone_log(z->name, VERB_ALGO, 8266 "zonemd lookup of %s was bogus: %s", typestr, reason); 8267 } else if(rcode == LDNS_RCODE_NOERROR) { 8268 uint16_t wanted_qtype = z->zonemd_callback_qtype; 8269 struct regional* temp = env->scratch; 8270 struct query_info rq; 8271 struct reply_info* rep; 8272 memset(&rq, 0, sizeof(rq)); 8273 rep = parse_reply_in_temp_region(buf, temp, &rq); 8274 if(rep && rq.qtype == wanted_qtype && 8275 query_dname_compare(z->name, rq.qname) == 0 && 8276 FLAGS_GET_RCODE(rep->flags) == LDNS_RCODE_NOERROR) { 8277 /* parsed successfully */ 8278 struct ub_packed_rrset_key* answer = 8279 reply_find_answer_rrset(&rq, rep); 8280 if(answer && sec == sec_status_secure) { 8281 if(z->zonemd_callback_qtype == LDNS_RR_TYPE_DNSKEY) 8282 dnskey = answer; 8283 else ds = answer; 8284 auth_zone_log(z->name, VERB_ALGO, 8285 "zonemd lookup of %s was secure", typestr); 8286 } else if(sec == sec_status_secure && !answer) { 8287 is_insecure = 1; 8288 auth_zone_log(z->name, VERB_ALGO, 8289 "zonemd lookup of %s has no content, but is secure, treat as insecure", typestr); 8290 } else if(sec == sec_status_insecure) { 8291 is_insecure = 1; 8292 auth_zone_log(z->name, VERB_ALGO, 8293 "zonemd lookup of %s was insecure", typestr); 8294 } else if(sec == sec_status_indeterminate) { 8295 is_insecure = 1; 8296 auth_zone_log(z->name, VERB_ALGO, 8297 "zonemd lookup of %s was indeterminate, treat as insecure", typestr); 8298 } else { 8299 auth_zone_log(z->name, VERB_ALGO, 8300 "zonemd lookup of %s has nodata", typestr); 8301 if(z->zonemd_callback_qtype == LDNS_RR_TYPE_DNSKEY) 8302 reason = "lookup of DNSKEY has nodata"; 8303 else reason = "lookup of DS has nodata"; 8304 } 8305 } else if(rep && rq.qtype == wanted_qtype && 8306 query_dname_compare(z->name, rq.qname) == 0 && 8307 FLAGS_GET_RCODE(rep->flags) == LDNS_RCODE_NXDOMAIN && 8308 sec == sec_status_secure) { 8309 /* secure nxdomain, so the zone is like some RPZ zone 8310 * that does not exist in the wider internet, with 8311 * a secure nxdomain answer outside of it. So we 8312 * treat the zonemd zone without a dnssec chain of 8313 * trust, as insecure. */ 8314 is_insecure = 1; 8315 auth_zone_log(z->name, VERB_ALGO, 8316 "zonemd lookup of %s was secure NXDOMAIN, treat as insecure", typestr); 8317 } else if(rep && rq.qtype == wanted_qtype && 8318 query_dname_compare(z->name, rq.qname) == 0 && 8319 FLAGS_GET_RCODE(rep->flags) == LDNS_RCODE_NXDOMAIN && 8320 sec == sec_status_insecure) { 8321 is_insecure = 1; 8322 auth_zone_log(z->name, VERB_ALGO, 8323 "zonemd lookup of %s was insecure NXDOMAIN, treat as insecure", typestr); 8324 } else if(rep && rq.qtype == wanted_qtype && 8325 query_dname_compare(z->name, rq.qname) == 0 && 8326 FLAGS_GET_RCODE(rep->flags) == LDNS_RCODE_NXDOMAIN && 8327 sec == sec_status_indeterminate) { 8328 is_insecure = 1; 8329 auth_zone_log(z->name, VERB_ALGO, 8330 "zonemd lookup of %s was indeterminate NXDOMAIN, treat as insecure", typestr); 8331 } else { 8332 auth_zone_log(z->name, VERB_ALGO, 8333 "zonemd lookup of %s has no answer", typestr); 8334 if(z->zonemd_callback_qtype == LDNS_RR_TYPE_DNSKEY) 8335 reason = "lookup of DNSKEY has no answer"; 8336 else reason = "lookup of DS has no answer"; 8337 } 8338 } else { 8339 auth_zone_log(z->name, VERB_ALGO, 8340 "zonemd lookup of %s failed", typestr); 8341 if(z->zonemd_callback_qtype == LDNS_RR_TYPE_DNSKEY) 8342 reason = "lookup of DNSKEY failed"; 8343 else reason = "lookup of DS failed"; 8344 } 8345 8346 if(!reason && !is_insecure && !dnskey && ds) { 8347 dnskey = auth_zone_verify_zonemd_key_with_ds(z, env, 8348 &env->mesh->mods, ds, &is_insecure, &ds_bogus, 8349 &keystorage, downprot?sigalg:NULL); 8350 if(!dnskey && !is_insecure && !reason) 8351 reason = "DNSKEY verify with DS failed"; 8352 } 8353 8354 if(reason) { 8355 auth_zone_zonemd_fail(z, env, reason, ds_bogus, NULL); 8356 lock_rw_unlock(&z->lock); 8357 return; 8358 } 8359 8360 auth_zone_verify_zonemd_with_key(z, env, &env->mesh->mods, dnskey, 8361 is_insecure, NULL, downprot?sigalg:NULL); 8362 regional_free_all(env->scratch); 8363 lock_rw_unlock(&z->lock); 8364} 8365 8366/** lookup DNSKEY for ZONEMD verification */ 8367static int 8368zonemd_lookup_dnskey(struct auth_zone* z, struct module_env* env) 8369{ 8370 struct query_info qinfo; 8371 uint16_t qflags = BIT_RD; 8372 struct edns_data edns; 8373 sldns_buffer* buf = env->scratch_buffer; 8374 int fetch_ds = 0; 8375 8376 if(!z->fallback_enabled) { 8377 /* we cannot actually get the DNSKEY, because it is in the 8378 * zone we have ourselves, and it is not served yet 8379 * (possibly), so fetch type DS */ 8380 fetch_ds = 1; 8381 } 8382 if(z->zonemd_callback_env) { 8383 /* another worker is already working on the callback 8384 * for the DNSKEY lookup for ZONEMD verification. 8385 * We do not also have to do ZONEMD verification, let that 8386 * worker do it */ 8387 auth_zone_log(z->name, VERB_ALGO, 8388 "zonemd needs lookup of %s and that already is worked on by another worker", (fetch_ds?"DS":"DNSKEY")); 8389 return 1; 8390 } 8391 8392 /* use mesh_new_callback to lookup the DNSKEY, 8393 * and then wait for them to be looked up (in cache, or query) */ 8394 qinfo.qname_len = z->namelen; 8395 qinfo.qname = z->name; 8396 qinfo.qclass = z->dclass; 8397 if(fetch_ds) 8398 qinfo.qtype = LDNS_RR_TYPE_DS; 8399 else qinfo.qtype = LDNS_RR_TYPE_DNSKEY; 8400 qinfo.local_alias = NULL; 8401 if(verbosity >= VERB_ALGO) { 8402 char buf1[512]; 8403 char buf2[LDNS_MAX_DOMAINLEN+1]; 8404 dname_str(z->name, buf2); 8405 snprintf(buf1, sizeof(buf1), "auth zone %s: lookup %s " 8406 "for zonemd verification", buf2, 8407 (fetch_ds?"DS":"DNSKEY")); 8408 log_query_info(VERB_ALGO, buf1, &qinfo); 8409 } 8410 edns.edns_present = 1; 8411 edns.ext_rcode = 0; 8412 edns.edns_version = 0; 8413 edns.bits = EDNS_DO; 8414 edns.opt_list_in = NULL; 8415 edns.opt_list_out = NULL; 8416 edns.opt_list_inplace_cb_out = NULL; 8417 if(sldns_buffer_capacity(buf) < 65535) 8418 edns.udp_size = (uint16_t)sldns_buffer_capacity(buf); 8419 else edns.udp_size = 65535; 8420 8421 /* store the worker-specific module env for the callback. 8422 * We can then reference this when the callback executes */ 8423 z->zonemd_callback_env = env; 8424 z->zonemd_callback_qtype = qinfo.qtype; 8425 /* the callback can be called straight away */ 8426 lock_rw_unlock(&z->lock); 8427 if(!mesh_new_callback(env->mesh, &qinfo, qflags, &edns, buf, 0, 8428 &auth_zonemd_dnskey_lookup_callback, z, 0)) { 8429 lock_rw_wrlock(&z->lock); 8430 log_err("out of memory lookup of %s for zonemd", 8431 (fetch_ds?"DS":"DNSKEY")); 8432 return 0; 8433 } 8434 lock_rw_wrlock(&z->lock); 8435 return 1; 8436} 8437 8438void auth_zone_verify_zonemd(struct auth_zone* z, struct module_env* env, 8439 struct module_stack* mods, char** result, int offline, int only_online) 8440{ 8441 char* reason = NULL, *why_bogus = NULL; 8442 struct trust_anchor* anchor = NULL; 8443 struct ub_packed_rrset_key* dnskey = NULL; 8444 struct ub_packed_rrset_key keystorage; 8445 int is_insecure = 0; 8446 /* verify the ZONEMD if present. 8447 * If not present check if absence is allowed by DNSSEC */ 8448 if(!z->zonemd_check) 8449 return; 8450 if(z->data.count == 0) 8451 return; /* no data */ 8452 8453 /* if zone is under a trustanchor */ 8454 /* is it equal to trustanchor - get dnskey's verified */ 8455 /* else, find chain of trust by fetching DNSKEYs lookup for zone */ 8456 /* result if that, if insecure, means no DNSSEC for the ZONEMD, 8457 * otherwise we have the zone DNSKEY for the DNSSEC verification. */ 8458 if(env->anchors) 8459 anchor = anchors_lookup(env->anchors, z->name, z->namelen, 8460 z->dclass); 8461 if(anchor && anchor->numDS == 0 && anchor->numDNSKEY == 0) { 8462 /* domain-insecure trust anchor for unsigned zones */ 8463 lock_basic_unlock(&anchor->lock); 8464 if(only_online) 8465 return; 8466 dnskey = NULL; 8467 is_insecure = 1; 8468 } else if(anchor && query_dname_compare(z->name, anchor->name) == 0) { 8469 if(only_online) { 8470 lock_basic_unlock(&anchor->lock); 8471 return; 8472 } 8473 /* equal to trustanchor, no need for online lookups */ 8474 dnskey = zonemd_get_dnskey_from_anchor(z, env, mods, anchor, 8475 &is_insecure, &why_bogus, &keystorage); 8476 lock_basic_unlock(&anchor->lock); 8477 if(!dnskey && !reason && !is_insecure) { 8478 reason = "verify DNSKEY RRset with trust anchor failed"; 8479 } 8480 } else if(anchor) { 8481 lock_basic_unlock(&anchor->lock); 8482 /* perform online lookups */ 8483 if(offline) 8484 return; 8485 /* setup online lookups, and wait for them */ 8486 if(zonemd_lookup_dnskey(z, env)) { 8487 /* wait for the lookup */ 8488 return; 8489 } 8490 reason = "could not lookup DNSKEY for chain of trust"; 8491 } else { 8492 /* the zone is not under a trust anchor */ 8493 if(only_online) 8494 return; 8495 dnskey = NULL; 8496 is_insecure = 1; 8497 } 8498 8499 if(reason) { 8500 auth_zone_zonemd_fail(z, env, reason, why_bogus, result); 8501 return; 8502 } 8503 8504 auth_zone_verify_zonemd_with_key(z, env, mods, dnskey, is_insecure, 8505 result, NULL); 8506 regional_free_all(env->scratch); 8507} 8508 8509void auth_zones_pickup_zonemd_verify(struct auth_zones* az, 8510 struct module_env* env) 8511{ 8512 struct auth_zone key; 8513 uint8_t savezname[255+1]; 8514 size_t savezname_len; 8515 struct auth_zone* z; 8516 key.node.key = &key; 8517 lock_rw_rdlock(&az->lock); 8518 RBTREE_FOR(z, struct auth_zone*, &az->ztree) { 8519 lock_rw_wrlock(&z->lock); 8520 if(!z->zonemd_check) { 8521 lock_rw_unlock(&z->lock); 8522 continue; 8523 } 8524 key.dclass = z->dclass; 8525 key.namelabs = z->namelabs; 8526 if(z->namelen > sizeof(savezname)) { 8527 lock_rw_unlock(&z->lock); 8528 log_err("auth_zones_pickup_zonemd_verify: zone name too long"); 8529 continue; 8530 } 8531 savezname_len = z->namelen; 8532 memmove(savezname, z->name, z->namelen); 8533 lock_rw_unlock(&az->lock); 8534 auth_zone_verify_zonemd(z, env, &env->mesh->mods, NULL, 0, 1); 8535 lock_rw_unlock(&z->lock); 8536 lock_rw_rdlock(&az->lock); 8537 /* find the zone we had before, it is not deleted, 8538 * because we have a flag for that that is processed at 8539 * apply_cfg time */ 8540 key.namelen = savezname_len; 8541 key.name = savezname; 8542 z = (struct auth_zone*)rbtree_search(&az->ztree, &key); 8543 if(!z) 8544 break; 8545 } 8546 lock_rw_unlock(&az->lock); 8547} 8548