isc_result_t
dns_tsigkeyring_dumpanddetach(dns_tsig_keyring_t **ringp, FILE *fp) {
isc_result_t result;
dns_rbtnodechain_t chain;
dns_name_t foundname;
dns_fixedname_t fixedorigin;
dns_name_t *origin;
isc_stdtime_t now;
dns_rbtnode_t *node;
dns_tsigkey_t *tkey;
dns_tsig_keyring_t *ring;
unsigned int references;
REQUIRE(ringp != NULL && *ringp != NULL);
ring = *ringp;
*ringp = NULL;
RWLOCK(&ring->lock, isc_rwlocktype_write);
INSIST(ring->references > 0);
ring->references--;
references = ring->references;
RWUNLOCK(&ring->lock, isc_rwlocktype_write);
if (references != 0)
return (DNS_R_CONTINUE);
isc_stdtime_get(&now);
dns_name_init(&foundname, NULL);
dns_fixedname_init(&fixedorigin);
origin = dns_fixedname_name(&fixedorigin);
dns_rbtnodechain_init(&chain, ring->mctx);
result = dns_rbtnodechain_first(&chain, ring->keys, &foundname,
origin);
if (result != ISC_R_SUCCESS && result != DNS_R_NEWORIGIN) {
dns_rbtnodechain_invalidate(&chain);
goto destroy;
}
for (;;) {
node = NULL;
dns_rbtnodechain_current(&chain, &foundname, origin, &node);
tkey = node->data;
if (tkey != NULL && tkey->generated && tkey->expire >= now)
dump_key(tkey, fp);
result = dns_rbtnodechain_next(&chain, &foundname,
origin);
if (result != ISC_R_SUCCESS && result != DNS_R_NEWORIGIN) {
dns_rbtnodechain_invalidate(&chain);
if (result == ISC_R_NOMORE)
result = ISC_R_SUCCESS;
goto destroy;
}
}
destroy:
destroyring(ring);
return (result);
}
/*%
* Configure an apex NS with an out-of-zone NS names for a static-stub zone.
* For example, for the zone named "example.com", something like the following
* RRs will be added to the zone DB:
* example.com. NS ns.example.net.
*/
static isc_result_t
configure_staticstub_servernames(const cfg_obj_t *zconfig, dns_zone_t *zone,
dns_rdatalist_t *rdatalist, const char *zname)
{
const cfg_listelt_t *element;
isc_mem_t *mctx = dns_zone_getmctx(zone);
dns_rdata_t *rdata;
isc_region_t sregion, region;
isc_result_t result = ISC_R_SUCCESS;
for (element = cfg_list_first(zconfig);
element != NULL;
element = cfg_list_next(element))
{
const cfg_obj_t *obj;
const char *str;
dns_fixedname_t fixed_name;
dns_name_t *nsname;
isc_buffer_t b;
obj = cfg_listelt_value(element);
str = cfg_obj_asstring(obj);
dns_fixedname_init(&fixed_name);
nsname = dns_fixedname_name(&fixed_name);
isc_buffer_init(&b, str, strlen(str));
isc_buffer_add(&b, strlen(str));
result = dns_name_fromtext(nsname, &b, dns_rootname, 0, NULL);
if (result != ISC_R_SUCCESS) {
cfg_obj_log(zconfig, ns_g_lctx, ISC_LOG_ERROR,
"server-name '%s' is not a valid "
"name", str);
return (result);
}
if (dns_name_issubdomain(nsname, dns_zone_getorigin(zone))) {
cfg_obj_log(zconfig, ns_g_lctx, ISC_LOG_ERROR,
"server-name '%s' must not be a "
"subdomain of zone name '%s'",
str, zname);
return (ISC_R_FAILURE);
}
dns_name_toregion(nsname, &sregion);
rdata = isc_mem_get(mctx, sizeof(*rdata) + sregion.length);
if (rdata == NULL)
return (ISC_R_NOMEMORY);
region.length = sregion.length;
region.base = (unsigned char *)(rdata + 1);
memcpy(region.base, sregion.base, region.length);
dns_rdata_init(rdata);
dns_rdata_fromregion(rdata, dns_zone_getclass(zone),
dns_rdatatype_ns, ®ion);
ISC_LIST_APPEND(rdatalist->rdata, rdata, link);
}
return (result);
}
static void
iterate(dns_rbt_t *rbt, isc_boolean_t forward) {
dns_name_t foundname, *origin;
dns_rbtnodechain_t chain;
dns_fixedname_t fixedorigin;
isc_result_t result;
isc_result_t (*move)(dns_rbtnodechain_t *chain, dns_name_t *name,
dns_name_t *origin);
dns_rbtnodechain_init(&chain, mctx);
dns_name_init(&foundname, NULL);
dns_fixedname_init(&fixedorigin);
origin = dns_fixedname_name(&fixedorigin);
if (forward) {
printf("iterating forward\n" );
move = dns_rbtnodechain_next;
result = dns_rbtnodechain_first(&chain, rbt, &foundname,
origin);
} else {
printf("iterating backward\n" );
move = dns_rbtnodechain_prev;
result = dns_rbtnodechain_last(&chain, rbt, &foundname,
origin);
}
if (result != ISC_R_SUCCESS && result != DNS_R_NEWORIGIN)
printf("start not found!\n");
else {
for (;;) {
if (result == DNS_R_NEWORIGIN) {
printf(" new origin: ");
print_name(origin);
printf("\n");
}
if (result == ISC_R_SUCCESS ||
result == DNS_R_NEWORIGIN) {
print_name(&foundname);
printf("\n");
} else {
if (result != ISC_R_NOMORE)
printf("UNEXEPCTED ITERATION ERROR: %s",
dns_result_totext(result));
break;
}
result = move(&chain, &foundname, origin);
}
}
}
/*% load the zone */
isc_result_t
load_zone(isc_mem_t *mctx, const char *zonename, const char *filename,
dns_masterformat_t fileformat, const char *classname,
dns_zone_t **zonep)
{
isc_result_t result;
dns_rdataclass_t rdclass;
isc_textregion_t region;
isc_buffer_t buffer;
dns_fixedname_t fixorigin;
dns_name_t *origin;
dns_zone_t *zone = NULL;
REQUIRE(zonep == NULL || *zonep == NULL);
if (debug)
fprintf(stderr, "loading \"%s\" from \"%s\" class \"%s\"\n",
zonename, filename, classname);
CHECK(dns_zone_create(&zone, mctx));
dns_zone_settype(zone, dns_zone_master);
isc_buffer_init(&buffer, zonename, strlen(zonename));
isc_buffer_add(&buffer, strlen(zonename));
dns_fixedname_init(&fixorigin);
origin = dns_fixedname_name(&fixorigin);
CHECK(dns_name_fromtext(origin, &buffer, dns_rootname, 0, NULL));
CHECK(dns_zone_setorigin(zone, origin));
CHECK(dns_zone_setdbtype(zone, 1, (const char * const *) dbtype));
CHECK(dns_zone_setfile2(zone, filename, fileformat));
DE_CONST(classname, region.base);
region.length = strlen(classname);
CHECK(dns_rdataclass_fromtext(&rdclass, ®ion));
dns_zone_setclass(zone, rdclass);
dns_zone_setoption(zone, zone_options, ISC_TRUE);
dns_zone_setoption(zone, DNS_ZONEOPT_NOMERGE, nomerge);
if (docheckmx)
dns_zone_setcheckmx(zone, checkmx);
if (docheckns)
dns_zone_setcheckns(zone, checkns);
if (dochecksrv)
dns_zone_setchecksrv(zone, checksrv);
CHECK(dns_zone_load(zone));
if (zonep != NULL) {
*zonep = zone;
zone = NULL;
}
cleanup:
if (zone != NULL)
dns_zone_detach(&zone);
return (result);
}
isc_result_t
dns_nsec3_hashname(dns_fixedname_t *result,
unsigned char rethash[NSEC3_MAX_HASH_LENGTH],
size_t *hash_length, dns_name_t *name, dns_name_t *origin,
dns_hash_t hashalg, unsigned int iterations,
const unsigned char *salt, size_t saltlength)
{
unsigned char hash[NSEC3_MAX_HASH_LENGTH];
unsigned char nametext[DNS_NAME_FORMATSIZE];
dns_fixedname_t fixed;
dns_name_t *downcased;
isc_buffer_t namebuffer;
isc_region_t region;
size_t len;
if (rethash == NULL)
rethash = hash;
memset(rethash, 0, NSEC3_MAX_HASH_LENGTH);
dns_fixedname_init(&fixed);
downcased = dns_fixedname_name(&fixed);
dns_name_downcase(name, downcased, NULL);
/* hash the node name */
len = isc_iterated_hash(rethash, hashalg, iterations, salt, saltlength,
downcased->ndata, downcased->length);
if (len == 0U)
return (DNS_R_BADALG);
if (hash_length != NULL)
*hash_length = len;
/* convert the hash to base32hex */
region.base = rethash;
region.length = len;
isc_buffer_init(&namebuffer, nametext, sizeof nametext);
isc_base32hex_totext(®ion, 1, "", &namebuffer);
/* convert the hex to a domain name */
dns_fixedname_init(result);
return (dns_name_fromtext(dns_fixedname_name(result), &namebuffer,
origin, 0, NULL));
}
int
main(int argc, char **argv) {
dns_fixedname_t fixed;
dns_name_t *name;
isc_buffer_t buffer;
isc_region_t region;
isc_result_t result;
unsigned char hash[NSEC3_MAX_HASH_LENGTH];
unsigned char salt[DNS_NSEC3_SALTSIZE];
unsigned char text[1024];
unsigned int hash_alg;
unsigned int length;
unsigned int iterations;
unsigned int salt_length;
if (argc != 5)
usage();
if (strcmp(argv[1], "-") == 0) {
salt_length = 0;
salt[0] = 0;
} else {
isc_buffer_init(&buffer, salt, sizeof(salt));
result = isc_hex_decodestring(argv[1], &buffer);
check_result(result, "isc_hex_decodestring(salt)");
salt_length = isc_buffer_usedlength(&buffer);
if (salt_length > DNS_NSEC3_SALTSIZE)
fatal("salt too long");
}
hash_alg = atoi(argv[2]);
if (hash_alg > 255U)
fatal("hash algorithm too large");
iterations = atoi(argv[3]);
if (iterations > 0xffffU)
fatal("iterations to large");
dns_fixedname_init(&fixed);
name = dns_fixedname_name(&fixed);
isc_buffer_init(&buffer, argv[4], strlen(argv[4]));
isc_buffer_add(&buffer, strlen(argv[4]));
result = dns_name_fromtext(name, &buffer, dns_rootname, 0, NULL);
check_result(result, "dns_name_fromtext() failed");
dns_name_downcase(name, name, NULL);
length = isc_iterated_hash(hash, hash_alg, iterations, salt,
salt_length, name->ndata, name->length);
if (length == 0)
fatal("isc_iterated_hash failed");
region.base = hash;
region.length = length;
isc_buffer_init(&buffer, text, sizeof(text));
isc_base32hexnp_totext(®ion, 1, "", &buffer);
fprintf(stdout, "%.*s (salt=%s, hash=%u, iterations=%u)\n",
(int)isc_buffer_usedlength(&buffer), text, argv[1], hash_alg, iterations);
return(0);
}
static void
do_find(isc_boolean_t want_event) {
isc_result_t result;
isc_boolean_t done = ISC_FALSE;
unsigned int options;
options = DNS_ADBFIND_INET | DNS_ADBFIND_INET6;
if (want_event)
options |= DNS_ADBFIND_WANTEVENT | DNS_ADBFIND_EMPTYEVENT;
dns_fixedname_init(&target);
result = dns_adb_createfind(view->adb, task, adb_callback, NULL,
dns_fixedname_name(&fixed),
dns_rootname, 0, options, 0,
dns_fixedname_name(&target), 0,
&find);
if (result == ISC_R_SUCCESS) {
if (!ISC_LIST_EMPTY(find->list)) {
/*
* We have at least some of the addresses for the
* name.
*/
INSIST((find->options & DNS_ADBFIND_WANTEVENT) == 0);
print_addresses(find);
done = ISC_TRUE;
} else {
/*
* We don't know any of the addresses for this
* name.
*/
if ((find->options & DNS_ADBFIND_WANTEVENT) == 0) {
/*
* And ADB isn't going to send us any events
* either. This query loses.
*/
done = ISC_TRUE;
}
/*
* If the DNS_ADBFIND_WANTEVENT flag was set, we'll
* get an event when something happens.
*/
}
} else if (result == DNS_R_ALIAS) {
print_name(dns_fixedname_name(&target));
done = ISC_TRUE;
} else {
printf("dns_adb_createfind() returned %s\n",
isc_result_totext(result));
done = ISC_TRUE;
}
if (done) {
if (find != NULL)
dns_adb_destroyfind(&find);
isc_app_shutdown();
}
}
isc_result_t
dns_dlzfindzone(dns_view_t *view, dns_name_t *name, unsigned int minlabels,
dns_db_t **dbp)
{
dns_fixedname_t fname;
dns_name_t *zonename;
unsigned int namelabels;
unsigned int i;
isc_result_t result;
dns_dlzfindzone_t findzone;
dns_dlzdb_t *dlzdatabase;
/*
* Performs checks to make sure data is as we expect it to be.
*/
REQUIRE(DNS_DLZ_VALID(view->dlzdatabase));
REQUIRE(name != NULL);
REQUIRE(dbp != NULL && *dbp == NULL);
/* setup a "fixed" dns name */
dns_fixedname_init(&fname);
zonename = dns_fixedname_name(&fname);
/* count the number of labels in the name */
namelabels = dns_name_countlabels(name);
/*
* loop through starting with the longest domain name and
* trying shorter names portions of the name until we find a
* match, have an error, or are below the 'minlabels'
* threshold. minlabels is 0, if the standard database didn't
* have a zone name match. Otherwise minlabels is the number
* of labels in that name. We need to beat that for a
* "better" match for the DLZ database to be authoritative
* instead of the standard database.
*/
for (i = namelabels; i > minlabels && i > 1; i--) {
if (i == namelabels) {
result = dns_name_copy(name, zonename, NULL);
if (result != ISC_R_SUCCESS)
return (result);
} else
dns_name_split(name, i, NULL, zonename);
/* ask SDLZ driver if the zone is supported */
dlzdatabase = view->dlzdatabase;
findzone = dlzdatabase->implementation->methods->findzone;
result = (*findzone)(dlzdatabase->implementation->driverarg,
dlzdatabase->dbdata, dlzdatabase->mctx,
view->rdclass, zonename, dbp);
if (result != ISC_R_NOTFOUND)
return (result);
}
return (ISC_R_NOTFOUND);
}
static isc_result_t probe_domain (struct probe_trans *trans)
{
isc_result_t result;
size_t domainlen;
isc_buffer_t b;
char buf[4096]; /* XXX ad hoc constant, but should be enough */
char *cp;
REQUIRE (trans != NULL);
REQUIRE (trans->inuse == ISC_FALSE);
REQUIRE (outstanding_probes < MAX_PROBES);
/* Construct domain */
cp = fgets (buf, sizeof (buf), fp);
if (cp == NULL)
return (ISC_R_NOMORE);
if ((cp = strchr (buf, '\n')) != NULL) /* zap NL if any */
*cp = '\0';
trans->domain = isc_mem_strdup (mctx, buf);
if (trans->domain == NULL)
{
fprintf (stderr, "failed to allocate memory for domain: %s", cp);
return (ISC_R_NOMEMORY);
}
/* Start getting NS for the domain */
domainlen = strlen (buf);
isc_buffer_init (&b, buf, domainlen);
isc_buffer_add (&b, domainlen);
dns_fixedname_init (&trans->fixedname);
trans->qname = dns_fixedname_name (&trans->fixedname);
result = dns_name_fromtext (trans->qname, &b, dns_rootname, 0, NULL);
if (result != ISC_R_SUCCESS)
goto cleanup;
result = dns_client_startresolve (client, trans->qname,
dns_rdataclass_in, dns_rdatatype_ns,
0, probe_task, resolve_ns, trans, &trans->resid);
if (result != ISC_R_SUCCESS)
goto cleanup;
trans->inuse = ISC_TRUE;
outstanding_probes++;
return (ISC_R_SUCCESS);
cleanup:
isc_mem_free (mctx, trans->domain);
dns_fixedname_invalidate (&trans->fixedname);
return (result);
}
static isc_result_t
make_querymessage(dns_message_t *message, const char *namestr,
dns_rdatatype_t rdtype)
{
dns_name_t *qname = NULL, *qname0;
dns_rdataset_t *qrdataset = NULL;
isc_result_t result;
isc_buffer_t b;
unsigned int namelen;
REQUIRE(message != NULL);
REQUIRE(namestr != NULL);
/* Construct qname */
namelen = strlen(namestr);
isc_buffer_constinit(&b, namestr, namelen);
isc_buffer_add(&b, namelen);
dns_fixedname_init(&fixedqname);
qname0 = dns_fixedname_name(&fixedqname);
result = dns_name_fromtext(qname0, &b, dns_rootname, 0, NULL);
if (result != ISC_R_SUCCESS) {
fprintf(stderr, "failed to convert qname: %d\n", result);
return (result);
}
/* Construct query message */
message->opcode = dns_opcode_query;
message->rdclass = dns_rdataclass_in;
result = dns_message_gettempname(message, &qname);
if (result != ISC_R_SUCCESS)
goto cleanup;
result = dns_message_gettemprdataset(message, &qrdataset);
if (result != ISC_R_SUCCESS)
goto cleanup;
dns_name_init(qname, NULL);
dns_name_clone(qname0, qname);
dns_rdataset_init(qrdataset);
dns_rdataset_makequestion(qrdataset, message->rdclass, rdtype);
ISC_LIST_APPEND(qname->list, qrdataset, link);
dns_message_addname(message, qname, DNS_SECTION_QUESTION);
return (ISC_R_SUCCESS);
cleanup:
if (qname != NULL)
dns_message_puttempname(message, &qname);
if (qrdataset != NULL)
dns_message_puttemprdataset(message, &qrdataset);
dns_message_destroy(&message);
return (result);
}
/*
* Find a few nodes to destroy if possible.
*/
static void
cleanup_ring(dns_tsig_keyring_t *ring)
{
isc_result_t result;
dns_rbtnodechain_t chain;
dns_name_t foundname;
dns_fixedname_t fixedorigin;
dns_name_t *origin;
isc_stdtime_t now;
dns_rbtnode_t *node;
dns_tsigkey_t *tkey;
/*
* Start up a new iterator each time.
*/
isc_stdtime_get(&now);
dns_name_init(&foundname, NULL);
dns_fixedname_init(&fixedorigin);
origin = dns_fixedname_name(&fixedorigin);
again:
dns_rbtnodechain_init(&chain, ring->mctx);
result = dns_rbtnodechain_first(&chain, ring->keys, &foundname,
origin);
if (result != ISC_R_SUCCESS && result != DNS_R_NEWORIGIN) {
dns_rbtnodechain_invalidate(&chain);
return;
}
for (;;) {
node = NULL;
dns_rbtnodechain_current(&chain, &foundname, origin, &node);
tkey = node->data;
if (tkey != NULL) {
if (tkey->generated
&& isc_refcount_current(&tkey->refs) == 1
&& tkey->inception != tkey->expire
&& tkey->expire < now) {
tsig_log(tkey, 2, "tsig expire: deleting");
/* delete the key */
dns_rbtnodechain_invalidate(&chain);
remove_fromring(tkey);
goto again;
}
}
result = dns_rbtnodechain_next(&chain, &foundname,
origin);
if (result != ISC_R_SUCCESS && result != DNS_R_NEWORIGIN) {
dns_rbtnodechain_invalidate(&chain);
return;
}
}
}
static void
setup(const char *zonename, const char *filename, const char *classname) {
isc_result_t result;
dns_rdataclass_t rdclass;
isc_consttextregion_t region;
isc_buffer_t buffer;
dns_fixedname_t fixorigin;
dns_name_t *origin;
const char *rbt = "rbt";
if (debug)
fprintf(stderr, "loading \"%s\" from \"%s\" class \"%s\"\n",
zonename, filename, classname);
result = dns_zone_create(&zone, mctx);
ERRRET(result, "dns_zone_new");
dns_zone_settype(zone, zonetype);
isc_buffer_init(&buffer, zonename, strlen(zonename));
isc_buffer_add(&buffer, strlen(zonename));
dns_fixedname_init(&fixorigin);
result = dns_name_fromtext(dns_fixedname_name(&fixorigin),
&buffer, dns_rootname, 0, NULL);
ERRRET(result, "dns_name_fromtext");
origin = dns_fixedname_name(&fixorigin);
result = dns_zone_setorigin(zone, origin);
ERRRET(result, "dns_zone_setorigin");
result = dns_zone_setdbtype(zone, 1, &rbt);
ERRRET(result, "dns_zone_setdatabase");
result = dns_zone_setfile(zone, filename);
ERRRET(result, "dns_zone_setfile");
region.base = classname;
region.length = strlen(classname);
result = dns_rdataclass_fromtext(&rdclass,
(isc_textregion_t *)(void*)®ion);
ERRRET(result, "dns_rdataclass_fromtext");
dns_zone_setclass(zone, rdclass);
if (zonetype == dns_zone_slave)
dns_zone_setmasters(zone, &addr, 1);
result = dns_zone_load(zone);
ERRRET(result, "dns_zone_load");
result = dns_zonemgr_managezone(zonemgr, zone);
ERRRET(result, "dns_zonemgr_managezone");
}
static isc_result_t
initname(char *setname) {
isc_result_t result;
isc_buffer_t buf;
dns_fixedname_init(&fixed);
name = dns_fixedname_name(&fixed);
isc_buffer_init(&buf, setname, strlen(setname));
isc_buffer_add(&buf, strlen(setname));
result = dns_name_fromtext(name, &buf, dns_rootname, 0, NULL);
return (result);
}
static isc_result_t
check_hints(dns_db_t *db) {
isc_result_t result;
dns_rdataset_t rootns;
dns_dbiterator_t *dbiter = NULL;
dns_dbnode_t *node = NULL;
isc_stdtime_t now;
dns_fixedname_t fixname;
dns_name_t *name;
dns_rdatasetiter_t *rdsiter = NULL;
isc_stdtime_get(&now);
dns_fixedname_init(&fixname);
name = dns_fixedname_name(&fixname);
dns_rdataset_init(&rootns);
(void)dns_db_find(db, dns_rootname, NULL, dns_rdatatype_ns, 0,
now, NULL, name, &rootns, NULL);
result = dns_db_createiterator(db, 0, &dbiter);
if (result != ISC_R_SUCCESS)
goto cleanup;
result = dns_dbiterator_first(dbiter);
while (result == ISC_R_SUCCESS) {
result = dns_dbiterator_current(dbiter, &node, name);
if (result != ISC_R_SUCCESS)
goto cleanup;
result = dns_db_allrdatasets(db, node, NULL, now, &rdsiter);
if (result != ISC_R_SUCCESS)
goto cleanup;
result = check_node(&rootns, name, rdsiter);
if (result != ISC_R_SUCCESS)
goto cleanup;
dns_rdatasetiter_destroy(&rdsiter);
dns_db_detachnode(db, &node);
result = dns_dbiterator_next(dbiter);
}
if (result == ISC_R_NOMORE)
result = ISC_R_SUCCESS;
cleanup:
if (dns_rdataset_isassociated(&rootns))
dns_rdataset_disassociate(&rootns);
if (rdsiter != NULL)
dns_rdatasetiter_destroy(&rdsiter);
if (node != NULL)
dns_db_detachnode(db, &node);
if (dbiter != NULL)
dns_dbiterator_destroy(&dbiter);
return (result);
}
/*
* Walk the tree and ensure that all the test nodes are present.
*/
static void
check_test_data(dns_rbt_t *rbt) {
char buffer[1024];
char *arg;
dns_fixedname_t fname;
dns_fixedname_t fixed;
dns_name_t *name;
isc_buffer_t b;
data_holder_t *data;
isc_result_t result;
dns_name_t *foundname;
rbt_testdata_t *testdatap = testdata;
dns_fixedname_init(&fixed);
foundname = dns_fixedname_name(&fixed);
while (testdatap->name != NULL && testdatap->data.data != NULL) {
memmove(buffer, testdatap->name, testdatap->name_len + 1);
arg = buffer;
isc_buffer_init(&b, arg, testdatap->name_len);
isc_buffer_add(&b, testdatap->name_len);
dns_fixedname_init(&fname);
name = dns_fixedname_name(&fname);
result = dns_name_fromtext(name, &b, dns_rootname, 0, NULL);
if (result != ISC_R_SUCCESS) {
testdatap++;
continue;
}
data = NULL;
result = dns_rbt_findname(rbt, name, 0, foundname,
(void *) &data);
ATF_CHECK_STREQ(dns_result_totext(result), "success");
testdatap++;
}
}
static isc_result_t
dispatch_query(struct query_trans *trans) {
isc_result_t result;
size_t namelen;
isc_buffer_t b;
char buf[4096]; /* XXX ad hoc constant, but should be enough */
char *cp;
REQUIRE(trans != NULL);
REQUIRE(trans->inuse == ISC_FALSE);
REQUIRE(ISC_LIST_EMPTY(trans->answerlist));
REQUIRE(outstanding_queries < MAX_QUERIES);
/* Construct qname */
cp = fgets(buf, sizeof(buf), fp);
if (cp == NULL)
return (ISC_R_NOMORE);
/* zap NL if any */
if ((cp = strchr(buf, '\n')) != NULL)
*cp = '\0';
namelen = strlen(buf);
isc_buffer_init(&b, buf, namelen);
isc_buffer_add(&b, namelen);
dns_fixedname_init(&trans->fixedname);
trans->qname = dns_fixedname_name(&trans->fixedname);
result = dns_name_fromtext(trans->qname, &b, dns_rootname, 0, NULL);
if (result != ISC_R_SUCCESS)
goto cleanup;
/* Start resolution */
result = dns_client_startresolve(client, trans->qname,
dns_rdataclass_in, trans->type, 0,
query_task, process_answer, trans,
&trans->xid);
if (result != ISC_R_SUCCESS)
goto cleanup;
trans->inuse = ISC_TRUE;
outstanding_queries++;
return (ISC_R_SUCCESS);
cleanup:
dns_fixedname_invalidate(&trans->fixedname);
return (result);
}
isc_result_t
dhcp_isc_name(unsigned char *namestr,
dns_fixedname_t *namefix,
dns_name_t **name)
{
size_t namelen;
isc_buffer_t b;
isc_result_t result;
namelen = strlen((char *)namestr);
isc_buffer_init(&b, namestr, namelen);
isc_buffer_add(&b, namelen);
dns_fixedname_init(namefix);
*name = dns_fixedname_name(namefix);
result = dns_name_fromtext(*name, &b, dns_rootname, 0, NULL);
isc_buffer_invalidate(&b);
return(result);
}
static void
loadkey(char *filename, unsigned char *key_buf, unsigned int key_buf_size,
dns_rdata_t *rdata)
{
isc_result_t result;
dst_key_t *key = NULL;
isc_buffer_t keyb;
isc_region_t r;
dns_rdata_init(rdata);
isc_buffer_init(&keyb, key_buf, key_buf_size);
result = dst_key_fromnamedfile(filename, NULL, DST_TYPE_PUBLIC,
mctx, &key);
if (result != ISC_R_SUCCESS)
fatal("invalid keyfile name %s: %s",
filename, isc_result_totext(result));
if (verbose > 2) {
char keystr[DST_KEY_FORMATSIZE];
dst_key_format(key, keystr, sizeof(keystr));
fprintf(stderr, "%s: %s\n", program, keystr);
}
result = dst_key_todns(key, &keyb);
if (result != ISC_R_SUCCESS)
fatal("can't decode key");
isc_buffer_usedregion(&keyb, &r);
dns_rdata_fromregion(rdata, dst_key_class(key),
dns_rdatatype_dnskey, &r);
rdclass = dst_key_class(key);
dns_fixedname_init(&fixed);
name = dns_fixedname_name(&fixed);
result = dns_name_copy(dst_key_name(key), name, NULL);
if (result != ISC_R_SUCCESS)
fatal("can't copy name");
dst_key_free(&key);
}
/*
* Create a zone with origin 'name', return a pointer to the zone object in
* 'zonep'. If 'view' is set, add the zone to that view; otherwise, create
* a new view for the purpose.
*
* If the created view is going to be needed by the caller subsequently,
* then 'keepview' should be set to true; this will prevent the view
* from being detached. In this case, the caller is responsible for
* detaching the view.
*/
isc_result_t
dns_test_makezone(const char *name, dns_zone_t **zonep, dns_view_t *view,
isc_boolean_t keepview)
{
isc_result_t result;
dns_zone_t *zone = NULL;
isc_buffer_t buffer;
dns_fixedname_t fixorigin;
dns_name_t *origin;
if (view == NULL)
CHECK(dns_view_create(mctx, dns_rdataclass_in, "view", &view));
else if (!keepview)
keepview = ISC_TRUE;
zone = *zonep;
if (zone == NULL)
CHECK(dns_zone_create(&zone, mctx));
isc_buffer_constinit(&buffer, name, strlen(name));
isc_buffer_add(&buffer, strlen(name));
dns_fixedname_init(&fixorigin);
origin = dns_fixedname_name(&fixorigin);
CHECK(dns_name_fromtext(origin, &buffer, dns_rootname, 0, NULL));
CHECK(dns_zone_setorigin(zone, origin));
dns_zone_setview(zone, view);
dns_zone_settype(zone, dns_zone_master);
dns_zone_setclass(zone, view->rdclass);
dns_view_addzone(view, zone);
if (!keepview)
dns_view_detach(&view);
*zonep = zone;
return (ISC_R_SUCCESS);
cleanup:
if (zone != NULL)
dns_zone_detach(&zone);
if (view != NULL)
dns_view_detach(&view);
return (result);
}
static isc_result_t
get_reverse(char *reverse, size_t len, char *value, isc_boolean_t strict) {
int r;
isc_result_t result;
isc_netaddr_t addr;
addr.family = AF_INET6;
r = inet_pton(AF_INET6, value, &addr.type.in6);
if (r > 0) {
/* This is a valid IPv6 address. */
dns_fixedname_t fname;
dns_name_t *name;
unsigned int options = 0;
dns_fixedname_init(&fname);
name = dns_fixedname_name(&fname);
result = dns_byaddr_createptrname2(&addr, options, name);
if (result != ISC_R_SUCCESS)
return (result);
dns_name_format(name, reverse, (unsigned int)len);
return (ISC_R_SUCCESS);
} else {
/*
* Not a valid IPv6 address. Assume IPv4.
* If 'strict' is not set, construct the
* in-addr.arpa name by blindly reversing
* octets whether or not they look like integers,
* so that this can be used for RFC2317 names
* and such.
*/
char *p = reverse;
char *end = reverse + len;
if (strict && inet_pton(AF_INET, value, &addr.type.in) != 1)
return (DNS_R_BADDOTTEDQUAD);
result = reverse_octets(value, &p, end);
if (result != ISC_R_SUCCESS)
return (result);
result = append_str(".in-addr.arpa.", 15, &p, end);
if (result != ISC_R_SUCCESS)
return (result);
return (ISC_R_SUCCESS);
}
}
static isc_result_t ATTR_NONNULLS ATTR_CHECKRESULT
get_fixed_name(const cfg_obj_t *obj, const char *name, dns_fixedname_t *fname)
{
isc_result_t result;
isc_buffer_t buf;
const char *str;
size_t len;
REQUIRE(fname != NULL);
if (!cfg_obj_istuple(obj)) {
log_bug("configuration object is not a tuple");
return ISC_R_UNEXPECTED;
}
obj = cfg_tuple_get(obj, name);
if (!cfg_obj_isstring(obj))
return ISC_R_NOTFOUND;
str = cfg_obj_asstring(obj);
len = strlen(str);
isc_buffer_init(&buf, (char *)str, len);
/*
* Workaround for https://bugzilla.redhat.com/show_bug.cgi?id=728925
*
* ipa-server-install script could create SSU rules with
* double-dot-ending FQDNs. Silently "adjust" such wrong FQDNs.
*/
if (str[len - 1] == '.' && str[len - 2] == '.')
isc_buffer_add(&buf, len - 1);
else
isc_buffer_add(&buf, len);
dns_fixedname_init(fname);
result = dns_name_fromtext(dns_fixedname_name(fname), &buf,
dns_rootname, ISC_FALSE, NULL);
if (result != ISC_R_SUCCESS)
log_error("'%s' is not a valid name", str);
return result;
}
/* TODO: Add 'tainted' flag to the LDAP instance if something went wrong. */
static isc_result_t
subtractrdataset(dns_db_t *db, dns_dbnode_t *node, dns_dbversion_t *version,
dns_rdataset_t *rdataset, unsigned int options,
dns_rdataset_t *newrdataset)
{
ldapdb_t *ldapdb = (ldapdb_t *) db;
dns_fixedname_t fname;
dns_name_t *zname = NULL;
dns_rdatalist_t *rdlist = NULL;
isc_boolean_t empty_node = ISC_FALSE;
isc_result_t substract_result;
isc_result_t result;
REQUIRE(VALID_LDAPDB(ldapdb));
dns_fixedname_init(&fname);
zname = dns_db_origin(ldapdb->rbtdb);
result = dns_db_subtractrdataset(ldapdb->rbtdb, node, version,
rdataset, options, newrdataset);
/* DNS_R_NXRRSET mean that whole RRset was deleted. */
if (result != ISC_R_SUCCESS && result != DNS_R_NXRRSET)
goto cleanup;
substract_result = result;
/* TODO: Could it create some race-condition? What about unprocessed
* changes in synrepl queue? */
if (substract_result == DNS_R_NXRRSET) {
CHECK(node_isempty(ldapdb->rbtdb, node, version, 0,
&empty_node));
}
result = dns_rdatalist_fromrdataset(rdataset, &rdlist);
INSIST(result == ISC_R_SUCCESS);
CHECK(ldapdb_name_fromnode(node, dns_fixedname_name(&fname)));
CHECK(remove_values_from_ldap(dns_fixedname_name(&fname), zname, ldapdb->ldap_inst,
rdlist, empty_node));
cleanup:
if (result == ISC_R_SUCCESS)
result = substract_result;
return result;
}
/* walk: walk a database */
static void
test_walk(const atf_tc_t *tc) {
isc_result_t result;
dns_db_t *db = NULL;
dns_dbiterator_t *iter = NULL;
dns_dbnode_t *node = NULL;
dns_name_t *name;
dns_fixedname_t f;
int i = 0;
UNUSED(tc);
dns_fixedname_init(&f);
name = dns_fixedname_name(&f);
result = dns_test_begin(NULL, ISC_FALSE);
ATF_REQUIRE_EQ(result, ISC_R_SUCCESS);
result = dns_test_loaddb(&db, dns_dbtype_cache, TEST_ORIGIN,
atf_tc_get_md_var(tc, "X-filename"));
ATF_REQUIRE_EQ(result, ISC_R_SUCCESS);
result = dns_db_createiterator(db, 0, &iter);
ATF_REQUIRE_EQ(result, ISC_R_SUCCESS);
for (result = dns_dbiterator_first(iter);
result == ISC_R_SUCCESS;
result = dns_dbiterator_next(iter)) {
result = dns_dbiterator_current(iter, &node, name);
if (result == DNS_R_NEWORIGIN)
result = ISC_R_SUCCESS;
ATF_REQUIRE_EQ(result, ISC_R_SUCCESS);
dns_db_detachnode(db, &node);
i++;
}
ATF_CHECK_EQ(i, atoi(atf_tc_get_md_var(tc, "X-nodes")));
dns_dbiterator_destroy(&iter);
dns_db_detach(&db);
dns_test_end();
}
static isc_result_t
digest_sig(dst_context_t *ctx, dns_rdata_t *sigrdata, dns_rdata_rrsig_t *sig) {
isc_region_t r;
isc_result_t ret;
dns_fixedname_t fname;
dns_rdata_toregion(sigrdata, &r);
INSIST(r.length >= 19);
r.length = 18;
ret = dst_context_adddata(ctx, &r);
if (ret != ISC_R_SUCCESS)
return (ret);
dns_fixedname_init(&fname);
RUNTIME_CHECK(dns_name_downcase(&sig->signer,
dns_fixedname_name(&fname), NULL)
== ISC_R_SUCCESS);
dns_name_toregion(dns_fixedname_name(&fname), &r);
return (dst_context_adddata(ctx, &r));
}
static void
build_name_from_str(const char *namestr, dns_fixedname_t *fname) {
size_t length;
isc_buffer_t *b = NULL;
isc_result_t result;
dns_name_t *name;
length = strlen(namestr);
result = isc_buffer_allocate(mctx, &b, length);
ATF_REQUIRE_EQ(result, ISC_R_SUCCESS);
isc_buffer_putmem(b, (const unsigned char *) namestr, length);
dns_fixedname_init(fname);
name = dns_fixedname_name(fname);
ATF_REQUIRE(name != NULL);
result = dns_name_fromtext(name, b, dns_rootname, 0, NULL);
ATF_REQUIRE_EQ(result, ISC_R_SUCCESS);
isc_buffer_free(&b);
}
static isc_result_t
db_rr_iterator_init(db_rr_iterator_t *it, dns_db_t *db, dns_dbversion_t *ver,
isc_stdtime_t now)
{
isc_result_t result;
it->db = db;
it->dbit = NULL;
it->ver = ver;
it->now = now;
it->node = NULL;
result = dns_db_createiterator(it->db, 0, &it->dbit);
if (result != ISC_R_SUCCESS)
return (result);
it->rdatasetit = NULL;
dns_rdata_init(&it->rdata);
dns_rdataset_init(&it->rdataset);
dns_fixedname_init(&it->fixedname);
INSIST(! dns_rdataset_isassociated(&it->rdataset));
it->result = ISC_R_SUCCESS;
return (it->result);
}
static isc_result_t
node_isempty(dns_db_t *db, dns_dbnode_t *node, dns_dbversion_t *version,
isc_stdtime_t now, isc_boolean_t *isempty) {
dns_rdatasetiter_t *rds_iter = NULL;
dns_fixedname_t fname;
char buff[DNS_NAME_FORMATSIZE];
isc_result_t result;
dns_fixedname_init(&fname);
CHECK(ldapdb_name_fromnode(node, dns_fixedname_name(&fname)));
result = dns_db_allrdatasets(db, node, version, now, &rds_iter);
if (result == ISC_R_NOTFOUND) {
*isempty = ISC_TRUE;
} else if (result == ISC_R_SUCCESS) {
result = dns_rdatasetiter_first(rds_iter);
if (result == ISC_R_NOMORE) {
*isempty = ISC_TRUE;
result = ISC_R_SUCCESS;
} else if (result == ISC_R_SUCCESS) {
*isempty = ISC_FALSE;
result = ISC_R_SUCCESS;
} else if (result != ISC_R_SUCCESS) {
dns_name_format(dns_fixedname_name(&fname),
buff, DNS_NAME_FORMATSIZE);
log_error_r("dns_rdatasetiter_first() failed during "
"node_isempty() for name '%s'", buff);
}
dns_rdatasetiter_destroy(&rds_iter);
} else {
dns_name_format(dns_fixedname_name(&fname),
buff, DNS_NAME_FORMATSIZE);
log_error_r("dns_db_allrdatasets() failed during "
"node_isempty() for name '%s'", buff);
}
cleanup:
return result;
}
static isc_result_t
convert_keyname(cfg_obj_t *keyobj, isc_mem_t *mctx, dns_name_t *dnsname) {
isc_result_t result;
isc_buffer_t buf;
dns_fixedname_t fixname;
unsigned int keylen;
const char *txtname = cfg_obj_asstring(keyobj);
keylen = strlen(txtname);
isc_buffer_init(&buf, txtname, keylen);
isc_buffer_add(&buf, keylen);
dns_fixedname_init(&fixname);
result = dns_name_fromtext(dns_fixedname_name(&fixname), &buf,
dns_rootname, ISC_FALSE, NULL);
if (result != ISC_R_SUCCESS) {
cfg_obj_log(keyobj, dns_lctx, ISC_LOG_WARNING,
"key name '%s' is not a valid domain name",
txtname);
return (result);
}
return (dns_name_dup(dns_fixedname_name(&fixname), mctx, dnsname));
}
static isc_result_t make_zone (const char *name, dns_zone_t ** zonep)
{
isc_result_t result;
dns_view_t *view = NULL;
dns_zone_t *zone = NULL;
isc_buffer_t buffer;
dns_fixedname_t fixorigin;
dns_name_t *origin;
CHECK (dns_view_create (mctx, dns_rdataclass_in, "view", &view));
CHECK (dns_zone_create (&zone, mctx));
isc_buffer_init (&buffer, name, strlen (name));
isc_buffer_add (&buffer, strlen (name));
dns_fixedname_init (&fixorigin);
origin = dns_fixedname_name (&fixorigin);
CHECK (dns_name_fromtext (origin, &buffer, dns_rootname, 0, NULL));
CHECK (dns_zone_setorigin (zone, origin));
dns_zone_setview (zone, view);
dns_zone_settype (zone, dns_zone_master);
dns_zone_setclass (zone, view->rdclass);
dns_view_detach (&view);
*zonep = zone;
return (ISC_R_SUCCESS);
cleanup:
if (zone != NULL)
dns_zone_detach (&zone);
if (view != NULL)
dns_view_detach (&view);
return (result);
}
static void
addrdataset(isc_assertioncallback_t callback) {
isc_result_t result;
dns_rdataset_t rdataset;
dns_fixedname_t fixed;
dns_dbnode_t *node = NULL;
dns_rdatalist_t rdatalist;
result = dns_test_begin(NULL, ISC_FALSE);
ATF_REQUIRE_EQ(result, ISC_R_SUCCESS);
setup_db();
dns_rdataset_init(&rdataset);
dns_rdatalist_init(&rdatalist);
dns_fixedname_init(&fixed);
rdatalist.rdclass = dns_rdataclass_in;
result = dns_rdatalist_tordataset(&rdatalist, &rdataset);
ATF_REQUIRE_EQ(result, ISC_R_SUCCESS);
result = dns_db_findnode(db1, dns_rootname, ISC_FALSE, &node);
ATF_REQUIRE_EQ(result, ISC_R_SUCCESS);
isc_assertion_setcallback(callback);
result = dns_db_addrdataset(db1, node, VERSION(callback), 0, &rdataset,
0, NULL);
if (callback != NULL)
atf_tc_fail("dns_db_adddataset did not assert");
ATF_REQUIRE_EQ(result, ISC_R_SUCCESS);
dns_db_detachnode(db1, &node);
ATF_REQUIRE_EQ(node, NULL);
close_db();
dns_test_end();
}
