static isc_result_t
freezezones(dns_zone_t *zone, void *uap) {
isc_boolean_t freeze = *(isc_boolean_t *)uap;
isc_boolean_t frozen;
isc_result_t result = ISC_R_SUCCESS;
char classstr[DNS_RDATACLASS_FORMATSIZE];
char zonename[DNS_NAME_FORMATSIZE];
dns_view_t *view;
char *journal;
const char *vname;
const char *sep;
int level;
if (dns_zone_gettype(zone) != dns_zone_master)
return (ISC_R_SUCCESS);
frozen = dns_zone_getupdatedisabled(zone);
if (freeze) {
if (frozen)
result = DNS_R_FROZEN;
if (result == ISC_R_SUCCESS)
result = dns_zone_flush(zone);
if (result == ISC_R_SUCCESS) {
journal = dns_zone_getjournal(zone);
if (journal != NULL)
(void)isc_file_remove(journal);
}
} else {
if (frozen) {
result = dns_zone_load(zone);
if (result == DNS_R_CONTINUE ||
result == DNS_R_UPTODATE)
result = ISC_R_SUCCESS;
}
}
if (result == ISC_R_SUCCESS)
dns_zone_setupdatedisabled(zone, freeze);
view = dns_zone_getview(zone);
if (strcmp(view->name, "_bind") == 0 ||
strcmp(view->name, "_default") == 0)
{
vname = "";
sep = "";
} else {
vname = view->name;
sep = " ";
}
dns_rdataclass_format(dns_zone_getclass(zone), classstr,
sizeof(classstr));
dns_name_format(dns_zone_getorigin(zone), zonename, sizeof(zonename));
level = (result != ISC_R_SUCCESS) ? ISC_LOG_ERROR : ISC_LOG_DEBUG(1);
isc_log_write(dns_lctx, DNS_LOGCATEGORY_GENERAL, DNS_LOGMODULE_ZONE,
level, "%s zone '%s/%s'%s%s: %s",
freeze ? "freezing" : "thawing",
zonename, classstr, sep, vname,
isc_result_totext(result));
return (result);
}
static isc_result_t
zone_xmlrender(dns_zone_t *zone, void *arg) {
char buf[1024 + 32]; /* sufficiently large for zone name and class */
dns_rdataclass_t rdclass;
isc_uint32_t serial;
xmlTextWriterPtr writer = arg;
isc_stats_t *zonestats;
isc_uint64_t nsstat_values[dns_nsstatscounter_max];
int xmlrc;
isc_result_t result;
TRY0(xmlTextWriterStartElement(writer, ISC_XMLCHAR "zone"));
dns_zone_name(zone, buf, sizeof(buf));
TRY0(xmlTextWriterStartElement(writer, ISC_XMLCHAR "name"));
TRY0(xmlTextWriterWriteString(writer, ISC_XMLCHAR buf));
TRY0(xmlTextWriterEndElement(writer));
rdclass = dns_zone_getclass(zone);
dns_rdataclass_format(rdclass, buf, sizeof(buf));
TRY0(xmlTextWriterStartElement(writer, ISC_XMLCHAR "rdataclass"));
TRY0(xmlTextWriterWriteString(writer, ISC_XMLCHAR buf));
TRY0(xmlTextWriterEndElement(writer));
TRY0(xmlTextWriterStartElement(writer, ISC_XMLCHAR "serial"));
if (dns_zone_getserial2(zone, &serial) == ISC_R_SUCCESS)
TRY0(xmlTextWriterWriteFormatString(writer, "%u", serial));
else
TRY0(xmlTextWriterWriteString(writer, ISC_XMLCHAR "-"));
TRY0(xmlTextWriterEndElement(writer));
zonestats = dns_zone_getrequeststats(zone);
if (zonestats != NULL) {
TRY0(xmlTextWriterStartElement(writer, ISC_XMLCHAR "counters"));
result = dump_counters(zonestats, statsformat_xml, writer, NULL,
nsstats_xmldesc, dns_nsstatscounter_max,
nsstats_index, nsstat_values,
ISC_STATSDUMP_VERBOSE);
if (result != ISC_R_SUCCESS)
goto error;
TRY0(xmlTextWriterEndElement(writer)); /* counters */
}
TRY0(xmlTextWriterEndElement(writer)); /* zone */
return (ISC_R_SUCCESS);
error:
return (ISC_R_FAILURE);
}
static void
xfrout_logv(ns_client_t *client, dns_name_t *zonename,
dns_rdataclass_t rdclass, int level, const char *fmt, va_list ap)
{
char msgbuf[2048];
char namebuf[DNS_NAME_FORMATSIZE];
char classbuf[DNS_RDATACLASS_FORMATSIZE];
dns_name_format(zonename, namebuf, sizeof(namebuf));
dns_rdataclass_format(rdclass, classbuf, sizeof(classbuf));
vsnprintf(msgbuf, sizeof(msgbuf), fmt, ap);
ns_client_log(client, DNS_LOGCATEGORY_XFER_OUT,
NS_LOGMODULE_XFER_OUT, level,
"transfer of '%s/%s': %s", namebuf, classbuf, msgbuf);
}
/*% load zones from the configuration */
static isc_result_t
load_zones_fromconfig(const cfg_obj_t *config, isc_mem_t *mctx) {
const cfg_listelt_t *element;
const cfg_obj_t *views;
const cfg_obj_t *vconfig;
isc_result_t result = ISC_R_SUCCESS;
isc_result_t tresult;
views = NULL;
(void)cfg_map_get(config, "view", &views);
for (element = cfg_list_first(views);
element != NULL;
element = cfg_list_next(element))
{
const cfg_obj_t *classobj;
dns_rdataclass_t viewclass;
const char *vname;
char buf[sizeof("CLASS65535")];
vconfig = cfg_listelt_value(element);
if (vconfig == NULL)
continue;
classobj = cfg_tuple_get(vconfig, "class");
CHECK(config_getclass(classobj, dns_rdataclass_in,
&viewclass));
if (dns_rdataclass_ismeta(viewclass))
CHECK(ISC_R_FAILURE);
dns_rdataclass_format(viewclass, buf, sizeof(buf));
vname = cfg_obj_asstring(cfg_tuple_get(vconfig, "name"));
tresult = configure_view(buf, vname, config, vconfig, mctx);
if (tresult != ISC_R_SUCCESS)
result = tresult;
}
if (views == NULL) {
tresult = configure_view("IN", "_default", config, NULL, mctx);
if (tresult != ISC_R_SUCCESS)
result = tresult;
}
cleanup:
return (result);
}
static isc_result_t
zone_xmlrender(dns_zone_t *zone, void *arg) {
char buf[1024 + 32]; /* sufficiently large for zone name and class */
dns_rdataclass_t rdclass;
isc_uint32_t serial;
xmlTextWriterPtr writer = arg;
stats_dumparg_t dumparg;
dns_stats_t *zonestats;
xmlTextWriterStartElement(writer, ISC_XMLCHAR "zone");
dns_zone_name(zone, buf, sizeof(buf));
xmlTextWriterStartElement(writer, ISC_XMLCHAR "name");
xmlTextWriterWriteString(writer, ISC_XMLCHAR buf);
xmlTextWriterEndElement(writer);
rdclass = dns_zone_getclass(zone);
dns_rdataclass_format(rdclass, buf, sizeof(buf));
xmlTextWriterStartElement(writer, ISC_XMLCHAR "rdataclass");
xmlTextWriterWriteString(writer, ISC_XMLCHAR buf);
xmlTextWriterEndElement(writer);
serial = dns_zone_getserial(zone);
xmlTextWriterStartElement(writer, ISC_XMLCHAR "serial");
xmlTextWriterWriteFormatString(writer, "%u", serial);
xmlTextWriterEndElement(writer);
dumparg.type = statsformat_xml;
dumparg.arg = writer;
dumparg.desc = nsstats_xmldesc;
dumparg.ncounters = dns_nsstatscounter_max;
zonestats = dns_zone_getrequeststats(zone);
if (zonestats != NULL) {
xmlTextWriterStartElement(writer, ISC_XMLCHAR "counters");
dns_generalstats_dump(zonestats, generalstat_dump,
&dumparg, DNS_STATSDUMP_VERBOSE);
xmlTextWriterEndElement(writer); /* counters */
}
xmlTextWriterEndElement(writer); /* zone */
return (ISC_R_SUCCESS);
}
void
ns_xfr_start(ns_client_t *client, dns_rdatatype_t reqtype) {
isc_result_t result;
dns_name_t *question_name;
dns_rdataset_t *question_rdataset;
dns_zone_t *zone = NULL, *raw = NULL, *mayberaw;
dns_db_t *db = NULL;
dns_dbversion_t *ver = NULL;
dns_rdataclass_t question_class;
rrstream_t *soa_stream = NULL;
rrstream_t *data_stream = NULL;
rrstream_t *stream = NULL;
dns_difftuple_t *current_soa_tuple = NULL;
dns_name_t *soa_name;
dns_rdataset_t *soa_rdataset;
dns_rdata_t soa_rdata = DNS_RDATA_INIT;
isc_boolean_t have_soa = ISC_FALSE;
const char *mnemonic = NULL;
isc_mem_t *mctx = client->mctx;
dns_message_t *request = client->message;
xfrout_ctx_t *xfr = NULL;
isc_quota_t *quota = NULL;
dns_transfer_format_t format = client->view->transfer_format;
isc_netaddr_t na;
dns_peer_t *peer = NULL;
isc_buffer_t *tsigbuf = NULL;
char *journalfile;
char msg[NS_CLIENT_ACLMSGSIZE("zone transfer")];
char keyname[DNS_NAME_FORMATSIZE];
isc_boolean_t is_poll = ISC_FALSE;
isc_boolean_t is_dlz = ISC_FALSE;
isc_boolean_t is_ixfr = ISC_FALSE;
isc_uint32_t begin_serial = 0, current_serial;
switch (reqtype) {
case dns_rdatatype_axfr:
mnemonic = "AXFR";
break;
case dns_rdatatype_ixfr:
mnemonic = "IXFR";
break;
default:
INSIST(0);
break;
}
ns_client_log(client,
DNS_LOGCATEGORY_XFER_OUT, NS_LOGMODULE_XFER_OUT,
ISC_LOG_DEBUG(6), "%s request", mnemonic);
/*
* Apply quota.
*/
result = isc_quota_attach(&ns_g_server->xfroutquota, "a);
if (result != ISC_R_SUCCESS) {
isc_log_write(XFROUT_COMMON_LOGARGS, ISC_LOG_WARNING,
"%s request denied: %s", mnemonic,
isc_result_totext(result));
goto failure;
}
/*
* Interpret the question section.
*/
result = dns_message_firstname(request, DNS_SECTION_QUESTION);
INSIST(result == ISC_R_SUCCESS);
/*
* The question section must contain exactly one question, and
* it must be for AXFR/IXFR as appropriate.
*/
question_name = NULL;
dns_message_currentname(request, DNS_SECTION_QUESTION, &question_name);
question_rdataset = ISC_LIST_HEAD(question_name->list);
question_class = question_rdataset->rdclass;
INSIST(question_rdataset->type == reqtype);
if (ISC_LIST_NEXT(question_rdataset, link) != NULL)
FAILC(DNS_R_FORMERR, "multiple questions");
result = dns_message_nextname(request, DNS_SECTION_QUESTION);
if (result != ISC_R_NOMORE)
FAILC(DNS_R_FORMERR, "multiple questions");
result = dns_zt_find(client->view->zonetable, question_name, 0, NULL,
&zone);
if (result != ISC_R_SUCCESS) {
/*
* Normal zone table does not have a match.
* Try the DLZ database
*/
// Temporary: only searching the first DLZ database
if (! ISC_LIST_EMPTY(client->view->dlz_searched)) {
result = dns_dlzallowzonexfr(client->view,
question_name,
&client->peeraddr,
&db);
pfilter_notify(result, client, "zonexfr");
if (result == ISC_R_NOPERM) {
char _buf1[DNS_NAME_FORMATSIZE];
char _buf2[DNS_RDATACLASS_FORMATSIZE];
result = DNS_R_REFUSED;
dns_name_format(question_name, _buf1,
sizeof(_buf1));
dns_rdataclass_format(question_class,
_buf2, sizeof(_buf2));
ns_client_log(client, DNS_LOGCATEGORY_SECURITY,
NS_LOGMODULE_XFER_OUT,
ISC_LOG_ERROR,
"zone transfer '%s/%s' denied",
_buf1, _buf2);
goto failure;
}
if (result != ISC_R_SUCCESS)
FAILQ(DNS_R_NOTAUTH, "non-authoritative zone",
question_name, question_class);
is_dlz = ISC_TRUE;
} else {
/*
* not DLZ and not in normal zone table, we are
* not authoritative
*/
FAILQ(DNS_R_NOTAUTH, "non-authoritative zone",
question_name, question_class);
}
} else {
/* zone table has a match */
switch(dns_zone_gettype(zone)) {
/* Master and slave zones are OK for transfer. */
case dns_zone_master:
case dns_zone_slave:
case dns_zone_dlz:
break;
default:
FAILQ(DNS_R_NOTAUTH, "non-authoritative zone",
question_name, question_class);
}
CHECK(dns_zone_getdb(zone, &db));
dns_db_currentversion(db, &ver);
}
xfrout_log1(client, question_name, question_class, ISC_LOG_DEBUG(6),
"%s question section OK", mnemonic);
/*
* Check the authority section. Look for a SOA record with
* the same name and class as the question.
*/
for (result = dns_message_firstname(request, DNS_SECTION_AUTHORITY);
result == ISC_R_SUCCESS;
result = dns_message_nextname(request, DNS_SECTION_AUTHORITY))
{
soa_name = NULL;
dns_message_currentname(request, DNS_SECTION_AUTHORITY,
&soa_name);
/*
* Ignore data whose owner name is not the zone apex.
*/
if (! dns_name_equal(soa_name, question_name))
continue;
for (soa_rdataset = ISC_LIST_HEAD(soa_name->list);
soa_rdataset != NULL;
soa_rdataset = ISC_LIST_NEXT(soa_rdataset, link))
{
/*
* Ignore non-SOA data.
*/
if (soa_rdataset->type != dns_rdatatype_soa)
continue;
if (soa_rdataset->rdclass != question_class)
continue;
CHECK(dns_rdataset_first(soa_rdataset));
dns_rdataset_current(soa_rdataset, &soa_rdata);
result = dns_rdataset_next(soa_rdataset);
if (result == ISC_R_SUCCESS)
FAILC(DNS_R_FORMERR,
"IXFR authority section "
"has multiple SOAs");
have_soa = ISC_TRUE;
goto got_soa;
}
}
got_soa:
if (result != ISC_R_NOMORE)
CHECK(result);
xfrout_log1(client, question_name, question_class, ISC_LOG_DEBUG(6),
"%s authority section OK", mnemonic);
/*
* If not a DLZ zone, decide whether to allow this transfer.
*/
if (!is_dlz) {
ns_client_aclmsg("zone transfer", question_name, reqtype,
client->view->rdclass, msg, sizeof(msg));
CHECK(ns_client_checkacl(client, NULL, msg,
dns_zone_getxfracl(zone),
ISC_TRUE, ISC_LOG_ERROR));
}
/*
* AXFR over UDP is not possible.
*/
if (reqtype == dns_rdatatype_axfr &&
(client->attributes & NS_CLIENTATTR_TCP) == 0)
FAILC(DNS_R_FORMERR, "attempted AXFR over UDP");
/*
* Look up the requesting server in the peer table.
*/
isc_netaddr_fromsockaddr(&na, &client->peeraddr);
(void)dns_peerlist_peerbyaddr(client->view->peers, &na, &peer);
/*
* Decide on the transfer format (one-answer or many-answers).
*/
if (peer != NULL)
(void)dns_peer_gettransferformat(peer, &format);
/*
* Get a dynamically allocated copy of the current SOA.
*/
if (is_dlz)
dns_db_currentversion(db, &ver);
CHECK(dns_db_createsoatuple(db, ver, mctx, DNS_DIFFOP_EXISTS,
¤t_soa_tuple));
current_serial = dns_soa_getserial(¤t_soa_tuple->rdata);
if (reqtype == dns_rdatatype_ixfr) {
isc_boolean_t provide_ixfr;
/*
* Outgoing IXFR may have been disabled for this peer
* or globally.
*/
provide_ixfr = client->view->provideixfr;
if (peer != NULL)
(void) dns_peer_getprovideixfr(peer, &provide_ixfr);
if (provide_ixfr == ISC_FALSE)
goto axfr_fallback;
if (! have_soa)
FAILC(DNS_R_FORMERR,
"IXFR request missing SOA");
begin_serial = dns_soa_getserial(&soa_rdata);
/*
* RFC1995 says "If an IXFR query with the same or
* newer version number than that of the server
* is received, it is replied to with a single SOA
* record of the server's current version, just as
* in AXFR". The claim about AXFR is incorrect,
* but other than that, we do as the RFC says.
*
* Sending a single SOA record is also how we refuse
* IXFR over UDP (currently, we always do).
*/
if (DNS_SERIAL_GE(begin_serial, current_serial) ||
(client->attributes & NS_CLIENTATTR_TCP) == 0)
{
CHECK(soa_rrstream_create(mctx, db, ver, &stream));
is_poll = ISC_TRUE;
goto have_stream;
}
journalfile = is_dlz ? NULL : dns_zone_getjournal(zone);
if (journalfile != NULL)
result = ixfr_rrstream_create(mctx,
journalfile,
begin_serial,
current_serial,
&data_stream);
else
result = ISC_R_NOTFOUND;
if (result == ISC_R_NOTFOUND ||
result == ISC_R_RANGE) {
xfrout_log1(client, question_name, question_class,
ISC_LOG_DEBUG(4),
"IXFR version not in journal, "
"falling back to AXFR");
mnemonic = "AXFR-style IXFR";
goto axfr_fallback;
}
CHECK(result);
is_ixfr = ISC_TRUE;
} else {
axfr_fallback:
CHECK(axfr_rrstream_create(mctx, db, ver, &data_stream));
}
/*
* Bracket the data stream with SOAs.
*/
CHECK(soa_rrstream_create(mctx, db, ver, &soa_stream));
CHECK(compound_rrstream_create(mctx, &soa_stream, &data_stream,
&stream));
soa_stream = NULL;
data_stream = NULL;
have_stream:
CHECK(dns_message_getquerytsig(request, mctx, &tsigbuf));
/*
* Create the xfrout context object. This transfers the ownership
* of "stream", "db", "ver", and "quota" to the xfrout context object.
*/
if (is_dlz)
CHECK(xfrout_ctx_create(mctx, client, request->id,
question_name, reqtype, question_class,
zone, db, ver, quota, stream,
dns_message_gettsigkey(request),
tsigbuf,
3600,
3600,
(format == dns_many_answers) ?
ISC_TRUE : ISC_FALSE,
&xfr));
else
CHECK(xfrout_ctx_create(mctx, client, request->id,
question_name, reqtype, question_class,
zone, db, ver, quota, stream,
dns_message_gettsigkey(request),
tsigbuf,
dns_zone_getmaxxfrout(zone),
dns_zone_getidleout(zone),
(format == dns_many_answers) ?
ISC_TRUE : ISC_FALSE,
&xfr));
xfr->mnemonic = mnemonic;
stream = NULL;
quota = NULL;
CHECK(xfr->stream->methods->first(xfr->stream));
if (xfr->tsigkey != NULL)
dns_name_format(&xfr->tsigkey->name, keyname, sizeof(keyname));
else
keyname[0] = '\0';
if (is_poll)
xfrout_log1(client, question_name, question_class,
ISC_LOG_DEBUG(1), "IXFR poll up to date%s%s",
(xfr->tsigkey != NULL) ? ": TSIG " : "", keyname);
else if (is_ixfr)
xfrout_log1(client, question_name, question_class,
ISC_LOG_INFO, "%s started%s%s (serial %u -> %u)",
mnemonic, (xfr->tsigkey != NULL) ? ": TSIG " : "",
keyname, begin_serial, current_serial);
else
xfrout_log1(client, question_name, question_class,
ISC_LOG_INFO, "%s started%s%s (serial %u)",
mnemonic, (xfr->tsigkey != NULL) ? ": TSIG " : "",
keyname, current_serial);
if (zone != NULL) {
dns_zone_getraw(zone, &raw);
mayberaw = (raw != NULL) ? raw : zone;
if ((client->attributes & NS_CLIENTATTR_WANTEXPIRE) != 0 &&
dns_zone_gettype(mayberaw) == dns_zone_slave) {
isc_time_t expiretime;
isc_uint32_t secs;
dns_zone_getexpiretime(zone, &expiretime);
secs = isc_time_seconds(&expiretime);
if (secs >= client->now && result == ISC_R_SUCCESS) {
client->attributes |= NS_CLIENTATTR_HAVEEXPIRE;
client->expire = secs - client->now;
}
}
if (raw != NULL)
dns_zone_detach(&raw);
}
/*
* Hand the context over to sendstream(). Set xfr to NULL;
* sendstream() is responsible for either passing the
* context on to a later event handler or destroying it.
*/
sendstream(xfr);
xfr = NULL;
result = ISC_R_SUCCESS;
failure:
if (result == DNS_R_REFUSED)
inc_stats(zone, dns_nsstatscounter_xfrrej);
if (quota != NULL)
isc_quota_detach("a);
if (current_soa_tuple != NULL)
dns_difftuple_free(¤t_soa_tuple);
if (stream != NULL)
stream->methods->destroy(&stream);
if (soa_stream != NULL)
soa_stream->methods->destroy(&soa_stream);
if (data_stream != NULL)
data_stream->methods->destroy(&data_stream);
if (ver != NULL)
dns_db_closeversion(db, &ver, ISC_FALSE);
if (db != NULL)
dns_db_detach(&db);
if (zone != NULL)
dns_zone_detach(&zone);
/* XXX kludge */
if (xfr != NULL) {
xfrout_fail(xfr, result, "setting up zone transfer");
} else if (result != ISC_R_SUCCESS) {
ns_client_log(client, DNS_LOGCATEGORY_XFER_OUT,
NS_LOGMODULE_XFER_OUT,
ISC_LOG_DEBUG(3), "zone transfer setup failed");
ns_client_error(client, result);
}
}
int
main(int argc, char *argv[]) {
isc_token_t token;
isc_result_t result;
int c;
unsigned int options = 0;
dns_rdatatype_t rdtype;
dns_rdataclass_t rdclass;
char text[256*1024];
char data[64*1024];
isc_buffer_t tbuf;
isc_buffer_t dbuf;
dns_rdata_t rdata = DNS_RDATA_INIT;
isc_boolean_t doexit = ISC_FALSE;
isc_boolean_t once = ISC_FALSE;
isc_boolean_t print = ISC_FALSE;
isc_boolean_t unknown = ISC_FALSE;
unsigned int t;
char *origin = NULL;
dns_fixedname_t fixed;
dns_name_t *name = NULL;
while ((c = isc_commandline_parse(argc, argv, "ho:puCPT")) != -1) {
switch (c) {
case 'o':
origin = isc_commandline_argument;
break;
case 'p':
print = ISC_TRUE;
break;
case 'u':
unknown = ISC_TRUE;
break;
case 'C':
for (t = 1; t <= 0xfeffu; t++) {
if (dns_rdataclass_ismeta(t))
continue;
dns_rdataclass_format(t, text, sizeof(text));
if (strncmp(text, "CLASS", 4) != 0)
fprintf(stdout, "%s\n", text);
}
exit(0);
case 'P':
for (t = 0xff00; t <= 0xfffeu; t++) {
if (dns_rdatatype_ismeta(t))
continue;
dns_rdatatype_format(t, text, sizeof(text));
if (strncmp(text, "TYPE", 4) != 0)
fprintf(stdout, "%s\n", text);
}
doexit = ISC_TRUE;
break;
case 'T':
for (t = 1; t <= 0xfeffu; t++) {
if (dns_rdatatype_ismeta(t))
continue;
dns_rdatatype_format(t, text, sizeof(text));
if (strncmp(text, "TYPE", 4) != 0)
fprintf(stdout, "%s\n", text);
}
doexit = ISC_TRUE;
break;
case '?':
case 'h':
/* Does not return. */
usage();
default:
fprintf(stderr, "%s: unhandled option -%c\n",
argv[0], isc_commandline_option);
exit(1);
}
}
if (doexit)
exit(0);
RUNTIME_CHECK(isc_mem_create(0, 0, &mctx) == ISC_R_SUCCESS);
RUNTIME_CHECK(isc_lex_create(mctx, 256, &lex) == ISC_R_SUCCESS);
/*
* Set up to lex DNS master file.
*/
specials['('] = 1;
specials[')'] = 1;
specials['"'] = 1;
isc_lex_setspecials(lex, specials);
options = ISC_LEXOPT_EOL;
isc_lex_setcomments(lex, ISC_LEXCOMMENT_DNSMASTERFILE);
RUNTIME_CHECK(isc_lex_openstream(lex, stdin) == ISC_R_SUCCESS);
if (origin != NULL) {
dns_fixedname_init(&fixed);
name = dns_fixedname_name(&fixed);
result = dns_name_fromstring(name, origin, 0, NULL);
if (result != ISC_R_SUCCESS) {
fatal("dns_name_fromstring: %s",
dns_result_totext(result));
}
}
while ((result = isc_lex_gettoken(lex, options | ISC_LEXOPT_NUMBER,
&token)) == ISC_R_SUCCESS) {
if (token.type == isc_tokentype_eof)
break;
if (token.type == isc_tokentype_eol)
continue;
if (once) {
fatal("extra data");
}
/*
* Get class.
*/
if (token.type == isc_tokentype_number) {
rdclass = (dns_rdataclass_t) token.value.as_ulong;
if (token.value.as_ulong > 0xffffu) {
fatal("class value too big %lu",
token.value.as_ulong);
}
if (dns_rdataclass_ismeta(rdclass)) {
fatal("class %lu is a meta value",
token.value.as_ulong);
}
} else if (token.type == isc_tokentype_string) {
result = dns_rdataclass_fromtext(&rdclass,
&token.value.as_textregion);
if (result != ISC_R_SUCCESS) {
fatal("dns_rdataclass_fromtext: %s",
dns_result_totext(result));
}
if (dns_rdataclass_ismeta(rdclass)) {
fatal("class %.*s(%d) is a meta value",
(int)token.value.as_textregion.length,
token.value.as_textregion.base, rdclass);
}
} else {
fatal("unexpected token %u", token.type);
}
result = isc_lex_gettoken(lex, options | ISC_LEXOPT_NUMBER,
&token);
if (result != ISC_R_SUCCESS)
break;
if (token.type == isc_tokentype_eol)
continue;
if (token.type == isc_tokentype_eof)
break;
/*
* Get type.
*/
if (token.type == isc_tokentype_number) {
rdtype = (dns_rdatatype_t) token.value.as_ulong;
if (token.value.as_ulong > 0xffffu) {
fatal("type value too big %lu",
token.value.as_ulong);
}
if (dns_rdatatype_ismeta(rdtype)) {
fatal("type %lu is a meta value",
token.value.as_ulong);
}
} else if (token.type == isc_tokentype_string) {
result = dns_rdatatype_fromtext(&rdtype,
&token.value.as_textregion);
if (result != ISC_R_SUCCESS) {
fatal("dns_rdatatype_fromtext: %s",
dns_result_totext(result));
}
if (dns_rdatatype_ismeta(rdtype)) {
fatal("type %.*s(%d) is a meta value",
(int)token.value.as_textregion.length,
token.value.as_textregion.base, rdtype);
}
} else {
fatal("unexpected token %u", token.type);
}
isc_buffer_init(&dbuf, data, sizeof(data));
result = dns_rdata_fromtext(&rdata, rdclass, rdtype, lex,
name, 0, mctx, &dbuf, NULL);
if (result != ISC_R_SUCCESS) {
fatal("dns_rdata_fromtext: %s",
dns_result_totext(result));
}
once = ISC_TRUE;
}
if (result != ISC_R_EOF) {
fatal("eof not found");
}
if (!once) {
fatal("no records found");
}
if (print) {
isc_buffer_init(&tbuf, text, sizeof(text));
result = dns_rdataclass_totext(rdclass, &tbuf);
if (result != ISC_R_SUCCESS) {
fatal("dns_rdataclass_totext: %s",
dns_result_totext(result));
}
isc_buffer_putstr(&tbuf, "\t");
result = dns_rdatatype_totext(rdtype, &tbuf);
if (result != ISC_R_SUCCESS) {
fatal("dns_rdatatype_totext: %s",
dns_result_totext(result));
}
isc_buffer_putstr(&tbuf, "\t");
result = dns_rdata_totext(&rdata, NULL, &tbuf);
if (result != ISC_R_SUCCESS) {
fatal("dns_rdata_totext: %s",
dns_result_totext(result));
}
printf("%.*s\n", (int)tbuf.used, (char*)tbuf.base);
fflush(stdout);
}
if (unknown) {
isc_buffer_init(&tbuf, text, sizeof(text));
result = dns_rdataclass_tounknowntext(rdclass, &tbuf);
if (result != ISC_R_SUCCESS) {
fatal("dns_rdataclass_tounknowntext: %s",
dns_result_totext(result));
}
isc_buffer_putstr(&tbuf, "\t");
result = dns_rdatatype_tounknowntext(rdtype, &tbuf);
if (result != ISC_R_SUCCESS) {
fatal("dns_rdatatype_tounknowntext: %s",
dns_result_totext(result));
}
isc_buffer_putstr(&tbuf, "\t");
result = dns_rdata_tofmttext(&rdata, NULL,
DNS_STYLEFLAG_UNKNOWNFORMAT,
0, 0, "", &tbuf);
if (result != ISC_R_SUCCESS) {
fatal("dns_rdata_tofmttext: %sn",
dns_result_totext(result));
}
printf("%.*s\n", (int)tbuf.used, (char*)tbuf.base);
fflush(stdout);
}
isc_lex_close(lex);
isc_lex_destroy(&lex);
isc_mem_destroy(&mctx);
return (0);
}
static isc_result_t
diff_apply(dns_diff_t *diff, dns_db_t *db, dns_dbversion_t *ver,
isc_boolean_t warn)
{
dns_difftuple_t *t;
dns_dbnode_t *node = NULL;
isc_result_t result;
char namebuf[DNS_NAME_FORMATSIZE];
char typebuf[DNS_RDATATYPE_FORMATSIZE];
char classbuf[DNS_RDATACLASS_FORMATSIZE];
REQUIRE(DNS_DIFF_VALID(diff));
REQUIRE(DNS_DB_VALID(db));
t = ISC_LIST_HEAD(diff->tuples);
while (t != NULL) {
dns_name_t *name;
INSIST(node == NULL);
name = &t->name;
/*
* Find the node.
* We create the node if it does not exist.
* This will cause an empty node to be created if the diff
* contains a deletion of an RR at a nonexistent name,
* but such diffs should never be created in the first
* place.
*/
while (t != NULL && dns_name_equal(&t->name, name)) {
dns_rdatatype_t type, covers;
dns_diffop_t op;
dns_rdatalist_t rdl;
dns_rdataset_t rds;
dns_rdataset_t ardataset;
dns_rdataset_t *modified = NULL;
op = t->op;
type = t->rdata.type;
covers = rdata_covers(&t->rdata);
/*
* Collect a contiguous set of updates with
* the same operation (add/delete) and RR type
* into a single rdatalist so that the
* database rrset merging/subtraction code
* can work more efficiently than if each
* RR were merged into / subtracted from
* the database separately.
*
* This is done by linking rdata structures from the
* diff into "rdatalist". This uses the rdata link
* field, not the diff link field, so the structure
* of the diff itself is not affected.
*/
dns_rdatalist_init(&rdl);
rdl.type = type;
rdl.covers = covers;
rdl.rdclass = t->rdata.rdclass;
rdl.ttl = t->ttl;
node = NULL;
if (type != dns_rdatatype_nsec3 &&
covers != dns_rdatatype_nsec3)
CHECK(dns_db_findnode(db, name, ISC_TRUE,
&node));
else
CHECK(dns_db_findnsec3node(db, name, ISC_TRUE,
&node));
while (t != NULL &&
dns_name_equal(&t->name, name) &&
t->op == op &&
t->rdata.type == type &&
rdata_covers(&t->rdata) == covers)
{
dns_name_format(name, namebuf, sizeof(namebuf));
dns_rdatatype_format(t->rdata.type, typebuf,
sizeof(typebuf));
dns_rdataclass_format(t->rdata.rdclass,
classbuf,
sizeof(classbuf));
if (t->ttl != rdl.ttl && warn)
isc_log_write(DIFF_COMMON_LOGARGS,
ISC_LOG_WARNING,
"'%s/%s/%s': TTL differs in "
"rdataset, adjusting "
"%lu -> %lu",
namebuf, typebuf, classbuf,
(unsigned long) t->ttl,
(unsigned long) rdl.ttl);
ISC_LIST_APPEND(rdl.rdata, &t->rdata, link);
t = ISC_LIST_NEXT(t, link);
}
/*
* Convert the rdatalist into a rdataset.
*/
dns_rdataset_init(&rds);
CHECK(dns_rdatalist_tordataset(&rdl, &rds));
if (rds.type == dns_rdatatype_rrsig)
switch (op) {
case DNS_DIFFOP_ADDRESIGN:
case DNS_DIFFOP_DELRESIGN:
modified = &ardataset;
dns_rdataset_init(modified);
break;
default:
break;
}
rds.trust = dns_trust_ultimate;
/*
* Merge the rdataset into the database.
*/
switch (op) {
case DNS_DIFFOP_ADD:
case DNS_DIFFOP_ADDRESIGN:
result = dns_db_addrdataset(db, node, ver,
0, &rds,
DNS_DBADD_MERGE|
DNS_DBADD_EXACT|
DNS_DBADD_EXACTTTL,
modified);
break;
case DNS_DIFFOP_DEL:
case DNS_DIFFOP_DELRESIGN:
result = dns_db_subtractrdataset(db, node, ver,
&rds,
DNS_DBSUB_EXACT,
modified);
break;
default:
INSIST(0);
}
if (result == ISC_R_SUCCESS) {
if (modified != NULL) {
isc_stdtime_t resign;
resign = setresign(modified);
dns_db_setsigningtime(db, modified,
resign);
}
} else if (result == DNS_R_UNCHANGED) {
/*
* This will not happen when executing a
* dynamic update, because that code will
* generate strictly minimal diffs.
* It may happen when receiving an IXFR
* from a server that is not as careful.
* Issue a warning and continue.
*/
if (warn) {
dns_name_format(dns_db_origin(db),
namebuf,
sizeof(namebuf));
dns_rdataclass_format(dns_db_class(db),
classbuf,
sizeof(classbuf));
isc_log_write(DIFF_COMMON_LOGARGS,
ISC_LOG_WARNING,
"%s/%s: dns_diff_apply: "
"update with no effect",
namebuf, classbuf);
}
} else if (result == DNS_R_NXRRSET) {
/*
* OK.
*/
} else {
if (modified != NULL &&
dns_rdataset_isassociated(modified))
dns_rdataset_disassociate(modified);
CHECK(result);
}
dns_db_detachnode(db, &node);
if (modified != NULL &&
dns_rdataset_isassociated(modified))
dns_rdataset_disassociate(modified);
}
}
return (ISC_R_SUCCESS);
failure:
if (node != NULL)
dns_db_detachnode(db, &node);
return (result);
}
static isc_result_t
detailsection(dig_query_t *query, dns_message_t *msg, isc_boolean_t headers,
dns_section_t section) {
isc_result_t result, loopresult;
dns_name_t *name;
dns_rdataset_t *rdataset = NULL;
dns_rdata_t rdata = DNS_RDATA_INIT;
char namebuf[DNS_NAME_FORMATSIZE];
UNUSED(query);
debug("detailsection()");
if (headers) {
switch (section) {
case DNS_SECTION_QUESTION:
puts(" QUESTIONS:");
break;
case DNS_SECTION_ANSWER:
puts(" ANSWERS:");
break;
case DNS_SECTION_AUTHORITY:
puts(" AUTHORITY RECORDS:");
break;
case DNS_SECTION_ADDITIONAL:
puts(" ADDITIONAL RECORDS:");
break;
}
}
result = dns_message_firstname(msg, section);
if (result == ISC_R_NOMORE)
return (ISC_R_SUCCESS);
else if (result != ISC_R_SUCCESS)
return (result);
for (;;) {
name = NULL;
dns_message_currentname(msg, section,
&name);
for (rdataset = ISC_LIST_HEAD(name->list);
rdataset != NULL;
rdataset = ISC_LIST_NEXT(rdataset, link)) {
if (section == DNS_SECTION_QUESTION) {
dns_name_format(name, namebuf,
sizeof(namebuf));
printf("\t%s, ", namebuf);
dns_rdatatype_format(rdataset->type,
namebuf,
sizeof(namebuf));
printf("type = %s, ", namebuf);
dns_rdataclass_format(rdataset->rdclass,
namebuf,
sizeof(namebuf));
printf("class = %s\n", namebuf);
}
loopresult = dns_rdataset_first(rdataset);
while (loopresult == ISC_R_SUCCESS) {
dns_rdataset_current(rdataset, &rdata);
dns_name_format(name, namebuf,
sizeof(namebuf));
printf(" -> %s\n", namebuf);
switch (rdata.type) {
case dns_rdatatype_soa:
printsoa(&rdata);
break;
default:
printf("\t");
printrdata(&rdata);
}
dns_rdata_reset(&rdata);
printf("\tttl = %u\n", rdataset->ttl);
loopresult = dns_rdataset_next(rdataset);
}
}
result = dns_message_nextname(msg, section);
if (result == ISC_R_NOMORE)
break;
else if (result != ISC_R_SUCCESS) {
return (result);
}
}
return (ISC_R_SUCCESS);
}
