isc_result_t
dns_nsec_build(dns_db_t *db, dns_dbversion_t *version, dns_dbnode_t *node,
dns_name_t *target, dns_ttl_t ttl)
{
isc_result_t result;
dns_rdata_t rdata = DNS_RDATA_INIT;
unsigned char data[DNS_NSEC_BUFFERSIZE];
dns_rdatalist_t rdatalist;
dns_rdataset_t rdataset;
dns_rdataset_init(&rdataset);
dns_rdata_init(&rdata);
RETERR(dns_nsec_buildrdata(db, version, node, target, data, &rdata));
rdatalist.rdclass = dns_db_class(db);
rdatalist.type = dns_rdatatype_nsec;
rdatalist.covers = 0;
rdatalist.ttl = ttl;
ISC_LIST_INIT(rdatalist.rdata);
ISC_LIST_APPEND(rdatalist.rdata, &rdata, link);
RETERR(dns_rdatalist_tordataset(&rdatalist, &rdataset));
result = dns_db_addrdataset(db, node, version, 0, &rdataset,
0, NULL);
if (result == DNS_R_UNCHANGED)
result = ISC_R_SUCCESS;
RETERR(result);
failure:
if (dns_rdataset_isassociated(&rdataset))
dns_rdataset_disassociate(&rdataset);
return (result);
}
/* TODO: Add 'tainted' flag to the LDAP instance if something went wrong. */
static isc_result_t
addrdataset(dns_db_t *db, dns_dbnode_t *node, dns_dbversion_t *version,
isc_stdtime_t now, dns_rdataset_t *rdataset, unsigned int options,
dns_rdataset_t *addedrdataset)
{
ldapdb_t *ldapdb = (ldapdb_t *) db;
dns_fixedname_t fname;
dns_name_t *zname = NULL;
dns_rdatalist_t *rdlist = NULL;
isc_result_t result;
REQUIRE(VALID_LDAPDB(ldapdb));
dns_fixedname_init(&fname);
zname = dns_db_origin(ldapdb->rbtdb);
CHECK(dns_db_addrdataset(ldapdb->rbtdb, node, version, now,
rdataset, options, addedrdataset));
CHECK(ldapdb_name_fromnode(node, dns_fixedname_name(&fname)));
result = dns_rdatalist_fromrdataset(rdataset, &rdlist);
INSIST(result == ISC_R_SUCCESS);
CHECK(write_to_ldap(dns_fixedname_name(&fname), zname, ldapdb->ldap_inst, rdlist));
cleanup:
return result;
}
static isc_result_t
add_a(dns_db_t *db, dns_dbversion_t *version, const dns_name_t *name,
struct in_addr addr)
{
dns_dbnode_t *node = NULL;
dns_rdata_in_a_t a;
dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdatalist_t rdatalist;
dns_rdataset_t rdataset;
isc_result_t result;
isc_buffer_t b;
unsigned char buf[DNS_NAME_MAXWIRE];
isc_buffer_init(&b, buf, sizeof(buf));
dns_rdataset_init(&rdataset);
dns_rdatalist_init(&rdatalist);
a.common.rdtype = dns_rdatatype_a;
a.common.rdclass = dns_db_class(db);
a.in_addr = addr;
CHECK(dns_rdata_fromstruct(&rdata, dns_db_class(db), dns_rdatatype_a,
&a, &b));
rdatalist.type = rdata.type;
rdatalist.covers = 0;
rdatalist.rdclass = rdata.rdclass;
rdatalist.ttl = 86400;
ISC_LIST_APPEND(rdatalist.rdata, &rdata, link);
CHECK(dns_rdatalist_tordataset(&rdatalist, &rdataset));
CHECK(dns_db_findnode(db, name, ISC_TRUE, &node));
CHECK(dns_db_addrdataset(db, node, version, 0, &rdataset, 0, NULL));
cleanup:
if (node != NULL)
dns_db_detachnode(db, &node);
return (result);
}
/*
* Auxiliary functions add_*() create minimal database which can be loaded.
* This is necessary because this driver create empty 'fake' zone which
* is not loaded from disk so there is no way for user to supply SOA, NS and A
* records.
*
* Following functions were copied from BIND 9.10.2rc1 named/server.c,
* credit goes to ISC.
*/
static isc_result_t
add_soa(dns_db_t *db, dns_dbversion_t *version, const dns_name_t *name,
const dns_name_t *origin, const dns_name_t *contact)
{
dns_dbnode_t *node = NULL;
dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdatalist_t rdatalist;
dns_rdataset_t rdataset;
isc_result_t result;
unsigned char buf[DNS_SOA_BUFFERSIZE];
dns_rdataset_init(&rdataset);
dns_rdatalist_init(&rdatalist);
CHECK(dns_soa_buildrdata(origin, contact, dns_db_class(db),
0, 28800, 7200, 604800, 86400, buf, &rdata));
rdatalist.type = rdata.type;
rdatalist.covers = 0;
rdatalist.rdclass = rdata.rdclass;
rdatalist.ttl = 86400;
ISC_LIST_APPEND(rdatalist.rdata, &rdata, link);
CHECK(dns_rdatalist_tordataset(&rdatalist, &rdataset));
CHECK(dns_db_findnode(db, name, ISC_TRUE, &node));
CHECK(dns_db_addrdataset(db, node, version, 0, &rdataset, 0, NULL));
cleanup:
if (node != NULL)
dns_db_detachnode(db, &node);
return (result);
}
static void
addrdataset(isc_assertioncallback_t callback) {
isc_result_t result;
dns_rdataset_t rdataset;
dns_fixedname_t fixed;
dns_dbnode_t *node = NULL;
dns_rdatalist_t rdatalist;
result = dns_test_begin(NULL, ISC_FALSE);
ATF_REQUIRE_EQ(result, ISC_R_SUCCESS);
setup_db();
dns_rdataset_init(&rdataset);
dns_rdatalist_init(&rdatalist);
dns_fixedname_init(&fixed);
rdatalist.rdclass = dns_rdataclass_in;
result = dns_rdatalist_tordataset(&rdatalist, &rdataset);
ATF_REQUIRE_EQ(result, ISC_R_SUCCESS);
result = dns_db_findnode(db1, dns_rootname, ISC_FALSE, &node);
ATF_REQUIRE_EQ(result, ISC_R_SUCCESS);
isc_assertion_setcallback(callback);
result = dns_db_addrdataset(db1, node, VERSION(callback), 0, &rdataset,
0, NULL);
if (callback != NULL)
atf_tc_fail("dns_db_adddataset did not assert");
ATF_REQUIRE_EQ(result, ISC_R_SUCCESS);
dns_db_detachnode(db1, &node);
ATF_REQUIRE_EQ(node, NULL);
close_db();
dns_test_end();
}
static isc_result_t
addrdataset(dns_db_t *db, dns_dbnode_t *node, dns_dbversion_t *version,
isc_stdtime_t now, dns_rdataset_t *rdataset, unsigned int options,
dns_rdataset_t *addedrdataset)
{
sampledb_t *sampledb = (sampledb_t *) db;
isc_result_t result;
dns_fixedname_t name;
REQUIRE(VALID_SAMPLEDB(sampledb));
dns_fixedname_init(&name);
CHECK(dns_db_addrdataset(sampledb->rbtdb, node, version, now,
rdataset, options, addedrdataset));
if (rdataset->type == dns_rdatatype_a ||
rdataset->type == dns_rdatatype_aaaa) {
CHECK(sample_name_fromnode(node, dns_fixedname_name(&name)));
CHECK(syncptrs(sampledb->inst, dns_fixedname_name(&name),
rdataset, DNS_DIFFOP_ADD));
}
cleanup:
return (result);
}
static isc_result_t
addoptout(dns_message_t *message, dns_db_t *cache, dns_dbnode_t *node,
dns_rdatatype_t covers, isc_stdtime_t now, dns_ttl_t maxttl,
isc_boolean_t optout, isc_boolean_t secure,
dns_rdataset_t *addedrdataset)
{
isc_result_t result;
isc_buffer_t buffer;
isc_region_t r;
dns_rdataset_t *rdataset;
dns_rdatatype_t type;
dns_name_t *name;
dns_ttl_t ttl;
dns_trust_t trust;
dns_rdata_t rdata[DNS_NCACHE_RDATA];
dns_rdataset_t ncrdataset;
dns_rdatalist_t ncrdatalist;
unsigned char data[4096];
unsigned int next = 0;
/*
* Convert the authority data from 'message' into a negative cache
* rdataset, and store it in 'cache' at 'node'.
*/
REQUIRE(message != NULL);
/*
* We assume that all data in the authority section has been
* validated by the caller.
*/
/*
* Initialize the list.
*/
dns_rdatalist_init(&ncrdatalist);
ncrdatalist.rdclass = dns_db_class(cache);
ncrdatalist.covers = covers;
ncrdatalist.ttl = maxttl;
/*
* Build an ncache rdatas into buffer.
*/
ttl = maxttl;
trust = 0xffff;
isc_buffer_init(&buffer, data, sizeof(data));
if (message->counts[DNS_SECTION_AUTHORITY])
result = dns_message_firstname(message, DNS_SECTION_AUTHORITY);
else
result = ISC_R_NOMORE;
while (result == ISC_R_SUCCESS) {
name = NULL;
dns_message_currentname(message, DNS_SECTION_AUTHORITY,
&name);
if ((name->attributes & DNS_NAMEATTR_NCACHE) != 0) {
for (rdataset = ISC_LIST_HEAD(name->list);
rdataset != NULL;
rdataset = ISC_LIST_NEXT(rdataset, link)) {
if ((rdataset->attributes &
DNS_RDATASETATTR_NCACHE) == 0)
continue;
type = rdataset->type;
if (type == dns_rdatatype_rrsig)
type = rdataset->covers;
if (type == dns_rdatatype_soa ||
type == dns_rdatatype_nsec ||
type == dns_rdatatype_nsec3) {
if (ttl > rdataset->ttl)
ttl = rdataset->ttl;
if (trust > rdataset->trust)
trust = rdataset->trust;
/*
* Copy the owner name to the buffer.
*/
dns_name_toregion(name, &r);
result = isc_buffer_copyregion(&buffer,
&r);
if (result != ISC_R_SUCCESS)
return (result);
/*
* Copy the type to the buffer.
*/
isc_buffer_availableregion(&buffer,
&r);
if (r.length < 3)
return (ISC_R_NOSPACE);
isc_buffer_putuint16(&buffer,
rdataset->type);
isc_buffer_putuint8(&buffer,
(unsigned char)rdataset->trust);
/*
* Copy the rdataset into the buffer.
*/
result = copy_rdataset(rdataset,
&buffer);
if (result != ISC_R_SUCCESS)
return (result);
if (next >= DNS_NCACHE_RDATA)
return (ISC_R_NOSPACE);
dns_rdata_init(&rdata[next]);
isc_buffer_remainingregion(&buffer, &r);
rdata[next].data = r.base;
rdata[next].length = r.length;
rdata[next].rdclass =
ncrdatalist.rdclass;
rdata[next].type = 0;
rdata[next].flags = 0;
ISC_LIST_APPEND(ncrdatalist.rdata,
&rdata[next], link);
isc_buffer_forward(&buffer, r.length);
next++;
}
}
}
result = dns_message_nextname(message, DNS_SECTION_AUTHORITY);
}
if (result != ISC_R_NOMORE)
return (result);
if (trust == 0xffff) {
if ((message->flags & DNS_MESSAGEFLAG_AA) != 0 &&
message->counts[DNS_SECTION_ANSWER] == 0) {
/*
* The response has aa set and we haven't followed
* any CNAME or DNAME chains.
*/
trust = dns_trust_authauthority;
} else
trust = dns_trust_additional;
ttl = 0;
}
INSIST(trust != 0xffff);
ncrdatalist.ttl = ttl;
dns_rdataset_init(&ncrdataset);
RUNTIME_CHECK(dns_rdatalist_tordataset(&ncrdatalist, &ncrdataset)
== ISC_R_SUCCESS);
if (!secure && trust > dns_trust_answer)
trust = dns_trust_answer;
ncrdataset.trust = trust;
ncrdataset.attributes |= DNS_RDATASETATTR_NEGATIVE;
if (message->rcode == dns_rcode_nxdomain)
ncrdataset.attributes |= DNS_RDATASETATTR_NXDOMAIN;
if (optout)
ncrdataset.attributes |= DNS_RDATASETATTR_OPTOUT;
return (dns_db_addrdataset(cache, node, NULL, now, &ncrdataset,
0, addedrdataset));
}
int
main(int argc, char *argv[]) {
dns_db_t *db;
dns_dbnode_t *node;
isc_result_t result;
dns_name_t name;
dns_offsets_t offsets;
size_t len;
isc_buffer_t source, target;
char s[1000];
char b[255];
dns_rdataset_t rdataset, sigrdataset;
int ch;
dns_rdatatype_t type = 1;
isc_boolean_t printnode = ISC_FALSE;
isc_boolean_t addmode = ISC_FALSE;
isc_boolean_t delmode = ISC_FALSE;
isc_boolean_t holdmode = ISC_FALSE;
isc_boolean_t verbose = ISC_FALSE;
isc_boolean_t done = ISC_FALSE;
isc_boolean_t quiet = ISC_FALSE;
isc_boolean_t time_lookups = ISC_FALSE;
isc_boolean_t found_as;
isc_boolean_t find_zonecut = ISC_FALSE;
isc_boolean_t noexact_zonecut = ISC_FALSE;
int i, v;
dns_rdatasetiter_t *rdsiter;
char t1[256];
char t2[256];
isc_buffer_t tb1, tb2;
isc_region_t r1, r2;
dns_fixedname_t foundname;
dns_name_t *fname;
unsigned int options = 0, zcoptions;
isc_time_t start, finish;
char *origintext;
dbinfo *dbi;
dns_dbversion_t *version;
dns_name_t *origin;
size_t memory_quota = 0;
dns_trust_t trust = 0;
unsigned int addopts;
isc_log_t *lctx = NULL;
size_t n;
dns_result_register();
RUNTIME_CHECK(isc_mem_create(0, 0, &mctx) == ISC_R_SUCCESS);
RUNTIME_CHECK(dns_dbtable_create(mctx, dns_rdataclass_in, &dbtable) ==
ISC_R_SUCCESS);
strcpy(dbtype, "rbt");
while ((ch = isc_commandline_parse(argc, argv, "c:d:t:z:P:Q:glpqvT"))
!= -1) {
switch (ch) {
case 'c':
result = load(isc_commandline_argument, ".", ISC_TRUE);
if (result != ISC_R_SUCCESS)
printf("cache load(%s) %08x: %s\n",
isc_commandline_argument, result,
isc_result_totext(result));
break;
case 'd':
n = strlcpy(dbtype, isc_commandline_argument,
sizeof(dbtype));
if (n >= sizeof(dbtype)) {
fprintf(stderr, "bad db type '%s'\n",
isc_commandline_argument);
exit(1);
}
break;
case 'g':
options |= (DNS_DBFIND_GLUEOK|DNS_DBFIND_VALIDATEGLUE);
break;
case 'l':
RUNTIME_CHECK(isc_log_create(mctx, &lctx,
NULL) == ISC_R_SUCCESS);
isc_log_setcontext(lctx);
dns_log_init(lctx);
dns_log_setcontext(lctx);
break;
case 'q':
quiet = ISC_TRUE;
verbose = ISC_FALSE;
break;
case 'p':
printnode = ISC_TRUE;
break;
case 'P':
pause_every = atoi(isc_commandline_argument);
break;
case 'Q':
memory_quota = atoi(isc_commandline_argument);
isc_mem_setquota(mctx, memory_quota);
break;
case 't':
type = atoi(isc_commandline_argument);
break;
case 'T':
time_lookups = ISC_TRUE;
break;
case 'v':
verbose = ISC_TRUE;
break;
case 'z':
origintext = strrchr(isc_commandline_argument, '/');
if (origintext == NULL)
origintext = isc_commandline_argument;
else
origintext++; /* Skip '/'. */
result = load(isc_commandline_argument, origintext,
ISC_FALSE);
if (result != ISC_R_SUCCESS)
printf("zone load(%s) %08x: %s\n",
isc_commandline_argument, result,
isc_result_totext(result));
break;
}
}
argc -= isc_commandline_index;
argv += isc_commandline_index;
POST(argv);
if (argc != 0)
printf("ignoring trailing arguments\n");
/*
* Some final initialization...
*/
dns_fixedname_init(&foundname);
fname = dns_fixedname_name(&foundname);
dbi = NULL;
origin = dns_rootname;
version = NULL;
if (time_lookups) {
TIME_NOW(&start);
}
while (!done) {
if (!quiet)
printf("\n");
if (fgets(s, sizeof(s), stdin) == NULL) {
done = ISC_TRUE;
continue;
}
len = strlen(s);
if (len > 0U && s[len - 1] == '\n') {
s[len - 1] = '\0';
len--;
}
if (verbose && dbi != NULL) {
if (dbi->wversion != NULL)
printf("future version (%p)\n", dbi->wversion);
for (i = 0; i < dbi->rcount; i++)
if (dbi->rversions[i] != NULL)
printf("open version %d (%p)\n", i,
dbi->rversions[i]);
}
dns_name_init(&name, offsets);
if (strcmp(s, "!R") == 0) {
DBI_CHECK(dbi);
if (dbi->rcount == MAXVERSIONS) {
printf("too many open versions\n");
continue;
}
dns_db_currentversion(dbi->db,
&dbi->rversions[dbi->rcount]);
printf("opened version %d\n", dbi->rcount);
dbi->version = dbi->rversions[dbi->rcount];
version = dbi->version;
dbi->rcount++;
continue;
} else if (strcmp(s, "!W") == 0) {
DBI_CHECK(dbi);
if (dbi->wversion != NULL) {
printf("using existing future version\n");
dbi->version = dbi->wversion;
version = dbi->version;
continue;
}
result = dns_db_newversion(dbi->db, &dbi->wversion);
if (result != ISC_R_SUCCESS)
print_result("", result);
else
printf("newversion\n");
dbi->version = dbi->wversion;
version = dbi->version;
continue;
} else if (strcmp(s, "!C") == 0) {
DBI_CHECK(dbi);
addmode = ISC_FALSE;
delmode = ISC_FALSE;
if (dbi->version == NULL)
continue;
if (dbi->version == dbi->wversion) {
printf("closing future version\n");
dbi->wversion = NULL;
} else {
for (i = 0; i < dbi->rcount; i++) {
if (dbi->version ==
dbi->rversions[i]) {
dbi->rversions[i] = NULL;
printf("closing open version %d\n",
i);
break;
}
}
}
dns_db_closeversion(dbi->db, &dbi->version, ISC_TRUE);
version = NULL;
continue;
} else if (strcmp(s, "!X") == 0) {
DBI_CHECK(dbi);
addmode = ISC_FALSE;
delmode = ISC_FALSE;
if (dbi->version == NULL)
continue;
if (dbi->version == dbi->wversion) {
printf("aborting future version\n");
dbi->wversion = NULL;
} else {
for (i = 0; i < dbi->rcount; i++) {
if (dbi->version ==
dbi->rversions[i]) {
dbi->rversions[i] = NULL;
printf("closing open version %d\n",
i);
break;
}
}
}
dns_db_closeversion(dbi->db, &dbi->version, ISC_FALSE);
version = NULL;
continue;
} else if (strcmp(s, "!A") == 0) {
DBI_CHECK(dbi);
delmode = ISC_FALSE;
if (addmode)
addmode = ISC_FALSE;
else
addmode = ISC_TRUE;
printf("addmode = %s\n", addmode ? "TRUE" : "FALSE");
continue;
} else if (strcmp(s, "!D") == 0) {
DBI_CHECK(dbi);
addmode = ISC_FALSE;
if (delmode)
delmode = ISC_FALSE;
else
delmode = ISC_TRUE;
printf("delmode = %s\n", delmode ? "TRUE" : "FALSE");
continue;
} else if (strcmp(s, "!H") == 0) {
DBI_CHECK(dbi);
if (holdmode)
holdmode = ISC_FALSE;
else
holdmode = ISC_TRUE;
printf("holdmode = %s\n", holdmode ? "TRUE" : "FALSE");
continue;
} else if (strcmp(s, "!HR") == 0) {
DBI_CHECK(dbi);
for (i = 0; i < dbi->hold_count; i++)
dns_db_detachnode(dbi->db,
&dbi->hold_nodes[i]);
dbi->hold_count = 0;
holdmode = ISC_FALSE;
printf("held nodes have been detached\n");
continue;
} else if (strcmp(s, "!VC") == 0) {
DBI_CHECK(dbi);
printf("switching to current version\n");
dbi->version = NULL;
version = NULL;
continue;
} else if (strstr(s, "!V") == s) {
DBI_CHECK(dbi);
v = atoi(&s[2]);
if (v >= dbi->rcount || v < 0) {
printf("unknown open version %d\n", v);
continue;
}
if (dbi->rversions[v] == NULL) {
printf("version %d is not open\n", v);
continue;
}
printf("switching to open version %d\n", v);
dbi->version = dbi->rversions[v];
version = dbi->version;
continue;
} else if (strstr(s, "!TR") == s) {
trust = (unsigned int)atoi(&s[3]);
printf("trust level is now %u\n", (unsigned int)trust);
continue;
} else if (strstr(s, "!T") == s) {
type = (unsigned int)atoi(&s[2]);
printf("now searching for type %u\n", type);
continue;
} else if (strcmp(s, "!G") == 0) {
if ((options & DNS_DBFIND_GLUEOK) != 0)
options &= ~DNS_DBFIND_GLUEOK;
else
options |= DNS_DBFIND_GLUEOK;
printf("glue ok = %s\n",
((options & DNS_DBFIND_GLUEOK) != 0) ?
"TRUE" : "FALSE");
continue;
} else if (strcmp(s, "!GV") == 0) {
if ((options & DNS_DBFIND_VALIDATEGLUE) != 0)
options &= ~DNS_DBFIND_VALIDATEGLUE;
else
options |= DNS_DBFIND_VALIDATEGLUE;
printf("validate glue = %s\n",
((options & DNS_DBFIND_VALIDATEGLUE) != 0) ?
"TRUE" : "FALSE");
continue;
} else if (strcmp(s, "!WC") == 0) {
if ((options & DNS_DBFIND_NOWILD) != 0)
options &= ~DNS_DBFIND_NOWILD;
else
options |= DNS_DBFIND_NOWILD;
printf("wildcard matching = %s\n",
((options & DNS_DBFIND_NOWILD) == 0) ?
"TRUE" : "FALSE");
continue;
} else if (strstr(s, "!LS ") == s) {
DBI_CHECK(dbi);
list(dbi, &s[4]);
continue;
} else if (strcmp(s, "!LS") == 0) {
DBI_CHECK(dbi);
list(dbi, NULL);
continue;
} else if (strstr(s, "!DU ") == s) {
DBI_CHECK(dbi);
result = dns_db_dump(dbi->db, dbi->version, s+4);
if (result != ISC_R_SUCCESS) {
printf("\n");
print_result("", result);
}
continue;
} else if (strcmp(s, "!PN") == 0) {
if (printnode)
printnode = ISC_FALSE;
else
printnode = ISC_TRUE;
printf("printnode = %s\n",
printnode ? "TRUE" : "FALSE");
continue;
} else if (strstr(s, "!P") == s) {
DBI_CHECK(dbi);
v = atoi(&s[2]);
dbi->pause_every = v;
continue;
} else if (strcmp(s, "!+") == 0) {
DBI_CHECK(dbi);
dbi->ascending = ISC_TRUE;
continue;
} else if (strcmp(s, "!-") == 0) {
DBI_CHECK(dbi);
dbi->ascending = ISC_FALSE;
continue;
} else if (strcmp(s, "!DB") == 0) {
dbi = NULL;
origin = dns_rootname;
version = NULL;
printf("now searching all databases\n");
continue;
} else if (strncmp(s, "!DB ", 4) == 0) {
dbi = select_db(s+4);
if (dbi != NULL) {
db = dbi->db;
origin = dns_db_origin(dbi->db);
version = dbi->version;
addmode = ISC_FALSE;
delmode = ISC_FALSE;
holdmode = ISC_FALSE;
} else {
db = NULL;
version = NULL;
origin = dns_rootname;
printf("database not found; "
"now searching all databases\n");
}
continue;
} else if (strcmp(s, "!ZC") == 0) {
if (find_zonecut)
find_zonecut = ISC_FALSE;
else
find_zonecut = ISC_TRUE;
printf("find_zonecut = %s\n",
find_zonecut ? "TRUE" : "FALSE");
continue;
} else if (strcmp(s, "!NZ") == 0) {
if (noexact_zonecut)
noexact_zonecut = ISC_FALSE;
else
noexact_zonecut = ISC_TRUE;
printf("noexact_zonecut = %s\n",
noexact_zonecut ? "TRUE" : "FALSE");
continue;
}
isc_buffer_init(&source, s, len);
isc_buffer_add(&source, len);
isc_buffer_init(&target, b, sizeof(b));
result = dns_name_fromtext(&name, &source, origin, 0, &target);
if (result != ISC_R_SUCCESS) {
print_result("bad name: ", result);
continue;
}
if (dbi == NULL) {
zcoptions = 0;
if (noexact_zonecut)
zcoptions |= DNS_DBTABLEFIND_NOEXACT;
db = NULL;
result = dns_dbtable_find(dbtable, &name, zcoptions,
&db);
if (result != ISC_R_SUCCESS &&
result != DNS_R_PARTIALMATCH) {
if (!quiet) {
printf("\n");
print_result("", result);
}
continue;
}
isc_buffer_init(&tb1, t1, sizeof(t1));
result = dns_name_totext(dns_db_origin(db), ISC_FALSE,
&tb1);
if (result != ISC_R_SUCCESS) {
printf("\n");
print_result("", result);
dns_db_detach(&db);
continue;
}
isc_buffer_usedregion(&tb1, &r1);
printf("\ndatabase = %.*s (%s)\n",
(int)r1.length, r1.base,
(dns_db_iszone(db)) ? "zone" : "cache");
}
node = NULL;
dns_rdataset_init(&rdataset);
dns_rdataset_init(&sigrdataset);
if (find_zonecut && dns_db_iscache(db)) {
zcoptions = options;
if (noexact_zonecut)
zcoptions |= DNS_DBFIND_NOEXACT;
result = dns_db_findzonecut(db, &name, zcoptions,
0, &node, fname,
&rdataset, &sigrdataset);
} else {
result = dns_db_find(db, &name, version, type,
options, 0, &node, fname,
&rdataset, &sigrdataset);
}
if (!quiet) {
if (dbi != NULL)
printf("\n");
print_result("", result);
}
found_as = ISC_FALSE;
switch (result) {
case ISC_R_SUCCESS:
case DNS_R_GLUE:
case DNS_R_CNAME:
case DNS_R_ZONECUT:
break;
case DNS_R_DNAME:
case DNS_R_DELEGATION:
found_as = ISC_TRUE;
break;
case DNS_R_NXRRSET:
if (dns_rdataset_isassociated(&rdataset))
break;
if (dbi != NULL) {
if (holdmode) {
RUNTIME_CHECK(dbi->hold_count <
MAXHOLD);
dbi->hold_nodes[dbi->hold_count++] =
node;
node = NULL;
} else
dns_db_detachnode(db, &node);
} else {
dns_db_detachnode(db, &node);
dns_db_detach(&db);
}
continue;
case DNS_R_NXDOMAIN:
if (dns_rdataset_isassociated(&rdataset))
break;
/* FALLTHROUGH */
default:
if (dbi == NULL)
dns_db_detach(&db);
if (quiet)
print_result("", result);
continue;
}
if (found_as && !quiet) {
isc_buffer_init(&tb1, t1, sizeof(t1));
isc_buffer_init(&tb2, t2, sizeof(t2));
result = dns_name_totext(&name, ISC_FALSE, &tb1);
if (result != ISC_R_SUCCESS) {
print_result("", result);
dns_db_detachnode(db, &node);
if (dbi == NULL)
dns_db_detach(&db);
continue;
}
result = dns_name_totext(fname, ISC_FALSE, &tb2);
if (result != ISC_R_SUCCESS) {
print_result("", result);
dns_db_detachnode(db, &node);
if (dbi == NULL)
dns_db_detach(&db);
continue;
}
isc_buffer_usedregion(&tb1, &r1);
isc_buffer_usedregion(&tb2, &r2);
printf("found %.*s as %.*s\n",
(int)r1.length, r1.base,
(int)r2.length, r2.base);
}
if (printnode)
dns_db_printnode(db, node, stdout);
if (!found_as && type == dns_rdatatype_any) {
rdsiter = NULL;
result = dns_db_allrdatasets(db, node, version, 0,
&rdsiter);
if (result == ISC_R_SUCCESS) {
if (!quiet)
print_rdatasets(fname, rdsiter);
dns_rdatasetiter_destroy(&rdsiter);
} else
print_result("", result);
} else {
if (!quiet)
print_rdataset(fname, &rdataset);
if (dns_rdataset_isassociated(&sigrdataset)) {
if (!quiet)
print_rdataset(fname, &sigrdataset);
dns_rdataset_disassociate(&sigrdataset);
}
if (dbi != NULL && addmode && !found_as) {
rdataset.ttl++;
rdataset.trust = trust;
if (dns_db_iszone(db))
addopts = DNS_DBADD_MERGE;
else
addopts = 0;
result = dns_db_addrdataset(db, node, version,
0, &rdataset,
addopts, NULL);
if (result != ISC_R_SUCCESS)
print_result("", result);
if (printnode)
dns_db_printnode(db, node, stdout);
} else if (dbi != NULL && delmode && !found_as) {
result = dns_db_deleterdataset(db, node,
version, type,
0);
if (result != ISC_R_SUCCESS)
print_result("", result);
if (printnode)
dns_db_printnode(db, node, stdout);
}
dns_rdataset_disassociate(&rdataset);
}
if (dbi != NULL) {
if (holdmode) {
RUNTIME_CHECK(dbi->hold_count < MAXHOLD);
dbi->hold_nodes[dbi->hold_count++] = node;
node = NULL;
} else
dns_db_detachnode(db, &node);
} else {
dns_db_detachnode(db, &node);
dns_db_detach(&db);
}
}
if (time_lookups) {
isc_uint64_t usec;
TIME_NOW(&finish);
usec = isc_time_microdiff(&finish, &start);
printf("elapsed time: %lu.%06lu seconds\n",
(unsigned long)(usec / 1000000),
(unsigned long)(usec % 1000000));
}
unload_all();
dns_dbtable_detach(&dbtable);
if (lctx != NULL)
isc_log_destroy(&lctx);
if (!quiet)
isc_mem_stats(mctx, stdout);
return (0);
}
static void
resigned(isc_assertioncallback_t callback) {
isc_result_t result;
dns_rdataset_t rdataset, added;
dns_dbnode_t *node = NULL;
dns_rdatalist_t rdatalist;
dns_rdata_rrsig_t rrsig;
dns_rdata_t rdata = DNS_RDATA_INIT;
isc_buffer_t b;
unsigned char buf[1024];
result = dns_test_begin(NULL, ISC_FALSE);
ATF_REQUIRE_EQ(result, ISC_R_SUCCESS);
setup_db();
/*
* Create a dummy RRSIG record and set a resigning time.
*/
dns_rdataset_init(&added);
dns_rdataset_init(&rdataset);
dns_rdatalist_init(&rdatalist);
isc_buffer_init(&b, buf, sizeof(buf));
DNS_RDATACOMMON_INIT(&rrsig, dns_rdatatype_rrsig, dns_rdataclass_in);
rrsig.covered = dns_rdatatype_a;
rrsig.algorithm = 100;
rrsig.labels = 0;
rrsig.originalttl = 0;
rrsig.timeexpire = 3600;
rrsig.timesigned = 0;
rrsig.keyid = 0;
dns_name_init(&rrsig.signer, NULL);
dns_name_clone(dns_rootname, &rrsig.signer);
rrsig.siglen = 0;
rrsig.signature = NULL;
result = dns_rdata_fromstruct(&rdata, dns_rdataclass_in,
dns_rdatatype_rrsig, &rrsig, &b);
ATF_REQUIRE_EQ(result, ISC_R_SUCCESS);
rdatalist.rdclass = dns_rdataclass_in;
rdatalist.type = dns_rdatatype_rrsig;
ISC_LIST_APPEND(rdatalist.rdata, &rdata, link);
result = dns_rdatalist_tordataset(&rdatalist, &rdataset);
ATF_REQUIRE_EQ(result, ISC_R_SUCCESS);
rdataset.attributes |= DNS_RDATASETATTR_RESIGN;
rdataset.resign = 7200;
result = dns_db_findnode(db1, dns_rootname, ISC_FALSE, &node);
ATF_REQUIRE_EQ(result, ISC_R_SUCCESS);
result = dns_db_addrdataset(db1, node, v1, 0, &rdataset, 0, &added);
ATF_REQUIRE_EQ(result, ISC_R_SUCCESS);
dns_db_detachnode(db1, &node);
ATF_REQUIRE_EQ(node, NULL);
isc_assertion_setcallback(callback);
dns_db_resigned(db1, &added, VERSION(callback));
if (callback != NULL)
atf_tc_fail("dns_db_resigned did not assert");
dns_rdataset_disassociate(&added);
close_db();
dns_test_end();
}
static isc_result_t
diff_apply(dns_diff_t *diff, dns_db_t *db, dns_dbversion_t *ver,
isc_boolean_t warn)
{
dns_difftuple_t *t;
dns_dbnode_t *node = NULL;
isc_result_t result;
char namebuf[DNS_NAME_FORMATSIZE];
char typebuf[DNS_RDATATYPE_FORMATSIZE];
char classbuf[DNS_RDATACLASS_FORMATSIZE];
REQUIRE(DNS_DIFF_VALID(diff));
REQUIRE(DNS_DB_VALID(db));
t = ISC_LIST_HEAD(diff->tuples);
while (t != NULL) {
dns_name_t *name;
INSIST(node == NULL);
name = &t->name;
/*
* Find the node.
* We create the node if it does not exist.
* This will cause an empty node to be created if the diff
* contains a deletion of an RR at a nonexistent name,
* but such diffs should never be created in the first
* place.
*/
while (t != NULL && dns_name_equal(&t->name, name)) {
dns_rdatatype_t type, covers;
dns_diffop_t op;
dns_rdatalist_t rdl;
dns_rdataset_t rds;
dns_rdataset_t ardataset;
dns_rdataset_t *modified = NULL;
op = t->op;
type = t->rdata.type;
covers = rdata_covers(&t->rdata);
/*
* Collect a contiguous set of updates with
* the same operation (add/delete) and RR type
* into a single rdatalist so that the
* database rrset merging/subtraction code
* can work more efficiently than if each
* RR were merged into / subtracted from
* the database separately.
*
* This is done by linking rdata structures from the
* diff into "rdatalist". This uses the rdata link
* field, not the diff link field, so the structure
* of the diff itself is not affected.
*/
dns_rdatalist_init(&rdl);
rdl.type = type;
rdl.covers = covers;
rdl.rdclass = t->rdata.rdclass;
rdl.ttl = t->ttl;
node = NULL;
if (type != dns_rdatatype_nsec3 &&
covers != dns_rdatatype_nsec3)
CHECK(dns_db_findnode(db, name, ISC_TRUE,
&node));
else
CHECK(dns_db_findnsec3node(db, name, ISC_TRUE,
&node));
while (t != NULL &&
dns_name_equal(&t->name, name) &&
t->op == op &&
t->rdata.type == type &&
rdata_covers(&t->rdata) == covers)
{
dns_name_format(name, namebuf, sizeof(namebuf));
dns_rdatatype_format(t->rdata.type, typebuf,
sizeof(typebuf));
dns_rdataclass_format(t->rdata.rdclass,
classbuf,
sizeof(classbuf));
if (t->ttl != rdl.ttl && warn)
isc_log_write(DIFF_COMMON_LOGARGS,
ISC_LOG_WARNING,
"'%s/%s/%s': TTL differs in "
"rdataset, adjusting "
"%lu -> %lu",
namebuf, typebuf, classbuf,
(unsigned long) t->ttl,
(unsigned long) rdl.ttl);
ISC_LIST_APPEND(rdl.rdata, &t->rdata, link);
t = ISC_LIST_NEXT(t, link);
}
/*
* Convert the rdatalist into a rdataset.
*/
dns_rdataset_init(&rds);
CHECK(dns_rdatalist_tordataset(&rdl, &rds));
if (rds.type == dns_rdatatype_rrsig)
switch (op) {
case DNS_DIFFOP_ADDRESIGN:
case DNS_DIFFOP_DELRESIGN:
modified = &ardataset;
dns_rdataset_init(modified);
break;
default:
break;
}
rds.trust = dns_trust_ultimate;
/*
* Merge the rdataset into the database.
*/
switch (op) {
case DNS_DIFFOP_ADD:
case DNS_DIFFOP_ADDRESIGN:
result = dns_db_addrdataset(db, node, ver,
0, &rds,
DNS_DBADD_MERGE|
DNS_DBADD_EXACT|
DNS_DBADD_EXACTTTL,
modified);
break;
case DNS_DIFFOP_DEL:
case DNS_DIFFOP_DELRESIGN:
result = dns_db_subtractrdataset(db, node, ver,
&rds,
DNS_DBSUB_EXACT,
modified);
break;
default:
INSIST(0);
}
if (result == ISC_R_SUCCESS) {
if (modified != NULL) {
isc_stdtime_t resign;
resign = setresign(modified);
dns_db_setsigningtime(db, modified,
resign);
}
} else if (result == DNS_R_UNCHANGED) {
/*
* This will not happen when executing a
* dynamic update, because that code will
* generate strictly minimal diffs.
* It may happen when receiving an IXFR
* from a server that is not as careful.
* Issue a warning and continue.
*/
if (warn) {
dns_name_format(dns_db_origin(db),
namebuf,
sizeof(namebuf));
dns_rdataclass_format(dns_db_class(db),
classbuf,
sizeof(classbuf));
isc_log_write(DIFF_COMMON_LOGARGS,
ISC_LOG_WARNING,
"%s/%s: dns_diff_apply: "
"update with no effect",
namebuf, classbuf);
}
} else if (result == DNS_R_NXRRSET) {
/*
* OK.
*/
} else {
if (modified != NULL &&
dns_rdataset_isassociated(modified))
dns_rdataset_disassociate(modified);
CHECK(result);
}
dns_db_detachnode(db, &node);
if (modified != NULL &&
dns_rdataset_isassociated(modified))
dns_rdataset_disassociate(modified);
}
}
return (ISC_R_SUCCESS);
failure:
if (node != NULL)
dns_db_detachnode(db, &node);
return (result);
}
/*%
* Configure static-stub zone.
*/
static isc_result_t
configure_staticstub(const cfg_obj_t *zconfig, dns_zone_t *zone,
const char *zname, const char *dbtype)
{
int i = 0;
const cfg_obj_t *obj;
isc_mem_t *mctx = dns_zone_getmctx(zone);
dns_db_t *db = NULL;
dns_dbversion_t *dbversion = NULL;
dns_dbnode_t *apexnode = NULL;
dns_name_t apexname;
isc_result_t result;
dns_rdataset_t rdataset;
dns_rdatalist_t rdatalist_ns, rdatalist_a, rdatalist_aaaa;
dns_rdatalist_t* rdatalists[] = {
&rdatalist_ns, &rdatalist_a, &rdatalist_aaaa, NULL
};
dns_rdata_t *rdata;
isc_region_t region;
/* Create the DB beforehand */
RETERR(dns_db_create(mctx, dbtype, dns_zone_getorigin(zone),
dns_dbtype_stub, dns_zone_getclass(zone),
0, NULL, &db));
dns_zone_setdb(zone, db);
dns_rdatalist_init(&rdatalist_ns);
rdatalist_ns.rdclass = dns_zone_getclass(zone);
rdatalist_ns.type = dns_rdatatype_ns;
rdatalist_ns.ttl = STATICSTUB_SERVER_TTL;
dns_rdatalist_init(&rdatalist_a);
rdatalist_a.rdclass = dns_zone_getclass(zone);
rdatalist_a.type = dns_rdatatype_a;
rdatalist_a.ttl = STATICSTUB_SERVER_TTL;
dns_rdatalist_init(&rdatalist_aaaa);
rdatalist_aaaa.rdclass = dns_zone_getclass(zone);
rdatalist_aaaa.type = dns_rdatatype_aaaa;
rdatalist_aaaa.ttl = STATICSTUB_SERVER_TTL;
/* Prepare zone RRs from the configuration */
obj = NULL;
result = cfg_map_get(zconfig, "server-addresses", &obj);
if (result == ISC_R_SUCCESS) {
INSIST(obj != NULL);
result = configure_staticstub_serveraddrs(obj, zone,
&rdatalist_ns,
&rdatalist_a,
&rdatalist_aaaa);
if (result != ISC_R_SUCCESS)
goto cleanup;
}
obj = NULL;
result = cfg_map_get(zconfig, "server-names", &obj);
if (result == ISC_R_SUCCESS) {
INSIST(obj != NULL);
result = configure_staticstub_servernames(obj, zone,
&rdatalist_ns,
zname);
if (result != ISC_R_SUCCESS)
goto cleanup;
}
/*
* Sanity check: there should be at least one NS RR at the zone apex
* to trigger delegation.
*/
if (ISC_LIST_EMPTY(rdatalist_ns.rdata)) {
isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL,
NS_LOGMODULE_SERVER, ISC_LOG_ERROR,
"No NS record is configured for a "
"static-stub zone '%s'", zname);
result = ISC_R_FAILURE;
goto cleanup;
}
/*
* Now add NS and glue A/AAAA RRsets to the zone DB.
* First open a new version for the add operation and get a pointer
* to the apex node (all RRs are of the apex name).
*/
result = dns_db_newversion(db, &dbversion);
if (result != ISC_R_SUCCESS)
goto cleanup;
dns_name_init(&apexname, NULL);
dns_name_clone(dns_zone_getorigin(zone), &apexname);
result = dns_db_findnode(db, &apexname, ISC_FALSE, &apexnode);
if (result != ISC_R_SUCCESS)
goto cleanup;
/* Add NS RRset */
dns_rdataset_init(&rdataset);
RUNTIME_CHECK(dns_rdatalist_tordataset(&rdatalist_ns, &rdataset)
== ISC_R_SUCCESS);
result = dns_db_addrdataset(db, apexnode, dbversion, 0, &rdataset,
0, NULL);
dns_rdataset_disassociate(&rdataset);
if (result != ISC_R_SUCCESS)
goto cleanup;
/* Add glue A RRset, if any */
if (!ISC_LIST_EMPTY(rdatalist_a.rdata)) {
RUNTIME_CHECK(dns_rdatalist_tordataset(&rdatalist_a, &rdataset)
== ISC_R_SUCCESS);
result = dns_db_addrdataset(db, apexnode, dbversion, 0,
&rdataset, 0, NULL);
dns_rdataset_disassociate(&rdataset);
if (result != ISC_R_SUCCESS)
goto cleanup;
}
/* Add glue AAAA RRset, if any */
if (!ISC_LIST_EMPTY(rdatalist_aaaa.rdata)) {
RUNTIME_CHECK(dns_rdatalist_tordataset(&rdatalist_aaaa,
&rdataset)
== ISC_R_SUCCESS);
result = dns_db_addrdataset(db, apexnode, dbversion, 0,
&rdataset, 0, NULL);
dns_rdataset_disassociate(&rdataset);
if (result != ISC_R_SUCCESS)
goto cleanup;
}
result = ISC_R_SUCCESS;
cleanup:
if (apexnode != NULL)
dns_db_detachnode(db, &apexnode);
if (dbversion != NULL)
dns_db_closeversion(db, &dbversion, ISC_TRUE);
if (db != NULL)
dns_db_detach(&db);
for (i = 0; rdatalists[i] != NULL; i++) {
while ((rdata = ISC_LIST_HEAD(rdatalists[i]->rdata)) != NULL) {
ISC_LIST_UNLINK(rdatalists[i]->rdata, rdata, link);
dns_rdata_toregion(rdata, ®ion);
isc_mem_put(mctx, rdata,
sizeof(*rdata) + region.length);
}
}
return (result);
}
isc_result_t
dns_ncache_add(dns_message_t *message, dns_db_t *cache, dns_dbnode_t *node,
dns_rdatatype_t covers, isc_stdtime_t now, dns_ttl_t maxttl,
dns_rdataset_t *addedrdataset)
{
isc_result_t result;
isc_buffer_t buffer;
isc_region_t r;
dns_rdataset_t *rdataset;
dns_rdatatype_t type;
dns_name_t *name;
dns_ttl_t ttl;
dns_trust_t trust;
dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdataset_t ncrdataset;
dns_rdatalist_t ncrdatalist;
unsigned char data[4096];
/*
* Convert the authority data from 'message' into a negative cache
* rdataset, and store it in 'cache' at 'node'.
*/
REQUIRE(message != NULL);
/*
* We assume that all data in the authority section has been
* validated by the caller.
*/
/*
* First, build an ncache rdata in buffer.
*/
ttl = maxttl;
trust = 0xffff;
isc_buffer_init(&buffer, data, sizeof(data));
if (message->counts[DNS_SECTION_AUTHORITY])
result = dns_message_firstname(message, DNS_SECTION_AUTHORITY);
else
result = ISC_R_NOMORE;
while (result == ISC_R_SUCCESS) {
name = NULL;
dns_message_currentname(message, DNS_SECTION_AUTHORITY,
&name);
if ((name->attributes & DNS_NAMEATTR_NCACHE) != 0) {
for (rdataset = ISC_LIST_HEAD(name->list);
rdataset != NULL;
rdataset = ISC_LIST_NEXT(rdataset, link)) {
if ((rdataset->attributes &
DNS_RDATASETATTR_NCACHE) == 0)
continue;
type = rdataset->type;
if (type == dns_rdatatype_rrsig)
type = rdataset->covers;
if (type == dns_rdatatype_soa ||
type == dns_rdatatype_nsec) {
if (ttl > rdataset->ttl)
ttl = rdataset->ttl;
if (trust > rdataset->trust)
trust = rdataset->trust;
/*
* Copy the owner name to the buffer.
*/
dns_name_toregion(name, &r);
result = isc_buffer_copyregion(&buffer,
&r);
if (result != ISC_R_SUCCESS)
return (result);
/*
* Copy the type to the buffer.
*/
isc_buffer_availableregion(&buffer,
&r);
if (r.length < 2)
return (ISC_R_NOSPACE);
isc_buffer_putuint16(&buffer,
rdataset->type);
/*
* Copy the rdataset into the buffer.
*/
result = copy_rdataset(rdataset,
&buffer);
if (result != ISC_R_SUCCESS)
return (result);
}
}
}
result = dns_message_nextname(message, DNS_SECTION_AUTHORITY);
}
if (result != ISC_R_NOMORE)
return (result);
if (trust == 0xffff) {
/*
* We didn't find any authority data from which to create a
* negative cache rdataset. In particular, we have no SOA.
*
* We trust that the caller wants negative caching, so this
* means we have a "type 3 nxdomain" or "type 3 nodata"
* response (see RFC 2308 for details).
*
* We will now build a suitable negative cache rdataset that
* will cause zero bytes to be emitted when converted to
* wire format.
*/
/*
* The ownername must exist, but it doesn't matter what value
* it has. We use the root name.
*/
dns_name_toregion(dns_rootname, &r);
result = isc_buffer_copyregion(&buffer, &r);
if (result != ISC_R_SUCCESS)
return (result);
/*
* Copy the type and a zero rdata count to the buffer.
*/
isc_buffer_availableregion(&buffer, &r);
if (r.length < 4)
return (ISC_R_NOSPACE);
isc_buffer_putuint16(&buffer, 0);
isc_buffer_putuint16(&buffer, 0);
/*
* RFC 2308, section 5, says that negative answers without
* SOAs should not be cached.
*/
ttl = 0;
/*
* Set trust.
*/
if ((message->flags & DNS_MESSAGEFLAG_AA) != 0 &&
message->counts[DNS_SECTION_ANSWER] == 0) {
/*
* The response has aa set and we haven't followed
* any CNAME or DNAME chains.
*/
trust = dns_trust_authauthority;
} else
trust = dns_trust_additional;
}
/*
* Now add it to the cache.
*/
INSIST(trust != 0xffff);
isc_buffer_usedregion(&buffer, &r);
rdata.data = r.base;
rdata.length = r.length;
rdata.rdclass = dns_db_class(cache);
rdata.type = 0;
rdata.flags = 0;
ncrdatalist.rdclass = rdata.rdclass;
ncrdatalist.type = 0;
ncrdatalist.covers = covers;
ncrdatalist.ttl = ttl;
ISC_LIST_INIT(ncrdatalist.rdata);
ISC_LINK_INIT(&ncrdatalist, link);
ISC_LIST_APPEND(ncrdatalist.rdata, &rdata, link);
dns_rdataset_init(&ncrdataset);
RUNTIME_CHECK(dns_rdatalist_tordataset(&ncrdatalist, &ncrdataset)
== ISC_R_SUCCESS);
ncrdataset.trust = trust;
if (message->rcode == dns_rcode_nxdomain)
ncrdataset.attributes |= DNS_RDATASETATTR_NXDOMAIN;
return (dns_db_addrdataset(cache, node, NULL, now, &ncrdataset,
0, addedrdataset));
}
static isc_result_t
diff_apply(dns_diff_t *diff, dns_db_t *db, dns_dbversion_t *ver,
isc_boolean_t warn)
{
dns_difftuple_t *t;
dns_dbnode_t *node = NULL;
isc_result_t result;
REQUIRE(DNS_DIFF_VALID(diff));
REQUIRE(DNS_DB_VALID(db));
t = ISC_LIST_HEAD(diff->tuples);
while (t != NULL) {
dns_name_t *name;
INSIST(node == NULL);
name = &t->name;
/*
* Find the node.
* We create the node if it does not exist.
* This will cause an empty node to be created if the diff
* contains a deletion of an RR at a nonexistent name,
* but such diffs should never be created in the first
* place.
*/
node = NULL;
CHECK(dns_db_findnode(db, name, ISC_TRUE, &node));
while (t != NULL && dns_name_equal(&t->name, name)) {
dns_rdatatype_t type, covers;
dns_diffop_t op;
dns_rdatalist_t rdl;
dns_rdataset_t rds;
op = t->op;
type = t->rdata.type;
covers = rdata_covers(&t->rdata);
/*
* Collect a contiguous set of updates with
* the same operation (add/delete) and RR type
* into a single rdatalist so that the
* database rrset merging/subtraction code
* can work more efficiently than if each
* RR were merged into / subtracted from
* the database separately.
*
* This is done by linking rdata structures from the
* diff into "rdatalist". This uses the rdata link
* field, not the diff link field, so the structure
* of the diff itself is not affected.
*/
rdl.type = type;
rdl.covers = covers;
rdl.rdclass = t->rdata.rdclass;
rdl.ttl = t->ttl;
ISC_LIST_INIT(rdl.rdata);
ISC_LINK_INIT(&rdl, link);
while (t != NULL &&
dns_name_equal(&t->name, name) &&
t->op == op &&
t->rdata.type == type &&
rdata_covers(&t->rdata) == covers)
{
if (t->ttl != rdl.ttl && warn)
isc_log_write(DIFF_COMMON_LOGARGS,
ISC_LOG_WARNING,
"TTL differs in rdataset, "
"adjusting %lu -> %lu",
(unsigned long) t->ttl,
(unsigned long) rdl.ttl);
ISC_LIST_APPEND(rdl.rdata, &t->rdata, link);
t = ISC_LIST_NEXT(t, link);
}
/*
* Convert the rdatalist into a rdataset.
*/
dns_rdataset_init(&rds);
CHECK(dns_rdatalist_tordataset(&rdl, &rds));
rds.trust = dns_trust_ultimate;
/*
* Merge the rdataset into the database.
*/
if (op == DNS_DIFFOP_ADD) {
result = dns_db_addrdataset(db, node, ver,
0, &rds,
DNS_DBADD_MERGE|
DNS_DBADD_EXACT|
DNS_DBADD_EXACTTTL,
NULL);
} else if (op == DNS_DIFFOP_DEL) {
result = dns_db_subtractrdataset(db, node, ver,
&rds,
DNS_DBSUB_EXACT,
NULL);
} else {
INSIST(0);
}
if (result == DNS_R_UNCHANGED) {
/*
* This will not happen when executing a
* dynamic update, because that code will
* generate strictly minimal diffs.
* It may happen when receiving an IXFR
* from a server that is not as careful.
* Issue a warning and continue.
*/
if (warn)
isc_log_write(DIFF_COMMON_LOGARGS,
ISC_LOG_WARNING,
"update with no effect");
} else if (result == ISC_R_SUCCESS ||
result == DNS_R_NXRRSET) {
/*
* OK.
*/
} else {
CHECK(result);
}
}
dns_db_detachnode(db, &node);
}
return (ISC_R_SUCCESS);
failure:
if (node != NULL)
dns_db_detachnode(db, &node);
return (result);
}
