/**
* Add new RR. It converts ldns RR to wire format.
* @param anchors: anchor storage.
* @param buffer: parsing buffer.
* @param rr: the rr (allocated by caller).
* @return NULL on error, else the trust anchor.
*/
static struct trust_anchor*
anchor_store_new_rr(struct val_anchors* anchors, ldns_buffer* buffer,
ldns_rr* rr)
{
struct trust_anchor* ta;
ldns_rdf* owner = ldns_rr_owner(rr);
ldns_status status;
ldns_buffer_clear(buffer);
ldns_buffer_skip(buffer, 2); /* skip rdatalen */
status = ldns_rr_rdata2buffer_wire(buffer, rr);
if(status != LDNS_STATUS_OK) {
log_err("error converting trustanchor to wireformat: %s",
ldns_get_errorstr_by_id(status));
return NULL;
}
ldns_buffer_flip(buffer);
ldns_buffer_write_u16_at(buffer, 0, ldns_buffer_limit(buffer) - 2);
if(!(ta=anchor_store_new_key(anchors, ldns_rdf_data(owner),
ldns_rr_get_type(rr), ldns_rr_get_class(rr),
ldns_buffer_begin(buffer), ldns_buffer_limit(buffer)))) {
return NULL;
}
log_nametypeclass(VERB_QUERY, "adding trusted key",
ldns_rdf_data(owner),
ldns_rr_get_type(rr), ldns_rr_get_class(rr));
return ta;
}
/* A/AAAA records */
ldns_rdf *
ldns_rr_a_address(const ldns_rr *r)
{
/* 2 types to check, cannot use the macro */
if (!r || (ldns_rr_get_type(r) != LDNS_RR_TYPE_A &&
ldns_rr_get_type(r) != LDNS_RR_TYPE_AAAA)) {
return NULL;
}
return ldns_rr_rdf(r, 0);
}
ldns_status
ldns_dnssec_zone_add_rr(ldns_dnssec_zone *zone, ldns_rr *rr)
{
ldns_status result = LDNS_STATUS_OK;
ldns_dnssec_name *cur_name;
ldns_rbnode_t *cur_node;
ldns_rr_type type_covered = 0;
if (!zone || !rr) {
return LDNS_STATUS_ERR;
}
if (!zone->names) {
zone->names = ldns_rbtree_create(ldns_dname_compare_v);
if(!zone->names) return LDNS_STATUS_MEM_ERR;
}
/* we need the original of the hashed name if this is
an NSEC3, or an RRSIG that covers an NSEC3 */
if (ldns_rr_get_type(rr) == LDNS_RR_TYPE_RRSIG) {
type_covered = ldns_rdf2rr_type(ldns_rr_rrsig_typecovered(rr));
}
if (ldns_rr_get_type(rr) == LDNS_RR_TYPE_NSEC3 ||
type_covered == LDNS_RR_TYPE_NSEC3) {
cur_node = ldns_dnssec_zone_find_nsec3_original(zone, rr);
if (!cur_node) {
return LDNS_STATUS_DNSSEC_NSEC3_ORIGINAL_NOT_FOUND;
}
} else {
cur_node = ldns_rbtree_search(zone->names, ldns_rr_owner(rr));
}
if (!cur_node) {
/* add */
cur_name = ldns_dnssec_name_new_frm_rr(rr);
if(!cur_name) return LDNS_STATUS_MEM_ERR;
cur_node = LDNS_MALLOC(ldns_rbnode_t);
if(!cur_node) {
ldns_dnssec_name_free(cur_name);
return LDNS_STATUS_MEM_ERR;
}
cur_node->key = ldns_rr_owner(rr);
cur_node->data = cur_name;
(void)ldns_rbtree_insert(zone->names, cur_node);
ldns_dnssec_name_make_hashed_name(zone, cur_name, NULL);
} else {
cur_name = (ldns_dnssec_name *) cur_node->data;
result = ldns_dnssec_name_add_rr(cur_name, rr);
}
if (ldns_rr_get_type(rr) == LDNS_RR_TYPE_SOA) {
zone->soa = cur_name;
}
return result;
}
ldns_status
ldns_resolver_push_nameserver_rr(ldns_resolver *r, ldns_rr *rr)
{
ldns_rdf *address;
if ((!rr) || (ldns_rr_get_type(rr) != LDNS_RR_TYPE_A &&
ldns_rr_get_type(rr) != LDNS_RR_TYPE_AAAA)) {
return LDNS_STATUS_ERR;
}
address = ldns_rr_rdf(rr, 0); /* extract the ip number */
if (address) {
return ldns_resolver_push_nameserver(r, address);
} else {
return LDNS_STATUS_ERR;
}
}
static ldns_dnssec_rrsets *
ldns_dnssec_rrsets_new_frm_rr(ldns_rr *rr)
{
ldns_dnssec_rrsets *new_rrsets;
ldns_rr_type rr_type;
bool rrsig;
new_rrsets = ldns_dnssec_rrsets_new();
rr_type = ldns_rr_get_type(rr);
if (rr_type == LDNS_RR_TYPE_RRSIG) {
rrsig = true;
rr_type = ldns_rdf2rr_type(ldns_rr_rrsig_typecovered(rr));
} else {
rrsig = false;
}
if (!rrsig) {
new_rrsets->rrs = ldns_dnssec_rrs_new();
new_rrsets->rrs->rr = rr;
} else {
new_rrsets->signatures = ldns_dnssec_rrs_new();
new_rrsets->signatures->rr = rr;
}
new_rrsets->type = rr_type;
return new_rrsets;
}
static DCPluginSyncFilterResult
apply_block_ips(DCPluginDNSPacket *dcp_packet, Blocking * const blocking,
ldns_pkt * const packet)
{
StrList *scanned;
ldns_rr_list *answers;
ldns_rr *answer;
char *answer_str;
ldns_rr_type type;
size_t answers_count;
size_t i;
answers = ldns_pkt_answer(packet);
answers_count = ldns_rr_list_rr_count(answers);
for (i = (size_t) 0U; i < answers_count; i++) {
answer = ldns_rr_list_rr(answers, i);
type = ldns_rr_get_type(answer);
if (type != LDNS_RR_TYPE_A && type != LDNS_RR_TYPE_AAAA) {
continue;
}
if ((answer_str = ldns_rdf2str(ldns_rr_a_address(answer))) == NULL) {
return DCP_SYNC_FILTER_RESULT_FATAL;
}
scanned = blocking->ips;
do {
if (strcasecmp(scanned->str, answer_str) == 0) {
LDNS_RCODE_SET(dcplugin_get_wire_data(dcp_packet),
LDNS_RCODE_REFUSED);
break;
}
} while ((scanned = scanned->next) != NULL);
free(answer_str);
}
return DCP_SYNC_FILTER_RESULT_OK;
}
ldns_status
ldns_rr2buffer_wire(ldns_buffer *buffer, const ldns_rr *rr, int section)
{
uint16_t i;
uint16_t rdl_pos = 0;
if (ldns_rr_owner(rr)) {
(void) ldns_dname2buffer_wire(buffer, ldns_rr_owner(rr));
}
if (ldns_buffer_reserve(buffer, 4)) {
(void) ldns_buffer_write_u16(buffer, ldns_rr_get_type(rr));
(void) ldns_buffer_write_u16(buffer, ldns_rr_get_class(rr));
}
if (section != LDNS_SECTION_QUESTION) {
if (ldns_buffer_reserve(buffer, 6)) {
ldns_buffer_write_u32(buffer, ldns_rr_ttl(rr));
/* remember pos for later */
rdl_pos = ldns_buffer_position(buffer);
ldns_buffer_write_u16(buffer, 0);
}
for (i = 0; i < ldns_rr_rd_count(rr); i++) {
(void) ldns_rdf2buffer_wire(buffer, ldns_rr_rdf(rr, i));
}
if (rdl_pos != 0) {
ldns_buffer_write_u16_at(buffer, rdl_pos,
ldns_buffer_position(buffer)
- rdl_pos - 2);
}
}
return ldns_buffer_status(buffer);
}
/**
* Lookup SOA RR.
*
*/
ldns_rr*
adutil_lookup_soa_rr(FILE* fd)
{
ldns_rr *cur_rr = NULL;
char line[SE_ADFILE_MAXLINE];
ldns_status status = LDNS_STATUS_OK;
int line_len = 0;
unsigned int l = 0;
while (line_len >= 0) {
line_len = adutil_readline_frm_file(fd, (char*) line, &l, 0);
adutil_rtrim_line(line, &line_len);
if (line_len > 0) {
if (line[0] != ';') {
status = ldns_rr_new_frm_str(&cur_rr, line, 0, NULL, NULL);
if (status == LDNS_STATUS_OK) {
if (ldns_rr_get_type(cur_rr) == LDNS_RR_TYPE_SOA) {
return cur_rr;
} else {
ldns_rr_free(cur_rr);
cur_rr = NULL;
}
}
}
}
}
return NULL;
}
static DCPluginSyncFilterResult
empty_aaa_sync_pre(DCPlugin *dcplugin, DCPluginDNSPacket *dcp_packet)
{
ldns_pkt *packet;
ldns_rr_list *questions;
uint8_t *wire_data;
DCPluginSyncFilterResult result = DCP_SYNC_FILTER_RESULT_OK;
wire_data = dcplugin_get_wire_data(dcp_packet);
ldns_wire2pkt(&packet, wire_data, dcplugin_get_wire_data_len(dcp_packet));
if (packet == NULL) {
return DCP_SYNC_FILTER_RESULT_ERROR;
}
questions = ldns_pkt_question(packet);
if (ldns_rr_list_rr_count(questions) == (size_t) 1U &&
ldns_rr_get_type(ldns_rr_list_rr(questions,
(size_t) 0U)) == LDNS_RR_TYPE_AAAA) {
LDNS_QR_SET(wire_data);
LDNS_RA_SET(wire_data);
result = DCP_SYNC_FILTER_RESULT_DIRECT;
}
ldns_pkt_free(packet);
return result;
}
static void
ldns_dnssec_rrsets_print_soa_fmt(FILE *out, const ldns_output_format *fmt,
ldns_dnssec_rrsets *rrsets,
bool follow,
bool show_soa)
{
if (!rrsets) {
if ((fmt->flags & LDNS_COMMENT_LAYOUT))
fprintf(out, "; <void>\n");
} else {
if (rrsets->rrs &&
(show_soa ||
ldns_rr_get_type(rrsets->rrs->rr) != LDNS_RR_TYPE_SOA
)
) {
ldns_dnssec_rrs_print_fmt(out, fmt, rrsets->rrs);
if (rrsets->signatures) {
ldns_dnssec_rrs_print_fmt(out, fmt,
rrsets->signatures);
}
}
if (follow && rrsets->next) {
ldns_dnssec_rrsets_print_soa_fmt(out, fmt,
rrsets->next, follow, show_soa);
}
}
}
ldns_rr *
ldns_axfr_next(ldns_resolver *resolver)
{
ldns_rr *cur_rr;
uint8_t *packet_wire;
size_t packet_wire_size;
ldns_lookup_table *rcode;
ldns_status status;
/* check if start() has been called */
if (!resolver || resolver->_socket == 0) {
return NULL;
}
if (resolver->_cur_axfr_pkt) {
if (resolver->_axfr_i == ldns_pkt_ancount(resolver->_cur_axfr_pkt)) {
ldns_pkt_free(resolver->_cur_axfr_pkt);
resolver->_cur_axfr_pkt = NULL;
return ldns_axfr_next(resolver);
}
cur_rr = ldns_rr_clone(ldns_rr_list_rr(
ldns_pkt_answer(resolver->_cur_axfr_pkt),
resolver->_axfr_i));
resolver->_axfr_i++;
if (ldns_rr_get_type(cur_rr) == LDNS_RR_TYPE_SOA) {
resolver->_axfr_soa_count++;
if (resolver->_axfr_soa_count >= 2) {
close(resolver->_socket);
resolver->_socket = 0;
ldns_pkt_free(resolver->_cur_axfr_pkt);
resolver->_cur_axfr_pkt = NULL;
}
}
return cur_rr;
} else {
packet_wire = ldns_tcp_read_wire(resolver->_socket, &packet_wire_size);
if(!packet_wire)
return NULL;
status = ldns_wire2pkt(&resolver->_cur_axfr_pkt, packet_wire,
packet_wire_size);
free(packet_wire);
resolver->_axfr_i = 0;
if (status != LDNS_STATUS_OK) {
/* TODO: make status return type of this function (...api change) */
fprintf(stderr, "Error parsing rr during AXFR: %s\n", ldns_get_errorstr_by_id(status));
return NULL;
} else if (ldns_pkt_get_rcode(resolver->_cur_axfr_pkt) != 0) {
rcode = ldns_lookup_by_id(ldns_rcodes, (int) ldns_pkt_get_rcode(resolver->_cur_axfr_pkt));
fprintf(stderr, "Error in AXFR: %s\n", rcode->name);
return NULL;
} else {
return ldns_axfr_next(resolver);
}
}
}
bool
ldns_rr_a_set_address(ldns_rr *r, ldns_rdf *f)
{
/* 2 types to check, cannot use the macro... */
ldns_rdf *pop;
if (!r || (ldns_rr_get_type(r) != LDNS_RR_TYPE_A &&
ldns_rr_get_type(r) != LDNS_RR_TYPE_AAAA)) {
return false;
}
pop = ldns_rr_set_rdf(r, f, 0);
if (pop) {
LDNS_FREE(pop);
return true;
} else {
return false;
}
}
/**
* return a specific rdf
* \param[in] type type of RR
* \param[in] rr the rr itself
* \param[in] pos at which postion to get it
* \return the rdf sought
*/
static ldns_rdf *
ldns_rr_function(ldns_rr_type type, const ldns_rr *rr, size_t pos)
{
if (!rr || ldns_rr_get_type(rr) != type) {
return NULL;
}
return ldns_rr_rdf(rr, pos);
}
/* key_list must be initialized with ldns_rr_list_new() */
ldns_status
read_key_file(const char *filename, ldns_rr_list *key_list)
{
int line_len = 0;
int line_nr = 0;
int key_count = 0;
char line[LDNS_MAX_PACKETLEN];
ldns_status status;
FILE *input_file;
ldns_rr *rr;
input_file = fopen(filename, "r");
if (!input_file) {
fprintf(stderr, "Error opening %s: %s\n",
filename, strerror(errno));
return LDNS_STATUS_ERR;
}
while (line_len >= 0) {
line_len = read_line(input_file, line);
line_nr++;
if (line_len > 0 && line[0] != ';') {
status = ldns_rr_new_frm_str(&rr, line, 0, NULL, NULL);
if (status != LDNS_STATUS_OK) {
fprintf(stderr,
"Error parsing DNSKEY RR in line %d: %s\n",
line_nr,
ldns_get_errorstr_by_id(status));
} else if (ldns_rr_get_type(rr) == LDNS_RR_TYPE_DNSKEY ||
ldns_rr_get_type(rr) == LDNS_RR_TYPE_DS) {
ldns_rr_list_push_rr(key_list, rr);
key_count++;
} else {
ldns_rr_free(rr);
}
}
}
// printf(";; Number of trusted keys: %d\n", key_count);
if (key_count > 0) {
return LDNS_STATUS_OK;
} else {
/*fprintf(stderr, "No keys read\n");*/
return LDNS_STATUS_ERR;
}
}
struct zversion_t* zversion_read(struct zone_entry_t* entry, uint32_t serial)
{
const char* fn = zinfo_ixfr_name(entry, serial);
struct zversion_t* v;
FILE* in = fopen(fn, "ra");
ldns_status status;
ldns_rr* rr = 0;
uint32_t dttl = 3600;
ldns_rdf* origin = 0, *prev = 0;
int line_nr = 1;
if(!in) {
perror(fn);
return NULL;
}
v = (struct zversion_t*)calloc(1, sizeof(*v));
if(!v) {
fclose(in);
printf("out of memory\n");
return NULL;
}
v->serial = serial;
v->ixfr = ldns_rr_list_new();
while(!feof(in)) {
status = ldns_rr_new_frm_fp_l(&rr, in, &dttl, &origin,
&prev, &line_nr);
if(status == LDNS_STATUS_SYNTAX_TTL ||
status == LDNS_STATUS_SYNTAX_ORIGIN ||
status == LDNS_STATUS_SYNTAX_EMPTY)
continue;
if(status != LDNS_STATUS_OK) {
printf("error %s:%d: %s\n", fn, line_nr,
ldns_get_errorstr_by_id(status));
fclose(in);
ldns_rdf_deep_free(origin);
ldns_rdf_deep_free(prev);
ldns_rr_list_deep_free(v->ixfr);
free(v);
return NULL;
}
ldns_rr_list_push_rr(v->ixfr, rr);
}
ldns_rdf_deep_free(origin);
ldns_rdf_deep_free(prev);
fclose(in);
if(ldns_rr_list_rr_count(v->ixfr) < 1 ||
ldns_rr_get_type(ldns_rr_list_rr(v->ixfr, 0))
!= LDNS_RR_TYPE_SOA) {
printf("invalid IXFR format in %s\n", fn);
ldns_rr_list_deep_free(v->ixfr);
free(v);
return NULL;
}
v->next_serial = ldns_rdf2native_int32(ldns_rr_rdf(
ldns_rr_list_rr(v->ixfr, 0), 2));
return v;
}
/**
* set a specific rdf
* \param[in] type type of RR
* \param[in] rr the rr itself
* \param[in] rdf the rdf to set
* \param[in] pos at which postion to set it
* \return true or false
*/
static bool
ldns_rr_set_function(ldns_rr_type type, ldns_rr *rr, ldns_rdf *rdf, size_t pos)
{
ldns_rdf *pop;
if (!rr || ldns_rr_get_type(rr) != type) {
return false;
}
pop = ldns_rr_set_rdf(rr, rdf, pos);
ldns_rdf_deep_free(pop);
return true;
}
/*
* Read a hints file as root
*
* The file with the given path should contain a list of NS RRs
* for the root zone and A records for those NS RRs.
* Read them, check them, and append the a records to the rr list given.
*/
ldns_rr_list *
read_root_hints(const char *filename)
{
FILE *fp = NULL;
int line_nr = 0;
ldns_zone *z;
ldns_status status;
ldns_rr_list *addresses = NULL;
ldns_rr *rr;
size_t i;
fp = fopen(filename, "r");
if (!fp) {
fprintf(stderr, "Unable to open %s for reading: %s\n", filename, strerror(errno));
return NULL;
}
status = ldns_zone_new_frm_fp_l(&z, fp, NULL, 0, 0, &line_nr);
fclose(fp);
if (status != LDNS_STATUS_OK) {
fprintf(stderr, "Error reading root hints file: %s\n", ldns_get_errorstr_by_id(status));
return NULL;
} else {
addresses = ldns_rr_list_new();
for (i = 0; i < ldns_rr_list_rr_count(ldns_zone_rrs(z)); i++) {
rr = ldns_rr_list_rr(ldns_zone_rrs(z), i);
/*if ((address_family == 0 || address_family == 1) &&
*/
if ( ldns_rr_get_type(rr) == LDNS_RR_TYPE_A ) {
ldns_rr_list_push_rr(addresses, ldns_rr_clone(rr));
}
/*if ((address_family == 0 || address_family == 2) &&*/
if ( ldns_rr_get_type(rr) == LDNS_RR_TYPE_AAAA) {
ldns_rr_list_push_rr(addresses, ldns_rr_clone(rr));
}
}
ldns_zone_deep_free(z);
return addresses;
}
}
static int udp_bind(int sock, int port, const char *my_address)
{
struct sockaddr_in addr;
in_addr_t maddr = INADDR_ANY;
if (my_address) {
#ifdef AF_INET6
if (inet_pton(AF_INET6, my_address, &maddr) < 1) {
#else
if (0) {
#endif
if (inet_pton(AF_INET, my_address, &maddr) < 1) {
return -2;
}
}
}
#ifndef S_SPLINT_S
addr.sin_family = AF_INET;
#endif
addr.sin_port = (in_port_t) htons((uint16_t)port);
addr.sin_addr.s_addr = maddr;
return bind(sock, (struct sockaddr *)&addr, (socklen_t) sizeof(addr));
}
/* this will probably be moved to a better place in the library itself */
ldns_rr_list *
get_rrset(const ldns_zone *zone, const ldns_rdf *owner_name, const ldns_rr_type qtype, const ldns_rr_class qclass)
{
uint16_t i;
ldns_rr_list *rrlist = ldns_rr_list_new();
ldns_rr *cur_rr;
if (!zone || !owner_name) {
fprintf(stderr, "Warning: get_rrset called with NULL zone or owner name\n");
return rrlist;
}
for (i = 0; i < ldns_zone_rr_count(zone); i++) {
cur_rr = ldns_rr_list_rr(ldns_zone_rrs(zone), i);
if (ldns_dname_compare(ldns_rr_owner(cur_rr), owner_name) == 0 &&
ldns_rr_get_class(cur_rr) == qclass &&
ldns_rr_get_type(cur_rr) == qtype
) {
ldns_rr_list_push_rr(rrlist, ldns_rr_clone(cur_rr));
}
}
printf("Found rrset of %u rrs\n", (unsigned int) ldns_rr_list_rr_count(rrlist));
return rrlist;
}
ldns_status
zonefile_read(struct zonefile *z, ldns_rr **out)
{
ldns_rr *rr;
ldns_status status = LDNS_STATUS_OK;
if (!z->valid)
return (LDNS_STATUS_ERR);
if (z->count == 1 && z->rr_soa != NULL) {
*out = z->rr_soa;
z->rr_soa = NULL;
return (LDNS_STATUS_OK);
}
for (;;) {
if (feof(z->fp)) {
*out = NULL;
if (z->is_pipe)
pclose(z->fp);
else
fclose(z->fp);
z->fp = NULL;
return (LDNS_STATUS_OK);
}
status = ldns_rr_new_frm_fp_l(&rr, z->fp, &z->ttl, &z->origin, &z->prev, NULL);
switch (status) {
case LDNS_STATUS_OK:
if (ldns_rr_get_type(rr) == LDNS_RR_TYPE_SOA) {
ldns_rr_free(rr);
rr = 0;
z->valid = false;
status = LDNS_STATUS_OK;
goto out;
}
z->count++;
goto out;
case LDNS_STATUS_SYNTAX_EMPTY:
case LDNS_STATUS_SYNTAX_TTL:
case LDNS_STATUS_SYNTAX_ORIGIN:
status = LDNS_STATUS_OK;
break;
default:
goto out;
}
}
out:
if (status != LDNS_STATUS_OK)
return (status);
*out = rr;
return (status);
}
/**
* Add RR to query.
*
*/
int
query_add_rr(query_type* q, ldns_rr* rr)
{
size_t i = 0;
size_t tc_mark = 0;
size_t rdlength_pos = 0;
uint16_t rdlength = 0;
ods_log_assert(q);
ods_log_assert(q->buffer);
ods_log_assert(rr);
/* set truncation mark, in case rr does not fit */
tc_mark = buffer_position(q->buffer);
/* owner type class ttl */
if (!buffer_available(q->buffer, ldns_rdf_size(ldns_rr_owner(rr)))) {
goto query_add_rr_tc;
}
buffer_write_rdf(q->buffer, ldns_rr_owner(rr));
if (!buffer_available(q->buffer, sizeof(uint16_t) + sizeof(uint16_t) +
sizeof(uint32_t) + sizeof(rdlength))) {
goto query_add_rr_tc;
}
buffer_write_u16(q->buffer, (uint16_t) ldns_rr_get_type(rr));
buffer_write_u16(q->buffer, (uint16_t) ldns_rr_get_class(rr));
buffer_write_u32(q->buffer, (uint32_t) ldns_rr_ttl(rr));
/* skip rdlength */
rdlength_pos = buffer_position(q->buffer);
buffer_skip(q->buffer, sizeof(rdlength));
/* write rdata */
for (i=0; i < ldns_rr_rd_count(rr); i++) {
if (!buffer_available(q->buffer, ldns_rdf_size(ldns_rr_rdf(rr, i)))) {
goto query_add_rr_tc;
}
buffer_write_rdf(q->buffer, ldns_rr_rdf(rr, i));
}
if (!query_overflow(q)) {
/* write rdlength */
rdlength = buffer_position(q->buffer) - rdlength_pos - sizeof(rdlength);
buffer_write_u16_at(q->buffer, rdlength_pos, rdlength);
/* position updated by buffer_write() */
return 1;
}
query_add_rr_tc:
buffer_set_position(q->buffer, tc_mark);
ods_log_assert(!query_overflow(q));
return 0;
}
/** read qinfo from next three words */
static char*
load_qinfo(char* str, struct query_info* qinfo, ldns_buffer* buf,
struct regional* region)
{
/* s is part of the buf */
char* s = str;
ldns_rr* rr;
ldns_status status;
/* skip three words */
s = strchr(str, ' ');
if(s) s = strchr(s+1, ' ');
if(s) s = strchr(s+1, ' ');
if(!s) {
log_warn("error line too short, %s", str);
return NULL;
}
s[0] = 0;
s++;
/* parse them */
status = ldns_rr_new_question_frm_str(&rr, str, NULL, NULL);
if(status != LDNS_STATUS_OK) {
log_warn("error cannot parse: %s %s",
ldns_get_errorstr_by_id(status), str);
return NULL;
}
qinfo->qtype = ldns_rr_get_type(rr);
qinfo->qclass = ldns_rr_get_class(rr);
ldns_buffer_clear(buf);
status = ldns_dname2buffer_wire(buf, ldns_rr_owner(rr));
ldns_rr_free(rr);
if(status != LDNS_STATUS_OK) {
log_warn("error cannot dname2wire: %s",
ldns_get_errorstr_by_id(status));
return NULL;
}
ldns_buffer_flip(buf);
qinfo->qname_len = ldns_buffer_limit(buf);
qinfo->qname = (uint8_t*)regional_alloc_init(region,
ldns_buffer_begin(buf), ldns_buffer_limit(buf));
if(!qinfo->qname) {
log_warn("error out of memory");
return NULL;
}
return s;
}
ldns_status
ldns_resolver_push_dnssec_anchor(ldns_resolver *r, ldns_rr *rr)
{
ldns_rr_list * trust_anchors;
if ((!rr) || (ldns_rr_get_type(rr) != LDNS_RR_TYPE_DNSKEY)) {
return LDNS_STATUS_ERR;
}
if (!(trust_anchors = ldns_resolver_dnssec_anchors(r))) { /* Initialize */
trust_anchors = ldns_rr_list_new();
ldns_resolver_set_dnssec_anchors(r, trust_anchors);
}
return (ldns_rr_list_push_rr(trust_anchors, ldns_rr_clone(rr))) ? LDNS_STATUS_OK : LDNS_STATUS_ERR;
}
ldns_status
ldns_rrsig2buffer_wire(ldns_buffer *buffer, const ldns_rr *rr)
{
uint16_t i;
/* it must be a sig RR */
if (ldns_rr_get_type(rr) != LDNS_RR_TYPE_RRSIG) {
return LDNS_STATUS_ERR;
}
/* Convert all the rdfs, except the actual signature data
* rdf number 8 - the last, hence: -1 */
for (i = 0; i < ldns_rr_rd_count(rr) - 1; i++) {
(void) ldns_rdf2buffer_wire(buffer, ldns_rr_rdf(rr, i));
}
return ldns_buffer_status(buffer);
}
static ldns_rbnode_t *
ldns_dnssec_zone_find_nsec3_original(ldns_dnssec_zone *zone, ldns_rr *rr) {
ldns_rdf *hashed_name;
hashed_name = ldns_dname_label(ldns_rr_owner(rr), 0);
if (hashed_name == NULL) {
return NULL;
}
if (ldns_rr_get_type(rr) == LDNS_RR_TYPE_NSEC3 && ! zone->_nsec3params){
ldns_dnssec_zone_hashed_names_from_nsec3(zone, rr);
}
if (zone->hashed_names == NULL) {
ldns_rdf_deep_free(hashed_name);
return NULL;
}
return ldns_rbtree_search(zone->hashed_names, hashed_name);
}
ldns_status
ldns_dnssec_name_add_rr(ldns_dnssec_name *name,
ldns_rr *rr)
{
ldns_status result = LDNS_STATUS_OK;
ldns_rr_type rr_type;
ldns_rr_type typecovered = 0;
/* special handling for NSEC3 and NSECX covering RRSIGS */
if (!name || !rr) {
return LDNS_STATUS_ERR;
}
rr_type = ldns_rr_get_type(rr);
if (rr_type == LDNS_RR_TYPE_RRSIG) {
typecovered = ldns_rdf2rr_type(ldns_rr_rrsig_typecovered(rr));
}
if (rr_type == LDNS_RR_TYPE_NSEC ||
rr_type == LDNS_RR_TYPE_NSEC3) {
/* XX check if is already set (and error?) */
name->nsec = rr;
} else if (typecovered == LDNS_RR_TYPE_NSEC ||
typecovered == LDNS_RR_TYPE_NSEC3) {
if (name->nsec_signatures) {
result = ldns_dnssec_rrs_add_rr(name->nsec_signatures, rr);
} else {
name->nsec_signatures = ldns_dnssec_rrs_new();
name->nsec_signatures->rr = rr;
}
} else {
/* it's a 'normal' RR, add it to the right rrset */
if (name->rrsets) {
result = ldns_dnssec_rrsets_add_rr(name->rrsets, rr);
} else {
name->rrsets = ldns_dnssec_rrsets_new();
result = ldns_dnssec_rrsets_add_rr(name->rrsets, rr);
}
}
return result;
}
bool
ldns_dnssec_zone_is_nsec3_optout(ldns_dnssec_zone* zone)
{
ldns_rr* nsec3;
ldns_rbnode_t* node;
if (ldns_dnssec_name_find_rrset(zone->soa, LDNS_RR_TYPE_NSEC3PARAM)) {
node = ldns_rbtree_first(zone->names);
while (node != LDNS_RBTREE_NULL) {
nsec3 = ((ldns_dnssec_name*)node->data)->nsec;
if (nsec3 &&ldns_rr_get_type(nsec3)
== LDNS_RR_TYPE_NSEC3 &&
ldns_nsec3_optout(nsec3)) {
return true;
}
node = ldns_rbtree_next(node);
}
}
return false;
}
void
ldns_rr_soa_increment_func_data(ldns_rr *soa,
ldns_soa_serial_increment_func_t f, void *data)
{
ldns_rdf *prev_soa_serial_rdf;
if ( !soa || !f || ldns_rr_get_type(soa) != LDNS_RR_TYPE_SOA
|| !ldns_rr_rdf(soa, 2)) {
return;
}
prev_soa_serial_rdf = ldns_rr_set_rdf(
soa
, ldns_native2rdf_int32(
LDNS_RDF_TYPE_INT32
, (*f)( ldns_rdf2native_int32(
ldns_rr_rdf(soa, 2))
, data
)
)
, 2
);
LDNS_FREE(prev_soa_serial_rdf);
}
static ldns_status
read_soa(struct zonefile *z)
{
ldns_rr *rr;
ldns_status status;
for (;;) {
status = ldns_rr_new_frm_fp_l(&rr, z->fp, &z->ttl, &z->origin, &z->prev, NULL);
switch (status) {
case LDNS_STATUS_OK:
goto out;
case LDNS_STATUS_SYNTAX_EMPTY:
case LDNS_STATUS_SYNTAX_TTL:
case LDNS_STATUS_SYNTAX_ORIGIN:
status = LDNS_STATUS_OK;
break;
default:
goto out;
}
}
out:
if (status != LDNS_STATUS_OK) {
z->valid = false;
return (LDNS_STATUS_ERR);
}
if (ldns_rr_get_type(rr) != LDNS_RR_TYPE_SOA) {
ldns_rr_free(rr);
z->valid = false;
return (LDNS_STATUS_ERR);
}
z->count = 1;
z->domain = ldns_rdf_clone(ldns_rr_owner(rr));
z->origin = ldns_rdf_clone(ldns_rr_owner(rr));
z->rr_soa = rr;
return (LDNS_STATUS_OK);
}
/**
* Delete RR.
*
*/
ods_status
zone_del_rr(zone_type* zone, ldns_rr* rr, int do_stats)
{
domain_type* domain = NULL;
rrset_type* rrset = NULL;
rr_type* record = NULL;
ods_log_assert(rr);
ods_log_assert(zone);
ods_log_assert(zone->name);
ods_log_assert(zone->db);
ods_log_assert(zone->signconf);
domain = namedb_lookup_domain(zone->db, ldns_rr_owner(rr));
if (!domain) {
ods_log_warning("[%s] unable to delete RR from zone %s: "
"domain not found", zone_str, zone->name);
return ODS_STATUS_UNCHANGED;
}
rrset = domain_lookup_rrset(domain, ldns_rr_get_type(rr));
if (!rrset) {
ods_log_warning("[%s] unable to delete RR from zone %s: "
"RRset not found", zone_str, zone->name);
return ODS_STATUS_UNCHANGED;
}
record = rrset_lookup_rr(rrset, rr);
if (!record) {
ods_log_error("[%s] unable to delete RR from zone %s: "
"RR not found", zone_str, zone->name);
return ODS_STATUS_UNCHANGED;
}
record->is_removed = 1;
record->is_added = 0; /* unset is_added */
/* update stats */
if (do_stats && zone->stats) {
zone->stats->sort_count -= 1;
}
return ODS_STATUS_OK;
}
void
check_cover(ldns_rr_list *list, ldns_rdf *qname)
{
ldns_status status;
size_t i;
if(check_done(qname))
return;
for(i=0; i<ldns_rr_list_rr_count(list); ++i)
{
ldns_rr* nsec3 = ldns_rr_list_rr(list, i);
if(ldns_rr_get_type(nsec3) != LDNS_RR_TYPE_NSEC3) {
/* skip non nsec3 */
continue;
}
ldns_rdf* hashed = ldns_nsec3_hash_name_frm_nsec3(
nsec3, qname);
status = ldns_dname_cat(hashed, ldns_dname_left_chop(
ldns_rr_owner(nsec3)));
if(status != LDNS_STATUS_OK)
abort_ldns_error("ldns_dname_cat", status);
if(ldns_dname_compare(hashed, ldns_rr_owner(nsec3)) == 0) {
ldns_rdf_print(stdout, ldns_rr_owner(nsec3));
printf(" proves ");
ldns_rdf_print(stdout, qname);
printf(" exists.\n");
}
else if(ldns_nsec_covers_name(nsec3, hashed)) {
ldns_rdf_print(stdout, ldns_rr_owner(nsec3));
printf(" proves ");
ldns_rdf_print(stdout, qname);
printf(" does not exist.\n");
}
ldns_rdf_free(hashed);
}
}
