static int
xfrd_handle_notify_reply(struct notify_zone_t* zone, buffer_type* packet)
{
if((OPCODE(packet) != OPCODE_NOTIFY) ||
(QR(packet) == 0)) {
log_msg(LOG_ERR, "xfrd: zone %s: received bad notify reply opcode/flags",
zone->apex_str);
return 0;
}
/* we know it is OPCODE NOTIFY, QUERY_REPLY and for this zone */
if(ID(packet) != zone->notify_query_id) {
log_msg(LOG_ERR, "xfrd: zone %s: received notify-ack with bad ID",
zone->apex_str);
return 0;
}
/* could check tsig, but why. The reply does not cause processing. */
if(RCODE(packet) != RCODE_OK) {
log_msg(LOG_ERR, "xfrd: zone %s: received notify response error %s from %s",
zone->apex_str, rcode2str(RCODE(packet)),
zone->notify_current->ip_address_spec);
if(RCODE(packet) == RCODE_IMPL)
return 1; /* rfc1996: notimpl notify reply: consider retries done */
return 0;
}
DEBUG(DEBUG_XFRD,1, (LOG_INFO, "xfrd: zone %s: host %s acknowledges notify",
zone->apex_str, zone->notify_current->ip_address_spec));
return 1;
}
/* parse the received packet. returns xfrd packet result code. */
static enum xfrd_packet_result
xfrd_parse_received_xfr_packet(xfrd_zone_t* zone, buffer_type* packet,
xfrd_soa_t* soa)
{
size_t rr_count;
size_t qdcount = QDCOUNT(packet);
size_t ancount = ANCOUNT(packet), ancount_todo;
int done = 0;
/* has to be axfr / ixfr reply */
if(!buffer_available(packet, QHEADERSZ)) {
log_msg(LOG_INFO, "packet too small");
return xfrd_packet_bad;
}
/* only check ID in first response message. Could also check that
* AA bit and QR bit are set, but not needed.
*/
DEBUG(DEBUG_XFRD,2, (LOG_INFO,
"got query with ID %d and %d needed", ID(packet), zone->query_id));
if(ID(packet) != zone->query_id) {
log_msg(LOG_ERR, "xfrd: zone %s received bad query id from %s, "
"dropped",
zone->apex_str, zone->master->ip_address_spec);
return xfrd_packet_bad;
}
/* check RCODE in all response messages */
if(RCODE(packet) != RCODE_OK) {
log_msg(LOG_ERR, "xfrd: zone %s received error code %s from "
"%s",
zone->apex_str, rcode2str(RCODE(packet)),
zone->master->ip_address_spec);
if (RCODE(packet) == RCODE_IMPL ||
RCODE(packet) == RCODE_FORMAT) {
return xfrd_packet_notimpl;
}
return xfrd_packet_bad;
}
/* check TSIG */
if(zone->master->key_options) {
if(!xfrd_xfr_process_tsig(zone, packet)) {
DEBUG(DEBUG_XFRD,1, (LOG_ERR, "dropping xfr reply due "
"to bad TSIG"));
return xfrd_packet_bad;
}
}
buffer_skip(packet, QHEADERSZ);
/* skip question section */
for(rr_count = 0; rr_count < qdcount; ++rr_count) {
if (!packet_skip_rr(packet, 1)) {
log_msg(LOG_ERR, "xfrd: zone %s, from %s: bad RR in "
"question section",
zone->apex_str, zone->master->ip_address_spec);
return xfrd_packet_bad;
}
}
if(zone->msg_rr_count == 0 && ancount == 0) {
if(zone->tcp_conn == -1 && TC(packet)) {
DEBUG(DEBUG_XFRD,1, (LOG_INFO, "xfrd: TC flagged"));
return xfrd_packet_tcp;
}
DEBUG(DEBUG_XFRD,1, (LOG_INFO, "xfrd: too short xfr packet: no "
"answer"));
return xfrd_packet_bad;
}
ancount_todo = ancount;
if(zone->msg_rr_count == 0) {
/* parse the first RR, see if it is a SOA */
if(!packet_skip_dname(packet) ||
!xfrd_parse_soa_info(packet, soa))
{
DEBUG(DEBUG_XFRD,1, (LOG_ERR, "xfrd: zone %s, from %s: "
"no SOA begins answer"
" section",
zone->apex_str, zone->master->ip_address_spec));
return xfrd_packet_bad;
}
if(zone->soa_disk_acquired != 0 &&
zone->state != xfrd_zone_expired /* if expired - accept anything */ &&
compare_serial(ntohl(soa->serial), ntohl(zone->soa_disk.serial)) < 0) {
DEBUG(DEBUG_XFRD,1, (LOG_INFO,
"xfrd: zone %s ignoring old serial from %s",
zone->apex_str, zone->master->ip_address_spec));
VERBOSITY(1, (LOG_INFO,
"xfrd: zone %s ignoring old serial from %s",
zone->apex_str, zone->master->ip_address_spec));
return xfrd_packet_bad;
}
if(zone->soa_disk_acquired != 0 && zone->soa_disk.serial == soa->serial) {
DEBUG(DEBUG_XFRD,1, (LOG_INFO, "xfrd: zone %s got "
"update indicating "
"current serial",
zone->apex_str));
/* (even if notified) the lease on the current soa is renewed */
zone->soa_disk_acquired = xfrd_time();
if(zone->soa_nsd.serial == soa->serial)
zone->soa_nsd_acquired = xfrd_time();
xfrd_set_zone_state(zone, xfrd_zone_ok);
DEBUG(DEBUG_XFRD,1, (LOG_INFO, "xfrd: zone %s is ok",
zone->apex_str));
if(zone->soa_notified_acquired == 0) {
/* not notified or anything, so stop asking around */
zone->round_num = -1; /* next try start a new round */
xfrd_set_timer_refresh(zone);
return xfrd_packet_newlease;
}
/* try next master */
return xfrd_packet_bad;
}
DEBUG(DEBUG_XFRD,1, (LOG_INFO, "IXFR reply has ok serial (have \
%u, reply %u).", ntohl(zone->soa_disk.serial), ntohl(soa->serial)));
/* serial is newer than soa_disk */
if(ancount == 1) {
/* single record means it is like a notify */
(void)xfrd_handle_incoming_notify(zone, soa);
}
else if(zone->soa_notified_acquired && zone->soa_notified.serial &&
compare_serial(ntohl(zone->soa_notified.serial), ntohl(soa->serial)) < 0) {
/* this AXFR/IXFR notifies me that an even newer serial exists */
zone->soa_notified.serial = soa->serial;
}
zone->msg_new_serial = ntohl(soa->serial);
zone->msg_rr_count = 1;
zone->msg_is_ixfr = 0;
if(zone->soa_disk_acquired)
zone->msg_old_serial = ntohl(zone->soa_disk.serial);
else zone->msg_old_serial = 0;
ancount_todo = ancount - 1;
}
if(zone->tcp_conn == -1 && TC(packet)) {
DEBUG(DEBUG_XFRD,1, (LOG_INFO,
"xfrd: zone %s received TC from %s. retry tcp.",
zone->apex_str, zone->master->ip_address_spec));
return xfrd_packet_tcp;
}
if(zone->tcp_conn == -1 && ancount < 2) {
/* too short to be a real ixfr/axfr data transfer: need at */
/* least two RRs in the answer section. */
/* The serial is newer, so try tcp to this master. */
DEBUG(DEBUG_XFRD,1, (LOG_INFO, "xfrd: udp reply is short. Try "
"tcp anyway."));
return xfrd_packet_tcp;
}
if(!xfrd_xfr_check_rrs(zone, packet, ancount_todo, &done, soa))
{
DEBUG(DEBUG_XFRD,1, (LOG_INFO, "xfrd: zone %s sent bad xfr "
"reply.", zone->apex_str));
return xfrd_packet_bad;
}
if(zone->tcp_conn == -1 && done == 0) {
DEBUG(DEBUG_XFRD,1, (LOG_INFO, "xfrd: udp reply incomplete"));
return xfrd_packet_bad;
}
if(done == 0)
return xfrd_packet_more;
if(zone->master->key_options) {
if(zone->tsig.updates_since_last_prepare != 0) {
log_msg(LOG_INFO, "xfrd: last packet of reply has no "
"TSIG");
return xfrd_packet_bad;
}
}
return xfrd_packet_transfer;
}
