/** * Add new RR. It converts ldns RR to wire format. * @param anchors: anchor storage. * @param buffer: parsing buffer. * @param rr: the rr (allocated by caller). * @return NULL on error, else the trust anchor. */ static struct trust_anchor* anchor_store_new_rr(struct val_anchors* anchors, ldns_buffer* buffer, ldns_rr* rr) { struct trust_anchor* ta; ldns_rdf* owner = ldns_rr_owner(rr); ldns_status status; ldns_buffer_clear(buffer); ldns_buffer_skip(buffer, 2); /* skip rdatalen */ status = ldns_rr_rdata2buffer_wire(buffer, rr); if(status != LDNS_STATUS_OK) { log_err("error converting trustanchor to wireformat: %s", ldns_get_errorstr_by_id(status)); return NULL; } ldns_buffer_flip(buffer); ldns_buffer_write_u16_at(buffer, 0, ldns_buffer_limit(buffer) - 2); if(!(ta=anchor_store_new_key(anchors, ldns_rdf_data(owner), ldns_rr_get_type(rr), ldns_rr_get_class(rr), ldns_buffer_begin(buffer), ldns_buffer_limit(buffer)))) { return NULL; } log_nametypeclass(VERB_QUERY, "adding trusted key", ldns_rdf_data(owner), ldns_rr_get_type(rr), ldns_rr_get_class(rr)); return ta; }
/* A/AAAA records */ ldns_rdf * ldns_rr_a_address(const ldns_rr *r) { /* 2 types to check, cannot use the macro */ if (!r || (ldns_rr_get_type(r) != LDNS_RR_TYPE_A && ldns_rr_get_type(r) != LDNS_RR_TYPE_AAAA)) { return NULL; } return ldns_rr_rdf(r, 0); }
ldns_status ldns_dnssec_zone_add_rr(ldns_dnssec_zone *zone, ldns_rr *rr) { ldns_status result = LDNS_STATUS_OK; ldns_dnssec_name *cur_name; ldns_rbnode_t *cur_node; ldns_rr_type type_covered = 0; if (!zone || !rr) { return LDNS_STATUS_ERR; } if (!zone->names) { zone->names = ldns_rbtree_create(ldns_dname_compare_v); if(!zone->names) return LDNS_STATUS_MEM_ERR; } /* we need the original of the hashed name if this is an NSEC3, or an RRSIG that covers an NSEC3 */ if (ldns_rr_get_type(rr) == LDNS_RR_TYPE_RRSIG) { type_covered = ldns_rdf2rr_type(ldns_rr_rrsig_typecovered(rr)); } if (ldns_rr_get_type(rr) == LDNS_RR_TYPE_NSEC3 || type_covered == LDNS_RR_TYPE_NSEC3) { cur_node = ldns_dnssec_zone_find_nsec3_original(zone, rr); if (!cur_node) { return LDNS_STATUS_DNSSEC_NSEC3_ORIGINAL_NOT_FOUND; } } else { cur_node = ldns_rbtree_search(zone->names, ldns_rr_owner(rr)); } if (!cur_node) { /* add */ cur_name = ldns_dnssec_name_new_frm_rr(rr); if(!cur_name) return LDNS_STATUS_MEM_ERR; cur_node = LDNS_MALLOC(ldns_rbnode_t); if(!cur_node) { ldns_dnssec_name_free(cur_name); return LDNS_STATUS_MEM_ERR; } cur_node->key = ldns_rr_owner(rr); cur_node->data = cur_name; (void)ldns_rbtree_insert(zone->names, cur_node); ldns_dnssec_name_make_hashed_name(zone, cur_name, NULL); } else { cur_name = (ldns_dnssec_name *) cur_node->data; result = ldns_dnssec_name_add_rr(cur_name, rr); } if (ldns_rr_get_type(rr) == LDNS_RR_TYPE_SOA) { zone->soa = cur_name; } return result; }
ldns_status ldns_resolver_push_nameserver_rr(ldns_resolver *r, ldns_rr *rr) { ldns_rdf *address; if ((!rr) || (ldns_rr_get_type(rr) != LDNS_RR_TYPE_A && ldns_rr_get_type(rr) != LDNS_RR_TYPE_AAAA)) { return LDNS_STATUS_ERR; } address = ldns_rr_rdf(rr, 0); /* extract the ip number */ if (address) { return ldns_resolver_push_nameserver(r, address); } else { return LDNS_STATUS_ERR; } }
static ldns_dnssec_rrsets * ldns_dnssec_rrsets_new_frm_rr(ldns_rr *rr) { ldns_dnssec_rrsets *new_rrsets; ldns_rr_type rr_type; bool rrsig; new_rrsets = ldns_dnssec_rrsets_new(); rr_type = ldns_rr_get_type(rr); if (rr_type == LDNS_RR_TYPE_RRSIG) { rrsig = true; rr_type = ldns_rdf2rr_type(ldns_rr_rrsig_typecovered(rr)); } else { rrsig = false; } if (!rrsig) { new_rrsets->rrs = ldns_dnssec_rrs_new(); new_rrsets->rrs->rr = rr; } else { new_rrsets->signatures = ldns_dnssec_rrs_new(); new_rrsets->signatures->rr = rr; } new_rrsets->type = rr_type; return new_rrsets; }
static DCPluginSyncFilterResult apply_block_ips(DCPluginDNSPacket *dcp_packet, Blocking * const blocking, ldns_pkt * const packet) { StrList *scanned; ldns_rr_list *answers; ldns_rr *answer; char *answer_str; ldns_rr_type type; size_t answers_count; size_t i; answers = ldns_pkt_answer(packet); answers_count = ldns_rr_list_rr_count(answers); for (i = (size_t) 0U; i < answers_count; i++) { answer = ldns_rr_list_rr(answers, i); type = ldns_rr_get_type(answer); if (type != LDNS_RR_TYPE_A && type != LDNS_RR_TYPE_AAAA) { continue; } if ((answer_str = ldns_rdf2str(ldns_rr_a_address(answer))) == NULL) { return DCP_SYNC_FILTER_RESULT_FATAL; } scanned = blocking->ips; do { if (strcasecmp(scanned->str, answer_str) == 0) { LDNS_RCODE_SET(dcplugin_get_wire_data(dcp_packet), LDNS_RCODE_REFUSED); break; } } while ((scanned = scanned->next) != NULL); free(answer_str); } return DCP_SYNC_FILTER_RESULT_OK; }
ldns_status ldns_rr2buffer_wire(ldns_buffer *buffer, const ldns_rr *rr, int section) { uint16_t i; uint16_t rdl_pos = 0; if (ldns_rr_owner(rr)) { (void) ldns_dname2buffer_wire(buffer, ldns_rr_owner(rr)); } if (ldns_buffer_reserve(buffer, 4)) { (void) ldns_buffer_write_u16(buffer, ldns_rr_get_type(rr)); (void) ldns_buffer_write_u16(buffer, ldns_rr_get_class(rr)); } if (section != LDNS_SECTION_QUESTION) { if (ldns_buffer_reserve(buffer, 6)) { ldns_buffer_write_u32(buffer, ldns_rr_ttl(rr)); /* remember pos for later */ rdl_pos = ldns_buffer_position(buffer); ldns_buffer_write_u16(buffer, 0); } for (i = 0; i < ldns_rr_rd_count(rr); i++) { (void) ldns_rdf2buffer_wire(buffer, ldns_rr_rdf(rr, i)); } if (rdl_pos != 0) { ldns_buffer_write_u16_at(buffer, rdl_pos, ldns_buffer_position(buffer) - rdl_pos - 2); } } return ldns_buffer_status(buffer); }
/** * Lookup SOA RR. * */ ldns_rr* adutil_lookup_soa_rr(FILE* fd) { ldns_rr *cur_rr = NULL; char line[SE_ADFILE_MAXLINE]; ldns_status status = LDNS_STATUS_OK; int line_len = 0; unsigned int l = 0; while (line_len >= 0) { line_len = adutil_readline_frm_file(fd, (char*) line, &l, 0); adutil_rtrim_line(line, &line_len); if (line_len > 0) { if (line[0] != ';') { status = ldns_rr_new_frm_str(&cur_rr, line, 0, NULL, NULL); if (status == LDNS_STATUS_OK) { if (ldns_rr_get_type(cur_rr) == LDNS_RR_TYPE_SOA) { return cur_rr; } else { ldns_rr_free(cur_rr); cur_rr = NULL; } } } } } return NULL; }
static DCPluginSyncFilterResult empty_aaa_sync_pre(DCPlugin *dcplugin, DCPluginDNSPacket *dcp_packet) { ldns_pkt *packet; ldns_rr_list *questions; uint8_t *wire_data; DCPluginSyncFilterResult result = DCP_SYNC_FILTER_RESULT_OK; wire_data = dcplugin_get_wire_data(dcp_packet); ldns_wire2pkt(&packet, wire_data, dcplugin_get_wire_data_len(dcp_packet)); if (packet == NULL) { return DCP_SYNC_FILTER_RESULT_ERROR; } questions = ldns_pkt_question(packet); if (ldns_rr_list_rr_count(questions) == (size_t) 1U && ldns_rr_get_type(ldns_rr_list_rr(questions, (size_t) 0U)) == LDNS_RR_TYPE_AAAA) { LDNS_QR_SET(wire_data); LDNS_RA_SET(wire_data); result = DCP_SYNC_FILTER_RESULT_DIRECT; } ldns_pkt_free(packet); return result; }
static void ldns_dnssec_rrsets_print_soa_fmt(FILE *out, const ldns_output_format *fmt, ldns_dnssec_rrsets *rrsets, bool follow, bool show_soa) { if (!rrsets) { if ((fmt->flags & LDNS_COMMENT_LAYOUT)) fprintf(out, "; <void>\n"); } else { if (rrsets->rrs && (show_soa || ldns_rr_get_type(rrsets->rrs->rr) != LDNS_RR_TYPE_SOA ) ) { ldns_dnssec_rrs_print_fmt(out, fmt, rrsets->rrs); if (rrsets->signatures) { ldns_dnssec_rrs_print_fmt(out, fmt, rrsets->signatures); } } if (follow && rrsets->next) { ldns_dnssec_rrsets_print_soa_fmt(out, fmt, rrsets->next, follow, show_soa); } } }
ldns_rr * ldns_axfr_next(ldns_resolver *resolver) { ldns_rr *cur_rr; uint8_t *packet_wire; size_t packet_wire_size; ldns_lookup_table *rcode; ldns_status status; /* check if start() has been called */ if (!resolver || resolver->_socket == 0) { return NULL; } if (resolver->_cur_axfr_pkt) { if (resolver->_axfr_i == ldns_pkt_ancount(resolver->_cur_axfr_pkt)) { ldns_pkt_free(resolver->_cur_axfr_pkt); resolver->_cur_axfr_pkt = NULL; return ldns_axfr_next(resolver); } cur_rr = ldns_rr_clone(ldns_rr_list_rr( ldns_pkt_answer(resolver->_cur_axfr_pkt), resolver->_axfr_i)); resolver->_axfr_i++; if (ldns_rr_get_type(cur_rr) == LDNS_RR_TYPE_SOA) { resolver->_axfr_soa_count++; if (resolver->_axfr_soa_count >= 2) { close(resolver->_socket); resolver->_socket = 0; ldns_pkt_free(resolver->_cur_axfr_pkt); resolver->_cur_axfr_pkt = NULL; } } return cur_rr; } else { packet_wire = ldns_tcp_read_wire(resolver->_socket, &packet_wire_size); if(!packet_wire) return NULL; status = ldns_wire2pkt(&resolver->_cur_axfr_pkt, packet_wire, packet_wire_size); free(packet_wire); resolver->_axfr_i = 0; if (status != LDNS_STATUS_OK) { /* TODO: make status return type of this function (...api change) */ fprintf(stderr, "Error parsing rr during AXFR: %s\n", ldns_get_errorstr_by_id(status)); return NULL; } else if (ldns_pkt_get_rcode(resolver->_cur_axfr_pkt) != 0) { rcode = ldns_lookup_by_id(ldns_rcodes, (int) ldns_pkt_get_rcode(resolver->_cur_axfr_pkt)); fprintf(stderr, "Error in AXFR: %s\n", rcode->name); return NULL; } else { return ldns_axfr_next(resolver); } } }
bool ldns_rr_a_set_address(ldns_rr *r, ldns_rdf *f) { /* 2 types to check, cannot use the macro... */ ldns_rdf *pop; if (!r || (ldns_rr_get_type(r) != LDNS_RR_TYPE_A && ldns_rr_get_type(r) != LDNS_RR_TYPE_AAAA)) { return false; } pop = ldns_rr_set_rdf(r, f, 0); if (pop) { LDNS_FREE(pop); return true; } else { return false; } }
/** * return a specific rdf * \param[in] type type of RR * \param[in] rr the rr itself * \param[in] pos at which postion to get it * \return the rdf sought */ static ldns_rdf * ldns_rr_function(ldns_rr_type type, const ldns_rr *rr, size_t pos) { if (!rr || ldns_rr_get_type(rr) != type) { return NULL; } return ldns_rr_rdf(rr, pos); }
/* key_list must be initialized with ldns_rr_list_new() */ ldns_status read_key_file(const char *filename, ldns_rr_list *key_list) { int line_len = 0; int line_nr = 0; int key_count = 0; char line[LDNS_MAX_PACKETLEN]; ldns_status status; FILE *input_file; ldns_rr *rr; input_file = fopen(filename, "r"); if (!input_file) { fprintf(stderr, "Error opening %s: %s\n", filename, strerror(errno)); return LDNS_STATUS_ERR; } while (line_len >= 0) { line_len = read_line(input_file, line); line_nr++; if (line_len > 0 && line[0] != ';') { status = ldns_rr_new_frm_str(&rr, line, 0, NULL, NULL); if (status != LDNS_STATUS_OK) { fprintf(stderr, "Error parsing DNSKEY RR in line %d: %s\n", line_nr, ldns_get_errorstr_by_id(status)); } else if (ldns_rr_get_type(rr) == LDNS_RR_TYPE_DNSKEY || ldns_rr_get_type(rr) == LDNS_RR_TYPE_DS) { ldns_rr_list_push_rr(key_list, rr); key_count++; } else { ldns_rr_free(rr); } } } // printf(";; Number of trusted keys: %d\n", key_count); if (key_count > 0) { return LDNS_STATUS_OK; } else { /*fprintf(stderr, "No keys read\n");*/ return LDNS_STATUS_ERR; } }
struct zversion_t* zversion_read(struct zone_entry_t* entry, uint32_t serial) { const char* fn = zinfo_ixfr_name(entry, serial); struct zversion_t* v; FILE* in = fopen(fn, "ra"); ldns_status status; ldns_rr* rr = 0; uint32_t dttl = 3600; ldns_rdf* origin = 0, *prev = 0; int line_nr = 1; if(!in) { perror(fn); return NULL; } v = (struct zversion_t*)calloc(1, sizeof(*v)); if(!v) { fclose(in); printf("out of memory\n"); return NULL; } v->serial = serial; v->ixfr = ldns_rr_list_new(); while(!feof(in)) { status = ldns_rr_new_frm_fp_l(&rr, in, &dttl, &origin, &prev, &line_nr); if(status == LDNS_STATUS_SYNTAX_TTL || status == LDNS_STATUS_SYNTAX_ORIGIN || status == LDNS_STATUS_SYNTAX_EMPTY) continue; if(status != LDNS_STATUS_OK) { printf("error %s:%d: %s\n", fn, line_nr, ldns_get_errorstr_by_id(status)); fclose(in); ldns_rdf_deep_free(origin); ldns_rdf_deep_free(prev); ldns_rr_list_deep_free(v->ixfr); free(v); return NULL; } ldns_rr_list_push_rr(v->ixfr, rr); } ldns_rdf_deep_free(origin); ldns_rdf_deep_free(prev); fclose(in); if(ldns_rr_list_rr_count(v->ixfr) < 1 || ldns_rr_get_type(ldns_rr_list_rr(v->ixfr, 0)) != LDNS_RR_TYPE_SOA) { printf("invalid IXFR format in %s\n", fn); ldns_rr_list_deep_free(v->ixfr); free(v); return NULL; } v->next_serial = ldns_rdf2native_int32(ldns_rr_rdf( ldns_rr_list_rr(v->ixfr, 0), 2)); return v; }
/** * set a specific rdf * \param[in] type type of RR * \param[in] rr the rr itself * \param[in] rdf the rdf to set * \param[in] pos at which postion to set it * \return true or false */ static bool ldns_rr_set_function(ldns_rr_type type, ldns_rr *rr, ldns_rdf *rdf, size_t pos) { ldns_rdf *pop; if (!rr || ldns_rr_get_type(rr) != type) { return false; } pop = ldns_rr_set_rdf(rr, rdf, pos); ldns_rdf_deep_free(pop); return true; }
/* * Read a hints file as root * * The file with the given path should contain a list of NS RRs * for the root zone and A records for those NS RRs. * Read them, check them, and append the a records to the rr list given. */ ldns_rr_list * read_root_hints(const char *filename) { FILE *fp = NULL; int line_nr = 0; ldns_zone *z; ldns_status status; ldns_rr_list *addresses = NULL; ldns_rr *rr; size_t i; fp = fopen(filename, "r"); if (!fp) { fprintf(stderr, "Unable to open %s for reading: %s\n", filename, strerror(errno)); return NULL; } status = ldns_zone_new_frm_fp_l(&z, fp, NULL, 0, 0, &line_nr); fclose(fp); if (status != LDNS_STATUS_OK) { fprintf(stderr, "Error reading root hints file: %s\n", ldns_get_errorstr_by_id(status)); return NULL; } else { addresses = ldns_rr_list_new(); for (i = 0; i < ldns_rr_list_rr_count(ldns_zone_rrs(z)); i++) { rr = ldns_rr_list_rr(ldns_zone_rrs(z), i); /*if ((address_family == 0 || address_family == 1) && */ if ( ldns_rr_get_type(rr) == LDNS_RR_TYPE_A ) { ldns_rr_list_push_rr(addresses, ldns_rr_clone(rr)); } /*if ((address_family == 0 || address_family == 2) &&*/ if ( ldns_rr_get_type(rr) == LDNS_RR_TYPE_AAAA) { ldns_rr_list_push_rr(addresses, ldns_rr_clone(rr)); } } ldns_zone_deep_free(z); return addresses; } }
static int udp_bind(int sock, int port, const char *my_address) { struct sockaddr_in addr; in_addr_t maddr = INADDR_ANY; if (my_address) { #ifdef AF_INET6 if (inet_pton(AF_INET6, my_address, &maddr) < 1) { #else if (0) { #endif if (inet_pton(AF_INET, my_address, &maddr) < 1) { return -2; } } } #ifndef S_SPLINT_S addr.sin_family = AF_INET; #endif addr.sin_port = (in_port_t) htons((uint16_t)port); addr.sin_addr.s_addr = maddr; return bind(sock, (struct sockaddr *)&addr, (socklen_t) sizeof(addr)); } /* this will probably be moved to a better place in the library itself */ ldns_rr_list * get_rrset(const ldns_zone *zone, const ldns_rdf *owner_name, const ldns_rr_type qtype, const ldns_rr_class qclass) { uint16_t i; ldns_rr_list *rrlist = ldns_rr_list_new(); ldns_rr *cur_rr; if (!zone || !owner_name) { fprintf(stderr, "Warning: get_rrset called with NULL zone or owner name\n"); return rrlist; } for (i = 0; i < ldns_zone_rr_count(zone); i++) { cur_rr = ldns_rr_list_rr(ldns_zone_rrs(zone), i); if (ldns_dname_compare(ldns_rr_owner(cur_rr), owner_name) == 0 && ldns_rr_get_class(cur_rr) == qclass && ldns_rr_get_type(cur_rr) == qtype ) { ldns_rr_list_push_rr(rrlist, ldns_rr_clone(cur_rr)); } } printf("Found rrset of %u rrs\n", (unsigned int) ldns_rr_list_rr_count(rrlist)); return rrlist; }
ldns_status zonefile_read(struct zonefile *z, ldns_rr **out) { ldns_rr *rr; ldns_status status = LDNS_STATUS_OK; if (!z->valid) return (LDNS_STATUS_ERR); if (z->count == 1 && z->rr_soa != NULL) { *out = z->rr_soa; z->rr_soa = NULL; return (LDNS_STATUS_OK); } for (;;) { if (feof(z->fp)) { *out = NULL; if (z->is_pipe) pclose(z->fp); else fclose(z->fp); z->fp = NULL; return (LDNS_STATUS_OK); } status = ldns_rr_new_frm_fp_l(&rr, z->fp, &z->ttl, &z->origin, &z->prev, NULL); switch (status) { case LDNS_STATUS_OK: if (ldns_rr_get_type(rr) == LDNS_RR_TYPE_SOA) { ldns_rr_free(rr); rr = 0; z->valid = false; status = LDNS_STATUS_OK; goto out; } z->count++; goto out; case LDNS_STATUS_SYNTAX_EMPTY: case LDNS_STATUS_SYNTAX_TTL: case LDNS_STATUS_SYNTAX_ORIGIN: status = LDNS_STATUS_OK; break; default: goto out; } } out: if (status != LDNS_STATUS_OK) return (status); *out = rr; return (status); }
/** * Add RR to query. * */ int query_add_rr(query_type* q, ldns_rr* rr) { size_t i = 0; size_t tc_mark = 0; size_t rdlength_pos = 0; uint16_t rdlength = 0; ods_log_assert(q); ods_log_assert(q->buffer); ods_log_assert(rr); /* set truncation mark, in case rr does not fit */ tc_mark = buffer_position(q->buffer); /* owner type class ttl */ if (!buffer_available(q->buffer, ldns_rdf_size(ldns_rr_owner(rr)))) { goto query_add_rr_tc; } buffer_write_rdf(q->buffer, ldns_rr_owner(rr)); if (!buffer_available(q->buffer, sizeof(uint16_t) + sizeof(uint16_t) + sizeof(uint32_t) + sizeof(rdlength))) { goto query_add_rr_tc; } buffer_write_u16(q->buffer, (uint16_t) ldns_rr_get_type(rr)); buffer_write_u16(q->buffer, (uint16_t) ldns_rr_get_class(rr)); buffer_write_u32(q->buffer, (uint32_t) ldns_rr_ttl(rr)); /* skip rdlength */ rdlength_pos = buffer_position(q->buffer); buffer_skip(q->buffer, sizeof(rdlength)); /* write rdata */ for (i=0; i < ldns_rr_rd_count(rr); i++) { if (!buffer_available(q->buffer, ldns_rdf_size(ldns_rr_rdf(rr, i)))) { goto query_add_rr_tc; } buffer_write_rdf(q->buffer, ldns_rr_rdf(rr, i)); } if (!query_overflow(q)) { /* write rdlength */ rdlength = buffer_position(q->buffer) - rdlength_pos - sizeof(rdlength); buffer_write_u16_at(q->buffer, rdlength_pos, rdlength); /* position updated by buffer_write() */ return 1; } query_add_rr_tc: buffer_set_position(q->buffer, tc_mark); ods_log_assert(!query_overflow(q)); return 0; }
/** read qinfo from next three words */ static char* load_qinfo(char* str, struct query_info* qinfo, ldns_buffer* buf, struct regional* region) { /* s is part of the buf */ char* s = str; ldns_rr* rr; ldns_status status; /* skip three words */ s = strchr(str, ' '); if(s) s = strchr(s+1, ' '); if(s) s = strchr(s+1, ' '); if(!s) { log_warn("error line too short, %s", str); return NULL; } s[0] = 0; s++; /* parse them */ status = ldns_rr_new_question_frm_str(&rr, str, NULL, NULL); if(status != LDNS_STATUS_OK) { log_warn("error cannot parse: %s %s", ldns_get_errorstr_by_id(status), str); return NULL; } qinfo->qtype = ldns_rr_get_type(rr); qinfo->qclass = ldns_rr_get_class(rr); ldns_buffer_clear(buf); status = ldns_dname2buffer_wire(buf, ldns_rr_owner(rr)); ldns_rr_free(rr); if(status != LDNS_STATUS_OK) { log_warn("error cannot dname2wire: %s", ldns_get_errorstr_by_id(status)); return NULL; } ldns_buffer_flip(buf); qinfo->qname_len = ldns_buffer_limit(buf); qinfo->qname = (uint8_t*)regional_alloc_init(region, ldns_buffer_begin(buf), ldns_buffer_limit(buf)); if(!qinfo->qname) { log_warn("error out of memory"); return NULL; } return s; }
ldns_status ldns_resolver_push_dnssec_anchor(ldns_resolver *r, ldns_rr *rr) { ldns_rr_list * trust_anchors; if ((!rr) || (ldns_rr_get_type(rr) != LDNS_RR_TYPE_DNSKEY)) { return LDNS_STATUS_ERR; } if (!(trust_anchors = ldns_resolver_dnssec_anchors(r))) { /* Initialize */ trust_anchors = ldns_rr_list_new(); ldns_resolver_set_dnssec_anchors(r, trust_anchors); } return (ldns_rr_list_push_rr(trust_anchors, ldns_rr_clone(rr))) ? LDNS_STATUS_OK : LDNS_STATUS_ERR; }
ldns_status ldns_rrsig2buffer_wire(ldns_buffer *buffer, const ldns_rr *rr) { uint16_t i; /* it must be a sig RR */ if (ldns_rr_get_type(rr) != LDNS_RR_TYPE_RRSIG) { return LDNS_STATUS_ERR; } /* Convert all the rdfs, except the actual signature data * rdf number 8 - the last, hence: -1 */ for (i = 0; i < ldns_rr_rd_count(rr) - 1; i++) { (void) ldns_rdf2buffer_wire(buffer, ldns_rr_rdf(rr, i)); } return ldns_buffer_status(buffer); }
static ldns_rbnode_t * ldns_dnssec_zone_find_nsec3_original(ldns_dnssec_zone *zone, ldns_rr *rr) { ldns_rdf *hashed_name; hashed_name = ldns_dname_label(ldns_rr_owner(rr), 0); if (hashed_name == NULL) { return NULL; } if (ldns_rr_get_type(rr) == LDNS_RR_TYPE_NSEC3 && ! zone->_nsec3params){ ldns_dnssec_zone_hashed_names_from_nsec3(zone, rr); } if (zone->hashed_names == NULL) { ldns_rdf_deep_free(hashed_name); return NULL; } return ldns_rbtree_search(zone->hashed_names, hashed_name); }
ldns_status ldns_dnssec_name_add_rr(ldns_dnssec_name *name, ldns_rr *rr) { ldns_status result = LDNS_STATUS_OK; ldns_rr_type rr_type; ldns_rr_type typecovered = 0; /* special handling for NSEC3 and NSECX covering RRSIGS */ if (!name || !rr) { return LDNS_STATUS_ERR; } rr_type = ldns_rr_get_type(rr); if (rr_type == LDNS_RR_TYPE_RRSIG) { typecovered = ldns_rdf2rr_type(ldns_rr_rrsig_typecovered(rr)); } if (rr_type == LDNS_RR_TYPE_NSEC || rr_type == LDNS_RR_TYPE_NSEC3) { /* XX check if is already set (and error?) */ name->nsec = rr; } else if (typecovered == LDNS_RR_TYPE_NSEC || typecovered == LDNS_RR_TYPE_NSEC3) { if (name->nsec_signatures) { result = ldns_dnssec_rrs_add_rr(name->nsec_signatures, rr); } else { name->nsec_signatures = ldns_dnssec_rrs_new(); name->nsec_signatures->rr = rr; } } else { /* it's a 'normal' RR, add it to the right rrset */ if (name->rrsets) { result = ldns_dnssec_rrsets_add_rr(name->rrsets, rr); } else { name->rrsets = ldns_dnssec_rrsets_new(); result = ldns_dnssec_rrsets_add_rr(name->rrsets, rr); } } return result; }
bool ldns_dnssec_zone_is_nsec3_optout(ldns_dnssec_zone* zone) { ldns_rr* nsec3; ldns_rbnode_t* node; if (ldns_dnssec_name_find_rrset(zone->soa, LDNS_RR_TYPE_NSEC3PARAM)) { node = ldns_rbtree_first(zone->names); while (node != LDNS_RBTREE_NULL) { nsec3 = ((ldns_dnssec_name*)node->data)->nsec; if (nsec3 &&ldns_rr_get_type(nsec3) == LDNS_RR_TYPE_NSEC3 && ldns_nsec3_optout(nsec3)) { return true; } node = ldns_rbtree_next(node); } } return false; }
void ldns_rr_soa_increment_func_data(ldns_rr *soa, ldns_soa_serial_increment_func_t f, void *data) { ldns_rdf *prev_soa_serial_rdf; if ( !soa || !f || ldns_rr_get_type(soa) != LDNS_RR_TYPE_SOA || !ldns_rr_rdf(soa, 2)) { return; } prev_soa_serial_rdf = ldns_rr_set_rdf( soa , ldns_native2rdf_int32( LDNS_RDF_TYPE_INT32 , (*f)( ldns_rdf2native_int32( ldns_rr_rdf(soa, 2)) , data ) ) , 2 ); LDNS_FREE(prev_soa_serial_rdf); }
static ldns_status read_soa(struct zonefile *z) { ldns_rr *rr; ldns_status status; for (;;) { status = ldns_rr_new_frm_fp_l(&rr, z->fp, &z->ttl, &z->origin, &z->prev, NULL); switch (status) { case LDNS_STATUS_OK: goto out; case LDNS_STATUS_SYNTAX_EMPTY: case LDNS_STATUS_SYNTAX_TTL: case LDNS_STATUS_SYNTAX_ORIGIN: status = LDNS_STATUS_OK; break; default: goto out; } } out: if (status != LDNS_STATUS_OK) { z->valid = false; return (LDNS_STATUS_ERR); } if (ldns_rr_get_type(rr) != LDNS_RR_TYPE_SOA) { ldns_rr_free(rr); z->valid = false; return (LDNS_STATUS_ERR); } z->count = 1; z->domain = ldns_rdf_clone(ldns_rr_owner(rr)); z->origin = ldns_rdf_clone(ldns_rr_owner(rr)); z->rr_soa = rr; return (LDNS_STATUS_OK); }
/** * Delete RR. * */ ods_status zone_del_rr(zone_type* zone, ldns_rr* rr, int do_stats) { domain_type* domain = NULL; rrset_type* rrset = NULL; rr_type* record = NULL; ods_log_assert(rr); ods_log_assert(zone); ods_log_assert(zone->name); ods_log_assert(zone->db); ods_log_assert(zone->signconf); domain = namedb_lookup_domain(zone->db, ldns_rr_owner(rr)); if (!domain) { ods_log_warning("[%s] unable to delete RR from zone %s: " "domain not found", zone_str, zone->name); return ODS_STATUS_UNCHANGED; } rrset = domain_lookup_rrset(domain, ldns_rr_get_type(rr)); if (!rrset) { ods_log_warning("[%s] unable to delete RR from zone %s: " "RRset not found", zone_str, zone->name); return ODS_STATUS_UNCHANGED; } record = rrset_lookup_rr(rrset, rr); if (!record) { ods_log_error("[%s] unable to delete RR from zone %s: " "RR not found", zone_str, zone->name); return ODS_STATUS_UNCHANGED; } record->is_removed = 1; record->is_added = 0; /* unset is_added */ /* update stats */ if (do_stats && zone->stats) { zone->stats->sort_count -= 1; } return ODS_STATUS_OK; }
void check_cover(ldns_rr_list *list, ldns_rdf *qname) { ldns_status status; size_t i; if(check_done(qname)) return; for(i=0; i<ldns_rr_list_rr_count(list); ++i) { ldns_rr* nsec3 = ldns_rr_list_rr(list, i); if(ldns_rr_get_type(nsec3) != LDNS_RR_TYPE_NSEC3) { /* skip non nsec3 */ continue; } ldns_rdf* hashed = ldns_nsec3_hash_name_frm_nsec3( nsec3, qname); status = ldns_dname_cat(hashed, ldns_dname_left_chop( ldns_rr_owner(nsec3))); if(status != LDNS_STATUS_OK) abort_ldns_error("ldns_dname_cat", status); if(ldns_dname_compare(hashed, ldns_rr_owner(nsec3)) == 0) { ldns_rdf_print(stdout, ldns_rr_owner(nsec3)); printf(" proves "); ldns_rdf_print(stdout, qname); printf(" exists.\n"); } else if(ldns_nsec_covers_name(nsec3, hashed)) { ldns_rdf_print(stdout, ldns_rr_owner(nsec3)); printf(" proves "); ldns_rdf_print(stdout, qname); printf(" does not exist.\n"); } ldns_rdf_free(hashed); } }