Commit Diff
Diff:
f8d00260fd5c40f714f0a8a81e355944aca2f47d
5eebd22da7a5480386b52f68fde02cf5659e87df
Commit:
5eebd22da7a5480386b52f68fde02cf5659e87df
Tree:
9e0200de70c88e88bba99c5c2540848d0f3668aa
Author:
pjp <pjp@delphinusdns.org>
Committer:
pjp <pjp@delphinusdns.org>
Date:
Mon Jul 6 07:17:40 2020 UTC
Message:
make way for a rudamentary cache in forwarding mode a lot had to be rewritten and I hope I didn't accidentally break things calling fill_* from raxfr_* is retarded, there has to be a better way, sigh.. more work.
blob - 003e0cea233a772dbb720680fc6821ceea251651
blob + 39e0fc62dd0afbd45ca97b3c0ee6bf385711649d
--- additional.c
+++ additional.c
@@ -27,7 +27,7 @@
*/
/*
- * $Id: additional.c,v 1.36 2020/07/03 06:49:57 pjp Exp $
+ * $Id: additional.c,v 1.37 2020/07/06 07:17:40 pjp Exp $
*/
#include <sys/types.h>
@@ -74,9 +74,9 @@ int additional_mx(char *, int, struct rbtree *, char *
int additional_ds(char *, int, struct rbtree *, char *, int, int, int *);
int additional_opt(struct question *, char *, int, int);
int additional_ptr(char *, int, struct rbtree *, char *, int, int, int *);
-int additional_rrsig(char *, int, int, struct rbtree *, char *, int, int, int *);
-int additional_nsec(char *, int, int, struct rbtree *, char *, int, int, int *);
-int additional_nsec3(char *, int, int, struct rbtree *, char *, int, int, int *);
+int additional_rrsig(char *, int, int, struct rbtree *, char *, int, int, int *, int);
+int additional_nsec(char *, int, int, struct rbtree *, char *, int, int, int *, int);
+int additional_nsec3(char *, int, int, struct rbtree *, char *, int, int, int *, int);
int additional_tsig(struct question *, char *, int, int, int, int, HMAC_CTX *);
extern void pack(char *, char *, int);
@@ -677,7 +677,7 @@ out:
*/
int
-additional_rrsig(char *name, int namelen, int inttype, struct rbtree *rbt, char *reply, int replylen, int offset, int *count)
+additional_rrsig(char *name, int namelen, int inttype, struct rbtree *rbt, char *reply, int replylen, int offset, int *count, int authoritative)
{
struct answer {
u_int16_t type;
@@ -699,7 +699,10 @@ additional_rrsig(char *name, int namelen, int inttype,
struct rr *rrp = NULL;
int tmplen, rroffset;
int rrsig_count = 0;
+ time_t now;
+ now = time(NULL);
+
if ((rrset = find_rr(rbt, DNS_TYPE_RRSIG)) == NULL)
return 0;
@@ -728,7 +731,12 @@ additional_rrsig(char *name, int namelen, int inttype,
answer = (struct answer *)&reply[offset];
answer->type = htons(DNS_TYPE_RRSIG);
answer->class = htons(DNS_CLASS_IN);
- answer->ttl = htonl(((struct rrsig *)rrp->rdata)->ttl);
+
+ if (authoritative)
+ answer->ttl = htonl(((struct rrsig *)rrp->rdata)->ttl);
+ else
+ answer->ttl = htonl(((struct rrsig *)rrp->rdata)->ttl - (MIN(((struct rrsig *)rrp->rdata)->ttl , difftime(now, ((struct rrsig *)rrp->rdata)->created))));
+
answer->type_covered = htons(((struct rrsig *)rrp->rdata)->type_covered);
answer->algorithm = ((struct rrsig *)rrp->rdata)->algorithm;
answer->labels = ((struct rrsig *)rrp->rdata)->labels;
@@ -769,7 +777,7 @@ additional_rrsig(char *name, int namelen, int inttype,
*/
int
-additional_nsec(char *name, int namelen, int inttype, struct rbtree *rbt, char *reply, int replylen, int offset, int *count)
+additional_nsec(char *name, int namelen, int inttype, struct rbtree *rbt, char *reply, int replylen, int offset, int *count, int authoritative)
{
struct answer {
u_int16_t type;
@@ -783,7 +791,10 @@ additional_nsec(char *name, int namelen, int inttype,
struct rr *rrp = NULL;
int tmplen, rroffset;
int retcount;
+ time_t now;
+ now = time(NULL);
+
if ((rrset = find_rr(rbt, DNS_TYPE_NSEC)) == NULL)
goto out;
@@ -812,7 +823,11 @@ additional_nsec(char *name, int namelen, int inttype,
answer = (struct answer *)&reply[offset];
answer->type = htons(DNS_TYPE_NSEC);
answer->class = htons(DNS_CLASS_IN);
- answer->ttl = htonl(rrset->ttl);
+ if (authoritative)
+ answer->ttl = htonl(rrset->ttl);
+ else
+ answer->ttl = htonl(rrset->ttl - (MIN(rrset->ttl, difftime(now, rrset->created))));
+
answer->rdlength = htons(((struct nsec *)rrp->rdata)->ndn_len +
((struct nsec *)rrp->rdata)->bitmap_len);
@@ -827,7 +842,7 @@ additional_nsec(char *name, int namelen, int inttype,
((struct nsec *)rrp->rdata)->bitmap_len);
offset += ((struct nsec *)rrp->rdata)->bitmap_len;
- tmplen = additional_rrsig(name, namelen, DNS_TYPE_NSEC, rbt, reply, replylen, offset, &retcount);
+ tmplen = additional_rrsig(name, namelen, DNS_TYPE_NSEC, rbt, reply, replylen, offset, &retcount, authoritative);
if (tmplen == 0) {
goto out;
@@ -848,7 +863,7 @@ out:
*/
int
-additional_nsec3(char *name, int namelen, int inttype, struct rbtree *rbt, char *reply, int replylen, int offset, int *count)
+additional_nsec3(char *name, int namelen, int inttype, struct rbtree *rbt, char *reply, int replylen, int offset, int *count, int authoritative)
{
struct answer {
u_int16_t type;
@@ -868,7 +883,10 @@ additional_nsec3(char *name, int namelen, int inttype,
int tmplen, rroffset;
u_int8_t *somelen;
int retcount;
+ time_t now;
+ now = time(NULL);
+
if ((rrset = find_rr(rbt, DNS_TYPE_NSEC3)) == NULL)
goto out;
@@ -897,7 +915,12 @@ additional_nsec3(char *name, int namelen, int inttype,
answer = (struct answer *)&reply[offset];
answer->type = htons(DNS_TYPE_NSEC3);
answer->class = htons(DNS_CLASS_IN);
- answer->ttl = htonl(rrset->ttl);
+
+ if (authoritative)
+ answer->ttl = htonl(rrset->ttl);
+ else
+ answer->ttl = htonl(rrset->ttl - (MIN(rrset->ttl, difftime(now, rrset->created))));
+
answer->rdlength = htons(6 + ((struct nsec3 *)rrp->rdata)->saltlen +
((struct nsec3 *)rrp->rdata)->nextlen +
((struct nsec3 *)rrp->rdata)->bitmap_len);
@@ -928,7 +951,7 @@ additional_nsec3(char *name, int namelen, int inttype,
((struct nsec3 *)rrp->rdata)->bitmap_len);
offset += ((struct nsec3 *)rrp->rdata)->bitmap_len;
- tmplen = additional_rrsig(name, namelen, DNS_TYPE_NSEC3, rbt, reply, replylen, offset, &retcount);
+ tmplen = additional_rrsig(name, namelen, DNS_TYPE_NSEC3, rbt, reply, replylen, offset, &retcount, authoritative);
if (tmplen == 0) {
return 0;
blob - 32f0ab7541edb97514c1c1d06c4d19d4c20af5d5
blob + 2ec09c49e5e617283ec7519485f02b0c43faccc9
--- db.c
+++ db.c
@@ -27,7 +27,7 @@
*/
/*
- * $Id: db.c,v 1.18 2020/05/07 12:17:35 pjp Exp $
+ * $Id: db.c,v 1.19 2020/07/06 07:17:40 pjp Exp $
*/
#include <sys/types.h>
@@ -42,6 +42,7 @@
#include <string.h>
#include <errno.h>
#include <time.h>
+#include <syslog.h>
#ifdef __linux__
#include <grp.h>
@@ -69,6 +70,7 @@ int add_rr(struct rbtree *rbt, char *name, int len, u_
int display_rr(struct rrset *rrset);
int rotate_rr(struct rrset *rrset);
void flag_rr(struct rbtree *rbt);
+int expire_rr(ddDB *, char *, int, u_int16_t);
extern void dolog(int, char *, ...);
@@ -200,6 +202,7 @@ create_rr(ddDB *db, char *name, int len, int type, voi
humanname = convert_name(name, len);
strlcpy(rbt->humanname, humanname, sizeof(rbt->humanname));
rbt->flags &= ~RBT_DNSSEC; /* by default not dnssec'ed */
+
TAILQ_INIT(&rbt->rrset_head);
}
@@ -219,10 +222,13 @@ create_rr(ddDB *db, char *name, int len, int type, voi
else
rrset->ttl = 0; /* fill in later */
+ rrset->created = time(NULL);
+
TAILQ_INIT(&rrset->rr_head);
TAILQ_INSERT_TAIL(&rbt->rrset_head, rrset, entries);
- }
+ } else
+ rrset->created = time(NULL);
/* save this new rbtree (it changed) */
@@ -251,9 +257,12 @@ create_rr(ddDB *db, char *name, int len, int type, voi
myrr->rdata = rdata;
myrr->changed = time(NULL);
+ rrset->ttl = ttl;
+
if (type == DNS_TYPE_RRSIG) {
struct rrsig *rrsig = (struct rrsig *)rdata;
rrsig->ttl = ttl;
+ rrsig->created = time(NULL);
}
TAILQ_INSERT_TAIL(&rrset->rr_head, myrr, entries);
@@ -331,10 +340,69 @@ add_rr(struct rbtree *rbt, char *name, int len, u_int1
return 0;
}
+int
+expire_rr(ddDB *db, char *name, int len, u_int16_t rrtype)
+{
+ struct rbtree *rbt = NULL;
+ struct rrset *rp;
+ struct rr *rt = NULL, *rt1 = NULL, *rt2 = NULL;
+ time_t now;
+ int count = 0;
+
+ now = time(NULL);
+
+ rbt = find_rrset(db, name, len);
+ if (rbt == NULL) {
+ return 0;
+ }
+
+ rp = find_rr(rbt, rrtype);
+ if (rp == NULL) {
+ return 0;
+ }
+
+ rt = TAILQ_FIRST(&rp->rr_head);
+ if (rt == NULL)
+ return 0;
+
+ /* expire these */
+ if (rrtype != DNS_TYPE_RRSIG) {
+ if (difftime(now, rp->created) >= rp->ttl) {
+ count = 0;
+ TAILQ_FOREACH_SAFE(rt1, &rp->rr_head, entries, rt2) {
+ TAILQ_REMOVE(&rp->rr_head, rt1, entries);
+ free(rt1->rdata);
+ free(rt1);
+ count++;
+ }
+
+ return (count);
+ }
+ } else {
+ struct rrsig *rrsig = (struct rrsig *)rt->rdata;
+
+ if (difftime(now, rrsig->created) >= rrsig->ttl) {
+ count = 0;
+ TAILQ_FOREACH_SAFE(rt1, &rp->rr_head, entries, rt2) {
+ TAILQ_REMOVE(&rp->rr_head, rt1, entries);
+ free(rt1->rdata);
+ free(rt1);
+ count++;
+ }
+ return (count);
+ }
+ }
+
+ return 0;
+}
+
struct rrset *
find_rr(struct rbtree *rbt, u_int16_t rrtype)
{
struct rrset *rp = NULL, *rp0 = NULL;
+
+ if (TAILQ_EMPTY(&rbt->rrset_head))
+ return NULL;
TAILQ_FOREACH_SAFE(rp, &rbt->rrset_head, entries, rp0) {
if (rrtype == rp->rrtype)
blob - 05e3e5ccc9f772d4b755f670653e6ae736d57ddd
blob + fb5f89fa4ed2c8e5a06b96f8254aef9fe1401adc
--- ddd-db.h
+++ ddd-db.h
@@ -27,7 +27,7 @@
*/
/*
- * $Id: ddd-db.h,v 1.38 2020/07/03 06:49:57 pjp Exp $
+ * $Id: ddd-db.h,v 1.39 2020/07/06 07:17:40 pjp Exp $
*/
#ifndef _DB_H
@@ -105,6 +105,7 @@ struct rrsig {
u_int16_t signature_len;
uint32_t ttl; /* RFC 4034 section 3, the TTL value of ... */
int used; /* if this RRSIG is used at all */
+ time_t created; /* when this was added to the cache */
} __attribute__((packed));
#if 0
@@ -306,6 +307,7 @@ struct rr {
struct rrset {
u_int16_t rrtype;
u_int32_t ttl;
+ time_t created;
TAILQ_ENTRY(rrset) entries;
TAILQ_HEAD(rrh, rr) rr_head;
};
@@ -419,7 +421,25 @@ struct rzone {
struct raxfr_logic {
int rrtype;
int dnssec;
- int (*raxfr)(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
+ int (*raxfr)(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
};
+
+
+/* reply logic */
+
+struct reply_logic {
+ int rrtype;
+ int type0;
+ int buildtype;
+#define BUILD_CNAME 1
+#define BUILD_OTHER 2
+ int (*reply)(struct sreply *, ddDB *);
+};
+
+
+#ifndef MIN
+#define MIN(a,b) (((a) < (b))?(a):(b))
+#endif
+
#endif /* _DB_H */
blob - e68f9cc07d35f04155b60142b6d3e69d645e6293
blob + 33815e91fb373265741f5cbfc0452b6fc10f5fb7
--- ddd-dns.h
+++ ddd-dns.h
@@ -27,7 +27,7 @@
*/
/*
- * $Id: ddd-dns.h,v 1.19 2020/07/04 07:22:58 pjp Exp $
+ * $Id: ddd-dns.h,v 1.20 2020/07/06 07:17:40 pjp Exp $
*/
#ifndef _DNS_H
@@ -264,6 +264,7 @@ struct question {
char *converted_name;
u_int16_t edns0len;
u_int8_t ednsversion;
+ int aa;
int rd;
int dnssecok;
int badvers;
@@ -319,7 +320,6 @@ struct sforward {
char mac[32];
};
-
#endif /* DNS_H */
blob - 1c2080bccd6b372a6d2438edb322d18b715c62ed
blob + 4241194cbe0cfa45ef9975bd61772c567e1e797b
--- dddctl.c
+++ dddctl.c
@@ -27,7 +27,7 @@
*/
/*
- * $Id: dddctl.c,v 1.109 2020/07/03 06:49:57 pjp Exp $
+ * $Id: dddctl.c,v 1.110 2020/07/06 07:17:40 pjp Exp $
*/
#include <sys/types.h>
@@ -84,6 +84,7 @@ int verbose = 0;
int forward = 0;
int forwardtsig = 0;
int zonecount = 0;
+int cache = 0;
extern int dnssec;
extern int bytes_received;
blob - bde90baa4837ff88081c4a469f27e5a3e299ba57
blob + 2d02b1de37a8c416e8154f476919caa83c5b038b
--- delphinusdnsd.c
+++ delphinusdnsd.c
@@ -27,7 +27,7 @@
*/
/*
- * $Id: delphinusdnsd.c,v 1.115 2020/07/04 07:22:58 pjp Exp $
+ * $Id: delphinusdnsd.c,v 1.116 2020/07/06 07:17:40 pjp Exp $
*/
@@ -173,7 +173,7 @@ extern struct rbtree * get_soa(ddDB *, struct questio
extern struct rbtree * get_ns(ddDB *, struct rbtree *, int *);
-struct question *convert_question(struct parsequestion *);
+struct question *convert_question(struct parsequestion *, int);
void build_reply(struct sreply *, int, char *, int, struct question *, struct sockaddr *, socklen_t, struct rbtree *, struct rbtree *, u_int8_t, int, int, char *);
int compress_label(u_char *, u_int16_t, int);
int determine_glue(ddDB *db);
@@ -196,14 +196,8 @@ void nomore_neurons(struct imsgbuf *);
/* structs */
-static struct reply_logic {
- int rrtype;
- int type0;
- int buildtype;
-#define BUILD_CNAME 1
-#define BUILD_OTHER 2
- int (*reply)(struct sreply *, ddDB *);
-} rlogic[] = {
+/* reply_logic is mirrored with forward.c */
+static struct reply_logic rlogic[] = {
{ DNS_TYPE_A, DNS_TYPE_CNAME, BUILD_CNAME, reply_cname },
{ DNS_TYPE_A, DNS_TYPE_NS, BUILD_OTHER, reply_ns },
{ DNS_TYPE_A, DNS_TYPE_A, BUILD_OTHER, reply_a },
@@ -235,7 +229,9 @@ static struct reply_logic {
{ DNS_TYPE_RRSIG, DNS_TYPE_RRSIG, BUILD_OTHER, reply_rrsig },
{ 0, 0, 0, NULL }
};
+
+
TAILQ_HEAD(, tcpentry) tcphead;
struct tcpentry {
@@ -279,6 +275,7 @@ int icount = 0;
int forward = 0;
int forwardtsig = 0;
int zonecount = 0;
+int cache = 0;
u_int16_t port = 53;
u_int32_t cachesize = 0;
char *bind_list[255];
@@ -1009,6 +1006,7 @@ main(int argc, char *argv[], char *environ[])
}
cfg->sockcount = i;
+ cfg->db = db;
setproctitle("FORWARD engine");
forwardloop(db, cfg, ibuf, &cortex_ibuf);
@@ -1928,7 +1926,7 @@ axfrentry:
}
}
- question = convert_question(&pq);
+ question = convert_question(&pq, 1);
if (question == NULL) {
dolog(LOG_INFO, "on descriptor %u interface \"%s\" internal error from %s, drop\n", so, cfg->ident[i], address);
imsg_free(&imsg);
@@ -2969,7 +2967,7 @@ tcploop(struct cfg *cfg, struct imsgbuf *ibuf, struct
}
}
- question = convert_question(&pq);
+ question = convert_question(&pq, 1);
if (question == NULL) {
dolog(LOG_INFO, "TCP packet on descriptor %u interface \"%s\" internal error from %s, drop\n", so, cfg->ident[tcpnp->intidx], tcpnp->address);
imsg_free(&imsg);
@@ -3616,7 +3614,7 @@ parseloop(struct cfg *cfg, struct imsgbuf *ibuf)
*/
struct question *
-convert_question(struct parsequestion *pq)
+convert_question(struct parsequestion *pq, int authoritative)
{
struct question *q;
@@ -3655,6 +3653,7 @@ convert_question(struct parsequestion *pq)
q->edns0len = pq->edns0len;
q->ednsversion = pq->ednsversion;
q->rd = pq->rd;
+ q->aa = authoritative;
q->dnssecok = pq->dnssecok;
q->badvers = pq->badvers;
q->tsig.have_tsig = pq->tsig.have_tsig;
blob - a4805ae9614aaaf151c6524ffa41c3c5e6767240
blob + d40639b2d31df6b9e6c67b30af8598107f4e4442
--- forward.c
+++ forward.c
@@ -27,7 +27,7 @@
*/
/*
- * $Id: forward.c,v 1.12 2020/07/04 08:44:04 pjp Exp $
+ * $Id: forward.c,v 1.13 2020/07/06 07:17:40 pjp Exp $
*/
#include <sys/types.h>
@@ -131,20 +131,22 @@ struct fwdpq {
char buf[1];
};
+
#define FWDPQHEADER sizeof(struct fwdpq)
void init_forward(void);
int insert_forward(int, struct sockaddr_storage *, uint16_t, char *);
void forwardloop(ddDB *, struct cfg *, struct imsgbuf *, struct imsgbuf *);
-void forwardthis(int, struct sforward *);
+void forwardthis(ddDB *, struct cfg *, int, struct sforward *);
void sendit(struct forwardqueue *, struct sforward *);
-void returnit(struct cfg *cfg, struct forwardqueue *, char *, int, struct imsgbuf *);
+void returnit(ddDB *, struct cfg *, struct forwardqueue *, char *, int, struct imsgbuf *);
struct tsig * check_tsig(char *, int, char *);
void fwdparseloop(struct imsgbuf *);
void changeforwarder(struct forwardqueue *);
void stirforwarders(void);
extern void dolog(int, char *, ...);
+extern void pack(char *, char *, int);
extern void pack16(char *, u_int16_t);
extern uint16_t unpack16(char *);
extern uint32_t unpack32(char *);
@@ -158,11 +160,113 @@ extern char * dns_label(char *, int *);
extern int find_tsig_key(char *, int, char *, int);
extern int memcasecmp(u_char *, u_char *, int);
extern char * expand_compression(u_char *, u_char *, u_char *, u_char *, int *, int);
+extern int expire_rr(ddDB *, char *, int, u_int16_t);
+extern void build_reply(struct sreply *, int, char *, int, struct question *, struct sockaddr *, socklen_t, struct rbtree *, struct rbtree *, u_int8_t, int, int, char *);
+extern struct rbtree * Lookup_zone(ddDB *, char *, int, int, int);
+extern struct rbtree * lookup_zone(ddDB *, struct question *, int *, int *, char *, int);
+extern char *convert_name(char *, int);
+extern int reply_a(struct sreply *, ddDB *);
+extern int reply_aaaa(struct sreply *, ddDB *);
+extern int reply_any(struct sreply *, ddDB *);
+extern int reply_cname(struct sreply *, ddDB *);
+extern int reply_notify(struct sreply *, ddDB *);
+extern int reply_soa(struct sreply *, ddDB *);
+extern int reply_mx(struct sreply *, ddDB *);
+extern int reply_naptr(struct sreply *, ddDB *);
+extern int reply_ns(struct sreply *, ddDB *);
+extern int reply_ptr(struct sreply *, ddDB *);
+extern int reply_srv(struct sreply *, ddDB *);
+extern int reply_sshfp(struct sreply *, ddDB *);
+extern int reply_tlsa(struct sreply *, ddDB *);
+extern int reply_txt(struct sreply *, ddDB *);
+extern int reply_rrsig(struct sreply *, ddDB *);
+extern int reply_dnskey(struct sreply *, ddDB *);
+extern int reply_ds(struct sreply *, ddDB *);
+extern int reply_nsec(struct sreply *, ddDB *);
+extern int reply_nsec3(struct sreply *, ddDB *);
+extern int reply_nsec3param(struct sreply *, ddDB *);
+/*
+ * XXX everything but txt and naptr, works...
+ */
+
+static struct reply_logic rlogic[] = {
+ /* { DNS_TYPE_A, DNS_TYPE_CNAME, BUILD_CNAME, reply_cname }, */
+ /* { DNS_TYPE_A, DNS_TYPE_NS, BUILD_OTHER, reply_ns }, */
+ { DNS_TYPE_A, DNS_TYPE_A, BUILD_OTHER, reply_a },
+ /* { DNS_TYPE_AAAA, DNS_TYPE_CNAME, BUILD_CNAME, reply_cname }, */
+ /* { DNS_TYPE_AAAA, DNS_TYPE_NS, BUILD_OTHER, reply_ns }, */
+ { DNS_TYPE_AAAA, DNS_TYPE_AAAA, BUILD_OTHER, reply_aaaa },
+ { DNS_TYPE_DNSKEY, DNS_TYPE_DNSKEY, BUILD_OTHER, reply_dnskey },
+ { DNS_TYPE_SOA, DNS_TYPE_SOA, BUILD_OTHER, reply_soa },
+ { DNS_TYPE_SOA, DNS_TYPE_NS, BUILD_OTHER, reply_ns },
+ /* { DNS_TYPE_MX, DNS_TYPE_CNAME, BUILD_CNAME, reply_cname }, */
+ /* { DNS_TYPE_MX, DNS_TYPE_NS, BUILD_OTHER, reply_ns }, */
+ { DNS_TYPE_MX, DNS_TYPE_MX, BUILD_OTHER, reply_mx },
+ /* { DNS_TYPE_TXT, DNS_TYPE_TXT, BUILD_OTHER, reply_txt }, */
+ { DNS_TYPE_NS, DNS_TYPE_NS, BUILD_OTHER, reply_ns },
+ { DNS_TYPE_ANY, DNS_TYPE_ANY, BUILD_OTHER, reply_any },
+ { DNS_TYPE_DS, DNS_TYPE_DS, BUILD_OTHER, reply_ds },
+ { DNS_TYPE_SSHFP, DNS_TYPE_SSHFP, BUILD_OTHER, reply_sshfp },
+ { DNS_TYPE_TLSA, DNS_TYPE_TLSA, BUILD_OTHER, reply_tlsa },
+ { DNS_TYPE_SRV, DNS_TYPE_SRV, BUILD_OTHER, reply_srv },
+ { DNS_TYPE_CNAME, DNS_TYPE_CNAME, BUILD_OTHER, reply_cname },
+ { DNS_TYPE_CNAME, DNS_TYPE_NS, BUILD_OTHER, reply_ns },
+ { DNS_TYPE_NSEC3PARAM, DNS_TYPE_NSEC3PARAM, BUILD_OTHER, reply_nsec3param },
+ /* { DNS_TYPE_PTR, DNS_TYPE_CNAME, BUILD_CNAME, reply_cname }, */
+ /* { DNS_TYPE_PTR, DNS_TYPE_NS, BUILD_OTHER, reply_ns }, */
+ { DNS_TYPE_PTR, DNS_TYPE_PTR, BUILD_OTHER, reply_ptr },
+ /* { DNS_TYPE_NAPTR, DNS_TYPE_NAPTR, BUILD_OTHER, reply_naptr }, */
+ { DNS_TYPE_NSEC3, DNS_TYPE_NSEC3, BUILD_OTHER, reply_nsec3 },
+ { DNS_TYPE_NSEC, DNS_TYPE_NSEC, BUILD_OTHER, reply_nsec },
+ { DNS_TYPE_RRSIG, DNS_TYPE_RRSIG, BUILD_OTHER, reply_rrsig },
+ { 0, 0, 0, NULL }
+};
+
+extern int raxfr_a(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
+extern int raxfr_tlsa(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
+extern int raxfr_srv(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
+extern int raxfr_naptr(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
+extern int raxfr_aaaa(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
+extern int raxfr_cname(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
+extern int raxfr_ns(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
+extern int raxfr_ptr(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
+extern int raxfr_mx(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
+extern int raxfr_txt(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
+extern int raxfr_dnskey(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
+extern int raxfr_rrsig(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
+extern int raxfr_nsec3param(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
+extern int raxfr_nsec3(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
+extern int raxfr_ds(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
+extern int raxfr_sshfp(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
+extern int raxfr_soa(FILE *, u_char *, u_char *, u_char *, struct soa *, int, u_int32_t, u_int16_t, HMAC_CTX *);
+extern int raxfr_peek(FILE *, u_char *, u_char *, u_char *, int *, int, u_int16_t *, u_int32_t, HMAC_CTX *);
+
+static struct raxfr_logic supported[] = {
+ { DNS_TYPE_A, 0, raxfr_a },
+ { DNS_TYPE_NS, 0, raxfr_ns },
+ { DNS_TYPE_MX, 0, raxfr_mx },
+ { DNS_TYPE_PTR, 0, raxfr_ptr },
+ { DNS_TYPE_AAAA, 0, raxfr_aaaa },
+ { DNS_TYPE_CNAME, 0, raxfr_cname },
+ { DNS_TYPE_TXT, 0, raxfr_txt },
+ { DNS_TYPE_DNSKEY, 1, raxfr_dnskey },
+ { DNS_TYPE_RRSIG, 1, raxfr_rrsig },
+ { DNS_TYPE_NSEC3PARAM, 1, raxfr_nsec3param },
+ { DNS_TYPE_NSEC3, 1, raxfr_nsec3 },
+ { DNS_TYPE_DS, 1, raxfr_ds },
+ { DNS_TYPE_SSHFP, 0, raxfr_sshfp },
+ { DNS_TYPE_TLSA, 0, raxfr_tlsa },
+ { DNS_TYPE_SRV, 0, raxfr_srv },
+ { DNS_TYPE_NAPTR, 0, raxfr_naptr },
+ { 0, 0, NULL }
+};
+
extern int debug, verbose;
extern int tsig;
extern int dnssec;
+extern int cache;
/*
@@ -245,7 +349,6 @@ forwardloop(ddDB *db, struct cfg *cfg, struct imsgbuf
fd_set rset;
pid_t pid;
-
if (socketpair(AF_UNIX, SOCK_STREAM | SOCK_CLOEXEC, PF_UNSPEC, &pi[0]) < 0) {
dolog(LOG_INFO, "socketpair() failed\n");
ddd_shutdown();
@@ -332,13 +435,13 @@ forwardloop(ddDB *db, struct cfg *cfg, struct imsgbuf
if (len <= 0)
goto drop;
- returnit(cfg, fwq1, buf, len, pibuf);
+ returnit(db, cfg, fwq1, buf, len, pibuf);
} else {
len = recv(fwq1->so, buf, 0xffff, 0);
if (len < 0)
goto drop;
- returnit(cfg, fwq1, buf, len, pibuf);
+ returnit(db, cfg, fwq1, buf, len, pibuf);
}
drop:
@@ -386,14 +489,14 @@ drop:
#if DEBUG
dolog(LOG_INFO, "received UDP message from mainloop\n");
#endif
- forwardthis(-1, (struct sforward *)imsg.data);
+ forwardthis(db, cfg, -1, (struct sforward *)imsg.data);
break;
case IMSG_FORWARD_TCP:
#if DEBUG
dolog(LOG_INFO, "received TCP message and descriptor\n");
#endif
- forwardthis(imsg.fd, (struct sforward *)imsg.data);
+ forwardthis(db, cfg, imsg.fd, (struct sforward *)imsg.data);
break;
}
@@ -407,12 +510,37 @@ drop:
}
void
-forwardthis(int so, struct sforward *sforward)
+forwardthis(ddDB *db, struct cfg *cfg, int so, struct sforward *sforward)
{
+ struct question *q;
+ struct sreply sreply;
+ struct reply_logic *rl = NULL;
+ struct sockaddr_storage *from = NULL;
+ struct dns_header *dh;
+ struct rbtree *rbt = NULL;
+
+ char buf[512];
+ char replystring[DNS_MAXNAME + 1];
+ static char *replybuf = NULL;
+ int len, slen;
+
+ int fromlen, returnval, lzerrno;
+ int istcp = (so == -1 ? 0 : 1);
+
int found = 0;
time_t now;
char *p;
socklen_t namelen;
+
+ if (replybuf == NULL) {
+ replybuf = calloc(1, 0xffff + 2);
+ if (replybuf == NULL) {
+ dolog(LOG_INFO, "calloc: %s\n", strerror(errno));
+ ddd_shutdown();
+ exit(1);
+ }
+ } else
+ memset(replybuf, 0, 0xffff + 2);
now = time(NULL);
p = sforward->buf;
@@ -457,8 +585,103 @@ forwardthis(int so, struct sforward *sforward)
}
if (fwq1 == NULL) {
+ int count;
+
+ if (! cache)
+ goto newqueue;
+
+ /* check cache and expire it, then send if it remains */
+ if ((count = expire_rr(db, sforward->buf, sforward->buflen,
+ ntohs(sforward->type))) != 0) {
+ dolog(LOG_INFO, "expired %d records\n", count);
+ goto newqueue;
+ }
+ /* sforward->type is in netbyte order */
+ if (Lookup_zone(db, sforward->buf, sforward->buflen,
+ ntohs(sforward->type), 0) != NULL) {
+ /* we have a cache */
+#if DEBUG
+ dolog(LOG_INFO, "replying %s type %d out of the cache\n", convert_name(sforward->buf, sforward->buflen), ntohs(sforward->type));
+#endif
+ /* build a pseudo question packet */
+ dh = (struct dns_header *)&buf[0];
+ pack16((char *)&dh->id, sforward->header.id);
+ p = (char *)&dh[1];
+
+ pack(p, sforward->buf, sforward->buflen);
+ p += sforward->buflen;
+ pack16(p, sforward->type);
+ p += sizeof(uint16_t);
+ pack16(p, htons(DNS_CLASS_IN));
+ p += sizeof(uint16_t);
+
+ len = (p - buf);
+ /* pseudo question packet done */
+
+ switch (sforward->family) {
+ case AF_INET:
+ from = (struct sockaddr_storage *)&sforward->from4;
+ fromlen = sizeof(struct sockaddr_in);
+ break;
+ case AF_INET6:
+ from = (struct sockaddr_storage *)&sforward->from6;
+ fromlen = sizeof(struct sockaddr_in6);
+ break;
+ default:
+ dolog(LOG_INFO, "unknown address family, drop\n");
+ return;
+ }
+
+ if (sforward->havemac)
+ q = build_fake_question(sforward->buf, sforward->buflen,
+ sforward->type, sforward->tsigname,
+ sforward->tsignamelen);
+ else
+ q = build_fake_question(sforward->buf, sforward->buflen,
+ sforward->type, NULL, 0);
+
+
+ if (q == NULL) {
+ dolog(LOG_INFO, "build_fake_question failed\n");
+ goto newqueue;
+ }
+
+ q->aa = 0;
+ q->rd = 1;
+
+ rbt = lookup_zone(db, q, &returnval, &lzerrno, (char *)&replystring, sizeof(replystring));
+ if (rbt == NULL) {
+ dolog(LOG_INFO, "lookup_zone failed\n");
+ goto newqueue;
+ }
+
+ q->edns0len = sforward->edns0len;
+
+ build_reply(&sreply,
+ (istcp ? so : cfg->dup[sforward->oldsel]),
+ buf, len, q, (struct sockaddr *)from, fromlen,
+ rbt, NULL, 0xff, istcp, 0, replybuf);
+
+
+ /* from delphinusdnsd.c */
+ for (rl = &rlogic[0]; rl->rrtype != 0; rl++) {
+ if (rl->rrtype == ntohs(q->hdr->qtype)) {
+ slen = (*rl->reply)(&sreply, cfg->db);
+ if (slen < 0) {
+ dolog(LOG_INFO, "reply failed\n");
+ }
+ break;
+ } /* if rl->rrtype == */
+ }
+
+ /* at this point we return everythign is done */
+ return;
+ }
+
/* create a new queue and send it */
+newqueue:
+
TAILQ_FOREACH(fw2, &forwardhead, forward_entry) {
if (fw2->active == 1)
break;
@@ -687,7 +910,7 @@ sendit(struct forwardqueue *fwq, struct sforward *sfor
}
void
-returnit(struct cfg *cfg, struct forwardqueue *fwq, char *rbuf, int rlen, struct imsgbuf *ibuf)
+returnit(ddDB *db, struct cfg *cfg, struct forwardqueue *fwq, char *rbuf, int rlen, struct imsgbuf *ibuf)
{
struct timeval tv;
struct dns_header *dh;
@@ -695,23 +918,35 @@ returnit(struct cfg *cfg, struct forwardqueue *fwq, ch
struct question *q;
struct fwdpq *fwdpq;
struct imsg imsg;
+ struct raxfr_logic *sr;
- char *buf, *p;
+ static char *buf = NULL;
+ char *p;
+ char *estart, *end;
+ char expand[DNS_MAXNAME + 1];
- int so;
+ int so, i, x;
int sel;
int len = 0;
int outlen;
+ uint16_t rrtype;
+ uint16_t rdlen;
+ uint32_t rrttl;
+ int elen;
+ char *pb;
socklen_t tolen;
fd_set rset;
ssize_t n, datalen;
- buf = calloc(1, 0xffff + 2);
if (buf == NULL) {
- dolog(LOG_INFO, "calloc: %s\n", strerror(errno));
- return;
- }
+ buf = calloc(1, 0xffff + 2);
+ if (buf == NULL) {
+ dolog(LOG_INFO, "calloc: %s\n", strerror(errno));
+ return;
+ }
+ } else
+ memset(buf, 0, 0xffff + 2);
if (fwq->istcp == 1) {
p = &buf[2];
@@ -724,7 +959,6 @@ returnit(struct cfg *cfg, struct forwardqueue *fwq, ch
if (rlen <= sizeof(struct dns_header)) {
dolog(LOG_INFO, "FORWARD returnit, returned packet is too small");
- free(buf);
return;
}
@@ -733,28 +967,24 @@ returnit(struct cfg *cfg, struct forwardqueue *fwq, ch
if (! (ntohs(dh->query) & DNS_REPLY)) {
dolog(LOG_INFO, "FORWARD returnit, returned packet is not a reply\n");
- free(buf);
return;
}
if (dh->id != htons(fwq->id)) {
/* returned packet ID does not match */
dolog(LOG_INFO, "FORWARD returnit, returned packet ID does not match %d vs %d\n", ntohs(dh->id), fwq->id);
- free(buf);
return;
}
if (fwq->tsigkey) {
if (rlen > 16300) { /* leave some space for struct */
dolog(LOG_INFO, "can't send packet to parser, too big\n");
- free(buf);
return;
}
fwdpq = (struct fwdpq *)calloc(1, rlen + FWDPQHEADER);
if (fwdpq == NULL) {
dolog(LOG_INFO, "calloc: %s\n", strerror(errno));
- free(buf);
return;
}
@@ -765,7 +995,6 @@ returnit(struct cfg *cfg, struct forwardqueue *fwq, ch
if (imsg_compose(ibuf, IMSG_PARSE_MESSAGE, 0, 0, -1, fwdpq, rlen + FWDPQHEADER) < 0) {
dolog(LOG_INFO, "imsg_compose: %s\n", strerror(errno));
free(fwdpq);
- free(buf);
return;
}
msgbuf_write(&ibuf->w);
@@ -781,20 +1010,17 @@ returnit(struct cfg *cfg, struct forwardqueue *fwq, ch
if (sel < 0) {
dolog(LOG_ERR, "returnit internal error around select, drop\n");
free(fwdpq);
- free(buf);
return;
}
if (sel == 0) {
dolog(LOG_ERR, "returnit internal error around select (timeout), drop\n");
free(fwdpq);
- free(buf);
return;
}
if (((n = imsg_read(ibuf)) == -1 && errno != EAGAIN) || n == 0) {
dolog(LOG_ERR, "returnit internal error around imsg_read, drop\n");
free(fwdpq);
- free(buf);
return;
}
@@ -802,14 +1028,12 @@ returnit(struct cfg *cfg, struct forwardqueue *fwq, ch
if ((n = imsg_get(ibuf, &imsg)) == -1) {
dolog(LOG_ERR, "returnit internal error around imsg_get, drop\n");
free(fwdpq);
- free(buf);
return;
}
if (n == 0) {
dolog(LOG_ERR, "returnit internal error (n == 0), drop\n");
free(fwdpq);
- free(buf);
return;
}
@@ -821,7 +1045,6 @@ returnit(struct cfg *cfg, struct forwardqueue *fwq, ch
if (fwdpq->rc != PARSE_RETURN_ACK) {
dolog(LOG_ERR, "returnit parser did not ACK this (%d), drop\n", fwdpq->rc);
free(fwdpq);
- free(buf);
return;
}
@@ -836,7 +1059,6 @@ returnit(struct cfg *cfg, struct forwardqueue *fwq, ch
if (fwdpq->tsig.have_tsig && fwdpq->tsig.tsigverified == 0) {
dolog(LOG_INFO, "FORWARD returnit, TSIG didn't check out error code = %d\n", stsig->tsigerrorcode);
free(fwdpq);
- free(buf);
return;
}
@@ -848,12 +1070,83 @@ returnit(struct cfg *cfg, struct forwardqueue *fwq, ch
free(fwdpq);
}
+
+ /* insert into the cache */
+ if (! cache)
+ goto skipcache;
+
+ estart = (char *)&dh[0];
+ end = &p[rlen];
+
+ p = (char *)&dh[1];
+
+ elen = 0;
+ memset(&expand, 0, sizeof(expand));
+ pb = expand_compression(p, estart, end, (u_char *)&expand, &elen, sizeof(expand));
+ if (pb == NULL) {
+ dolog(LOG_INFO, "expand_compression() failed -2\n");
+ return;
+ }
+ i = (pb - estart);
+ if (i > rlen) {
+ return;
+ }
+
+ rrtype = ntohs(unpack16(pb));
+
+ /* our cache doesn't like ANY questions/replies */
+ if (rrtype == DNS_TYPE_ANY)
+ goto skipcache;
+
+ pb += 4; /* skip type and class */
+
+ /* we are now at the start of answer */
+ for (x = 0; x < ntohs(dh->answer); x++) {
+ elen = 0;
+ memset(&expand, 0, sizeof(expand));
+ pb = expand_compression(pb, estart, end, (u_char *)&expand, &elen, sizeof(expand));
+ if (pb == NULL) {
+ dolog(LOG_INFO, "expand_compression() failed X\n");
+ return;
+ }
+ i = (pb - estart);
+ if (i > rlen) {
+ return;
+ }
+
+ if (pb + 10 >= end) {
+ dolog(LOG_INFO, "malformed reply, drop\n");
+ return;
+ }
+
+ rrtype = ntohs(unpack16(pb));
+ rrttl = ntohl(unpack32(pb + 4));
+ rdlen = ntohs(unpack16(pb + 8));
+
+ pb += 10; /* skip answerd */
+
+
+ for (sr = supported; sr->rrtype != 0; sr++) {
+ if (rrtype == sr->rrtype) {
+ if ((*sr->raxfr)(NULL, pb, estart, end, NULL, rdlen, NULL, expand, elen, rrttl, db) < 0) {
+#if DEBUG
+ dolog(LOG_INFO, "error with rrtype %d\n", sr->rrtype);
+#endif
+ }
+ } /* if rrtype */
+ } /* for (sr .. */
+
+ pb += rdlen;
+ } /* for (x... */
+
+skipcache:
+
/* add new tsig if needed */
pack16((char *)&dh->id, fwq->oldid);
NTOHS(dh->query);
- dh->query &= ~(DNS_AUTH | DNS_NOTIFY); /* take AA answers out */
+ dh->query &= ~(DNS_AUTH); /* take AA answers out */
SET_DNS_RECURSION(dh);
SET_DNS_RECURSION_AVAIL(dh);
HTONS(dh->query);
@@ -863,7 +1156,6 @@ returnit(struct cfg *cfg, struct forwardqueue *fwq, ch
if (q == NULL) {
dolog(LOG_INFO, "build_fake_question failed\n");
- free(buf);
return;
}
@@ -914,7 +1206,6 @@ returnit(struct cfg *cfg, struct forwardqueue *fwq, ch
}
}
- free(buf);
return;
}
blob - 1ef9e924409429e276a23b85837484e85b49da78
blob + 1f4045e0e388b6e78d068fde51425fe2fd980108
--- parse.y
+++ parse.y
@@ -21,7 +21,7 @@
*/
/*
- * $Id: parse.y,v 1.101 2020/07/03 06:49:57 pjp Exp $
+ * $Id: parse.y,v 1.102 2020/07/06 07:17:40 pjp Exp $
*/
%{
@@ -114,6 +114,7 @@ extern int errno;
extern int debug;
extern int forward;
extern int forwardtsig;
+extern int cache;
extern int zonecount;
extern int verbose;
extern int bflag;
@@ -204,24 +205,24 @@ int raxfrflag = 0;
int tcpanyonly = 0;
char *check_rr(char *, char *, int, int *);
-int fill_a(char *, char *, int, char *);
-int fill_aaaa(char *, char *, int, char *);
-int fill_ptr(char *, char *, int, char *);
-int fill_cname(char *, char *, int, char *);
-int fill_mx(char *, char *, int, int, char *);
-int fill_naptr(char *, char *, int, int, int, char *, char *, char *, char *);
-int fill_ns(char *, char *, int, char *);
-int fill_soa(char *, char *, int, char *, char *, int, int, int, int, int);
-int fill_sshfp(char *, char *, int, int, int, char *);
-int fill_srv(char *, char *, int, int, int, int, char *);
-int fill_tlsa(char *, char *,int, uint8_t, uint8_t, uint8_t, char *);
-int fill_txt(char *, char *, int, char *);
-int fill_dnskey(char *, char *, u_int32_t, u_int16_t, u_int8_t, u_int8_t, char *);
-int fill_rrsig(char *, char *, u_int32_t, char *, u_int8_t, u_int8_t, u_int32_t, u_int64_t, u_int64_t, u_int16_t, char *, char *);
-int fill_nsec(char *, char *, u_int32_t, char *, char *);
-int fill_nsec3param(char *, char *, u_int32_t, u_int8_t, u_int8_t, u_int16_t, char *);
-int fill_nsec3(char *, char *, u_int32_t, u_int8_t, u_int8_t, u_int16_t, char *, char *, char *);
-int fill_ds(char *, char *, u_int32_t, u_int16_t, u_int8_t, u_int8_t, char *);
+int fill_a(ddDB *, char *, char *, int, char *);
+int fill_aaaa(ddDB *, char *, char *, int, char *);
+int fill_ptr(ddDB *, char *, char *, int, char *);
+int fill_cname(ddDB *, char *, char *, int, char *);
+int fill_mx(ddDB *, char *, char *, int, int, char *);
+int fill_naptr(ddDB *, char *, char *, int, int, int, char *, char *, char *, char *);
+int fill_ns(ddDB *, char *, char *, int, char *);
+int fill_soa(ddDB *, char *, char *, int, char *, char *, int, int, int, int, int);
+int fill_sshfp(ddDB *, char *, char *, int, int, int, char *);
+int fill_srv(ddDB *, char *, char *, int, int, int, int, char *);
+int fill_tlsa(ddDB *, char *, char *,int, uint8_t, uint8_t, uint8_t, char *);
+int fill_txt(ddDB *, char *, char *, int, char *);
+int fill_dnskey(ddDB *, char *, char *, u_int32_t, u_int16_t, u_int8_t, u_int8_t, char *);
+int fill_rrsig(ddDB *, char *, char *, u_int32_t, char *, u_int8_t, u_int8_t, u_int32_t, u_int64_t, u_int64_t, u_int16_t, char *, char *);
+int fill_nsec(ddDB *, char *, char *, u_int32_t, char *, char *);
+int fill_nsec3param(ddDB *, char *, char *, u_int32_t, u_int8_t, u_int8_t, u_int16_t, char *);
+int fill_nsec3(ddDB *, char *, char *, u_int32_t, u_int8_t, u_int8_t, u_int16_t, char *, char *, char *);
+int fill_ds(ddDB *, char *, char *, u_int32_t, u_int16_t, u_int8_t, u_int8_t, char *);
void create_nsec_bitmap(char *, char *, int *);
int findeol(void);
@@ -253,7 +254,7 @@ int drop_privs(char *, struct passwd *);
%token ERROR AXFRPORT OPTIONS FILTER MZONE
%token WHITELIST ZINCLUDE MASTER MASTERPORT TSIGAUTH
%token TSIG NOTIFYDEST NOTIFYBIND PORT FORWARD
-%token INCOMINGTSIG DESTINATION
+%token INCOMINGTSIG DESTINATION CACHE
%token <v.string> POUND
%token <v.string> SEMICOLON
@@ -264,6 +265,7 @@ int drop_privs(char *, struct passwd *);
%token <v.string> QUOTEDSTRING
%token <v.string> DESTINATION
%token <v.string> INCOMINGTSIG
+%token <v.string> CACHE
%token <v.intval> NUMBER
@@ -831,7 +833,7 @@ zonestatement:
STRING COMMA STRING COMMA NUMBER COMMA STRING COMMA STRING COMMA NUMBER COMMA NUMBER COMMA NUMBER COMMA NUMBER COMMA NUMBER CRLF
{
if (strcasecmp($3, "soa") == 0) {
- if (fill_soa($1, $3, $5, $7, $9, $11, $13, $15, $17, $19) < 0) {
+ if (fill_soa(mydb, $1, $3, $5, $7, $9, $11, $13, $15, $17, $19) < 0) {
return -1;
}
@@ -855,7 +857,7 @@ zonestatement:
STRING COMMA STRING COMMA NUMBER COMMA NUMBER COMMA NUMBER COMMA QUOTEDSTRING CRLF
{
if (strcasecmp($3, "sshfp") == 0) {
- if (fill_sshfp($1, $3, $5, $7, $9, $11) < 0) {
+ if (fill_sshfp(mydb, $1, $3, $5, $7, $9, $11) < 0) {
return -1;
}
@@ -873,7 +875,7 @@ zonestatement:
STRING COMMA STRING COMMA NUMBER COMMA NUMBER COMMA NUMBER COMMA NUMBER COMMA STRING CRLF
{
if (strcasecmp($3, "srv") == 0) {
- if (fill_srv($1, $3, $5, $7, $9, $11, $13) < 0) {
+ if (fill_srv(mydb, $1, $3, $5, $7, $9, $11, $13) < 0) {
return -1;
}
#if DEBUG
@@ -896,7 +898,7 @@ zonestatement:
if (strcasecmp($3, "ns") == 0 ||
strcasecmp($3, "delegate") == 0 ||
strcasecmp($3, "hint") == 0) {
- if (fill_ns($1, $3, $5, $7) < 0) {
+ if (fill_ns(mydb, $1, $3, $5, $7) < 0) {
return -1;
}
@@ -906,7 +908,7 @@ zonestatement:
#endif
} else if (strcasecmp($3, "ptr") == 0) {
- if (fill_ptr($1, $3, $5, $7) < 0) {
+ if (fill_ptr(mydb, $1, $3, $5, $7) < 0) {
return -1;
}
@@ -916,7 +918,7 @@ zonestatement:
#endif
} else if (strcasecmp($3, "cname") == 0) {
- if (fill_cname($1, $3, $5, $7) < 0) {
+ if (fill_cname(mydb, $1, $3, $5, $7) < 0) {
return -1;
}
@@ -938,7 +940,7 @@ zonestatement:
|
STRING COMMA STRING COMMA NUMBER COMMA IPV6 CRLF {
if (strcasecmp($3, "aaaa") == 0) {
- if (fill_aaaa($1, $3, $5, $7) < 0) {
+ if (fill_aaaa(mydb, $1, $3, $5, $7) < 0) {
return -1;
}
@@ -960,7 +962,7 @@ zonestatement:
STRING COMMA STRING COMMA NUMBER COMMA IP CRLF
{
if (strcasecmp($3, "a") == 0) {
- if (fill_a($1, $3, $5, $7) < 0) {
+ if (fill_a(mydb, $1, $3, $5, $7) < 0) {
return -1;
}
@@ -983,7 +985,7 @@ zonestatement:
STRING COMMA STRING COMMA NUMBER COMMA NUMBER COMMA STRING CRLF
{
if (strcasecmp($3, "mx") == 0) {
- if (fill_mx($1, $3, $5, $7, $9) < 0) {
+ if (fill_mx(mydb, $1, $3, $5, $7, $9) < 0) {
return -1;
}
@@ -1006,7 +1008,7 @@ zonestatement:
STRING COMMA STRING COMMA NUMBER COMMA QUOTEDSTRING CRLF
{
if (strcasecmp($3, "txt") == 0) {
- if (fill_txt($1, $3, $5, $7) < 0) {
+ if (fill_txt(mydb, $1, $3, $5, $7) < 0) {
return -1;
}
@@ -1028,7 +1030,7 @@ zonestatement:
STRING COMMA STRING COMMA NUMBER COMMA NUMBER COMMA NUMBER COMMA QUOTEDSTRING COMMA QUOTEDSTRING COMMA QUOTEDSTRING COMMA STRING CRLF
{
if (strcasecmp($3, "naptr") == 0) {
- if (fill_naptr($1, $3, $5, $7, $9, $11, $13, $15, $17) < 0) {
+ if (fill_naptr(mydb, $1, $3, $5, $7, $9, $11, $13, $15, $17) < 0) {
return -1;
}
@@ -1057,7 +1059,7 @@ zonestatement:
}
if (strcasecmp($3, "dnskey") == 0) {
- if (fill_dnskey($1, $3, $5, $7, $9, $11, $13) < 0) {
+ if (fill_dnskey(mydb, $1, $3, $5, $7, $9, $11, $13) < 0) {
return -1;
}
@@ -1066,7 +1068,7 @@ zonestatement:
printf(" %s DNSKEY\n", $1);
#endif
} else if (strcasecmp($3, "ds") == 0) {
- if (fill_ds($1, $3, $5, $7, $9, $11, $13) < 0) {
+ if (fill_ds(mydb, $1, $3, $5, $7, $9, $11, $13) < 0) {
return -1;
}
#if DEBUG
@@ -1074,7 +1076,7 @@ zonestatement:
printf(" %s DS\n", $1);
#endif
} else if (strcasecmp($3, "nsec3param") == 0) {
- if (fill_nsec3param($1, $3, $5, $7, $9, $11, $13) < 0) {
+ if (fill_nsec3param(mydb, $1, $3, $5, $7, $9, $11, $13) < 0) {
return -1;
}
#if DEBUG
@@ -1082,7 +1084,7 @@ zonestatement:
printf(" %s NSEC3PARAM\n", $1);
#endif
} else if (strcasecmp($3, "tlsa") == 0) {
- if (fill_tlsa($1, $3, $5, $7, $9, $11, $13) < 0) {
+ if (fill_tlsa(mydb, $1, $3, $5, $7, $9, $11, $13) < 0) {
return -1;
}
#if DEBUG
@@ -1107,7 +1109,7 @@ zonestatement:
dolog(LOG_INFO, "WARNING DNSSEC RRSIG RR but no dnssec enabled!\n");
}
- if (fill_rrsig($1, $3, $5, $7, $9, $11, $13, $15, $17, $19, $21, $23) < 0) {
+ if (fill_rrsig(mydb, $1, $3, $5, $7, $9, $11, $13, $15, $17, $19, $21, $23) < 0) {
fprintf(stderr, "fill_rrsig failed\n");
return -1;
}
@@ -1136,7 +1138,7 @@ zonestatement:
dolog(LOG_INFO, "WARNING DNSSEC NSEC RR but no dnssec enabled!\n");
}
- if (fill_nsec($1, $3, $5, $7, $9) < 0) {
+ if (fill_nsec(mydb, $1, $3, $5, $7, $9) < 0) {
return -1;
}
@@ -1163,7 +1165,7 @@ zonestatement:
dolog(LOG_INFO, "WARNING DNSSEC NSEC3 RR but no dnssec enabled!\n");
}
- if (fill_nsec3($1, $3, $5, $7, $9, $11, $13, $15, $17) < 0) {
+ if (fill_nsec3(mydb, $1, $3, $5, $7, $9, $11, $13, $15, $17) < 0) {
return -1;
}
@@ -1466,6 +1468,16 @@ forwardstatement : INCOMINGTSIG STRING SEMICOLON CRLF
free($5);
free($6);
}
+ | CACHE STRING SEMICOLON CRLF
+ {
+ if (strcmp($2, "yes") == 0 ||
+ strcmp($2, "on") == 0)
+
+ cache = 1;
+
+
+ free ($2);
+ }
| comment CRLF
;
@@ -1649,6 +1661,7 @@ struct tab {
struct tab cmdtab[] = {
{ "axfrport", AXFRPORT, 0},
{ "axfr-for", AXFRFOR, STATE_IP },
+ { "cache", CACHE, 0 },
{ "destination", DESTINATION, 0 },
{ "filter", FILTER, STATE_IP },
{ "forward", FORWARD, 0 },
@@ -2144,9 +2157,8 @@ check_rr(char *domainname, char *mytype, int itype, in
}
int
-fill_cname(char *name, char *type, int myttl, char *hostname)
+fill_cname(ddDB *db, char *name, char *type, int myttl, char *hostname)
{
- ddDB *db = mydb;
struct rbtree *rbt;
struct cname *cname;
char *myname, *converted_name;
@@ -2199,9 +2211,8 @@ fill_cname(char *name, char *type, int myttl, char *ho
}
int
-fill_ptr(char *name, char *type, int myttl, char *hostname)
+fill_ptr(ddDB *db, char *name, char *type, int myttl, char *hostname)
{
- ddDB *db = mydb;
struct ptr *ptr;
struct rbtree *rbt;
int len, converted_namelen;
@@ -2255,9 +2266,8 @@ fill_ptr(char *name, char *type, int myttl, char *host
/* first two dnssec RRs! */
int
-fill_dnskey(char *name, char *type, u_int32_t myttl, u_int16_t flags, u_int8_t protocol, u_int8_t algorithm, char *pubkey)
+fill_dnskey(ddDB *db, char *name, char *type, u_int32_t myttl, u_int16_t flags, u_int8_t protocol, u_int8_t algorithm, char *pubkey)
{
- ddDB *db = mydb;
struct dnskey *dnskey;
struct rbtree *rbt;
int converted_namelen;
@@ -2307,9 +2317,8 @@ fill_dnskey(char *name, char *type, u_int32_t myttl, u
}
int
-fill_rrsig(char *name, char *type, u_int32_t myttl, char *typecovered, u_int8_t algorithm, u_int8_t labels, u_int32_t original_ttl, u_int64_t sig_expiration, u_int64_t sig_inception, u_int16_t keytag, char *signers_name, char *signature)
+fill_rrsig(ddDB *db, char *name, char *type, u_int32_t myttl, char *typecovered, u_int8_t algorithm, u_int8_t labels, u_int32_t original_ttl, u_int64_t sig_expiration, u_int64_t sig_inception, u_int16_t keytag, char *signers_name, char *signature)
{
- ddDB *db = mydb;
ddDBT key, data;
struct rbtree *rbt;
struct rrsig *rrsig;
@@ -2424,9 +2433,8 @@ fill_rrsig(char *name, char *type, u_int32_t myttl, ch
}
int
-fill_ds(char *name, char *type, u_int32_t myttl, u_int16_t keytag, u_int8_t algorithm, u_int8_t digesttype, char *digest)
+fill_ds(ddDB *db, char *name, char *type, u_int32_t myttl, u_int16_t keytag, u_int8_t algorithm, u_int8_t digesttype, char *digest)
{
- ddDB *db = mydb;
struct rbtree *rbt;
struct ds *ds;
int converted_namelen;
@@ -2471,9 +2479,8 @@ fill_ds(char *name, char *type, u_int32_t myttl, u_int
}
int
-fill_nsec3(char *name, char *type, u_int32_t myttl, u_int8_t algorithm, u_int8_t flags, u_int16_t iterations, char *salt, char *nextname, char *bitmap)
+fill_nsec3(ddDB *db, char *name, char *type, u_int32_t myttl, u_int8_t algorithm, u_int8_t flags, u_int16_t iterations, char *salt, char *nextname, char *bitmap)
{
- ddDB *db = mydb;
struct nsec3 *nsec3;
struct rbtree *rbt;
int i;
@@ -2546,9 +2553,8 @@ fill_nsec3(char *name, char *type, u_int32_t myttl, u_
}
int
-fill_nsec3param(char *name, char *type, u_int32_t myttl, u_int8_t algorithm, u_int8_t flags, u_int16_t iterations, char *salt)
+fill_nsec3param(ddDB *db, char *name, char *type, u_int32_t myttl, u_int8_t algorithm, u_int8_t flags, u_int16_t iterations, char *salt)
{
- ddDB *db = mydb;
struct rbtree *rbt;
struct nsec3param *nsec3param;
int i;
@@ -2591,9 +2597,8 @@ fill_nsec3param(char *name, char *type, u_int32_t mytt
}
int
-fill_nsec(char *name, char *type, u_int32_t myttl, char *domainname, char *bitmap)
+fill_nsec(ddDB *db, char *name, char *type, u_int32_t myttl, char *domainname, char *bitmap)
{
- ddDB *db = mydb;
struct nsec *nsec;
struct rbtree *rbt;
int converted_namelen, converted_domainnamelen;
@@ -2647,9 +2652,8 @@ fill_nsec(char *name, char *type, u_int32_t myttl, cha
int
-fill_naptr(char *name, char *type, int myttl, int order, int preference, char *flags, char *services, char *regexp, char *replacement)
+fill_naptr(ddDB *db, char *name, char *type, int myttl, int order, int preference, char *flags, char *services, char *regexp, char *replacement)
{
- ddDB *db = mydb;
struct rbtree *rbt;
struct naptr *naptr;
int converted_namelen;
@@ -2719,9 +2723,8 @@ fill_naptr(char *name, char *type, int myttl, int orde
}
int
-fill_txt(char *name, char *type, int myttl, char *msg)
+fill_txt(ddDB *db, char *name, char *type, int myttl, char *msg)
{
- ddDB *db = mydb;
struct rbtree *rbt;
struct txt *txt;
int converted_namelen;
@@ -2792,9 +2795,8 @@ fill_txt(char *name, char *type, int myttl, char *msg)
}
int
-fill_tlsa(char *name, char *type, int myttl, uint8_t usage, uint8_t selector, uint8_t matchtype, char *data)
+fill_tlsa(ddDB *db, char *name, char *type, int myttl, uint8_t usage, uint8_t selector, uint8_t matchtype, char *data)
{
- ddDB *db = mydb;
struct rbtree *rbt;
struct tlsa *tlsa;
int converted_namelen;
@@ -2859,9 +2861,8 @@ fill_tlsa(char *name, char *type, int myttl, uint8_t u
}
int
-fill_sshfp(char *name, char *type, int myttl, int alg, int fptype, char *fingerprint)
+fill_sshfp(ddDB *db, char *name, char *type, int myttl, int alg, int fptype, char *fingerprint)
{
- ddDB *db = mydb;
struct sshfp *sshfp;
struct rbtree *rbt;
int converted_namelen;
@@ -2919,9 +2920,8 @@ fill_sshfp(char *name, char *type, int myttl, int alg,
}
int
-fill_srv(char *name, char *type, int myttl, int priority, int weight, int port, char *srvhost)
+fill_srv(ddDB *db, char *name, char *type, int myttl, int priority, int weight, int port, char *srvhost)
{
- ddDB *db = mydb;
struct srv *srv;
struct rbtree *rbt;
int converted_namelen;
@@ -2978,9 +2978,8 @@ fill_srv(char *name, char *type, int myttl, int priori
}
int
-fill_mx(char *name, char *type, int myttl, int priority, char *mxhost)
+fill_mx(ddDB *db, char *name, char *type, int myttl, int priority, char *mxhost)
{
- ddDB *db = mydb;
struct smx *mx;
struct rbtree *rbt;
int converted_namelen;
@@ -3030,9 +3029,8 @@ fill_mx(char *name, char *type, int myttl, int priorit
}
int
-fill_a(char *name, char *type, int myttl, char *a)
+fill_a(ddDB *db, char *name, char *type, int myttl, char *a)
{
- ddDB *db = mydb;
struct a *sa;
struct rbtree *rbt;
int converted_namelen;
@@ -3077,9 +3075,8 @@ fill_a(char *name, char *type, int myttl, char *a)
int
-fill_aaaa(char *name, char *type, int myttl, char *aaaa)
+fill_aaaa(ddDB *db, char *name, char *type, int myttl, char *aaaa)
{
- ddDB *db = mydb;
struct aaaa *saaaa;
struct rbtree *rbt;
int converted_namelen;
@@ -3125,9 +3122,8 @@ fill_aaaa(char *name, char *type, int myttl, char *aaa
int
-fill_ns(char *name, char *type, int myttl, char *nameserver)
+fill_ns(ddDB *db, char *name, char *type, int myttl, char *nameserver)
{
- ddDB *db = mydb;
struct ns *ns;
struct rbtree *rbt;
int len, converted_namelen;
@@ -3212,9 +3208,8 @@ fill_ns(char *name, char *type, int myttl, char *names
}
int
-fill_soa(char *name, char *type, int myttl, char *auth, char *contact, int serial, int refresh, int retry, int expire, int ttl)
+fill_soa(ddDB *db, char *name, char *type, int myttl, char *auth, char *contact, int serial, int refresh, int retry, int expire, int ttl)
{
- ddDB *db = mydb;
struct rbtree *rbt;
struct soa *soa;
int len, converted_namelen;
blob - 05a7d777daeb48743dbcc30b959d43f0f4182717
blob + b72aa46a2e6b9eba034364174fc4a702ae99f647
--- query.c
+++ query.c
@@ -27,7 +27,7 @@
*/
/*
- * $Id: query.c,v 1.4 2020/06/25 10:01:11 pjp Exp $
+ * $Id: query.c,v 1.5 2020/07/06 07:17:40 pjp Exp $
*/
#include <sys/types.h>
@@ -143,22 +143,22 @@ extern char * bin2hex(char *, int);
extern u_int64_t timethuman(time_t);
extern char * bitmap2human(char *, int);
-extern int raxfr_a(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
-extern int raxfr_tlsa(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
-extern int raxfr_srv(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
-extern int raxfr_naptr(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
-extern int raxfr_aaaa(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
-extern int raxfr_cname(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
-extern int raxfr_ns(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
-extern int raxfr_ptr(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
-extern int raxfr_mx(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
-extern int raxfr_txt(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
-extern int raxfr_dnskey(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
-extern int raxfr_rrsig(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
-extern int raxfr_nsec3param(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
-extern int raxfr_nsec3(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
-extern int raxfr_ds(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
-extern int raxfr_sshfp(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
+extern int raxfr_a(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
+extern int raxfr_tlsa(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
+extern int raxfr_srv(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
+extern int raxfr_naptr(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
+extern int raxfr_aaaa(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
+extern int raxfr_cname(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
+extern int raxfr_ns(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
+extern int raxfr_ptr(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
+extern int raxfr_mx(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
+extern int raxfr_txt(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
+extern int raxfr_dnskey(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
+extern int raxfr_rrsig(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
+extern int raxfr_nsec3param(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
+extern int raxfr_nsec3(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
+extern int raxfr_ds(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
+extern int raxfr_sshfp(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
extern u_int16_t raxfr_skip(FILE *, u_char *, u_char *);
extern int raxfr_soa(FILE *, u_char *, u_char *, u_char *, struct soa *, int, u_int32_t, u_int16_t, HMAC_CTX *);
extern int raxfr_peek(FILE *, u_char *, u_char *, u_char *, int *, int, u_int16_t *, u_int32_t, HMAC_CTX *);
@@ -669,7 +669,7 @@ skip:
} else {
for (sr = supported; sr->rrtype != 0; sr++) {
if (rrtype == sr->rrtype) {
- if ((len = (*sr->raxfr)(f, p, estart, end, mysoa, rdlen, NULL)) < 0) {
+ if ((len = (*sr->raxfr)(f, p, estart, end, mysoa, rdlen, NULL, NULL, 0, 0, NULL)) < 0) {
fprintf(stderr, "error with rrtype %d\n", sr->rrtype);
return -1;
}
blob - c5cf045459ce224475bc2a909c2213fbdd8fa6df
blob + 08c85b57a832ada5e089a914941cc03ea5d64da3
--- raxfr.c
+++ raxfr.c
@@ -26,7 +26,7 @@
*
*/
/*
- * $Id: raxfr.c,v 1.52 2020/06/25 10:01:11 pjp Exp $
+ * $Id: raxfr.c,v 1.53 2020/07/06 07:17:40 pjp Exp $
*/
#include <sys/types.h>
@@ -96,27 +96,29 @@ struct myschedule {
-int raxfr_a(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
-int raxfr_aaaa(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
-int raxfr_cname(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
-int raxfr_ns(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
-int raxfr_ptr(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
-int raxfr_mx(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
-int raxfr_txt(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
-int raxfr_dnskey(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
-int raxfr_rrsig(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
-int raxfr_nsec3param(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
-int raxfr_nsec3(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
-int raxfr_ds(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
-int raxfr_sshfp(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
-int raxfr_tlsa(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
-int raxfr_srv(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
-int raxfr_naptr(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
+int raxfr_a(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
+int raxfr_aaaa(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
+int raxfr_cname(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
+int raxfr_ns(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
+int raxfr_ptr(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
+int raxfr_mx(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
+int raxfr_txt(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
+int raxfr_dnskey(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
+int raxfr_rrsig(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
+int raxfr_nsec3param(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
+int raxfr_nsec3(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
+int raxfr_ds(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
+int raxfr_sshfp(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
+int raxfr_tlsa(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
+int raxfr_srv(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
+int raxfr_naptr(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
+int raxfr_soa(FILE *, u_char *, u_char *, u_char *, struct soa *, int, u_int32_t, u_int16_t, HMAC_CTX *);
u_int16_t raxfr_skip(FILE *, u_char *, u_char *);
-int raxfr_soa(FILE *, u_char *, u_char *, u_char *, struct soa *, int, u_int32_t, u_int16_t, HMAC_CTX *);
int raxfr_peek(FILE *, u_char *, u_char *, u_char *, int *, int, u_int16_t *, u_int32_t, HMAC_CTX *);
int raxfr_tsig(FILE *f, u_char *p, u_char *estart, u_char *end, struct soa *mysoa, u_int16_t rdlen, HMAC_CTX *ctx, char *, int);
+
+
void replicantloop(ddDB *, struct imsgbuf *);
static void schedule_refresh(char *, time_t);
static void schedule_retry(char *, time_t);
@@ -127,6 +129,25 @@ int64_t get_remote_soa(struct rzone *rzone);
int do_raxfr(FILE *, struct rzone *);
int pull_rzone(struct rzone *, time_t);
+extern int fill_a(ddDB *, char *, char *, int, char *);
+extern int fill_aaaa(ddDB *, char *, char *, int, char *);
+extern int fill_ptr(ddDB *, char *, char *, int, char *);
+extern int fill_cname(ddDB *, char *, char *, int, char *);
+extern int fill_mx(ddDB *, char *, char *, int, int, char *);
+extern int fill_naptr(ddDB *, char *, char *, int, int, int, char *, char *, char *, char *);
+extern int fill_ns(ddDB *, char *, char *, int, char *);
+extern int fill_soa(ddDB *, char *, char *, int, char *, char *, int, int, int, int, int);
+extern int fill_sshfp(ddDB *, char *, char *, int, int, int, char *);
+extern int fill_srv(ddDB *, char *, char *, int, int, int, int, char *);
+extern int fill_tlsa(ddDB *, char *, char *,int, uint8_t, uint8_t, uint8_t, char *);
+extern int fill_txt(ddDB *, char *, char *, int, char *);
+extern int fill_dnskey(ddDB *, char *, char *, u_int32_t, u_int16_t, u_int8_t, u_int8_t, char *);
+extern int fill_rrsig(ddDB *, char *, char *, u_int32_t, char *, u_int8_t, u_int8_t, u_int32_t, u_int64_t, u_int64_t, u_int16_t, char *, char *);
+extern int fill_nsec(ddDB *, char *, char *, u_int32_t, char *, char *);
+extern int fill_nsec3param(ddDB *, char *, char *, u_int32_t, u_int8_t, u_int8_t, u_int16_t, char *);
+extern int fill_nsec3(ddDB *, char *, char *, u_int32_t, u_int8_t, u_int8_t, u_int16_t, char *, char *, char *);
+extern int fill_ds(ddDB *, char *, char *, u_int32_t, u_int16_t, u_int8_t, u_int8_t, char *);
+
extern int memcasecmp(u_char *, u_char *, int);
extern char * dns_label(char *, int *);
extern char *get_dns_type(int, int);
@@ -138,7 +159,7 @@ extern char *base32hex_encode(u_char *, int);
extern u_int64_t timethuman(time_t);
extern char * expand_compression(u_char *, u_char *, u_char *, u_char *, int *, int);
extern void dolog(int, char *, ...);
-extern struct rbtree * find_rrset(ddDB *db, char *name, int len);
+extern struct rbtree * find_rrset(ddDB *db, char *name, int namelen);
extern struct rrset * find_rr(struct rbtree *rbt, u_int16_t rrtype);
extern struct question *build_question(char *, int, int, char *);
extern int lookup_axfr(FILE *, int, char *, struct soa *, u_int32_t, char *, char *, int *, int *, int *);
@@ -410,7 +431,7 @@ raxfr_soa(FILE *f, u_char *p, u_char *estart, u_char *
}
int
-raxfr_rrsig(FILE *f, u_char *p, u_char *estart, u_char *end, struct soa *mysoa, u_int16_t rdlen, HMAC_CTX *ctx)
+raxfr_rrsig(FILE *f, u_char *p, u_char *estart, u_char *end, struct soa *mysoa, u_int16_t rdlen, HMAC_CTX *ctx, char *name, int namelen, uint32_t dnsttl, ddDB *db)
{
struct rrsig rs;
char *save, *humanname;
@@ -484,15 +505,27 @@ raxfr_rrsig(FILE *f, u_char *p, u_char *estart, u_char
free(b);
return -1;
}
- if (f != NULL) {
- fprintf(f, "%s,%u,%u,%u,%llu,%llu,%u,%s,\"%s\"\n",
- get_dns_type(rs.type_covered, 0),
- rs.algorithm, rs.labels, rs.original_ttl,
- timethuman(rs.signature_expiration),
+
+ if (name == NULL) {
+ if (f != NULL) {
+ fprintf(f, "%s,%u,%u,%u,%llu,%llu,%u,%s,\"%s\"\n",
+ get_dns_type(rs.type_covered, 0),
+ rs.algorithm, rs.labels, rs.original_ttl,
+ timethuman(rs.signature_expiration),
+ timethuman(rs.signature_inception),
+ rs.key_tag,
+ (*humanname == '\0' ? "." : humanname), b);
+ }
+ } else {
+ fill_rrsig(db, convert_name(name, namelen), "rrsig", dnsttl,
+ get_dns_type(rs.type_covered, 0), rs.algorithm,
+ rs.labels, rs.original_ttl,
+ timethuman(rs.signature_expiration),
timethuman(rs.signature_inception),
rs.key_tag,
(*humanname == '\0' ? "." : humanname), b);
}
+
free(humanname);
free(b);
@@ -504,7 +537,7 @@ raxfr_rrsig(FILE *f, u_char *p, u_char *estart, u_char
}
int
-raxfr_ds(FILE *f, u_char *p, u_char *estart, u_char *end, struct soa *mysoa, u_int16_t rdlen, HMAC_CTX *ctx)
+raxfr_ds(FILE *f, u_char *p, u_char *estart, u_char *end, struct soa *mysoa, u_int16_t rdlen, HMAC_CTX *ctx, char *name, int namelen, uint32_t dnsttl, ddDB *db)
{
struct ds d;
u_int16_t tmpshort;
@@ -528,9 +561,15 @@ raxfr_ds(FILE *f, u_char *p, u_char *estart, u_char *e
p += d.digestlen;
- if (f != NULL) {
- fprintf(f, "%u,%u,%u,\"%s\"\n", d.key_tag, d.algorithm,
- d.digest_type, bin2hex(d.digest, d.digestlen));
+ if (name == NULL) {
+ if (f != NULL) {
+ fprintf(f, "%u,%u,%u,\"%s\"\n", d.key_tag, d.algorithm,
+ d.digest_type, bin2hex(d.digest, d.digestlen));
+ }
+ } else {
+ fill_ds(db, convert_name(name, namelen), "ds", dnsttl,
+ d.key_tag, d.algorithm, d.digest_type,
+ bin2hex(d.digest, d.digestlen));
}
if (ctx != NULL)
@@ -540,7 +579,7 @@ raxfr_ds(FILE *f, u_char *p, u_char *estart, u_char *e
}
int
-raxfr_sshfp(FILE *f, u_char *p, u_char *estart, u_char *end, struct soa *mysoa, u_int16_t rdlen, HMAC_CTX *ctx)
+raxfr_sshfp(FILE *f, u_char *p, u_char *estart, u_char *end, struct soa *mysoa, u_int16_t rdlen, HMAC_CTX *ctx, char *name, int namelen, uint32_t dnsttl, ddDB *db)
{
struct sshfp s;
char *hex;
@@ -563,8 +602,13 @@ raxfr_sshfp(FILE *f, u_char *p, u_char *estart, u_char
hex = bin2hex(s.fingerprint, s.fplen);
- if (f != NULL) {
- fprintf(f, "%u,%u,\"%s\"\n", s.algorithm, s.fptype, hex);
+ if (name == NULL) {
+ if (f != NULL) {
+ fprintf(f, "%u,%u,\"%s\"\n", s.algorithm, s.fptype, hex);
+ }
+ } else {
+ fill_sshfp(db, convert_name(name, namelen), "sshfp", dnsttl,
+ s.algorithm, s.fptype, hex);
}
if (ctx != NULL)
@@ -574,7 +618,7 @@ raxfr_sshfp(FILE *f, u_char *p, u_char *estart, u_char
}
int
-raxfr_dnskey(FILE *f, u_char *p, u_char *estart, u_char *end, struct soa *mysoa, u_int16_t rdlen, HMAC_CTX *ctx)
+raxfr_dnskey(FILE *f, u_char *p, u_char *estart, u_char *end, struct soa *mysoa, u_int16_t rdlen, HMAC_CTX *ctx, char *name, int namelen, uint32_t dnsttl, ddDB *db)
{
struct dnskey dk;
u_int16_t tmpshort;
@@ -613,9 +657,14 @@ raxfr_dnskey(FILE *f, u_char *p, u_char *estart, u_cha
b[len] = '\0';
- if (f != NULL) {
- fprintf(f, "%u,%u,%u,\"%s\"\n", dk.flags, dk.protocol,
- dk.algorithm, b);
+ if (name == NULL) {
+ if (f != NULL) {
+ fprintf(f, "%u,%u,%u,\"%s\"\n", dk.flags, dk.protocol,
+ dk.algorithm, b);
+ }
+ } else {
+ fill_dnskey(db, convert_name(name, namelen), "dnskey", dnsttl,
+ dk.flags, dk.protocol, dk.algorithm, b);
}
free(b);
@@ -628,7 +677,7 @@ raxfr_dnskey(FILE *f, u_char *p, u_char *estart, u_cha
int
-raxfr_mx(FILE *f, u_char *p, u_char *estart, u_char *end, struct soa *mysoa, u_int16_t rdlen, HMAC_CTX *ctx)
+raxfr_mx(FILE *f, u_char *p, u_char *estart, u_char *end, struct soa *mysoa, u_int16_t rdlen, HMAC_CTX *ctx, char *name, int namelen, uint32_t dnsttl, ddDB *db)
{
u_int16_t mxpriority;
char *save, *humanname;
@@ -640,8 +689,10 @@ raxfr_mx(FILE *f, u_char *p, u_char *estart, u_char *e
BOUNDS_CHECK((q + 2), p, rdlen, end);
mxpriority = unpack16(q);
- if (f != NULL)
- fprintf(f, "%u,", ntohs(mxpriority));
+ if (name == NULL) {
+ if (f != NULL)
+ fprintf(f, "%u,", ntohs(mxpriority));
+ }
q += 2;
@@ -659,11 +710,16 @@ raxfr_mx(FILE *f, u_char *p, u_char *estart, u_char *e
return -1;
}
- if (f != NULL) {
- if (*humanname == '\0')
- fprintf(f, ".\n");
- else
- fprintf(f, "%s\n", humanname);
+ if (name == NULL) {
+ if (f != NULL) {
+ if (*humanname == '\0')
+ fprintf(f, ".\n");
+ else
+ fprintf(f, "%s\n", humanname);
+ }
+ } else {
+ fill_mx(db, convert_name(name, namelen), "mx", dnsttl,
+ mxpriority, (*humanname == '\0' ? "." : humanname));
}
free(humanname);
@@ -675,13 +731,13 @@ raxfr_mx(FILE *f, u_char *p, u_char *estart, u_char *e
}
int
-raxfr_ptr(FILE *f, u_char *p, u_char *estart, u_char *end, struct soa *mysoa, u_int16_t rdlen, HMAC_CTX *ctx)
+raxfr_ptr(FILE *f, u_char *p, u_char *estart, u_char *end, struct soa *mysoa, u_int16_t rdlen, HMAC_CTX *ctx, char *name, int namelen, uint32_t dnsttl, ddDB *db)
{
- return (raxfr_ns(f, p, estart, end, mysoa, rdlen, ctx));
+ return (raxfr_ns(f, p, estart, end, mysoa, rdlen, ctx, name, namelen, dnsttl, db));
}
int
-raxfr_nsec3(FILE *f, u_char *p, u_char *estart, u_char *end, struct soa *mysoa, u_int16_t rdlen, HMAC_CTX *ctx)
+raxfr_nsec3(FILE *f, u_char *p, u_char *estart, u_char *end, struct soa *mysoa, u_int16_t rdlen, HMAC_CTX *ctx, char *name, int namelen, uint32_t dnsttl, ddDB *db)
{
struct nsec3 n;
u_int16_t iter;
@@ -721,13 +777,23 @@ raxfr_nsec3(FILE *f, u_char *p, u_char *estart, u_char
bitmap2human(n.bitmap, n.bitmap_len);
- if (f != NULL) {
- fprintf(f, "%u,%u,%u,\"%s\",\"%s\",\"%s\"\n", n.algorithm,
+ if (name == NULL) {
+ if (f != NULL) {
+ fprintf(f, "%u,%u,%u,\"%s\",\"%s\",\"%s\"\n", n.algorithm,
n.flags, n.iterations,
(n.saltlen == 0 ? "-" :
bin2hex(n.salt, n.saltlen)),
base32hex_encode(n.next, n.nextlen),
bitmap2human(n.bitmap, n.bitmap_len));
+ }
+ } else {
+
+ fill_nsec3(db, convert_name(name, namelen), "nsec3", dnsttl,
+ n.algorithm, n.flags, n.iterations,
+ (n.saltlen == 0 ? "-" : bin2hex(n.salt, n.saltlen)),
+ base32hex_encode(n.next, n.nextlen),
+ bitmap2human(n.bitmap, n.bitmap_len));
+
}
if (ctx != NULL)
@@ -737,7 +803,7 @@ raxfr_nsec3(FILE *f, u_char *p, u_char *estart, u_char
}
int
-raxfr_nsec3param(FILE *f, u_char *p, u_char *estart, u_char *end, struct soa *mysoa, u_int16_t rdlen, HMAC_CTX *ctx)
+raxfr_nsec3param(FILE *f, u_char *p, u_char *estart, u_char *end, struct soa *mysoa, u_int16_t rdlen, HMAC_CTX *ctx, char *name, int namelen, uint32_t dnsttl, ddDB *db)
{
struct nsec3param np;
u_int16_t iter;
@@ -760,9 +826,15 @@ raxfr_nsec3param(FILE *f, u_char *p, u_char *estart, u
hex = bin2hex(np.salt, np.saltlen);
- if (f != NULL) {
- fprintf(f, "%u,%u,%u,\"%s\"\n", np.algorithm, np.flags,
- np.iterations,
+ if (name == NULL) {
+ if (f != NULL) {
+ fprintf(f, "%u,%u,%u,\"%s\"\n", np.algorithm, np.flags,
+ np.iterations,
+ (np.saltlen == 0 ? "-" : bin2hex(np.salt, np.saltlen)));
+ }
+ } else {
+ fill_nsec3param(db, convert_name(name, namelen), "nsec3param",
+ dnsttl, np.algorithm, np.flags, np.iterations,
(np.saltlen == 0 ? "-" : bin2hex(np.salt, np.saltlen)));
}
@@ -774,7 +846,7 @@ raxfr_nsec3param(FILE *f, u_char *p, u_char *estart, u
int
-raxfr_txt(FILE *f, u_char *p, u_char *estart, u_char *end, struct soa *mysoa, u_int16_t rdlen, HMAC_CTX *ctx)
+raxfr_txt(FILE *f, u_char *p, u_char *estart, u_char *end, struct soa *mysoa, u_int16_t rdlen, HMAC_CTX *ctx,char *name, int namelen, uint32_t dnsttl, ddDB *db)
{
u_int8_t len;
int i;
@@ -805,7 +877,7 @@ raxfr_txt(FILE *f, u_char *p, u_char *estart, u_char *
}
int
-raxfr_ns(FILE *f, u_char *p, u_char *estart, u_char *end, struct soa *mysoa, u_int16_t rdlen, HMAC_CTX *ctx)
+raxfr_ns(FILE *f, u_char *p, u_char *estart, u_char *end, struct soa *mysoa, u_int16_t rdlen, HMAC_CTX *ctx, char *name, int namelen, uint32_t dnsttl, ddDB *db)
{
char *save, *humanname;
u_char *q = p;
@@ -827,11 +899,16 @@ raxfr_ns(FILE *f, u_char *p, u_char *estart, u_char *e
return -1;
}
- if (f != NULL) {
- if (*humanname == '\0')
- fprintf(f, ".\n");
- else
- fprintf(f, "%s\n", humanname);
+ if (name == NULL) {
+ if (f != NULL) {
+ if (*humanname == '\0')
+ fprintf(f, ".\n");
+ else
+ fprintf(f, "%s\n", humanname);
+ }
+ } else {
+ fill_ns(db, convert_name(name, namelen), "ns", dnsttl,
+ (*humanname == '\0' ? "." : humanname));
}
free(humanname);
@@ -844,14 +921,14 @@ raxfr_ns(FILE *f, u_char *p, u_char *estart, u_char *e
}
int
-raxfr_cname(FILE *f, u_char *p, u_char *estart, u_char *end, struct soa *mysoa, u_int16_t rdlen, HMAC_CTX *ctx)
+raxfr_cname(FILE *f, u_char *p, u_char *estart, u_char *end, struct soa *mysoa, u_int16_t rdlen, HMAC_CTX *ctx, char *name, int namelen, uint32_t dnsttl, ddDB *db)
{
- return (raxfr_ns(f, p, estart, end, mysoa, rdlen, ctx));
+ return (raxfr_ns(f, p, estart, end, mysoa, rdlen, ctx, name, namelen, dnsttl, db));
}
int
-raxfr_aaaa(FILE *f, u_char *p, u_char *estart, u_char *end, struct soa *mysoa, u_int16_t rdlen, HMAC_CTX *ctx)
+raxfr_aaaa(FILE *f, u_char *p, u_char *estart, u_char *end, struct soa *mysoa, u_int16_t rdlen, HMAC_CTX *ctx, char *name, int namelen, uint32_t dnsttl, ddDB *db)
{
char buf[INET6_ADDRSTRLEN];
struct in6_addr ia;
@@ -861,8 +938,13 @@ raxfr_aaaa(FILE *f, u_char *p, u_char *estart, u_char
unpack((char *)&ia, p, sizeof(struct in6_addr));
inet_ntop(AF_INET6, &ia, buf, sizeof(buf));
- if (f != NULL)
- fprintf(f, "%s\n", buf);
+ if (name == NULL) {
+ if (f != NULL)
+ fprintf(f, "%s\n", buf);
+ } else {
+ fill_aaaa(db, convert_name(name, namelen), "aaaa", dnsttl,
+ buf);
+ }
p += sizeof(ia);
@@ -873,7 +955,7 @@ raxfr_aaaa(FILE *f, u_char *p, u_char *estart, u_char
}
int
-raxfr_a(FILE *f, u_char *p, u_char *estart, u_char *end, struct soa *mysoa, u_int16_t rdlen, HMAC_CTX *ctx)
+raxfr_a(FILE *f, u_char *p, u_char *estart, u_char *end, struct soa *mysoa, u_int16_t rdlen, HMAC_CTX *ctx, char *name, int namelen, uint32_t dnsttl, ddDB *db)
{
char buf[INET_ADDRSTRLEN];
struct in_addr ia;
@@ -884,8 +966,12 @@ raxfr_a(FILE *f, u_char *p, u_char *estart, u_char *en
inet_ntop(AF_INET, &ia, buf, sizeof(buf));
- if (f != NULL)
- fprintf(f, "%s\n", buf);
+ if (name == NULL) {
+ if (f != NULL)
+ fprintf(f, "%s\n", buf);
+ } else {
+ fill_a(db, convert_name(name, namelen), "a", dnsttl, buf);
+ }
p += sizeof(ia);
@@ -896,7 +982,7 @@ raxfr_a(FILE *f, u_char *p, u_char *estart, u_char *en
}
int
-raxfr_tlsa(FILE *f, u_char *p, u_char *estart, u_char *end, struct soa *mysoa, u_int16_t rdlen, HMAC_CTX *ctx)
+raxfr_tlsa(FILE *f, u_char *p, u_char *estart, u_char *end, struct soa *mysoa, u_int16_t rdlen, HMAC_CTX *ctx, char *name, int namelen, uint32_t dnsttl, ddDB *db)
{
struct tlsa t;
u_char *q = p;
@@ -919,9 +1005,15 @@ raxfr_tlsa(FILE *f, u_char *p, u_char *estart, u_char
memcpy(&t.data, p, t.datalen);
p += t.datalen;
- if (f != NULL) {
- fprintf(f, "%u,%u,%u,\"%s\"\n", t.usage, t.selector,
- t.matchtype, bin2hex(t.data, t.datalen));
+ if (name == NULL) {
+ if (f != NULL) {
+ fprintf(f, "%u,%u,%u,\"%s\"\n", t.usage, t.selector,
+ t.matchtype, bin2hex(t.data, t.datalen));
+ }
+ } else {
+ fill_tlsa(db, convert_name(name, namelen), "tlsa", dnsttl,
+ t.usage, t.selector, t.matchtype,
+ bin2hex(t.data, t.datalen));
}
if (ctx != NULL)
@@ -931,7 +1023,7 @@ raxfr_tlsa(FILE *f, u_char *p, u_char *estart, u_char
}
int
-raxfr_srv(FILE *f, u_char *p, u_char *estart, u_char *end, struct soa *mysoa, u_int16_t rdlen, HMAC_CTX *ctx)
+raxfr_srv(FILE *f, u_char *p, u_char *estart, u_char *end, struct soa *mysoa, u_int16_t rdlen, HMAC_CTX *ctx, char *name, int namelen, uint32_t dnsttl, ddDB *db)
{
u_int16_t tmp16;
struct srv s;
@@ -968,12 +1060,17 @@ raxfr_srv(FILE *f, u_char *p, u_char *estart, u_char *
return -1;
}
- if (f != NULL) {
- if (*humanname == '\0')
- fprintf(f, "%u,%u,%u,.\n", s.priority, s.weight, s.port);
- else
- fprintf(f, "%u,%u,%u,%s\n", s.priority, s.weight,
- s.port, humanname);
+ if (name == NULL) {
+ if (f != NULL) {
+ if (*humanname == '\0')
+ fprintf(f, "%u,%u,%u,.\n", s.priority, s.weight, s.port);
+ else
+ fprintf(f, "%u,%u,%u,%s\n", s.priority, s.weight,
+ s.port, humanname);
+ }
+ } else {
+ fill_srv(db, convert_name(name, namelen), "srv", dnsttl,
+ s.priority, s.weight, s.port, humanname);
}
free(humanname);
@@ -985,7 +1082,7 @@ raxfr_srv(FILE *f, u_char *p, u_char *estart, u_char *
}
int
-raxfr_naptr(FILE *f, u_char *p, u_char *estart, u_char *end, struct soa *mysoa, u_int16_t rdlen, HMAC_CTX *ctx)
+raxfr_naptr(FILE *f, u_char *p, u_char *estart, u_char *end, struct soa *mysoa, u_int16_t rdlen, HMAC_CTX *ctx, char *name, int namelen, uint32_t dnsttl, ddDB *db)
{
u_int16_t tmp16;
struct naptr n;
@@ -2021,7 +2118,7 @@ get_remote_soa(struct rzone *rzone)
} else {
for (sr = supported; sr->rrtype != 0; sr++) {
if (rrtype == sr->rrtype) {
- if ((len = (*sr->raxfr)(f, p, estart, end, &mysoa, rdlen, (dotsig == 1) ? ctx : NULL)) < 0) {
+ if ((len = (*sr->raxfr)(f, p, estart, end, &mysoa, rdlen, (dotsig == 1) ? ctx : NULL, NULL, 0, 0, NULL)) < 0) {
dolog(LOG_INFO, "error with rrtype %d\n", sr->rrtype);
close(so);
free(reply); free(dupreply);
blob - 050fafddae11f42f3e20be354eccefa3a97935a5
blob + b2a706e6f94b040f539d8656994f92ab29800b9b
--- reply.c
+++ reply.c
@@ -27,7 +27,7 @@
*/
/*
- * $Id: reply.c,v 1.103 2020/07/02 13:38:40 pjp Exp $
+ * $Id: reply.c,v 1.104 2020/07/06 07:17:40 pjp Exp $
*/
#include <sys/types.h>
@@ -42,6 +42,7 @@
#include <string.h>
#include <errno.h>
#include <syslog.h>
+#include <time.h>
#ifdef __linux__
#include <grp.h>
@@ -79,7 +80,7 @@ extern uint16_t unpack16(char *);
extern void unpack(char *, char *, int);
extern int checklabel(ddDB *, struct rbtree *, struct rbtree *, struct question *);
-extern int additional_nsec3(char *, int, int, struct rbtree *, char *, int, int, int *);
+extern int additional_nsec3(char *, int, int, struct rbtree *, char *, int, int, int *, int);
extern int additional_a(char *, int, struct rbtree *, char *, int, int, int *);
extern int additional_aaaa(char *, int, struct rbtree *, char *, int, int, int *);
extern int additional_mx(char *, int, struct rbtree *, char *, int, int, int *);
@@ -87,8 +88,8 @@ extern int additional_ds(char *, int, struct rbtree
extern int additional_ptr(char *, int, struct rbtree *, char *, int, int, int *);
extern int additional_opt(struct question *, char *, int, int);
extern int additional_tsig(struct question *, char *, int, int, int, int, HMAC_CTX *);
-extern int additional_rrsig(char *, int, int, struct rbtree *, char *, int, int, int *);
-extern int additional_nsec(char *, int, int, struct rbtree *, char *, int, int);
+extern int additional_rrsig(char *, int, int, struct rbtree *, char *, int, int, int *, int);
+extern int additional_nsec(char *, int, int, struct rbtree *, char *, int, int, int);
extern struct question *build_fake_question(char *, int, u_int16_t, char *, int);
extern int compress_label(u_char *, int, int);
extern void dolog(int, char *, ...);
@@ -191,7 +192,10 @@ reply_a(struct sreply *sreply, ddDB *db)
int replysize = 512;
int retlen = -1;
u_int16_t rollback;
+ time_t now;
+ now = time(NULL);
+
if ((rrset = find_rr(rbt, DNS_TYPE_A)) == 0)
return -1;
@@ -217,10 +221,15 @@ reply_a(struct sreply *sreply, ddDB *db)
rollback = outlen;
SET_DNS_REPLY(odh);
- SET_DNS_AUTHORITATIVE(odh);
+ if (q->aa)
+ SET_DNS_AUTHORITATIVE(odh);
+
if (q->rd) {
SET_DNS_RECURSION(odh);
+
+ if (! q->aa)
+ SET_DNS_RECURSION_AVAIL(odh);
}
HTONS(odh->query);
@@ -245,8 +254,12 @@ reply_a(struct sreply *sreply, ddDB *db)
answer->name[1] = 0x0c; /* 2 bytes */
answer->type = q->hdr->qtype; /* 4 bytes */
answer->class = q->hdr->qclass; /* 6 bytes */
- answer->ttl = htonl(rrset->ttl); /* 10 b */
+ if (q->aa)
+ answer->ttl = htonl(rrset->ttl); /* 10 b */
+ else
+ answer->ttl = htonl(rrset->ttl - (MIN(rrset->ttl, difftime(now, rrset->created))));
+
answer->rdlength = htons(sizeof(in_addr_t)); /* 12 bytes */
memcpy((char *)&answer->rdata,
@@ -281,7 +294,7 @@ reply_a(struct sreply *sreply, ddDB *db)
int origlen = outlen;
int retcount;
- tmplen = additional_rrsig(q->hdr->name, q->hdr->namelen, DNS_TYPE_A, rbt, reply, replysize, outlen, &retcount);
+ tmplen = additional_rrsig(q->hdr->name, q->hdr->namelen, DNS_TYPE_A, rbt, reply, replysize, outlen, &retcount, q->aa);
if (tmplen == 0) {
NTOHS(odh->query);
@@ -388,7 +401,11 @@ reply_nsec3param(struct sreply *sreply, ddDB *db)
int retlen = -1;
u_int16_t rollback;
int saltlen;
+
+ time_t now;
+ now = time(NULL);
+
if ((rrset = find_rr(rbt, DNS_TYPE_NSEC3PARAM)) == 0)
return -1;
@@ -414,10 +431,15 @@ reply_nsec3param(struct sreply *sreply, ddDB *db)
rollback = outlen;
SET_DNS_REPLY(odh);
- SET_DNS_AUTHORITATIVE(odh);
+ if (q->aa)
+ SET_DNS_AUTHORITATIVE(odh);
+
if (q->rd) {
SET_DNS_RECURSION(odh);
+
+ if (! q->aa)
+ SET_DNS_RECURSION_AVAIL(odh);
}
HTONS(odh->query);
@@ -460,8 +482,12 @@ reply_nsec3param(struct sreply *sreply, ddDB *db)
answer->name[1] = 0x0c; /* 2 bytes */
answer->type = q->hdr->qtype; /* 4 bytes */
answer->class = q->hdr->qclass; /* 6 bytes */
- answer->ttl = htonl(rrset->ttl);
+ if (q->aa)
+ answer->ttl = htonl(rrset->ttl);
+ else
+ answer->ttl = htonl(rrset->ttl - (MIN(rrset->ttl, difftime(now, rrset->created))));
+
answer->rdlength = htons(((struct nsec3param *)rrp->rdata)->saltlen + 5); /* 5 = rest */
answer->algorithm = ((struct nsec3param *)rrp->rdata)->algorithm;
@@ -490,7 +516,7 @@ reply_nsec3param(struct sreply *sreply, ddDB *db)
int origlen = outlen;
int retcount;
- tmplen = additional_rrsig(q->hdr->name, q->hdr->namelen, DNS_TYPE_NSEC3PARAM, rbt, reply, replysize, outlen, &retcount);
+ tmplen = additional_rrsig(q->hdr->name, q->hdr->namelen, DNS_TYPE_NSEC3PARAM, rbt, reply, replysize, outlen, &retcount, q->aa);
if (tmplen == 0) {
NTOHS(odh->query);
@@ -593,6 +619,10 @@ reply_nsec3(struct sreply *sreply, ddDB *db)
u_int8_t *somelen;
int bitmaplen, saltlen, nextlen;
+ time_t now;
+
+ now = time(NULL);
+
if ((rrset = find_rr(rbt, DNS_TYPE_A)) == 0)
return -1;
@@ -624,10 +654,15 @@ reply_nsec3(struct sreply *sreply, ddDB *db)
rollback = outlen;
SET_DNS_REPLY(odh);
- SET_DNS_AUTHORITATIVE(odh);
+ if (q->aa)
+ SET_DNS_AUTHORITATIVE(odh);
+
if (q->rd) {
SET_DNS_RECURSION(odh);
+
+ if (! q->aa)
+ SET_DNS_RECURSION_AVAIL(odh);
}
HTONS(odh->query);
@@ -671,7 +706,11 @@ reply_nsec3(struct sreply *sreply, ddDB *db)
answer->name[1] = 0x0c; /* 2 bytes */
answer->type = q->hdr->qtype; /* 4 bytes */
answer->class = q->hdr->qclass; /* 6 bytes */
- answer->ttl = htonl(rrset->ttl); /* 10 b */
+
+ if (q->aa)
+ answer->ttl = htonl(rrset->ttl); /* 10 b */
+ else
+ answer->ttl = htonl(rrset->ttl - (MIN(rrset->ttl, difftime(now, rrset->created))));
answer->rdlength = htons(nextlen + bitmaplen + saltlen + 6); /* 6 = rest */
@@ -713,7 +752,7 @@ reply_nsec3(struct sreply *sreply, ddDB *db)
int origlen = outlen;
int retcount;
- tmplen = additional_rrsig(q->hdr->name, q->hdr->namelen, DNS_TYPE_NSEC3, rbt, reply, replysize, outlen, &retcount);
+ tmplen = additional_rrsig(q->hdr->name, q->hdr->namelen, DNS_TYPE_NSEC3, rbt, reply, replysize, outlen, &retcount, q->aa);
if (tmplen == 0) {
NTOHS(odh->query);
@@ -808,7 +847,10 @@ reply_nsec(struct sreply *sreply, ddDB *db)
int retlen = -1;
u_int16_t rollback;
int ndnlen, bitmaplen;
+ time_t now;
+ now = time(NULL);
+
if ((rrset = find_rr(rbt, DNS_TYPE_A)) == 0)
return -1;
@@ -834,10 +876,15 @@ reply_nsec(struct sreply *sreply, ddDB *db)
rollback = outlen;
SET_DNS_REPLY(odh);
- SET_DNS_AUTHORITATIVE(odh);
+ if (q->aa)
+ SET_DNS_AUTHORITATIVE(odh);
+
if (q->rd) {
SET_DNS_RECURSION(odh);
+
+ if (! q->aa)
+ SET_DNS_RECURSION_AVAIL(odh);
}
HTONS(odh->query);
@@ -879,8 +926,12 @@ reply_nsec(struct sreply *sreply, ddDB *db)
answer->name[1] = 0x0c; /* 2 bytes */
answer->type = q->hdr->qtype; /* 4 bytes */
answer->class = q->hdr->qclass; /* 6 bytes */
- answer->ttl = htonl(rrset->ttl); /* 10 b */
+ if (q->aa)
+ answer->ttl = htonl(rrset->ttl); /* 10 b */
+ else
+ answer->ttl = htonl(rrset->ttl - (MIN(rrset->ttl, difftime(now, rrset->created))));
+
answer->rdlength = htons(ndnlen + bitmaplen);
outlen += sizeof(struct answer);
@@ -905,7 +956,7 @@ reply_nsec(struct sreply *sreply, ddDB *db)
int origlen = outlen;
int retcount;
- tmplen = additional_rrsig(q->hdr->name, q->hdr->namelen, DNS_TYPE_NSEC, rbt, reply, replysize, outlen, &retcount);
+ tmplen = additional_rrsig(q->hdr->name, q->hdr->namelen, DNS_TYPE_NSEC, rbt, reply, replysize, outlen, &retcount, q->aa);
if (tmplen == 0) {
NTOHS(odh->query);
@@ -1004,7 +1055,10 @@ reply_ds(struct sreply *sreply, ddDB *db)
int replysize = 512;
int retlen = -1;
u_int16_t rollback;
+ time_t now;
+ now = time(NULL);
+
if ((rrset = find_rr(rbt, DNS_TYPE_DS)) == 0)
return -1;
@@ -1030,10 +1084,15 @@ reply_ds(struct sreply *sreply, ddDB *db)
rollback = outlen;
SET_DNS_REPLY(odh);
- SET_DNS_AUTHORITATIVE(odh);
+ if (q->aa)
+ SET_DNS_AUTHORITATIVE(odh);
+
if (q->rd) {
SET_DNS_RECURSION(odh);
+
+ if (! q->aa)
+ SET_DNS_RECURSION_AVAIL(odh);
}
HTONS(odh->query);
@@ -1069,8 +1128,13 @@ reply_ds(struct sreply *sreply, ddDB *db)
answer->name[1] = 0x0c; /* 2 bytes */
answer->type = q->hdr->qtype; /* 4 bytes */
answer->class = q->hdr->qclass; /* 6 bytes */
- answer->ttl = htonl(rrset->ttl); /* 10 */
+ if (q->aa)
+ answer->ttl = htonl(rrset->ttl); /* 10 */
+ else
+ answer->ttl = htonl(rrset->ttl - (MIN(rrset->ttl, difftime(now, rrset->created))));
+
+
answer->rdlength = htons(((struct ds *)rrp->rdata)->digestlen + 4); /* 12 bytes */
answer->key_tag = htons(((struct ds *)rrp->rdata)->key_tag);
@@ -1097,7 +1161,7 @@ reply_ds(struct sreply *sreply, ddDB *db)
int origlen = outlen;
int retcount;
- tmplen = additional_rrsig(q->hdr->name, q->hdr->namelen, DNS_TYPE_DS, rbt, reply, replysize, outlen, &retcount);
+ tmplen = additional_rrsig(q->hdr->name, q->hdr->namelen, DNS_TYPE_DS, rbt, reply, replysize, outlen, &retcount, q->aa);
if (tmplen == 0) {
NTOHS(odh->query);
@@ -1200,7 +1264,10 @@ reply_dnskey(struct sreply *sreply, ddDB *db)
int retlen = -1;
int rrsig_count = 0;
u_int16_t rollback;
+ time_t now;
+ now = time(NULL);
+
if ((rrset = find_rr(rbt, DNS_TYPE_DNSKEY)) == 0)
return -1;
@@ -1226,10 +1293,15 @@ reply_dnskey(struct sreply *sreply, ddDB *db)
rollback = outlen;
SET_DNS_REPLY(odh);
- SET_DNS_AUTHORITATIVE(odh);
+ if (q->aa)
+ SET_DNS_AUTHORITATIVE(odh);
+
if (q->rd) {
SET_DNS_RECURSION(odh);
+
+ if (! q->aa)
+ SET_DNS_RECURSION_AVAIL(odh);
}
HTONS(odh->query);
@@ -1266,8 +1338,12 @@ reply_dnskey(struct sreply *sreply, ddDB *db)
answer->name[1] = 0x0c; /* 2 bytes */
answer->type = q->hdr->qtype; /* 4 bytes */
answer->class = q->hdr->qclass; /* 6 bytes */
- answer->ttl = htonl(rrset->ttl);
+ if (q->aa)
+ answer->ttl = htonl(rrset->ttl);
+ else
+ answer->ttl = htonl(rrset->ttl - (MIN(rrset->ttl, difftime(now, rrset->created))));
+
answer->rdlength = htons(((struct dnskey *)rrp->rdata)->publickey_len + 4); /* 12 bytes */
answer->flags = htons(((struct dnskey *)rrp->rdata)->flags);
@@ -1293,7 +1369,7 @@ reply_dnskey(struct sreply *sreply, ddDB *db)
int tmplen = 0;
int origlen = outlen;
- tmplen = additional_rrsig(q->hdr->name, q->hdr->namelen, DNS_TYPE_DNSKEY, rbt, reply, replysize, outlen, &rrsig_count);
+ tmplen = additional_rrsig(q->hdr->name, q->hdr->namelen, DNS_TYPE_DNSKEY, rbt, reply, replysize, outlen, &rrsig_count, q->aa);
if (tmplen == 0) {
NTOHS(odh->query);
@@ -1412,10 +1488,15 @@ reply_rrsig(struct sreply *sreply, ddDB *db)
rollback = outlen;
SET_DNS_REPLY(odh);
- SET_DNS_AUTHORITATIVE(odh);
+ if (q->aa)
+ SET_DNS_AUTHORITATIVE(odh);
+
if (q->rd) {
SET_DNS_RECURSION(odh);
+
+ if (! q->aa)
+ SET_DNS_RECURSION_AVAIL(odh);
}
HTONS(odh->query);
@@ -1424,7 +1505,7 @@ reply_rrsig(struct sreply *sreply, ddDB *db)
odh->nsrr = 0;
odh->additional = 0;
- tmplen = additional_rrsig(q->hdr->name, q->hdr->namelen, -1, rbt, reply, replysize, outlen, &a_count);
+ tmplen = additional_rrsig(q->hdr->name, q->hdr->namelen, -1, rbt, reply, replysize, outlen, &a_count, q->aa);
if (tmplen == 0) {
NTOHS(odh->query);
SET_DNS_TRUNCATION(odh);
@@ -1516,7 +1597,10 @@ reply_aaaa(struct sreply *sreply, ddDB *db)
int replysize = 512;
int retlen = -1;
u_int16_t rollback;
+ time_t now;
+ now = time(NULL);
+
if ((rrset = find_rr(rbt, DNS_TYPE_AAAA)) == 0)
return -1;
@@ -1543,10 +1627,15 @@ reply_aaaa(struct sreply *sreply, ddDB *db)
rollback = outlen;
SET_DNS_REPLY(odh);
- SET_DNS_AUTHORITATIVE(odh);
+
+ if (q->aa)
+ SET_DNS_AUTHORITATIVE(odh);
if (q->rd) {
SET_DNS_RECURSION(odh);
+
+ if (! q->aa)
+ SET_DNS_RECURSION_AVAIL(odh);
}
HTONS(odh->query);
@@ -1568,7 +1657,11 @@ reply_aaaa(struct sreply *sreply, ddDB *db)
answer->name[1] = 0x0c;
answer->type = q->hdr->qtype;
answer->class = q->hdr->qclass;
- answer->ttl = htonl(rrset->ttl);
+
+ if (q->aa)
+ answer->ttl = htonl(rrset->ttl);
+ else
+ answer->ttl = htonl(rrset->ttl - (MIN(rrset->ttl, difftime(now, rrset->created))));
answer->rdlength = htons(sizeof(struct in6_addr));
@@ -1589,7 +1682,7 @@ reply_aaaa(struct sreply *sreply, ddDB *db)
int origlen = outlen;
int retcount;
- tmplen = additional_rrsig(q->hdr->name, q->hdr->namelen, DNS_TYPE_AAAA, rbt, reply, replysize, outlen, &retcount);
+ tmplen = additional_rrsig(q->hdr->name, q->hdr->namelen, DNS_TYPE_AAAA, rbt, reply, replysize, outlen, &retcount, q->aa);
if (tmplen == 0) {
NTOHS(odh->query);
@@ -1692,6 +1785,7 @@ reply_mx(struct sreply *sreply, ddDB *db)
int replysize = 512;
int retlen = -1;
u_int16_t rollback;
+ time_t now;
int addiscount;
@@ -1705,6 +1799,8 @@ reply_mx(struct sreply *sreply, ddDB *db)
SLIST_INIT(&addishead);
/* check for apex, delegations */
+
+ now = time(NULL);
if ((rrset = find_rr(rbt, DNS_TYPE_MX)) == 0)
return -1;
@@ -1732,10 +1828,15 @@ reply_mx(struct sreply *sreply, ddDB *db)
rollback = outlen;
SET_DNS_REPLY(odh);
- SET_DNS_AUTHORITATIVE(odh);
+
+ if (q->aa)
+ SET_DNS_AUTHORITATIVE(odh);
if (q->rd) {
SET_DNS_RECURSION(odh);
+
+ if (! q->aa)
+ SET_DNS_RECURSION_AVAIL(odh);
}
HTONS(odh->query);
@@ -1756,7 +1857,11 @@ reply_mx(struct sreply *sreply, ddDB *db)
answer->name[1] = 0x0c;
answer->type = q->hdr->qtype;
answer->class = q->hdr->qclass;
- answer->ttl = htonl(rrset->ttl);
+
+ if (q->aa)
+ answer->ttl = htonl(rrset->ttl);
+ else
+ answer->ttl = htonl(rrset->ttl - (MIN(rrset->ttl, difftime(now, rrset->created))));
answer->rdlength = htons(sizeof(u_int16_t) + ((struct smx *)rrp->rdata)->exchangelen);
@@ -1809,7 +1914,7 @@ reply_mx(struct sreply *sreply, ddDB *db)
int origlen = outlen;
int retcount;
- tmplen = additional_rrsig(q->hdr->name, q->hdr->namelen, DNS_TYPE_MX, rbt, reply, replysize, outlen, &retcount);
+ tmplen = additional_rrsig(q->hdr->name, q->hdr->namelen, DNS_TYPE_MX, rbt, reply, replysize, outlen, &retcount, q->aa);
if (tmplen == 0) {
NTOHS(odh->query);
@@ -1859,7 +1964,7 @@ reply_mx(struct sreply *sreply, ddDB *db)
if (dnssec && q->dnssecok && (rbt0->flags & RBT_DNSSEC)) {
int retcount;
- tmplen = additional_rrsig(ad0->name, ad0->namelen, DNS_TYPE_AAAA, rbt0, reply, replysize, outlen, &retcount);
+ tmplen = additional_rrsig(ad0->name, ad0->namelen, DNS_TYPE_AAAA, rbt0, reply, replysize, outlen, &retcount, q->aa);
if (tmplen == 0) {
NTOHS(odh->query);
@@ -1910,7 +2015,7 @@ reply_mx(struct sreply *sreply, ddDB *db)
if (dnssec && q->dnssecok && (rbt0->flags & RBT_DNSSEC)) {
int retcount;
- tmplen = additional_rrsig(ad0->name, ad0->namelen, DNS_TYPE_A, rbt0, reply, replysize, outlen, &retcount);
+ tmplen = additional_rrsig(ad0->name, ad0->namelen, DNS_TYPE_A, rbt0, reply, replysize, outlen, &retcount, q->aa);
if (tmplen == 0) {
NTOHS(odh->query);
@@ -2029,6 +2134,7 @@ reply_ns(struct sreply *sreply, ddDB *db)
int delegation, addiscount;
int addcount = 0;
int retcount;
+ time_t now;
SLIST_HEAD(, addis) addishead;
struct addis {
@@ -2039,6 +2145,9 @@ reply_ns(struct sreply *sreply, ddDB *db)
SLIST_INIT(&addishead);
/* check for apex, delegations */
+
+ now = time(NULL);
+
rbt1 = get_ns(db, rbt, &delegation);
if ((rrset = find_rr(rbt, DNS_TYPE_NS)) == NULL) {
@@ -2071,11 +2180,14 @@ reply_ns(struct sreply *sreply, ddDB *db)
SET_DNS_REPLY(odh);
- if (! delegation)
+ if (! delegation && q->aa)
SET_DNS_AUTHORITATIVE(odh);
if (q->rd) {
SET_DNS_RECURSION(odh);
+
+ if (! q->aa)
+ SET_DNS_RECURSION_AVAIL(odh);
}
HTONS(odh->query);
@@ -2093,8 +2205,12 @@ reply_ns(struct sreply *sreply, ddDB *db)
answer = (struct answer *)(&reply[outlen] + rbt1->zonelen);
answer->type = htons(DNS_TYPE_NS);
answer->class = q->hdr->qclass;
- answer->ttl = htonl(rrset->ttl);
+ if (q->aa)
+ answer->ttl = htonl(rrset->ttl);
+ else
+ answer->ttl = htonl(rrset->ttl - (MIN(rrset->ttl, difftime(now, rrset->created))));
+
name = ((struct ns *)rrp->rdata)->nsserver;
namelen = ((struct ns *)rrp->rdata)->nslen;
ns_type = ((struct ns *)rrp->rdata)->ns_type;
@@ -2140,7 +2256,7 @@ reply_ns(struct sreply *sreply, ddDB *db)
int origlen = outlen;
int retcount;
- tmplen = additional_rrsig(rbt1->zone, rbt1->zonelen, DNS_TYPE_NS, rbt1, reply, replysize, outlen, &retcount);
+ tmplen = additional_rrsig(rbt1->zone, rbt1->zonelen, DNS_TYPE_NS, rbt1, reply, replysize, outlen, &retcount, q->aa);
if (tmplen == 0) {
NTOHS(odh->query);
@@ -2170,7 +2286,7 @@ reply_ns(struct sreply *sreply, ddDB *db)
odh->nsrr += addcount;
HTONS(odh->nsrr);
- tmplen = additional_rrsig(rbt1->zone, rbt1->zonelen, DNS_TYPE_DS, rbt1, reply, replysize, outlen, &retcount);
+ tmplen = additional_rrsig(rbt1->zone, rbt1->zonelen, DNS_TYPE_DS, rbt1, reply, replysize, outlen, &retcount, q->aa);
if (tmplen == 0) {
NTOHS(odh->query);
@@ -2198,7 +2314,7 @@ reply_ns(struct sreply *sreply, ddDB *db)
nrbt = find_nsec3_match_qname(rbt1->zone, rbt1->zonelen, rbt0, db);
if (nrbt != NULL) {
- tmplen = additional_nsec3(nrbt->zone, nrbt->zonelen, DNS_TYPE_NSEC3, nrbt, reply, replysize, outlen, &retcount);
+ tmplen = additional_nsec3(nrbt->zone, nrbt->zonelen, DNS_TYPE_NSEC3, nrbt, reply, replysize, outlen, &retcount, q->aa);
if (tmplen == 0) {
NTOHS(odh->query);
@@ -2254,7 +2370,7 @@ reply_ns(struct sreply *sreply, ddDB *db)
/* additional RRSIG for the additional AAAA */
if (dnssec && q->dnssecok && (rbt0->flags & RBT_DNSSEC)) {
- tmplen = additional_rrsig(ad0->name, ad0->namelen, DNS_TYPE_AAAA, rbt0, reply, replysize, outlen, &retcount);
+ tmplen = additional_rrsig(ad0->name, ad0->namelen, DNS_TYPE_AAAA, rbt0, reply, replysize, outlen, &retcount, q->aa);
if (tmplen == 0) {
NTOHS(odh->query);
@@ -2305,7 +2421,7 @@ reply_ns(struct sreply *sreply, ddDB *db)
if (dnssec && q->dnssecok && (rbt0->flags & RBT_DNSSEC)) {
int retcount;
- tmplen = additional_rrsig(ad0->name, ad0->namelen, DNS_TYPE_A, rbt0, reply, replysize, outlen, &retcount);
+ tmplen = additional_rrsig(ad0->name, ad0->namelen, DNS_TYPE_A, rbt0, reply, replysize, outlen, &retcount, q->aa);
if (tmplen == 0) {
NTOHS(odh->query);
@@ -2426,7 +2542,10 @@ reply_cname(struct sreply *sreply, ddDB *db)
int replysize = 512;
int retlen = -1;
u_int16_t rollback;
+ time_t now;
+ now = time(NULL);
+
if ((rrset = find_rr(rbt, DNS_TYPE_CNAME)) == 0)
return -1;
@@ -2454,10 +2573,15 @@ reply_cname(struct sreply *sreply, ddDB *db)
rollback = outlen;
SET_DNS_REPLY(odh);
- SET_DNS_AUTHORITATIVE(odh);
+ if (q->aa)
+ SET_DNS_AUTHORITATIVE(odh);
+
if (q->rd) {
SET_DNS_RECURSION(odh);
+
+ if (! q->aa)
+ SET_DNS_RECURSION_AVAIL(odh);
}
HTONS(odh->query);
@@ -2478,8 +2602,12 @@ reply_cname(struct sreply *sreply, ddDB *db)
answer->name[1] = 0x0c;
answer->type = htons(DNS_TYPE_CNAME);
answer->class = q->hdr->qclass;
- answer->ttl = htonl(rrset->ttl);
+ if (q->aa)
+ answer->ttl = htonl(rrset->ttl);
+ else
+ answer->ttl = htonl(rrset->ttl - (MIN(rrset->ttl, difftime(now, rrset->created))));
+
outlen += 12; /* up to rdata length */
p = (char *)&answer->rdata;
@@ -2513,7 +2641,7 @@ reply_cname(struct sreply *sreply, ddDB *db)
if (dnssec && q->dnssecok && (rbt->flags & RBT_DNSSEC)) {
int retcount;
- tmplen = additional_rrsig(q->hdr->name, q->hdr->namelen, DNS_TYPE_CNAME, rbt, reply, replysize, outlen, &retcount);
+ tmplen = additional_rrsig(q->hdr->name, q->hdr->namelen, DNS_TYPE_CNAME, rbt, reply, replysize, outlen, &retcount, q->aa);
if (tmplen == 0) {
NTOHS(odh->query);
@@ -2546,7 +2674,7 @@ reply_cname(struct sreply *sreply, ddDB *db)
if (dnssec && q->dnssecok && (rbt1->flags & RBT_DNSSEC)) {
int retcount;
- tmplen = additional_rrsig(((struct cname *)rrp->rdata)->cname, ((struct cname *)rrp->rdata)->cnamelen, DNS_TYPE_A, rbt1, reply, replysize, outlen, &retcount);
+ tmplen = additional_rrsig(((struct cname *)rrp->rdata)->cname, ((struct cname *)rrp->rdata)->cnamelen, DNS_TYPE_A, rbt1, reply, replysize, outlen, &retcount, q->aa);
if (tmplen == 0) {
NTOHS(odh->query);
@@ -2578,7 +2706,7 @@ reply_cname(struct sreply *sreply, ddDB *db)
if (dnssec && q->dnssecok && (rbt1->flags & RBT_DNSSEC)) {
int retcount;
- tmplen = additional_rrsig(((struct cname *)rrp->rdata)->cname, ((struct cname *)rrp->rdata)->cnamelen, DNS_TYPE_AAAA, rbt1, reply, replysize, outlen, &retcount);
+ tmplen = additional_rrsig(((struct cname *)rrp->rdata)->cname, ((struct cname *)rrp->rdata)->cnamelen, DNS_TYPE_AAAA, rbt1, reply, replysize, outlen, &retcount, q->aa);
if (tmplen == 0) {
NTOHS(odh->query);
@@ -2610,7 +2738,7 @@ reply_cname(struct sreply *sreply, ddDB *db)
if (dnssec && q->dnssecok && (rbt1->flags & RBT_DNSSEC)) {
int retcount;
- tmplen = additional_rrsig(((struct cname *)rrp->rdata)->cname, ((struct cname *)rrp->rdata)->cnamelen, DNS_TYPE_MX, rbt1, reply, replysize, outlen, &retcount);
+ tmplen = additional_rrsig(((struct cname *)rrp->rdata)->cname, ((struct cname *)rrp->rdata)->cnamelen, DNS_TYPE_MX, rbt1, reply, replysize, outlen, &retcount, q->aa);
if (tmplen == 0) {
NTOHS(odh->query);
@@ -2642,7 +2770,7 @@ reply_cname(struct sreply *sreply, ddDB *db)
if (dnssec && q->dnssecok && (rbt1->flags & RBT_DNSSEC)) {
int retcount;
- tmplen = additional_rrsig(((struct cname *)rrp->rdata)->cname, ((struct cname *)rrp->rdata)->cnamelen, DNS_TYPE_PTR, rbt1, reply, replysize, outlen, &retcount);
+ tmplen = additional_rrsig(((struct cname *)rrp->rdata)->cname, ((struct cname *)rrp->rdata)->cnamelen, DNS_TYPE_PTR, rbt1, reply, replysize, outlen, &retcount, q->aa);
if (tmplen == 0) {
NTOHS(odh->query);
@@ -2744,7 +2872,9 @@ reply_ptr(struct sreply *sreply, ddDB *db)
int replysize = 512;
int retlen = -1;
u_int16_t rollback;
+ time_t now;
+ now = time(NULL);
if ((rrset = find_rr(rbt, DNS_TYPE_PTR)) == 0)
return -1;
@@ -2776,10 +2906,15 @@ reply_ptr(struct sreply *sreply, ddDB *db)
rollback = outlen;
SET_DNS_REPLY(odh);
- SET_DNS_AUTHORITATIVE(odh);
+
+ if (q->aa)
+ SET_DNS_AUTHORITATIVE(odh);
if (q->rd) {
SET_DNS_RECURSION(odh);
+
+ if (! q->aa)
+ SET_DNS_RECURSION_AVAIL(odh);
}
@@ -2797,7 +2932,11 @@ reply_ptr(struct sreply *sreply, ddDB *db)
answer->name[1] = 0x0c;
answer->type = q->hdr->qtype;
answer->class = q->hdr->qclass;
- answer->ttl = htonl(rrset->ttl);
+
+ if (q->aa)
+ answer->ttl = htonl(rrset->ttl);
+ else
+ answer->ttl = htonl(rrset->ttl - (MIN(rrset->ttl, difftime(now, rrset->created))));
outlen += 12; /* up to rdata length */
@@ -2832,7 +2971,7 @@ reply_ptr(struct sreply *sreply, ddDB *db)
if (dnssec && q->dnssecok && (rbt->flags & RBT_DNSSEC)) {
int retcount;
- tmplen = additional_rrsig(q->hdr->name, q->hdr->namelen, DNS_TYPE_PTR, rbt, reply, replysize, outlen, &retcount);
+ tmplen = additional_rrsig(q->hdr->name, q->hdr->namelen, DNS_TYPE_PTR, rbt, reply, replysize, outlen, &retcount, q->aa);
if (tmplen == 0) {
NTOHS(odh->query);
@@ -2934,7 +3073,10 @@ reply_soa(struct sreply *sreply, ddDB *db)
int replysize = 512;
int retlen = -1;
u_int16_t rollback;
+ time_t now;
+ now = time(NULL);
+
if ((rrset = find_rr(rbt, DNS_TYPE_SOA)) == 0)
return -1;
@@ -2963,10 +3105,15 @@ reply_soa(struct sreply *sreply, ddDB *db)
rollback = outlen;
SET_DNS_REPLY(odh);
- SET_DNS_AUTHORITATIVE(odh);
+
+ if (q->aa)
+ SET_DNS_AUTHORITATIVE(odh);
if (q->rd) {
SET_DNS_RECURSION(odh);
+
+ if (! q->aa)
+ SET_DNS_RECURSION_AVAIL(odh);
}
NTOHS(odh->query);
@@ -2987,8 +3134,12 @@ reply_soa(struct sreply *sreply, ddDB *db)
answer->name[1] = 0x0c;
answer->type = q->hdr->qtype;
answer->class = q->hdr->qclass;
- answer->ttl = htonl(rrset->ttl);
+ if (q->aa)
+ answer->ttl = htonl(rrset->ttl);
+ else
+ answer->ttl = htonl(rrset->ttl - (MIN(rrset->ttl, difftime(now, rrset->created))));
+
outlen += 12; /* up to rdata length */
p = (char *)&answer->rdata;
@@ -3080,7 +3231,7 @@ reply_soa(struct sreply *sreply, ddDB *db)
int origlen = outlen;
int retcount;
- tmplen = additional_rrsig(q->hdr->name, q->hdr->namelen, DNS_TYPE_SOA, rbt, reply, replysize, outlen, &retcount);
+ tmplen = additional_rrsig(q->hdr->name, q->hdr->namelen, DNS_TYPE_SOA, rbt, reply, replysize, outlen, &retcount, q->aa);
if (tmplen == 0) {
NTOHS(odh->query);
@@ -3183,7 +3334,10 @@ reply_txt(struct sreply *sreply, ddDB *db)
int retlen = -1;
u_int16_t rollback;
int txt_count = 0;
+ time_t now;
+ now = time(NULL);
+
if ((rrset = find_rr(rbt, DNS_TYPE_TXT)) == 0)
return -1;
@@ -3212,10 +3366,15 @@ reply_txt(struct sreply *sreply, ddDB *db)
rollback = outlen;
SET_DNS_REPLY(odh);
- SET_DNS_AUTHORITATIVE(odh);
+
+ if (q->aa)
+ SET_DNS_AUTHORITATIVE(odh);
if (q->rd) {
SET_DNS_RECURSION(odh);
+
+ if (! q->aa)
+ SET_DNS_RECURSION_AVAIL(odh);
}
HTONS(odh->query);
@@ -3239,8 +3398,12 @@ reply_txt(struct sreply *sreply, ddDB *db)
answer->name[1] = 0x0c; /* 2 bytes */
answer->type = q->hdr->qtype; /* 4 bytes */
answer->class = q->hdr->qclass; /* 6 bytes */
- answer->ttl = htonl(rrset->ttl); /* 10 b */
+ if (q->aa)
+ answer->ttl = htonl(rrset->ttl); /* 10 b */
+ else
+ answer->ttl = htonl(rrset->ttl - (MIN(rrset->ttl, difftime(now, rrset->created))));
+
/* 12 bytes */
answer->rdlength = htons(((struct txt *)rrp->rdata)->txtlen);
outlen += 12;
@@ -3277,7 +3440,7 @@ reply_txt(struct sreply *sreply, ddDB *db)
int origlen = outlen;
int retcount;
- tmplen = additional_rrsig(q->hdr->name, q->hdr->namelen, DNS_TYPE_TXT, rbt, reply, replysize, outlen, &retcount);
+ tmplen = additional_rrsig(q->hdr->name, q->hdr->namelen, DNS_TYPE_TXT, rbt, reply, replysize, outlen, &retcount, q->aa);
if (tmplen == 0) {
NTOHS(odh->query);
@@ -3404,10 +3567,15 @@ reply_version(struct sreply *sreply, ddDB *db)
rollback = outlen;
SET_DNS_REPLY(odh);
- SET_DNS_AUTHORITATIVE(odh);
+
+ if (q->aa)
+ SET_DNS_AUTHORITATIVE(odh);
if (q->rd) {
SET_DNS_RECURSION(odh);
+
+ if (! q->aa)
+ SET_DNS_RECURSION_AVAIL(odh);
}
HTONS(odh->query);
@@ -3510,7 +3678,10 @@ reply_tlsa(struct sreply *sreply, ddDB *db)
int replysize = 512;
int retlen = -1;
u_int16_t rollback;
+ time_t now;
+ now = time(NULL);
+
if ((rrset = find_rr(rbt, DNS_TYPE_TLSA)) == 0)
return -1;
@@ -3537,10 +3708,15 @@ reply_tlsa(struct sreply *sreply, ddDB *db)
rollback = outlen;
SET_DNS_REPLY(odh);
- SET_DNS_AUTHORITATIVE(odh);
+
+ if (q->aa)
+ SET_DNS_AUTHORITATIVE(odh);
if (q->rd) {
SET_DNS_RECURSION(odh);
+
+ if (! q->aa)
+ SET_DNS_RECURSION_AVAIL(odh);
}
HTONS(odh->query);
@@ -3560,8 +3736,12 @@ reply_tlsa(struct sreply *sreply, ddDB *db)
answer->name[1] = 0x0c;
answer->type = q->hdr->qtype;
answer->class = q->hdr->qclass;
- answer->ttl = htonl(rrset->ttl);
+ if (q->aa)
+ answer->ttl = htonl(rrset->ttl);
+ else
+ answer->ttl = htonl(rrset->ttl - (MIN(rrset->ttl, difftime(now, rrset->created))));
+
switch (((struct tlsa *)rrp->rdata)->matchtype) {
case 1:
typelen = DNS_TLSA_SIZE_SHA256;
@@ -3595,7 +3775,7 @@ reply_tlsa(struct sreply *sreply, ddDB *db)
int origlen = outlen;
int retcount;
- tmplen = additional_rrsig(q->hdr->name, q->hdr->namelen, DNS_TYPE_TLSA, rbt, reply, replysize, outlen, &retcount);
+ tmplen = additional_rrsig(q->hdr->name, q->hdr->namelen, DNS_TYPE_TLSA, rbt, reply, replysize, outlen, &retcount, q->aa);
if (tmplen == 0) {
NTOHS(odh->query);
@@ -3697,7 +3877,11 @@ reply_sshfp(struct sreply *sreply, ddDB *db)
int replysize = 512;
int retlen = -1;
u_int16_t rollback;
+ time_t now;
+
+ now = time(NULL);
+
if ((rrset = find_rr(rbt, DNS_TYPE_SSHFP)) == 0)
return -1;
@@ -3724,10 +3908,15 @@ reply_sshfp(struct sreply *sreply, ddDB *db)
rollback = outlen;
SET_DNS_REPLY(odh);
- SET_DNS_AUTHORITATIVE(odh);
+
+ if (q->aa)
+ SET_DNS_AUTHORITATIVE(odh);
if (q->rd) {
SET_DNS_RECURSION(odh);
+
+ if (! q->aa)
+ SET_DNS_RECURSION_AVAIL(odh);
}
HTONS(odh->query);
@@ -3747,7 +3936,11 @@ reply_sshfp(struct sreply *sreply, ddDB *db)
answer->name[1] = 0x0c;
answer->type = q->hdr->qtype;
answer->class = q->hdr->qclass;
- answer->ttl = htonl(rrset->ttl);
+
+ if (q->aa)
+ answer->ttl = htonl(rrset->ttl);
+ else
+ answer->ttl = htonl(rrset->ttl - (MIN(rrset->ttl, difftime(now, rrset->created))));
switch (((struct sshfp *)rrp->rdata)->fptype) {
case 1:
@@ -3781,7 +3974,7 @@ reply_sshfp(struct sreply *sreply, ddDB *db)
int origlen = outlen;
int retcount;
- tmplen = additional_rrsig(q->hdr->name, q->hdr->namelen, DNS_TYPE_SSHFP, rbt, reply, replysize, outlen, &retcount);
+ tmplen = additional_rrsig(q->hdr->name, q->hdr->namelen, DNS_TYPE_SSHFP, rbt, reply, replysize, outlen, &retcount, q->aa);
if (tmplen == 0) {
NTOHS(odh->query);
@@ -3886,7 +4079,10 @@ reply_naptr(struct sreply *sreply, ddDB *db)
char *p;
int retlen = -1;
u_int16_t rollback;
+ time_t now;
+ now = time(NULL);
+
if ((rrset = find_rr(rbt, DNS_TYPE_NAPTR)) == 0)
return -1;
@@ -3912,10 +4108,15 @@ reply_naptr(struct sreply *sreply, ddDB *db)
rollback = outlen;
SET_DNS_REPLY(odh);
- SET_DNS_AUTHORITATIVE(odh);
+
+ if (q->aa)
+ SET_DNS_AUTHORITATIVE(odh);
if (q->rd) {
SET_DNS_RECURSION(odh);
+
+ if (! q->aa)
+ SET_DNS_RECURSION_AVAIL(odh);
}
HTONS(odh->query);
@@ -3937,7 +4138,11 @@ reply_naptr(struct sreply *sreply, ddDB *db)
answer->name[1] = 0x0c;
answer->type = q->hdr->qtype;
answer->class = q->hdr->qclass;
- answer->ttl = htonl(rrset->ttl);
+
+ if (q->aa)
+ answer->ttl = htonl(rrset->ttl);
+ else
+ answer->ttl = htonl(rrset->ttl - (MIN(rrset->ttl, difftime(now, rrset->created))));
answer->naptr_order = htons(((struct naptr *)rrp->rdata)->order);
answer->naptr_preference = htons(((struct naptr *)rrp->rdata)->preference);
@@ -4002,7 +4207,7 @@ reply_naptr(struct sreply *sreply, ddDB *db)
int origlen = outlen;
int retcount;
- tmplen = additional_rrsig(q->hdr->name, q->hdr->namelen, DNS_TYPE_NAPTR, rbt, reply, replysize, outlen, &retcount);
+ tmplen = additional_rrsig(q->hdr->name, q->hdr->namelen, DNS_TYPE_NAPTR, rbt, reply, replysize, outlen, &retcount, q->aa);
if (tmplen == 0) {
NTOHS(odh->query);
@@ -4107,7 +4312,10 @@ reply_srv(struct sreply *sreply, ddDB *db)
int retlen = -1;
int tmplen;
u_int16_t rollback;
+ time_t now;
+ now = time(NULL);
+
if ((rrset = find_rr(rbt, DNS_TYPE_SRV)) == 0)
return -1;
@@ -4133,10 +4341,15 @@ reply_srv(struct sreply *sreply, ddDB *db)
rollback = outlen;
SET_DNS_REPLY(odh);
- SET_DNS_AUTHORITATIVE(odh);
+
+ if (q->aa)
+ SET_DNS_AUTHORITATIVE(odh);
if (q->rd) {
SET_DNS_RECURSION(odh);
+
+ if (! q->aa)
+ SET_DNS_RECURSION_AVAIL(odh);
}
HTONS(odh->query);
@@ -4156,8 +4369,12 @@ reply_srv(struct sreply *sreply, ddDB *db)
answer->name[1] = 0x0c;
answer->type = q->hdr->qtype;
answer->class = q->hdr->qclass;
- answer->ttl = htonl(rrset->ttl);
+ if (q->aa)
+ answer->ttl = htonl(rrset->ttl);
+ else
+ answer->ttl = htonl(rrset->ttl - (MIN(rrset->ttl, difftime(now, rrset->created))));
+
answer->rdlength = htons((3 * sizeof(u_int16_t)) + ((struct srv *)rrp->rdata)->targetlen);
answer->srv_priority = htons(((struct srv *)rrp->rdata)->priority);
@@ -4194,7 +4411,7 @@ reply_srv(struct sreply *sreply, ddDB *db)
int origlen = outlen;
int retcount;
- tmplen = additional_rrsig(q->hdr->name, q->hdr->namelen, DNS_TYPE_SRV, rbt, reply, replysize, outlen, &retcount);
+ tmplen = additional_rrsig(q->hdr->name, q->hdr->namelen, DNS_TYPE_SRV, rbt, reply, replysize, outlen, &retcount, q->aa);
if (tmplen == 0) {
NTOHS(odh->query);
@@ -4401,6 +4618,9 @@ reply_nxdomain(struct sreply *sreply, ddDB *db)
if (q->rd) {
SET_DNS_RECURSION(odh);
+
+ if (! q->aa)
+ SET_DNS_RECURSION_AVAIL(odh);
}
HTONS(odh->query);
@@ -4440,12 +4660,17 @@ reply_nxdomain(struct sreply *sreply, ddDB *db)
rollback = outlen;
SET_DNS_REPLY(odh);
- SET_DNS_AUTHORITATIVE(odh);
+ if (q->aa)
+ SET_DNS_AUTHORITATIVE(odh);
+
SET_DNS_RCODE_NAMEERR(odh);
if (q->rd) {
SET_DNS_RECURSION(odh);
+
+ if (! q->aa)
+ SET_DNS_RECURSION_AVAIL(odh);
}
NTOHS(odh->query);
@@ -4463,6 +4688,7 @@ reply_nxdomain(struct sreply *sreply, ddDB *db)
answer->type = htons(DNS_TYPE_SOA);
answer->class = q->hdr->qclass;
+
answer->ttl = htonl(rrset->ttl);
outlen += 10; /* sizeof(struct answer) up to rdata length */
@@ -4557,7 +4783,7 @@ reply_nxdomain(struct sreply *sreply, ddDB *db)
int origlen = outlen;
int retcount;
- tmplen = additional_rrsig(rbt->zone, rbt->zonelen, DNS_TYPE_SOA, rbt, reply, replysize, outlen, &retcount);
+ tmplen = additional_rrsig(rbt->zone, rbt->zonelen, DNS_TYPE_SOA, rbt, reply, replysize, outlen, &retcount, q->aa);
if (tmplen == 0) {
NTOHS(odh->query);
@@ -4587,7 +4813,7 @@ reply_nxdomain(struct sreply *sreply, ddDB *db)
memcpy(&uniq[rruniq].name, rbt0->zone, rbt0->zonelen);
uniq[rruniq++].len = rbt0->zonelen;
- tmplen = additional_nsec3(rbt0->zone, rbt0->zonelen, DNS_TYPE_NSEC3, rbt0, reply, replysize, outlen, &retcount);
+ tmplen = additional_nsec3(rbt0->zone, rbt0->zonelen, DNS_TYPE_NSEC3, rbt0, reply, replysize, outlen, &retcount, q->aa);
free (rbt0);
if (tmplen == 0) {
@@ -4619,7 +4845,7 @@ reply_nxdomain(struct sreply *sreply, ddDB *db)
uniq[rruniq++].len = rbt0->zonelen;
if (memcmp(uniq[0].name, uniq[1].name, uniq[1].len) != 0) {
- tmplen = additional_nsec3(rbt0->zone, rbt0->zonelen, DNS_TYPE_NSEC3, rbt0, reply, replysize, outlen, &retcount);
+ tmplen = additional_nsec3(rbt0->zone, rbt0->zonelen, DNS_TYPE_NSEC3, rbt0, reply, replysize, outlen, &retcount, q->aa);
addrec = 1;
}
@@ -4656,7 +4882,7 @@ reply_nxdomain(struct sreply *sreply, ddDB *db)
if (memcmp(uniq[0].name, uniq[2].name, uniq[2].len) != 0&&
memcmp(uniq[1].name, uniq[2].name, uniq[2].len) != 0) {
- tmplen = additional_nsec3(rbt0->zone, rbt0->zonelen, DNS_TYPE_NSEC3, rbt0, reply, replysize, outlen, &retcount);
+ tmplen = additional_nsec3(rbt0->zone, rbt0->zonelen, DNS_TYPE_NSEC3, rbt0, reply, replysize, outlen, &retcount, q->aa);
addrec = 1;
}
free (rbt0);
@@ -4777,10 +5003,16 @@ reply_refused(struct sreply *sreply, ddDB *db)
SET_DNS_REPLY(odh);
SET_DNS_RCODE_REFUSED(odh);
- SET_DNS_AUTHORITATIVE(odh);
- if (q->rd)
+ if (q->aa)
+ SET_DNS_AUTHORITATIVE(odh);
+
+ if (q->rd) {
SET_DNS_RECURSION(odh);
+
+ if (! q->aa)
+ SET_DNS_RECURSION_AVAIL(odh);
+ }
if (q->notify)
SET_DNS_NOTIFY(odh);
@@ -4940,7 +5172,10 @@ reply_notify(struct sreply *sreply, ddDB *db)
SET_DNS_REPLY(odh);
SET_DNS_NOTIFY(odh);
- SET_DNS_AUTHORITATIVE(odh);
+
+ if (q->aa)
+ SET_DNS_AUTHORITATIVE(odh);
+
SET_DNS_RCODE_NOERR(odh);
HTONS(odh->query);
@@ -5119,6 +5354,9 @@ reply_noerror(struct sreply *sreply, ddDB *db)
if (q->rd) {
SET_DNS_RECURSION(odh);
+
+ if (! q->aa)
+ SET_DNS_RECURSION_AVAIL(odh);
}
HTONS(odh->query);
@@ -5159,10 +5397,15 @@ reply_noerror(struct sreply *sreply, ddDB *db)
rollback = outlen;
SET_DNS_REPLY(odh);
- SET_DNS_AUTHORITATIVE(odh);
+ if (q->aa)
+ SET_DNS_AUTHORITATIVE(odh);
+
if (q->rd) {
SET_DNS_RECURSION(odh);
+
+ if (! q->aa)
+ SET_DNS_RECURSION_AVAIL(odh);
}
NTOHS(odh->query);
@@ -5274,7 +5517,7 @@ reply_noerror(struct sreply *sreply, ddDB *db)
int origlen = outlen;
int retcount;
- tmplen = additional_rrsig(rbt->zone, rbt->zonelen, DNS_TYPE_SOA, rbt, reply, replysize, outlen, &retcount);
+ tmplen = additional_rrsig(rbt->zone, rbt->zonelen, DNS_TYPE_SOA, rbt, reply, replysize, outlen, &retcount, q->aa);
if (tmplen == 0) {
NTOHS(odh->query);
@@ -5296,7 +5539,7 @@ reply_noerror(struct sreply *sreply, ddDB *db)
if (find_rr(rbt, DNS_TYPE_NSEC)) {
rbt0 = Lookup_zone(db, q->hdr->name, q->hdr->namelen, DNS_TYPE_NSEC, 0);
if (rbt0 != NULL) {
- tmplen = additional_nsec(q->hdr->name, q->hdr->namelen, DNS_TYPE_NSEC, rbt0, reply, replysize, outlen);
+ tmplen = additional_nsec(q->hdr->name, q->hdr->namelen, DNS_TYPE_NSEC, rbt0, reply, replysize, outlen, q->aa);
free(rbt0);
}
} else if (find_rr(rbt, DNS_TYPE_NSEC3PARAM)) {
@@ -5307,7 +5550,7 @@ reply_noerror(struct sreply *sreply, ddDB *db)
memcpy(&uniq[rruniq].name, rbt0->zone, rbt0->zonelen);
uniq[rruniq++].len = rbt0->zonelen;
- tmplen = additional_nsec3(rbt0->zone, rbt0->zonelen, DNS_TYPE_NSEC3, rbt0, reply, replysize, outlen, &retcount);
+ tmplen = additional_nsec3(rbt0->zone, rbt0->zonelen, DNS_TYPE_NSEC3, rbt0, reply, replysize, outlen, &retcount, q->aa);
free (rbt0);
}
@@ -5426,10 +5669,15 @@ reply_any(struct sreply *sreply, ddDB *db)
rollback = outlen;
SET_DNS_REPLY(odh);
- SET_DNS_AUTHORITATIVE(odh);
+
+ if (q->aa)
+ SET_DNS_AUTHORITATIVE(odh);
if (q->rd) {
SET_DNS_RECURSION(odh);
+
+ if (! q->aa)
+ SET_DNS_RECURSION_AVAIL(odh);
}
NTOHS(odh->query);
@@ -5547,7 +5795,9 @@ create_anyreply(struct sreply *sreply, char *reply, in
u_int8_t *nsec3_alg, *nsec3_flags, *nsec3_saltlen, *nsec3_hashlen;
char *name, *p;
int i;
+ time_t now;
+ now = time(NULL);
if (soa && (rrset = find_rr(rbt, DNS_TYPE_SOA)) != 0) {
NTOHS(odh->answer);
odh->answer++;
@@ -5572,7 +5822,11 @@ create_anyreply(struct sreply *sreply, char *reply, in
answer->type = htons(DNS_TYPE_SOA);
answer->class = htons(DNS_CLASS_IN);
- answer->ttl = htonl(rrset->ttl);
+
+ if (q->aa)
+ answer->ttl = htonl(rrset->ttl);
+ else
+ answer->ttl = htonl(rrset->ttl - (MIN(rrset->ttl, difftime(now, rrset->created))));
offset += 10; /* up to rdata length */
@@ -5664,7 +5918,7 @@ create_anyreply(struct sreply *sreply, char *reply, in
}
if ((rrset = find_rr(rbt, DNS_TYPE_RRSIG)) != 0) {
tmplen = additional_rrsig(q->hdr->name, q->hdr->namelen,
- -1, rbt, reply, rlen, offset, &rrsig_count);
+ -1, rbt, reply, rlen, offset, &rrsig_count, q->aa);
if (tmplen == 0)
goto truncate;
@@ -5692,7 +5946,11 @@ create_anyreply(struct sreply *sreply, char *reply, in
answer->type = htons(DNS_TYPE_DNSKEY);
answer->class = htons(DNS_CLASS_IN);
- answer->ttl = htonl(rrset->ttl);
+
+ if (q->aa)
+ answer->ttl = htonl(rrset->ttl);
+ else
+ answer->ttl = htonl(rrset->ttl - (MIN(rrset->ttl, difftime(now, rrset->created))));
answer->rdlength = htons(namelen);
@@ -5748,8 +6006,12 @@ create_anyreply(struct sreply *sreply, char *reply, in
answer->type = htons(DNS_TYPE_DS);
answer->class = htons(DNS_CLASS_IN);
- answer->ttl = htonl(rrset->ttl);
+ if (q->aa)
+ answer->ttl = htonl(rrset->ttl);
+ else
+ answer->ttl = htonl(rrset->ttl - (MIN(rrset->ttl, difftime(now, rrset->created))));
+
answer->rdlength = htons(namelen);
offset += 10; /* struct answer */
@@ -5803,8 +6065,13 @@ create_anyreply(struct sreply *sreply, char *reply, in
answer->type = htons(DNS_TYPE_NSEC3);
answer->class = htons(DNS_CLASS_IN);
- answer->ttl = htonl(rrset->ttl);
+ if (q->aa)
+ answer->ttl = htonl(rrset->ttl);
+ else
+ answer->ttl = htonl(rrset->ttl - (MIN(rrset->ttl, difftime(now, rrset->created))));
+
+
answer->rdlength = htons(namelen);
offset += 10; /* struct answer */
@@ -5880,8 +6147,12 @@ create_anyreply(struct sreply *sreply, char *reply, in
answer->type = htons(DNS_TYPE_NSEC3PARAM);
answer->class = htons(DNS_CLASS_IN);
- answer->ttl = htonl(rrset->ttl);
+ if (q->aa)
+ answer->ttl = htonl(rrset->ttl);
+ else
+ answer->ttl = htonl(rrset->ttl - (MIN(rrset->ttl, difftime(now, rrset->created))));
+
answer->rdlength = htons(namelen);
offset += 10; /* struct answer */
@@ -5942,8 +6213,12 @@ create_anyreply(struct sreply *sreply, char *reply, in
answer->type = htons(DNS_TYPE_NSEC);
answer->class = htons(DNS_CLASS_IN);
- answer->ttl = htonl(rrset->ttl);
+ if (q->aa)
+ answer->ttl = htonl(rrset->ttl);
+ else
+ answer->ttl = htonl(rrset->ttl - (MIN(rrset->ttl, difftime(now, rrset->created))));
+
answer->rdlength = htons(namelen);
offset += 10; /* struct answer */
@@ -5988,8 +6263,12 @@ create_anyreply(struct sreply *sreply, char *reply, in
answer->type = htons(DNS_TYPE_NS);
answer->class = htons(DNS_CLASS_IN);
- answer->ttl = htonl(rrset->ttl);
+ if (q->aa)
+ answer->ttl = htonl(rrset->ttl);
+ else
+ answer->ttl = htonl(rrset->ttl - (MIN(rrset->ttl, difftime(now, rrset->created))));
+
answer->rdlength = htons(namelen);
offset += 10; /* struct answer */
@@ -6044,7 +6323,11 @@ create_anyreply(struct sreply *sreply, char *reply, in
answer->type = htons(DNS_TYPE_PTR);
answer->class = htons(DNS_CLASS_IN);
- answer->ttl = htonl(rrset->ttl);
+
+ if (q->aa)
+ answer->ttl = htonl(rrset->ttl);
+ else
+ answer->ttl = htonl(rrset->ttl - (MIN(rrset->ttl, difftime(now, rrset->created))));
offset += 10; /* up to rdata length */
@@ -6097,7 +6380,12 @@ create_anyreply(struct sreply *sreply, char *reply, in
answer->type = htons(DNS_TYPE_MX);
answer->class = htons(DNS_CLASS_IN);
- answer->ttl = htonl(rrset->ttl);
+
+ if (q->aa)
+ answer->ttl = htonl(rrset->ttl);
+ else
+ answer->ttl = htonl(rrset->ttl - (MIN(rrset->ttl, difftime(now, rrset->created))));
+
answer->rdlength = htons(sizeof(u_int16_t) + ((struct smx *)rrp->rdata)->exchangelen);
offset += 10; /* up to rdata length */
@@ -6148,7 +6436,11 @@ create_anyreply(struct sreply *sreply, char *reply, in
answer->type = htons(DNS_TYPE_TXT);
answer->class = htons(DNS_CLASS_IN);
- answer->ttl = htonl(rrset->ttl);
+
+ if (q->aa)
+ answer->ttl = htonl(rrset->ttl);
+ else
+ answer->ttl = htonl(rrset->ttl - (MIN(rrset->ttl, difftime(now, rrset->created))));
offset += 10; /* up to rdata length */
@@ -6193,7 +6485,11 @@ create_anyreply(struct sreply *sreply, char *reply, in
answer->type = htons(DNS_TYPE_TLSA);
answer->class = htons(DNS_CLASS_IN);
- answer->ttl = htonl(rrset->ttl);
+
+ if (q->aa)
+ answer->ttl = htonl(rrset->ttl);
+ else
+ answer->ttl = htonl(rrset->ttl - (MIN(rrset->ttl, difftime(now, rrset->created))));
typelen = ((struct tlsa *)rrp->rdata)->matchtype == 1 ? DNS_TLSA_SIZE_SHA256 : DNS_TLSA_SIZE_SHA512;
answer->rdlength = htons((3 * sizeof(u_int8_t)) + typelen);
@@ -6254,7 +6550,11 @@ create_anyreply(struct sreply *sreply, char *reply, in
answer->type = htons(DNS_TYPE_SSHFP);
answer->class = htons(DNS_CLASS_IN);
- answer->ttl = htonl(rrset->ttl);
+ if (q->aa)
+ answer->ttl = htonl(rrset->ttl);
+ else
+ answer->ttl = htonl(rrset->ttl - (MIN(rrset->ttl, difftime(now, rrset->created))));
+
answer->rdlength = htons((2 * sizeof(u_int8_t)) + ((struct sshfp *)rrp->rdata)->fplen);
offset += 10; /* up to rdata length */
@@ -6307,7 +6607,11 @@ create_anyreply(struct sreply *sreply, char *reply, in
answer->type = htons(DNS_TYPE_NAPTR);
answer->class = htons(DNS_CLASS_IN);
- answer->ttl = htonl(rrset->ttl);
+ if (q->aa)
+ answer->ttl = htonl(rrset->ttl);
+ else
+ answer->ttl = htonl(rrset->ttl - (MIN(rrset->ttl, difftime(now, rrset->created))));
+
answer->rdlength = htons((2 * sizeof(u_int16_t)) + ((struct naptr *)rrp->rdata)->flagslen + 1 + ((struct naptr *)rrp->rdata)->serviceslen + 1 + ((struct naptr *)rrp->rdata)->regexplen + 1 + ((struct naptr *)rrp->rdata)->replacementlen);
offset += 10; /* up to rdata length */
@@ -6391,7 +6695,11 @@ create_anyreply(struct sreply *sreply, char *reply, in
answer->type = htons(DNS_TYPE_SRV);
answer->class = htons(DNS_CLASS_IN);
- answer->ttl = htonl(rrset->ttl);
+ if (q->aa)
+ answer->ttl = htonl(rrset->ttl);
+ else
+ answer->ttl = htonl(rrset->ttl - (MIN(rrset->ttl, difftime(now, rrset->created))));
+
answer->rdlength = htons((3 * sizeof(u_int16_t)) + ((struct srv *)rrp->rdata)->targetlen);
offset += 10; /* up to rdata length */
@@ -6450,7 +6758,11 @@ create_anyreply(struct sreply *sreply, char *reply, in
answer->type = htons(DNS_TYPE_CNAME);
answer->class = htons(DNS_CLASS_IN);
- answer->ttl = htonl(rrset->ttl);
+ if (q->aa)
+ answer->ttl = htonl(rrset->ttl);
+ else
+ answer->ttl = htonl(rrset->ttl - (MIN(rrset->ttl, difftime(now, rrset->created))));
+
offset += 10; /* up to rdata length */
@@ -6498,7 +6810,12 @@ create_anyreply(struct sreply *sreply, char *reply, in
answer->type = htons(DNS_TYPE_A);
answer->class = htons(DNS_CLASS_IN);
- answer->ttl = htonl(rrset->ttl);
+
+ if (q->aa)
+ answer->ttl = htonl(rrset->ttl);
+ else
+ answer->ttl = htonl(rrset->ttl - (MIN(rrset->ttl, difftime(now, rrset->created))));
+
answer->rdlength = htons(sizeof(in_addr_t));
memcpy((char *)&answer->rdata, (char *)&((struct a *)rrp->rdata)->a,
@@ -6533,7 +6850,11 @@ create_anyreply(struct sreply *sreply, char *reply, in
answer->type = htons(DNS_TYPE_AAAA);
answer->class = htons(DNS_CLASS_IN);
- answer->ttl = htonl(rrset->ttl);
+ if (q->aa)
+ answer->ttl = htonl(rrset->ttl);
+ else
+ answer->ttl = htonl(rrset->ttl - (MIN(rrset->ttl, difftime(now, rrset->created))));
+
answer->rdlength = htons(sizeof(struct in6_addr));
offset += 10;
@@ -6601,7 +6922,9 @@ reply_badvers(struct sreply *sreply, ddDB *db)
outlen += (q->hdr->namelen + 4);
SET_DNS_REPLY(odh);
- SET_DNS_AUTHORITATIVE(odh);
+
+ if (q->aa)
+ SET_DNS_AUTHORITATIVE(odh);
HTONS(odh->query);
blob - d64c92079a80ca6fa022f0768de52636eff9d873
blob + 3364ec4c49499f34cc61a4532fa7e1d570efe11d
--- sign.c
+++ sign.c
@@ -27,7 +27,7 @@
*/
/*
- * $Id: sign.c,v 1.4 2020/06/25 10:01:11 pjp Exp $
+ * $Id: sign.c,v 1.5 2020/07/06 07:17:40 pjp Exp $
*/
#include <sys/types.h>
@@ -225,10 +225,10 @@ extern void pack(char *, char *, int);
extern void pack32(char *, u_int32_t);
extern void pack16(char *, u_int16_t);
extern void pack8(char *, u_int8_t);
-extern int fill_dnskey(char *, char *, u_int32_t, u_int16_t, u_int8_t, u_int8_t, char *);
-extern int fill_rrsig(char *, char *, u_int32_t, char *, u_int8_t, u_int8_t, u_int32_t, u_int64_t, u_int64_t, u_int16_t, char *, char *);
-extern int fill_nsec3param(char *, char *, u_int32_t, u_int8_t, u_int8_t, u_int16_t, char *);
-extern int fill_nsec3(char *, char *, u_int32_t, u_int8_t, u_int8_t, u_int16_t, char *, char *, char *);
+extern int fill_dnskey(ddDB *,char *, char *, u_int32_t, u_int16_t, u_int8_t, u_int8_t, char *);
+extern int fill_rrsig(ddDB *,char *, char *, u_int32_t, char *, u_int8_t, u_int8_t, u_int32_t, u_int64_t, u_int64_t, u_int16_t, char *, char *);
+extern int fill_nsec3param(ddDB *, char *, char *, u_int32_t, u_int8_t, u_int8_t, u_int16_t, char *);
+extern int fill_nsec3(ddDB *, char *, char *, u_int32_t, u_int8_t, u_int8_t, u_int16_t, char *, char *, char *);
extern char * convert_name(char *name, int namelen);
extern int mybase64_encode(u_char const *, size_t, char *, size_t);
@@ -849,7 +849,7 @@ add_dnskey(ddDB *db)
dolog(LOG_INFO, "get_key: %s\n", knp->keyname);
return -1;
}
- if (fill_dnskey(zone, "dnskey", ttl, flags, protocol, algorithm, key) < 0) {
+ if (fill_dnskey(db, zone, "dnskey", ttl, flags, protocol, algorithm, key) < 0) {
return -1;
}
} /* if ZSK */
@@ -862,7 +862,7 @@ add_dnskey(ddDB *db)
dolog(LOG_INFO, "get_key %s\n", knp->keyname);
return -1;
}
- if (fill_dnskey(zone, "dnskey", ttl, flags, protocol, algorithm, key) < 0) {
+ if (fill_dnskey(db, zone, "dnskey", ttl, flags, protocol, algorithm, key) < 0) {
return -1;
}
} /* if KSK */
@@ -1936,7 +1936,7 @@ sign_soa(ddDB *db, char *zonename, int expiry, struct
len = mybase64_encode(signature, siglen, tmp, sizeof(tmp));
tmp[len] = '\0';
- if (fill_rrsig(rbt->humanname, "RRSIG", rrset->ttl, "SOA", algorithm, labels, rrset->ttl, expiredon, signedon, keyid, zonename, tmp) < 0) {
+ if (fill_rrsig(db, rbt->humanname, "RRSIG", rrset->ttl, "SOA", algorithm, labels, rrset->ttl, expiredon, signedon, keyid, zonename, tmp) < 0) {
dolog(LOG_INFO, "fill_rrsig\n");
return -1;
}
@@ -2162,7 +2162,7 @@ sign_txt(ddDB *db, char *zonename, int expiry, struct
len = mybase64_encode(signature, siglen, tmp, sizeof(tmp));
tmp[len] = '\0';
- if (fill_rrsig(rbt->humanname, "RRSIG", rrset->ttl, "TXT", algorithm, labels, rrset->ttl, expiredon, signedon, keyid, zonename, tmp) < 0) {
+ if (fill_rrsig(db, rbt->humanname, "RRSIG", rrset->ttl, "TXT", algorithm, labels, rrset->ttl, expiredon, signedon, keyid, zonename, tmp) < 0) {
dolog(LOG_INFO, "fill_rrsig\n");
return -1;
}
@@ -2391,7 +2391,7 @@ sign_aaaa(ddDB *db, char *zonename, int expiry, struct
len = mybase64_encode(signature, siglen, tmp, sizeof(tmp));
tmp[len] = '\0';
- if (fill_rrsig(rbt->humanname, "RRSIG", rrset->ttl, "AAAA", algorithm, labels, rrset->ttl, expiredon, signedon, keyid, zonename, tmp) < 0) {
+ if (fill_rrsig(db, rbt->humanname, "RRSIG", rrset->ttl, "AAAA", algorithm, labels, rrset->ttl, expiredon, signedon, keyid, zonename, tmp) < 0) {
dolog(LOG_INFO, "fill_rrsig\n");
return -1;
}
@@ -2587,7 +2587,7 @@ sign_nsec3(ddDB *db, char *zonename, int expiry, struc
len = mybase64_encode(signature, siglen, tmp, sizeof(tmp));
tmp[len] = '\0';
- if (fill_rrsig(rbt->humanname, "RRSIG", rrset->ttl, "NSEC3", algorithm, labels, rrset->ttl, expiredon, signedon, keyid, zonename, tmp) < 0) {
+ if (fill_rrsig(db, rbt->humanname, "RRSIG", rrset->ttl, "NSEC3", algorithm, labels, rrset->ttl, expiredon, signedon, keyid, zonename, tmp) < 0) {
dolog(LOG_INFO, "fill_rrsig\n");
return -1;
}
@@ -2773,7 +2773,7 @@ sign_nsec3param(ddDB *db, char *zonename, int expiry,
len = mybase64_encode(signature, siglen, tmp, sizeof(tmp));
tmp[len] = '\0';
- if (fill_rrsig(rbt->humanname, "RRSIG", 0, "NSEC3PARAM", algorithm, labels, 0, expiredon, signedon, keyid, zonename, tmp) < 0) {
+ if (fill_rrsig(db, rbt->humanname, "RRSIG", 0, "NSEC3PARAM", algorithm, labels, 0, expiredon, signedon, keyid, zonename, tmp) < 0) {
dolog(LOG_INFO, "fill_rrsig\n");
return -1;
}
@@ -2946,7 +2946,7 @@ sign_cname(ddDB *db, char *zonename, int expiry, struc
len = mybase64_encode(signature, siglen, tmp, sizeof(tmp));
tmp[len] = '\0';
- if (fill_rrsig(rbt->humanname, "RRSIG", rrset->ttl, "CNAME", algorithm, labels, rrset->ttl, expiredon, signedon, keyid, zonename, tmp) < 0) {
+ if (fill_rrsig(db, rbt->humanname, "RRSIG", rrset->ttl, "CNAME", algorithm, labels, rrset->ttl, expiredon, signedon, keyid, zonename, tmp) < 0) {
dolog(LOG_INFO, "fill_rrsig\n");
return -1;
}
@@ -3119,7 +3119,7 @@ sign_ptr(ddDB *db, char *zonename, int expiry, struct
len = mybase64_encode(signature, siglen, tmp, sizeof(tmp));
tmp[len] = '\0';
- if (fill_rrsig(rbt->humanname, "RRSIG", rrset->ttl, "PTR", algorithm, labels, rrset->ttl, expiredon, signedon, keyid, zonename, tmp) < 0) {
+ if (fill_rrsig(db, rbt->humanname, "RRSIG", rrset->ttl, "PTR", algorithm, labels, rrset->ttl, expiredon, signedon, keyid, zonename, tmp) < 0) {
dolog(LOG_INFO, "fill_rrsig\n");
return -1;
}
@@ -3368,7 +3368,7 @@ sign_naptr(ddDB *db, char *zonename, int expiry, struc
len = mybase64_encode(signature, siglen, tmp, sizeof(tmp));
tmp[len] = '\0';
- if (fill_rrsig(rbt->humanname, "RRSIG", rrset->ttl, "NAPTR", algorithm, labels, rrset->ttl, expiredon, signedon, keyid, zonename, tmp) < 0) {
+ if (fill_rrsig(db, rbt->humanname, "RRSIG", rrset->ttl, "NAPTR", algorithm, labels, rrset->ttl, expiredon, signedon, keyid, zonename, tmp) < 0) {
dolog(LOG_INFO, "fill_rrsig\n");
return -1;
}
@@ -3605,7 +3605,7 @@ sign_srv(ddDB *db, char *zonename, int expiry, struct
len = mybase64_encode(signature, siglen, tmp, sizeof(tmp));
tmp[len] = '\0';
- if (fill_rrsig(rbt->humanname, "RRSIG", rrset->ttl, "SRV", algorithm, labels, rrset->ttl, expiredon, signedon, keyid, zonename, tmp) < 0) {
+ if (fill_rrsig(db, rbt->humanname, "RRSIG", rrset->ttl, "SRV", algorithm, labels, rrset->ttl, expiredon, signedon, keyid, zonename, tmp) < 0) {
dolog(LOG_INFO, "fill_rrsig\n");
return -1;
}
@@ -3840,7 +3840,7 @@ sign_sshfp(ddDB *db, char *zonename, int expiry, struc
len = mybase64_encode(signature, siglen, tmp, sizeof(tmp));
tmp[len] = '\0';
- if (fill_rrsig(rbt->humanname, "RRSIG", rrset->ttl, "SSHFP", algorithm, labels, rrset->ttl, expiredon, signedon, keyid, zonename, tmp) < 0) {
+ if (fill_rrsig(db, rbt->humanname, "RRSIG", rrset->ttl, "SSHFP", algorithm, labels, rrset->ttl, expiredon, signedon, keyid, zonename, tmp) < 0) {
dolog(LOG_INFO, "fill_rrsig\n");
return -1;
}
@@ -4078,7 +4078,7 @@ sign_tlsa(ddDB *db, char *zonename, int expiry, struct
len = mybase64_encode(signature, siglen, tmp, sizeof(tmp));
tmp[len] = '\0';
- if (fill_rrsig(rbt->humanname, "RRSIG", rrset->ttl, "TLSA", algorithm, labels, rrset->ttl, expiredon, signedon, keyid, zonename, tmp) < 0) {
+ if (fill_rrsig(db, rbt->humanname, "RRSIG", rrset->ttl, "TLSA", algorithm, labels, rrset->ttl, expiredon, signedon, keyid, zonename, tmp) < 0) {
dolog(LOG_INFO, "fill_rrsig\n");
return -1;
}
@@ -4312,7 +4312,7 @@ sign_ds(ddDB *db, char *zonename, int expiry, struct r
len = mybase64_encode(signature, siglen, tmp, sizeof(tmp));
tmp[len] = '\0';
- if (fill_rrsig(rbt->humanname, "RRSIG", rrset->ttl, "DS", algorithm, labels, rrset->ttl, expiredon, signedon, keyid, zonename, tmp) < 0) {
+ if (fill_rrsig(db, rbt->humanname, "RRSIG", rrset->ttl, "DS", algorithm, labels, rrset->ttl, expiredon, signedon, keyid, zonename, tmp) < 0) {
dolog(LOG_INFO, "fill_rrsig\n");
return -1;
}
@@ -4541,7 +4541,7 @@ sign_ns(ddDB *db, char *zonename, int expiry, struct r
len = mybase64_encode(signature, siglen, tmp, sizeof(tmp));
tmp[len] = '\0';
- if (fill_rrsig(rbt->humanname, "RRSIG", rrset->ttl, "NS", algorithm, labels, rrset->ttl, expiredon, signedon, keyid, zonename, tmp) < 0) {
+ if (fill_rrsig(db, rbt->humanname, "RRSIG", rrset->ttl, "NS", algorithm, labels, rrset->ttl, expiredon, signedon, keyid, zonename, tmp) < 0) {
dolog(LOG_INFO, "fill_rrsig\n");
return -1;
}
@@ -4771,7 +4771,7 @@ sign_mx(ddDB *db, char *zonename, int expiry, struct r
len = mybase64_encode(signature, siglen, tmp, sizeof(tmp));
tmp[len] = '\0';
- if (fill_rrsig(rbt->humanname, "RRSIG", rrset->ttl, "MX", algorithm, labels, rrset->ttl, expiredon, signedon, keyid, zonename, tmp) < 0) {
+ if (fill_rrsig(db, rbt->humanname, "RRSIG", rrset->ttl, "MX", algorithm, labels, rrset->ttl, expiredon, signedon, keyid, zonename, tmp) < 0) {
dolog(LOG_INFO, "fill_rrsig\n");
return -1;
}
@@ -5000,7 +5000,7 @@ sign_a(ddDB *db, char *zonename, int expiry, struct rb
len = mybase64_encode(signature, siglen, tmp, sizeof(tmp));
tmp[len] = '\0';
- if (fill_rrsig(rbt->humanname, "RRSIG", rrset->ttl, "A", algorithm, labels, rrset->ttl, expiredon, signedon, keyid, zonename, tmp) < 0) {
+ if (fill_rrsig(db, rbt->humanname, "RRSIG", rrset->ttl, "A", algorithm, labels, rrset->ttl, expiredon, signedon, keyid, zonename, tmp) < 0) {
dolog(LOG_INFO, "fill_rrsig\n");
return -1;
}
@@ -5427,7 +5427,7 @@ sign_dnskey(ddDB *db, char *zonename, int expiry, stru
len = mybase64_encode(signature, siglen, tmp, sizeof(tmp));
tmp[len] = '\0';
- if (fill_rrsig(rbt->humanname, "RRSIG", ttl, "DNSKEY", algorithm, labels, ttl, expiredon, signedon, keyid, zonename, tmp) < 0) {
+ if (fill_rrsig(db, rbt->humanname, "RRSIG", ttl, "DNSKEY", algorithm, labels, ttl, expiredon, signedon, keyid, zonename, tmp) < 0) {
dolog(LOG_INFO, "fill_rrsig\n");
return -1;
}
@@ -5618,7 +5618,7 @@ sign_dnskey(ddDB *db, char *zonename, int expiry, stru
len = mybase64_encode(signature, siglen, tmp, sizeof(tmp));
tmp[len] = '\0';
- if (fill_rrsig(rbt->humanname, "RRSIG", ttl, "DNSKEY", algorithm, labels, ttl, expiredon, signedon, keyid, zonename, tmp) < 0) {
+ if (fill_rrsig(db, rbt->humanname, "RRSIG", ttl, "DNSKEY", algorithm, labels, ttl, expiredon, signedon, keyid, zonename, tmp) < 0) {
dolog(LOG_INFO, "fill_rrsig\n");
return -1;
}
@@ -5981,7 +5981,7 @@ construct_nsec3(ddDB *db, char *zone, int iterations,
/* fill nsec3param */
- if (fill_nsec3param(zone, "nsec3param", 0, 1, 0, iterations, salt) < 0) {
+ if (fill_nsec3param(db, zone, "nsec3param", 0, 1, 0, iterations, salt) < 0) {
printf("fill_nsec3param failed\n");
return -1;
}
@@ -6202,7 +6202,7 @@ construct_nsec3(ddDB *db, char *zone, int iterations,
printf("%s next: %s %s\n", n2->hashname, np->hashname, n2->bitmap);
#endif
snprintf(buf, sizeof(buf), "%s.%s.", n2->hashname, zone);
- fill_nsec3(buf, "nsec3", ttl, n3p.algorithm, n3p.flags, n3p.iterations, salt, np->hashname, n2->bitmap);
+ fill_nsec3(db, buf, "nsec3", ttl, n3p.algorithm, n3p.flags, n3p.iterations, salt, np->hashname, n2->bitmap);
}
#if 0
blob - d02e1d6375933da40f7bd6bb9a6701bca1be6836
blob + 771ecdaf40df42380f71ecd02d56d04ee07f1a68
--- util.c
+++ util.c
@@ -27,7 +27,7 @@
*/
/*
- * $Id: util.c,v 1.64 2020/07/03 06:49:57 pjp Exp $
+ * $Id: util.c,v 1.65 2020/07/06 07:17:40 pjp Exp $
*/
#include <sys/types.h>
@@ -137,22 +137,22 @@ extern int check_ent(char *, int);
extern int find_tsig_key(char *, int, char *, int);
extern int mybase64_decode(char const *, u_char *, size_t);
-extern int raxfr_a(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
-extern int raxfr_tlsa(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
-extern int raxfr_srv(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
-extern int raxfr_naptr(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
-extern int raxfr_aaaa(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
-extern int raxfr_cname(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
-extern int raxfr_ns(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
-extern int raxfr_ptr(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
-extern int raxfr_mx(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
-extern int raxfr_txt(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
-extern int raxfr_dnskey(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
-extern int raxfr_rrsig(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
-extern int raxfr_nsec3param(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
-extern int raxfr_nsec3(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
-extern int raxfr_ds(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
-extern int raxfr_sshfp(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
+extern int raxfr_a(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
+extern int raxfr_tlsa(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
+extern int raxfr_srv(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
+extern int raxfr_naptr(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
+extern int raxfr_aaaa(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
+extern int raxfr_cname(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
+extern int raxfr_ns(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
+extern int raxfr_ptr(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
+extern int raxfr_mx(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
+extern int raxfr_txt(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
+extern int raxfr_dnskey(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
+extern int raxfr_rrsig(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
+extern int raxfr_nsec3param(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
+extern int raxfr_nsec3(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
+extern int raxfr_ds(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
+extern int raxfr_sshfp(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
extern u_int16_t raxfr_skip(FILE *, u_char *, u_char *);
extern int raxfr_soa(FILE *, u_char *, u_char *, u_char *, struct soa *, int, u_int32_t, u_int16_t, HMAC_CTX *);
extern int raxfr_peek(FILE *, u_char *, u_char *, u_char *, int *, int, u_int16_t *, u_int32_t, HMAC_CTX *);
@@ -584,9 +584,9 @@ Lookup_zone(ddDB *db, char *name, u_int16_t namelen, u
rbt = find_rrset(db, name, namelen);
if (rbt != NULL) {
rrset = find_rr(rbt, type);
- if (rrset != NULL)
+ if (rrset != NULL) {
return (rbt);
- else
+ } else
free(rbt);
}
@@ -2200,7 +2200,7 @@ lookup_axfr(FILE *f, int so, char *zonename, struct so
} else {
for (sr = supported; sr->rrtype != 0; sr++) {
if (rrtype == sr->rrtype) {
- if ((len = (*sr->raxfr)(f, p, estart, end, mysoa, rdlen, ctx)) < 0) {
+ if ((len = (*sr->raxfr)(f, p, estart, end, mysoa, rdlen, ctx, NULL, 0, 0, NULL)) < 0) {
fprintf(stderr, "error with rrtype %d\n", sr->rrtype);
return -1;
}
repomaster@centroid.eu