Commit Diff
Diff:
f94265197a64810664030be141b79812be4a0245
a37b21ae24e0343f538f1f3439d4d67838a13b3b
Commit:
a37b21ae24e0343f538f1f3439d4d67838a13b3b
Tree:
bd1d853f7cef15b15d4735d3495d5c4130b867b5
Author:
pjp <pjp@delphinusdns.org>
Committer:
pjp <pjp@delphinusdns.org>
Date:
Wed Jul 8 12:29:02 2020 UTC
Message:
change the database to RW instead of RO, for this we had to take out the concept of freeing struct rbtree's Also work the caching a bit into the forward sandbox process which I changed the pledging to allow fd descriptor passing, needed for TCP revert the raxfr_* functions to their old way of working, but introduce their equivalent the cache_* functions, which go about populating the database better and faster than the other way. Not tested, it needs good testing.
blob - 3bffca2348cb3047bd2ecdd6e9e3ee73b001d5dc
blob + 009dc73e8980c27a199c11ff1b9bd55fc1997e3c
--- Makefile.linux
+++ Makefile.linux
@@ -8,8 +8,8 @@ AR=ar
all: delphinusdnsd dddctl
-delphinusdnsd: imsg-buffer.o imsg.o additional.o parse.o delphinusdnsd.o reply.o region.o log.o axfr.o filter.o ratelimit.o whitelist.o base64.o dnssec.o util.o ent.o db.o tsig.o raxfr.o forward.o
- $(CC) $(CFLAGS) -o delphinusdnsd/delphinusdnsd additional.o imsg-buffer.o imsg.o delphinusdnsd.o parse.o reply.o region.o log.o axfr.o filter.o ratelimit.o whitelist.o base64.o dnssec.o util.o ent.o db.o tsig.o raxfr.o forward.o $(LDADD)
+delphinusdnsd: imsg-buffer.o imsg.o additional.o parse.o delphinusdnsd.o reply.o region.o log.o axfr.o filter.o ratelimit.o whitelist.o base64.o dnssec.o util.o ent.o db.o tsig.o raxfr.o forward.o cache.o
+ $(CC) $(CFLAGS) -o delphinusdnsd/delphinusdnsd additional.o imsg-buffer.o imsg.o delphinusdnsd.o parse.o reply.o region.o log.o axfr.o filter.o ratelimit.o whitelist.o base64.o dnssec.o util.o ent.o db.o tsig.o raxfr.o forward.o cache.o $(LDADD)
dddctl: dddctl.o util.o dnssec.o parse.o base64.o ent.o raxfr.o tsig.o region.o imsg-buffer.o imsg.o sign.o query.o
$(CC) $(CFLAGS) -o dddctl/dddctl dddctl.o util.o dnssec.o base64.o parse.o ent.o db.o raxfr.o tsig.o region.o imsg-buffer.o imsg.o sign.o query.o $(LDADD)
@@ -85,6 +85,9 @@ raxfr.o: raxfr.c
forward.o: forward.c
$(CC) $(CFLAGS) -c forward.c
+
+cache.o: cache.c
+ $(CC) $(CFLAGS) -c cache.c
install: install-delphinusdnsd install-dddctl
blob - 33ffb46d28deb5f7d2833dfc416012c8e51c736f
blob + 9a3e4a702e3e39cc0913630887c4a3895bccf27d
--- axfr.c
+++ axfr.c
@@ -27,7 +27,7 @@
*/
/*
- * $Id: axfr.c,v 1.45 2020/06/29 16:54:47 pjp Exp $
+ * $Id: axfr.c,v 1.46 2020/07/08 12:29:02 pjp Exp $
*/
#include <sys/types.h>
@@ -531,7 +531,7 @@ axfrloop(int *afd, int sockcount, char **ident, ddDB *
if (n == 0) {
/* child died? */
- dolog(LOG_INFO, "sigpipe on child? exiting.\n");
+ dolog(LOG_INFO, "sigpipe on child? AXFR process exiting.\n");
exit(1);
}
@@ -1102,7 +1102,6 @@ axfr_connection(int so, char *address, int is_ipv6, dd
build_reply(&sreply, so, (p + 2), dnslen, fq, NULL, 0, rbt2, NULL, 0xff, 1, 0, replybuf);
outlen = create_anyreply(&sreply, (reply + 2), 65535, outlen, 0);
if (rbt2) {
- free(rbt2);
rbt2 = NULL;
}
free_question(fq);
@@ -1157,11 +1156,9 @@ axfr_connection(int so, char *address, int is_ipv6, dd
memset(&key, 0, sizeof(key));
memset(&data, 0, sizeof(data));
if (rbt) {
- free(rbt);
rbt = NULL;
}
if (rbt2) {
- free(rbt2);
rbt2 = NULL;
}
} /* RB_FOREACH */
@@ -1208,17 +1205,14 @@ drop:
}
if (rbt) {
- free (rbt);
rbt = NULL;
}
if (rbt2) {
- free (rbt2);
rbt2 = NULL;
}
if (saverbt) {
- free (saverbt);
saverbt = NULL;
}
@@ -1421,7 +1415,6 @@ checklabel(ddDB *db, struct rbtree *rbt, struct rbtree
plen -= (*p + 1);
p = (p + (*p + 1));
- free(tmprbt);
continue;
}
@@ -1431,7 +1424,6 @@ checklabel(ddDB *db, struct rbtree *rbt, struct rbtree
*/
if ((rrset = find_rr(tmprbt, DNS_TYPE_SOA)) != NULL) {
- free (tmprbt);
return (0);
}
@@ -1443,7 +1435,6 @@ checklabel(ddDB *db, struct rbtree *rbt, struct rbtree
plen -= (*p + 1);
p = (p + (*p + 1));
- free(tmprbt);
} while (memcmp(p, q->hdr->name, q->hdr->namelen) != 0);
blob - /dev/null
blob + 22c0019e1c39867ebf759a7997e37c0c2261c6e3 (mode 644)
--- /dev/null
+++ cache.c
@@ -0,0 +1,785 @@
+/*
+ * Copyright (c) 2020 Peter J. Philipp
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the author may not be used to endorse or promote products
+ * derived from this software without specific prior written permission
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
+ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+ * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+/*
+ * $Id: cache.c,v 1.1 2020/07/08 12:29:02 pjp Exp $
+ */
+
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <sys/queue.h>
+#include <sys/uio.h>
+#include <sys/select.h>
+
+#include <netinet/in.h>
+#include <arpa/inet.h>
+#include <netdb.h>
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <stdint.h>
+#include <string.h>
+#include <errno.h>
+#include <syslog.h>
+
+#include <unistd.h>
+#include <imsg.h>
+
+#ifdef __linux__
+#include <grp.h>
+#define __USE_BSD 1
+#include <endian.h>
+#include <bsd/stdlib.h>
+#include <bsd/string.h>
+#include <bsd/unistd.h>
+#include <bsd/sys/queue.h>
+#define __unused
+#include <bsd/sys/tree.h>
+#include <bsd/sys/endian.h>
+#include "imsg.h"
+#else /* not linux */
+#include <sys/queue.h>
+#include <sys/tree.h>
+#ifdef __FreeBSD__
+#include <sys/endian.h>
+#include "imsg.h"
+#else
+#include <imsg.h>
+#endif /* __FreeBSD__ */
+#endif /* __linux__ */
+
+#ifndef NTOHS
+#include "endian.h"
+#endif
+
+#include <openssl/hmac.h>
+
+#include "ddd-dns.h"
+#include "ddd-db.h"
+
+
+extern void dolog(int, char *, ...);
+extern char * expand_compression(u_char *, u_char *, u_char *, u_char *, int *, int);
+extern void pack(char *, char *, int);
+extern void pack16(char *, u_int16_t);
+extern void unpack(char *, char *, int);
+extern uint16_t unpack16(char *);
+extern uint32_t unpack32(char *);
+
+
+extern int debug, verbose;
+extern int tsig;
+extern int dnssec;
+extern int cache;
+
+int cacheit(u_char *, u_char *, u_char *, struct imsgbuf *, int);
+struct scache * build_cache(u_char *, u_char *, u_char *, uint16_t, char *, int, uint32_t, uint16_t, struct imsgbuf *, int);
+void transmit_rr(struct scache *, void *, int);
+
+
+int cache_a(struct scache *);
+int cache_aaaa(struct scache *);
+int cache_cname(struct scache *);
+int cache_ns(struct scache *);
+int cache_ptr(struct scache *);
+int cache_mx(struct scache *);
+int cache_txt(struct scache *);
+int cache_dnskey(struct scache *);
+int cache_rrsig(struct scache *);
+int cache_nsec3param(struct scache *);
+int cache_nsec3(struct scache *);
+int cache_ds(struct scache *);
+int cache_sshfp(struct scache *);
+int cache_tlsa(struct scache *);
+int cache_srv(struct scache *);
+int cache_naptr(struct scache *);
+int cache_soa(struct scache *);
+
+
+/* The following alias helps with bounds checking all input, needed! */
+
+#define BOUNDS_CHECK(cur, begin, rdlen, end) do { \
+ if ((cur - begin) > rdlen) { \
+ return -1; \
+ } \
+ if (cur > end) \
+ return -1; \
+} while (0)
+
+static struct cache_logic supported_cache[] = {
+ { DNS_TYPE_A, 0, cache_a },
+ { DNS_TYPE_NS, 0, cache_ns },
+ { DNS_TYPE_MX, 0, cache_mx },
+ { DNS_TYPE_PTR, 0, cache_ptr },
+ { DNS_TYPE_AAAA, 0, cache_aaaa },
+ { DNS_TYPE_CNAME, 0, cache_cname },
+ /* { DNS_TYPE_TXT, 0, cache_txt }, */
+ { DNS_TYPE_DNSKEY, 1, cache_dnskey },
+ { DNS_TYPE_RRSIG, 1, cache_rrsig },
+ { DNS_TYPE_NSEC3PARAM, 1, cache_nsec3param },
+ { DNS_TYPE_NSEC3, 1, cache_nsec3 },
+ { DNS_TYPE_DS, 1, cache_ds },
+ { DNS_TYPE_SSHFP, 0, cache_sshfp },
+ { DNS_TYPE_TLSA, 0, cache_tlsa },
+ { DNS_TYPE_SRV, 0, cache_srv },
+ /* { DNS_TYPE_NAPTR, 0, cache_naptr }, */
+ { 0, 0, NULL }
+};
+
+
+
+
+struct scache *
+build_cache(u_char *payload, u_char *estart, u_char *end, uint16_t rdlen, char *name, int namelen, uint32_t dnsttl, uint16_t dnstype, struct imsgbuf *imsgbuf, int fd)
+{
+ static struct scache ret;
+
+ memset(&ret, 0, sizeof(ret));
+ ret.payload = payload;
+ ret.estart = estart;
+ ret.end = end;
+ ret.rdlen = rdlen;
+ ret.name = name;
+ ret.namelen = namelen;
+ ret.dnsttl = dnsttl;
+ ret.rrtype = dnstype;
+ ret.imsgbuf = imsgbuf;
+ ret.fd = fd;
+
+ return (&ret);
+}
+
+void
+transmit_rr(struct scache *scache, void *rr, int rrsize)
+{
+ struct rr_imsg ri;
+
+ memset(&ri, 0, sizeof(ri));
+ memcpy(&ri.name, scache->name, sizeof(ri.name));
+ ri.namelen = scache->namelen;
+
+ ri.ttl = scache->dnsttl;
+ ri.rrtype = scache->rrtype;
+
+ memcpy(&ri.un, rr, rrsize);
+ ri.unlen = rrsize;
+
+ imsg_compose(scache->imsgbuf, IMSG_RR_ATTACHED, 0, 0, -1, (void*)&ri, sizeof(ri));
+ msgbuf_write(&scache->imsgbuf->w);
+}
+
+int
+cacheit(u_char *payload, u_char *estart, u_char *end, struct imsgbuf *imsgbuf, int fd)
+{
+ struct dns_header *dh = (struct dns_header *)payload;
+ struct scache *scache;
+ char expand[DNS_MAXNAME + 1];
+ int elen, i, x;
+ int rlen = (end - estart);
+ u_char *pb, *p = (char *)&dh[1];
+
+ uint16_t rrtype;
+ uint16_t rdlen;
+ uint32_t rrttl;
+
+ struct cache_logic *cr;
+
+
+ elen = 0,
+ memset(&expand, 0, sizeof(expand));
+
+ pb = expand_compression(p, estart, end, (u_char *)&expand, &elen, sizeof
+(expand));
+ if (pb == NULL) {
+ dolog(LOG_INFO, "expand_compression() failed in cacheit 1");
+ return (-1);
+ }
+
+ i = (pb - estart);
+
+ if (i > rlen) {
+ dolog(LOG_INFO, "expand_compression() failed in cacheit 2");
+ return (-1);
+ }
+
+ rrtype = ntohs(unpack16(pb));
+
+ /* caching and ANY question is a nono */
+ if (rrtype == DNS_TYPE_ANY) {
+ return -1;
+ }
+
+ pb += 4; /* skip type and class */
+
+ for (x = 0; x < ntohs(dh->answer) + ntohs(dh->additional); x++) {
+ elen = 0;
+ memset(&expand, 0, sizeof(expand));
+ pb = expand_compression(pb, estart, end, (u_char *)&expand, &elen, sizeof(expand));
+ if (pb == NULL) {
+ dolog(LOG_INFO, "expand_compression() failed in cacheit 3");
+ return (-1);
+ }
+
+ i = (pb - estart);
+
+ if (i > rlen) {
+ dolog(LOG_INFO, "expand_compression() failed in cacheit 4");
+ return (-1);
+ }
+
+ /* bounds check the rest of the RR to the RDATA */
+ if (pb + 10 >= end) {
+ dolog(LOG_INFO, "malformed reply, drop\n");
+ return -1;
+ }
+
+ rrtype = ntohs(unpack16(pb));
+ rrttl = ntohl(unpack32(pb + 4));
+ rdlen = ntohs(unpack16(pb + 8));
+
+ pb += 10; /* skip answerd */
+
+ scache = build_cache(pb, estart, end, rdlen, expand, elen, rrttl, rrtype, imsgbuf, fd);
+
+ for (cr = supported_cache; cr->rrtype != 0; cr++) {
+ if (rrtype == cr->rrtype) {
+ if ((*cr->cacheit)(scache) < 0) {
+ dolog(LOG_INFO, "error parsing cache with rrtype %d\n", rrtype);
+ }
+
+ break;
+ }
+ }
+
+ pb += rdlen;
+
+ } /* for(x ... */
+
+
+ return (0);
+}
+
+int
+cache_rrsig(struct scache *scache)
+{
+ struct rrsig rs;
+ char *save;
+ u_char *q = scache->payload;
+ u_char expand[256];
+ int max = sizeof(expand);
+ int elen = 0;
+ u_int16_t tmp;
+ uint16_t rdlen = scache->rdlen;
+ u_int32_t tmp4;
+ u_char *p = q;
+
+ BOUNDS_CHECK((q + 2), scache->payload, scache->rdlen, scache->end);
+ tmp = unpack16(q);
+ rs.type_covered = ntohs(tmp);
+ q += 2;
+ BOUNDS_CHECK((q + 1), scache->payload, scache->rdlen, scache->end);
+ rs.algorithm = *q++;
+ BOUNDS_CHECK((q + 1), scache->payload, scache->rdlen, scache->end);
+ rs.labels = *q++;
+ BOUNDS_CHECK((q + 4), scache->payload, scache->rdlen, scache->end);
+ tmp4 = unpack32(q);
+ rs.original_ttl = ntohl(tmp4);
+ q += 4;
+ BOUNDS_CHECK((q + 4), scache->payload, scache->rdlen, scache->end);
+ tmp4 = unpack32(q);
+ rs.signature_expiration = ntohl(tmp4);
+ q += 4;
+ BOUNDS_CHECK((q + 4), scache->payload, scache->rdlen, scache->end);
+ tmp4 = unpack32(q);
+ rs.signature_inception = ntohl(tmp4);
+ q += 4;
+ BOUNDS_CHECK((q + 2), scache->payload, scache->rdlen, scache->end);
+ tmp = unpack16(q);
+ rs.key_tag = ntohs(tmp);
+ q += 2;
+
+ memset(&expand, 0, sizeof(expand));
+ save = expand_compression(q, scache->estart, scache->end, (u_char *)&expand, &elen, max);
+ if (save == NULL) {
+ fprintf(stderr, "expanding compression failure 2\n");
+ return -1;
+ } else {
+ q = save;
+ }
+
+ memcpy(&rs.signers_name, expand, elen);
+ rs.signame_len = elen;
+
+ rs.signature_len = (rdlen - (q - p));
+
+ if (rs.signature_len > sizeof(rs.signature))
+ return -1;
+ memcpy(&rs.signature, q, rs.signature_len);
+ q += rs.signature_len;
+
+ transmit_rr(scache, &rs, sizeof(rs));
+
+ return (q - scache->estart);
+}
+
+int
+cache_ds(struct scache *scache)
+{
+ struct ds d;
+ u_int16_t tmpshort;
+ uint16_t rdlen = scache->rdlen;
+ u_char *p = scache->payload;
+ u_char *q = p;
+
+ BOUNDS_CHECK((scache->payload + 2), q, scache->rdlen, scache->end);
+ tmpshort = unpack16(p);
+ d.key_tag = ntohs(tmpshort);
+ p += 2;
+ BOUNDS_CHECK((scache->payload + 1), q, scache->rdlen, scache->end);
+ d.algorithm = *p++;
+ BOUNDS_CHECK((scache->payload + 1), q, scache->rdlen, scache->end);
+ d.digest_type = *p++;
+
+ if ((rdlen - 4) < 0)
+ return -1;
+ d.digestlen = (rdlen - 4);
+ if (d.digestlen > sizeof(d.digest))
+ return -1;
+ memcpy(&d.digest, p, d.digestlen);
+ p += d.digestlen;
+
+
+ transmit_rr(scache, &d, sizeof(d));
+
+ return (p - scache->estart);
+}
+
+int
+cache_sshfp(struct scache *scache)
+{
+ struct sshfp s;
+ uint16_t rdlen = scache->rdlen;
+ u_char *p = scache->payload;
+ u_char *q = p;
+
+ BOUNDS_CHECK((scache->payload + 1), q, scache->rdlen, scache->end);
+ s.algorithm = *p++;
+ BOUNDS_CHECK((scache->payload + 1), q, scache->rdlen, scache->end);
+ s.fptype = *p++;
+
+ if (rdlen - 2 < 0)
+ return -1;
+
+ s.fplen = (rdlen - 2);
+ if (s.fplen > sizeof(s.fingerprint))
+ return -1;
+
+ memcpy(&s.fingerprint, p, s.fplen);
+ p += s.fplen;
+
+ transmit_rr(scache, &s, sizeof(s));
+
+ return (p - scache->estart);
+}
+
+int
+cache_dnskey(struct scache *scache)
+{
+ struct dnskey dk;
+ u_int16_t tmpshort;
+ uint16_t rdlen = scache->rdlen;
+ u_char *p = scache->payload;
+ u_char *q = p;
+
+ BOUNDS_CHECK((scache->payload + 2), q, scache->rdlen, scache->end);
+ tmpshort = unpack16(p);
+ dk.flags = ntohs(tmpshort);
+ p += 2;
+ BOUNDS_CHECK((scache->payload + 1), q, scache->rdlen, scache->end);
+ dk.protocol = *p++;
+ BOUNDS_CHECK((scache->payload + 1), q, scache->rdlen, scache->end);
+ dk.algorithm = *p++;
+
+ if (rdlen - 4 < 0)
+ return -1;
+ dk.publickey_len = (rdlen - 4);
+ if (dk.publickey_len > sizeof(dk.public_key))
+ return -1;
+
+ memcpy(&dk.public_key, p, dk.publickey_len);
+ p += dk.publickey_len;
+
+ transmit_rr(scache, &dk, sizeof(dk));
+
+ return (p - scache->estart);
+}
+
+
+int
+cache_mx(struct scache *scache)
+{
+ struct smx mx;
+ u_int16_t mxpriority;
+ char *save;
+ u_char *p = scache->payload;
+ u_char *q = p;
+ u_char expand[256];
+ int max = sizeof(expand);
+ int elen = 0;
+
+ BOUNDS_CHECK((q + 2), scache->payload, scache->rdlen, scache->end);
+ mxpriority = unpack16(q);
+
+ q += 2;
+
+ memset(&expand, 0, sizeof(expand));
+ save = expand_compression(q, scache->estart, scache->end, (u_char *)&expand, &elen, max);
+ if (save == NULL) {
+ fprintf(stderr, "expanding compression failure 2\n");
+ return -1;
+ } else {
+ q = save;
+ }
+
+ memcpy(&mx.exchange, expand, sizeof(mx.exchange));
+ mx.exchangelen = elen;
+ mx.preference = mxpriority;
+
+ transmit_rr(scache, &mx, sizeof(mx));
+
+ return (q - scache->estart);
+}
+
+int
+cache_ptr(struct scache *scache)
+{
+ return (cache_ns(scache));
+}
+
+int
+cache_nsec3(struct scache *scache)
+{
+ struct nsec3 n;
+ u_char *p = scache->payload;
+ uint16_t rdlen = scache->rdlen;
+ u_int16_t iter;
+ u_char *brr = scache->payload; /* begin of rd record :-) */
+
+ BOUNDS_CHECK((scache->payload + 1), brr, scache->rdlen, scache->end);
+ n.algorithm = *p++;
+ BOUNDS_CHECK((scache->payload + 1), brr, scache->rdlen, scache->end);
+ n.flags = *p++;
+
+ BOUNDS_CHECK((scache->payload + 2), brr, scache->rdlen, scache->end);
+ iter = unpack16(p);
+ n.iterations = ntohs(iter);
+ p += 2;
+
+ BOUNDS_CHECK((scache->payload + 1), brr, scache->rdlen, scache->end);
+ n.saltlen = *p++;
+ memcpy(&n.salt, p, n.saltlen);
+ p += n.saltlen;
+
+ BOUNDS_CHECK((scache->payload + 1), brr, scache->rdlen, scache->end);
+ n.nextlen = *p++;
+ memcpy(&n.next, p, n.nextlen);
+ p += n.nextlen;
+
+
+ if (((rdlen - (p - brr)) + 1) < 0)
+ return -1;
+
+ /* XXX */
+ n.bitmap_len = (rdlen - (p - brr));
+ if (n.bitmap_len > sizeof(n.bitmap))
+ return -1;
+
+ memcpy(&n.bitmap, p, n.bitmap_len);
+ p += n.bitmap_len;
+
+ transmit_rr(scache, &n, sizeof(n));
+
+ return (p - scache->estart);
+}
+
+int
+cache_nsec3param(struct scache *scache)
+{
+ struct nsec3param np;
+ u_int16_t iter;
+ u_char *p = scache->payload;
+ u_char *q = scache->payload;
+
+ BOUNDS_CHECK((scache->payload + 1), q, scache->rdlen, scache->end);
+ np.algorithm = *p++;
+ BOUNDS_CHECK((scache->payload + 1), q, scache->rdlen, scache->end);
+ np.flags = *p++;
+ BOUNDS_CHECK((scache->payload + 2), q, scache->rdlen, scache->end);
+ iter = unpack16(p);
+ np.iterations = ntohs(iter);
+ p += 2;
+ BOUNDS_CHECK((scache->payload + 1), q, scache->rdlen, scache->end);
+ np.saltlen = *p++;
+ BOUNDS_CHECK((scache->payload + np.saltlen), q, scache->rdlen, scache->end);
+ memcpy(&np.salt, p, np.saltlen);
+ p += np.saltlen;
+
+ transmit_rr(scache, &np, sizeof(np));
+
+ return (p - scache->estart);
+}
+
+
+int
+cache_txt(struct scache *scache)
+{
+ u_int8_t len;
+ int i;
+ uint16_t rdlen = scache->rdlen;
+ u_char *p = scache->payload;
+ u_char *q = p;
+
+ /* we won't cache txts, for now */
+ return -1;
+
+ BOUNDS_CHECK(scache->payload, q, scache->rdlen, scache->end);
+ len = rdlen;
+
+ for (i = 0; i < rdlen; i++) {
+ if (i % 256 == 0)
+ continue;
+
+ }
+
+ p += i;
+
+ return (p - scache->estart);
+}
+
+int
+cache_ns(struct scache *scache)
+{
+ struct ns nsi;
+ char *save;
+ u_char *p = scache->payload;
+ u_char *q = p;
+ u_char expand[256];
+ int max = sizeof(expand);
+ int elen = 0;
+
+ memset(&expand, 0, sizeof(expand));
+ save = expand_compression(q, scache->estart, scache->end, (u_char *)&expand, &elen, max);
+ if (save == NULL) {
+ fprintf(stderr, "expanding compression failure 2\n");
+ return -1;
+ } else {
+ q = save;
+ }
+
+ memcpy(&nsi.nsserver, expand, sizeof(nsi.nsserver));
+ nsi.nslen = elen;
+
+ transmit_rr(scache, &nsi, sizeof(nsi));
+
+ return (q - scache->estart);
+}
+
+int
+cache_cname(struct scache *scache)
+{
+ return (cache_ns(scache));
+}
+
+
+int
+cache_aaaa(struct scache *scache)
+{
+ struct aaaa aaaa;
+ struct in6_addr ia;
+ u_char *p = scache->payload;
+ u_char *q = p;
+
+ BOUNDS_CHECK((scache->payload + sizeof(ia)), q, scache->rdlen, scache->end);
+ unpack((char *)&ia, p, sizeof(struct in6_addr));
+ p += sizeof(ia);
+
+
+ memcpy(&aaaa.aaaa, &ia, sizeof(aaaa.aaaa));
+ transmit_rr(scache, &aaaa, sizeof(aaaa));
+
+ return (p - scache->estart);
+}
+
+int
+cache_a(struct scache *scache)
+{
+ struct in_addr ia;
+ u_char *p = scache->payload;
+ u_char *q = p;
+ struct a ar;
+
+ BOUNDS_CHECK((scache->payload + sizeof(ia)), q, scache->rdlen, scache->end);
+ ar.a = unpack32(p);
+ p += sizeof(ia);
+
+ // memcpy(&ar.a, &ia, sizeof(ar.a));
+
+ transmit_rr(scache, &ar, sizeof(ar));
+
+ return (p - scache->estart);
+}
+
+int
+cache_tlsa(struct scache *scache)
+{
+ struct tlsa t;
+ u_char *p = scache->payload;
+ u_char *q = p;
+ uint16_t rdlen = scache->rdlen;
+
+ BOUNDS_CHECK((scache->payload + 1), q, scache->rdlen, scache->end);
+ t.usage = *p++;
+ BOUNDS_CHECK((scache->payload + 1), q, scache->rdlen, scache->end);
+ t.selector = *p++;
+ BOUNDS_CHECK((scache->payload + 1), q, scache->rdlen, scache->end);
+ t.matchtype = *p++;
+
+ if (rdlen - 3 < 0)
+ return -1;
+
+ t.datalen = (rdlen - 3);
+
+ if (t.datalen > sizeof(t.data))
+ return -1;
+
+ memcpy(&t.data, p, t.datalen);
+ p += t.datalen;
+
+
+ transmit_rr(scache, &t, sizeof(t));
+
+ return (p - scache->estart);
+}
+
+int
+cache_srv(struct scache *scache)
+{
+ u_int16_t tmp16;
+ struct srv s;
+ char *save;
+ u_char *p = scache->payload;
+ u_char *q = p;
+ u_char expand[256];
+ int max = sizeof(expand);
+ int elen = 0;
+
+ BOUNDS_CHECK((q + 2), scache->payload, scache->rdlen, scache->end);
+ tmp16 = unpack16(q);
+ s.priority = ntohs(tmp16);
+ q += 2;
+ BOUNDS_CHECK((q + 2), scache->payload, scache->rdlen, scache->end);
+ tmp16 = unpack16(q);
+ s.weight = ntohs(tmp16);
+ q += 2;
+ BOUNDS_CHECK((q + 2), scache->payload, scache->rdlen, scache->end);
+ tmp16 = unpack16(q);
+ s.port = ntohs(tmp16);
+ q += 2;
+
+ memset(&expand, 0, sizeof(expand));
+ save = expand_compression(q, scache->estart, scache->end, (u_char *)&expand, &elen, max);
+ if (save == NULL) {
+ fprintf(stderr, "expanding compression failure 2\n");
+ return -1;
+ } else {
+ q = save;
+ }
+
+ memcpy(&s.target, expand, sizeof(s.target));
+
+ transmit_rr(scache, &s, sizeof(s));
+
+ return (q - scache->estart);
+}
+
+int
+cache_naptr(struct scache *scache)
+{
+ u_int16_t tmp16;
+ struct naptr n;
+ char *save;;
+ u_char *p = scache->payload;
+ u_char *q = p;
+ u_char expand[256];
+ int max = sizeof(expand);
+ int elen = 0;
+ int len, i;
+
+
+ /* we won't cache naptr either for now */
+ return -1;
+ BOUNDS_CHECK((q + 2), scache->payload, scache->rdlen, scache->end);
+ tmp16 = unpack16(q);
+ n.order = ntohs(tmp16);
+ q += 2;
+ BOUNDS_CHECK((q + 2), scache->payload, scache->rdlen, scache->end);
+ tmp16 = unpack16(q);
+ n.preference = ntohs(tmp16);
+ q += 2;
+
+
+ /* flags */
+ BOUNDS_CHECK((q + 1), scache->payload, scache->rdlen, scache->end);
+ len = *q;
+ q++;
+
+ /* services */
+ BOUNDS_CHECK((q + 1), scache->payload, scache->rdlen, scache->end);
+ len = *q;
+ q++;
+
+ /* regexp */
+ BOUNDS_CHECK((q + 1), scache->payload, scache->rdlen, scache->end);
+ len = *q;
+ q++;
+
+ for (i = 0; i < len; i++) {
+ BOUNDS_CHECK((q + 1), scache->payload, scache->rdlen, scache->end);
+ }
+
+ memset(&expand, 0, sizeof(expand));
+ save = expand_compression(q, scache->estart, scache->end, (u_char *)&expand, &elen, max);
+ if (save == NULL) {
+ fprintf(stderr, "expanding compression failure 2\n");
+ return -1;
+ } else {
+ q = save;
+ }
+
+ return (q - scache->estart);
+}
blob - 2ec09c49e5e617283ec7519485f02b0c43faccc9
blob + 866e25b34fd845ad68b572f55286b2fb21919680
--- db.c
+++ db.c
@@ -27,11 +27,13 @@
*/
/*
- * $Id: db.c,v 1.19 2020/07/06 07:17:40 pjp Exp $
+ * $Id: db.c,v 1.20 2020/07/08 12:29:02 pjp Exp $
*/
#include <sys/types.h>
#include <sys/socket.h>
+#include <sys/queue.h>
+#include <sys/tree.h>
#include <netinet/in.h>
#include <arpa/inet.h>
@@ -70,7 +72,8 @@ int add_rr(struct rbtree *rbt, char *name, int len, u_
int display_rr(struct rrset *rrset);
int rotate_rr(struct rrset *rrset);
void flag_rr(struct rbtree *rbt);
-int expire_rr(ddDB *, char *, int, u_int16_t);
+int expire_rr(ddDB *, char *, int, u_int16_t, time_t);
+int expire_db(ddDB *, int);
extern void dolog(int, char *, ...);
@@ -117,7 +120,6 @@ int
dddbput(ddDB *db, ddDBT *key, ddDBT *data)
{
struct node find, *n, *res;
- char *map;
strlcpy(find.domainname, key->data, sizeof(find.domainname));
find.len = key->size;
@@ -125,29 +127,26 @@ dddbput(ddDB *db, ddDBT *key, ddDBT *data)
res = RB_FIND(domaintree, &db->head, &find);
if (res == NULL) {
/* does not exist, create it */
-
- map = calloc(1, data->size);
- if (map == NULL) {
- return -1;
- }
-
n = calloc(sizeof(struct node), 1);
if (n == NULL) {
return -1;
}
- memset(n, 0, sizeof(struct node));
n->len = key->size;
memcpy(n->domainname, key->data, n->len);
- n->data = map;
+ n->data = data->data;
n->datalen = data->size;
- memcpy(map, data->data, data->size);
RB_INSERT(domaintree, &db->head, n);
} else {
if (res->datalen != data->size)
return -1;
- memcpy(res->data, data->data, res->datalen);
+ if (res->data != data->data)
+ free(res->data);
+
+ res->data = data->data;
+ RB_REMOVE(domaintree, &db->head, res);
+ RB_INSERT(domaintree, &db->head, res);
}
return 0;
@@ -182,10 +181,10 @@ dddbclose(ddDB *db)
struct rbtree *
create_rr(ddDB *db, char *name, int len, int type, void *rdata, uint32_t ttl)
{
+ ddDBT key, data;
struct rbtree *rbt = NULL;
struct rrset *rrset = NULL;
struct rr *myrr = NULL;
- ddDBT key, data;
char *humanname = NULL;
@@ -204,6 +203,18 @@ create_rr(ddDB *db, char *name, int len, int type, voi
rbt->flags &= ~RBT_DNSSEC; /* by default not dnssec'ed */
TAILQ_INIT(&rbt->rrset_head);
+
+ /* rb insert too */
+ memset(&key, 0, sizeof(key));
+ memset(&data, 0, sizeof(data));
+
+ key.data = (char *)name;
+ key.size = len;
+
+ data.data = (void *)rbt;
+ data.size = sizeof(struct rbtree);
+
+ db->put(db, &key, &data);
}
rrset = find_rr(rbt, type);
@@ -211,8 +222,6 @@ create_rr(ddDB *db, char *name, int len, int type, voi
rrset = (struct rrset *)calloc(1, sizeof(struct rrset));
if (! rrset){
perror("calloc");
-
- free(rbt);
return NULL;
}
@@ -230,22 +239,6 @@ create_rr(ddDB *db, char *name, int len, int type, voi
} else
rrset->created = time(NULL);
-
- /* save this new rbtree (it changed) */
-
- memset(&key, 0, sizeof(key));
- memset(&data, 0, sizeof(data));
-
- key.data = (char *)name;
- key.size = len;
-
- data.data = (void*)rbt;
- data.size = sizeof(struct rbtree);
-
- if (db->put(db, &key, &data) != 0) {
- return NULL;
- }
-
/* this sets up the RR */
myrr = (struct rr *)calloc(1, sizeof(struct rr));
@@ -254,7 +247,14 @@ create_rr(ddDB *db, char *name, int len, int type, voi
return NULL;
}
- myrr->rdata = rdata;
+ switch (type) {
+ case DNS_TYPE_A:
+ myrr->rdata = (struct a *)rdata;
+ break;
+ default:
+ myrr->rdata = rdata;
+ break;
+ }
myrr->changed = time(NULL);
rrset->ttl = ttl;
@@ -274,7 +274,6 @@ create_rr(ddDB *db, char *name, int len, int type, voi
struct rbtree *
find_rrset(ddDB *db, char *name, int len)
{
- static struct rbtree *rb;
ddDBT key, data;
if (name == NULL || len == 0)
@@ -290,13 +289,7 @@ find_rrset(ddDB *db, char *name, int len)
return (NULL);
}
- if ((rb = calloc(1, sizeof(struct rbtree))) == NULL)
- return NULL;
-
-
- memcpy((char *)rb, (char *)data.data, sizeof(struct rbtree));
-
- return (rb);
+ return ((struct rbtree *)data.data);
}
@@ -341,16 +334,13 @@ add_rr(struct rbtree *rbt, char *name, int len, u_int1
}
int
-expire_rr(ddDB *db, char *name, int len, u_int16_t rrtype)
+expire_rr(ddDB *db, char *name, int len, u_int16_t rrtype, time_t now)
{
struct rbtree *rbt = NULL;
struct rrset *rp;
- struct rr *rt = NULL, *rt1 = NULL, *rt2 = NULL;
- time_t now;
+ struct rr *rt1 = NULL, *rt2 = NULL;
int count = 0;
- now = time(NULL);
-
rbt = find_rrset(db, name, len);
if (rbt == NULL) {
return 0;
@@ -361,14 +351,17 @@ expire_rr(ddDB *db, char *name, int len, u_int16_t rrt
return 0;
}
+#if 0
rt = TAILQ_FIRST(&rp->rr_head);
if (rt == NULL)
return 0;
+#endif
/* expire these */
if (rrtype != DNS_TYPE_RRSIG) {
if (difftime(now, rp->created) >= rp->ttl) {
count = 0;
+
TAILQ_FOREACH_SAFE(rt1, &rp->rr_head, entries, rt2) {
TAILQ_REMOVE(&rp->rr_head, rt1, entries);
free(rt1->rdata);
@@ -376,24 +369,66 @@ expire_rr(ddDB *db, char *name, int len, u_int16_t rrt
count++;
}
+ TAILQ_REMOVE(&rbt->rrset_head, rp, entries);
+ free(rp);
+
return (count);
}
} else {
- struct rrsig *rrsig = (struct rrsig *)rt->rdata;
-
- if (difftime(now, rrsig->created) >= rrsig->ttl) {
- count = 0;
- TAILQ_FOREACH_SAFE(rt1, &rp->rr_head, entries, rt2) {
+ count = 0;
+ TAILQ_FOREACH_SAFE(rt1, &rp->rr_head, entries, rt2) {
+ struct rrsig *rrsig = (struct rrsig *)rt1->rdata;
+ if (difftime(now, rrsig->created) >= rrsig->ttl) {
TAILQ_REMOVE(&rp->rr_head, rt1, entries);
free(rt1->rdata);
free(rt1);
count++;
}
- return (count);
}
+
+ if (TAILQ_EMPTY(&rp->rr_head)) {
+ TAILQ_REMOVE(&rbt->rrset_head, rp, entries);
+ free(rp);
+ }
+
+ return (count);
}
return 0;
+}
+
+int
+expire_db(ddDB *db, int all)
+{
+ struct node *walk, *walk0;
+ struct rbtree *rbt = NULL;
+ struct rrset *rp, *rp0;
+ int totalcount = 0, count = 0;
+ time_t now;
+
+ if (all == 0)
+ now = time(NULL);
+ else
+#if __OpenBSD__
+ now = 67768036191673199;
+#else
+ now = 2147483647;
+#endif
+
+ RB_FOREACH_SAFE(walk, domaintree, &db->head, walk0) {
+ rbt = (struct rbtree *)walk->data;
+ if (rbt == NULL)
+ continue;
+
+ TAILQ_FOREACH_SAFE(rp, &rbt->rrset_head, entries, rp0) {
+ count = expire_rr(db, rbt->zone, rbt->zonelen, \
+ rp->rrtype, now);
+
+ totalcount += count;
+ }
+ }
+
+ return (totalcount);
}
struct rrset *
blob - fb5f89fa4ed2c8e5a06b96f8254aef9fe1401adc
blob + 73c44f9575948ea6e7166ad447f3d47ec7b579bf
--- ddd-db.h
+++ ddd-db.h
@@ -27,7 +27,7 @@
*/
/*
- * $Id: ddd-db.h,v 1.39 2020/07/06 07:17:40 pjp Exp $
+ * $Id: ddd-db.h,v 1.40 2020/07/08 12:29:02 pjp Exp $
*/
#ifndef _DB_H
@@ -63,6 +63,7 @@
#define IMSG_CRIPPLE_NEURON 11 /* no new neurons are needed */
#define IMSG_FORWARD_UDP 12 /* forward a UDP packet */
#define IMSG_FORWARD_TCP 13 /* forward a TCP packet (with fd) */
+#define IMSG_RR_ATTACHED 14 /* an RR is sent through imsg */
#define ERR_DROP 0x1
#define ERR_NXDOMAIN 0x2
@@ -324,7 +325,7 @@ struct rbtree {
#define RBT_GLUE 0x4 /* this rbtree entry is GLUE data */
- TAILQ_HEAD(, rrset) rrset_head;
+ TAILQ_HEAD(rrseth, rrset) rrset_head;
};
struct rrtab {
@@ -421,10 +422,28 @@ struct rzone {
struct raxfr_logic {
int rrtype;
int dnssec;
- int (*raxfr)(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
+ int (*raxfr)(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
};
+struct scache {
+ u_char *payload;
+ u_char *estart;
+ u_char *end;
+ uint16_t rdlen;
+ char *name;
+ int namelen;
+ uint32_t dnsttl;
+ uint16_t rrtype;
+ struct imsgbuf *imsgbuf;
+ int fd;
+};
+struct cache_logic {
+ int rrtype;
+ int dnssec;
+ int (*cacheit)(struct scache *);
+};
+
/* reply logic */
struct reply_logic {
@@ -440,6 +459,53 @@ struct reply_logic {
#ifndef MIN
#define MIN(a,b) (((a) < (b))?(a):(b))
#endif
+
+struct rr_imsg {
+ char name[DNS_MAXNAME + 1];
+ int namelen;
+ uint16_t rrtype;
+ uint32_t ttl;
+
+ uint16_t unlen;
+ union {
+ struct dnskey dnskey;
+ struct rrsig rrsig;
+ struct nsec nsec;
+ struct nsec3 nsec3;
+ struct nsec3param nsec3param;
+ struct ds ds;
+ struct soa soa;
+ struct smx mx;
+ struct ns ns;
+ struct srv srv;
+ struct sshfp sshfp;
+ struct tlsa tlsa;
+ struct naptr naptr;
+ struct cname cname;
+ struct ptr ptr;
+ struct txt txt;
+ struct a a;
+ struct aaaa aaaa;
+ } un;
+#define ri_dnskey un.dnskey
+#define ri_rrsig un.rrsig
+#define ri_nsec un.nsec
+#define ri_nsec3 un.nsec3
+#define ri_nsec3param un.nsec3param
+#define ri_ds un.ds
+#define ri_soa un.soa
+#define ri_mx un.mx
+#define ri_ns un.ns
+#define ri_srv un.srv
+#define ri_sshfp un.sshfp
+#define ri_tlsa un.tlsa
+#define ri_naptr un.naptr
+#define ri_cname un.cname
+#define ri_ptr un.ptr
+#define ri_txt un.txt
+#define ri_a un.a
+#define ri_aaaa un.aaaa
+}; /* end of struct rr_imsg */
#endif /* _DB_H */
blob - 4241194cbe0cfa45ef9975bd61772c567e1e797b
blob + 83a9c10a554c0c0f85122a0f0c259656233d75a1
--- dddctl.c
+++ dddctl.c
@@ -27,7 +27,7 @@
*/
/*
- * $Id: dddctl.c,v 1.110 2020/07/06 07:17:40 pjp Exp $
+ * $Id: dddctl.c,v 1.111 2020/07/08 12:29:02 pjp Exp $
*/
#include <sys/types.h>
@@ -713,7 +713,6 @@ dump_db_bind(ddDB *db, FILE *of, char *zonename)
if (rbt->zonelen == rbt0->zonelen &&
memcasecmp(rbt->zone, rbt0->zone, rbt->zonelen) == 0) {
- free(rbt0);
continue;
}
@@ -722,7 +721,6 @@ dump_db_bind(ddDB *db, FILE *of, char *zonename)
return -1;
}
- free(rbt0);
j++;
}
@@ -1108,7 +1106,6 @@ count_db(ddDB *db)
count++;
}
}
- free(rbt);
}
printf("Records = %d , ", count);
blob - 524b5efd609e8e88606570befedcf2a06d0116ce
blob + 4431b2482a811a42b7b49f6d045599477ade77fb
--- delphinusdnsd/Makefile.freebsd
+++ delphinusdnsd/Makefile.freebsd
@@ -2,7 +2,7 @@
PROG=delphinusdnsd
-SRCS=delphinusdnsd.c parse.y reply.c additional.c region.c log.c axfr.c filter.c ratelimit.c whitelist.c base64.c dnssec.c util.c ent.c db.c imsg-buffer.c imsg.c tsig.c raxfr.c forward.c
+SRCS=delphinusdnsd.c parse.y reply.c additional.c region.c log.c axfr.c filter.c ratelimit.c whitelist.c base64.c dnssec.c util.c ent.c db.c imsg-buffer.c imsg.c tsig.c raxfr.c forward.c cache.c
CFLAGS= -Wall -g
CFLAGS+= -I${.CURDIR}/..
blob - 8d05d097cb18d517f8a4dccc7913337fb59a3674
blob + 779d700d816f7a9794f95f63efa3eb0d7699ebd6
--- delphinusdnsd/Makefile.netbsd
+++ delphinusdnsd/Makefile.netbsd
@@ -2,7 +2,7 @@
PROG=delphinusdnsd
-SRCS=delphinusdnsd.c parse.y reply.c additional.c region.c log.c axfr.c filter.c ratelimit.c whitelist.c base64.c dnssec.c util.c ent.c db.c imsg-buffer.c imsg.c tsig.c raxfr.c forward.c
+SRCS=delphinusdnsd.c parse.y reply.c additional.c region.c log.c axfr.c filter.c ratelimit.c whitelist.c base64.c dnssec.c util.c ent.c db.c imsg-buffer.c imsg.c tsig.c raxfr.c forward.c cache.c
CFLAGS= -g
CFLAGS+= -I${.CURDIR}/.. -I/usr/pkg/libressl/include
blob - 1b8c4e85a3248d8761e8ab8ae8c8adf9e354da2d
blob + 11d202088fd4ecc4ba7faa0d736a9f794ad57aea
--- delphinusdnsd/Makefile.openbsd
+++ delphinusdnsd/Makefile.openbsd
@@ -2,7 +2,7 @@
PROG=delphinusdnsd
-SRCS=delphinusdnsd.c parse.y reply.c additional.c region.c log.c axfr.c filter.c ratelimit.c whitelist.c base64.c dnssec.c util.c ent.c db.c tsig.c raxfr.c forward.c
+SRCS=delphinusdnsd.c parse.y reply.c additional.c region.c log.c axfr.c filter.c ratelimit.c whitelist.c base64.c dnssec.c util.c ent.c db.c tsig.c raxfr.c forward.c cache.c
#CFLAGS= -DDEBUG -g -Wall
CFLAGS= -Wall -g
blob - 2d02b1de37a8c416e8154f476919caa83c5b038b
blob + 8377026cb9f92ac91b184a1cb0c5fe424bf8572c
--- delphinusdnsd.c
+++ delphinusdnsd.c
@@ -27,7 +27,7 @@
*/
/*
- * $Id: delphinusdnsd.c,v 1.116 2020/07/06 07:17:40 pjp Exp $
+ * $Id: delphinusdnsd.c,v 1.117 2020/07/08 12:29:02 pjp Exp $
*/
@@ -94,6 +94,7 @@
/* prototypes */
+extern char *convert_name(char *, int);
extern void pack(char *, char *, int);
extern void pack32(char *, u_int32_t);
extern void pack16(char *, u_int16_t);
@@ -2060,7 +2061,6 @@ axfrentry:
case ERR_NODATA:
if (rbt1) {
- free(rbt1);
rbt1 = NULL;
}
@@ -2156,7 +2156,6 @@ forwardudp:
*/
if (rbt0) {
- free (rbt0);
rbt0 = NULL;
}
@@ -2303,11 +2302,9 @@ forwardudp:
free_question(question);
if (rbt0) {
- free (rbt0);
rbt0 = NULL;
}
if (rbt1) {
- free (rbt1);
rbt1 = NULL;
}
@@ -2318,12 +2315,10 @@ forwardudp:
drop:
if (rbt0) {
- free(rbt0);
rbt0 = NULL;
}
if (rbt1) {
- free(rbt1);
rbt1 = NULL;
}
@@ -2468,7 +2463,7 @@ setup_master(ddDB *db, char **av, char *socketpath, st
}
if (n == 0) {
/* child died? */
- dolog(LOG_INFO, "sigpipe on child? exiting.\n");
+ dolog(LOG_INFO, "sigpipe on child? delphinusdnsd master process exiting.\n");
exit(1);
}
@@ -3087,7 +3082,6 @@ tcploop(struct cfg *cfg, struct imsgbuf *ibuf, struct
break;
case ERR_NODATA:
if (rbt0) {
- free(rbt0);
rbt0 = NULL;
}
@@ -3192,11 +3186,9 @@ forwardtcp:
free_question(question);
if (rbt0) {
- free(rbt0);
rbt0 = NULL;
}
if (rbt1) {
- free (rbt1);
rbt1 = NULL;
}
TAILQ_REMOVE(&tcphead, tcpnp, tcpentries);
@@ -3220,7 +3212,6 @@ forwardtcp:
*/
if (rbt0) {
- free(rbt0);
rbt0 = NULL;
}
@@ -3388,11 +3379,9 @@ forwardtcp:
free_question(question);
if (rbt0) {
- free(rbt0);
rbt0 = NULL;
}
if (rbt1) {
- free (rbt1);
rbt1 = NULL;
}
@@ -3413,12 +3402,10 @@ forwardtcp:
drop:
if (rbt0) {
- free(rbt0);
rbt0 = NULL;
}
if (rbt1) {
- free(rbt1);
rbt1 = NULL;
}
@@ -3809,7 +3796,6 @@ determine_glue(ddDB *db)
{
struct rbtree *rbt, *rbt0;
struct rrset *rrset;
- ddDBT key, data;
int rs;
struct node *n, *nx;
int len;
@@ -3818,13 +3804,8 @@ determine_glue(ddDB *db)
RB_FOREACH_SAFE(n, domaintree, &db->head, nx) {
rs = n->datalen;
- if ((rbt = calloc(1, rs)) == NULL) {
- dolog(LOG_INFO, "calloc: %s\n", strerror(errno));
- exit(1);
- }
+ rbt = (struct rbtree *)n->data;
- memcpy((char *)rbt, (char *)n->data, n->datalen);
-
rrset = find_rr(rbt, DNS_TYPE_SOA);
if (rrset != NULL) {
have_soa = 1;
@@ -3834,7 +3815,6 @@ determine_glue(ddDB *db)
have_ns = 1;
}
- free(rbt);
}
if (! have_soa || ! have_ns) {
@@ -3845,89 +3825,38 @@ determine_glue(ddDB *db)
/* mark SOA's */
RB_FOREACH_SAFE(n, domaintree, &db->head, nx) {
rs = n->datalen;
- if ((rbt = calloc(1, rs)) == NULL) {
- dolog(LOG_INFO, "calloc: %s\n", strerror(errno));
- exit(1);
- }
+ rbt = (struct rbtree *)n->data;
- memcpy((char *)rbt, (char *)n->data, n->datalen);
-
rrset = find_rr(rbt, DNS_TYPE_SOA);
if (rrset == NULL) {
- free(rbt);
continue;
}
rbt->flags |= RBT_APEX;
-
- memset(&key, 0, sizeof(key));
- memset(&data, 0, sizeof(data));
-
- key.data = (char *)rbt->zone;
- key.size = rbt->zonelen;
-
- data.data = (void *)rbt;
- data.size = sizeof(struct rbtree);
-
- if (db->put(db, &key, &data) != 0) {
- dolog(LOG_INFO, "db->put failed\n");
- free(rbt);
- return -1;
- }
-
- free(rbt);
}
/* mark glue */
RB_FOREACH_SAFE(n, domaintree, &db->head, nx) {
rs = n->datalen;
- if ((rbt = calloc(1, rs)) == NULL) {
- dolog(LOG_INFO, "calloc: %s\n", strerror(errno));
- exit(1);
- }
+ rbt = (struct rbtree *)n->data;
- memcpy((char *)rbt, (char *)n->data, n->datalen);
-
if (rbt->flags & RBT_APEX) {
- free(rbt);
continue;
}
rrset = find_rr(rbt, DNS_TYPE_NS);
if (rrset == NULL) {
- free(rbt);
continue;
}
rbt->flags |= RBT_GLUE;
-
- memset(&key, 0, sizeof(key));
- memset(&data, 0, sizeof(data));
-
- key.data = (char *)rbt->zone;
- key.size = rbt->zonelen;
-
- data.data = (void *)rbt;
- data.size = sizeof(struct rbtree);
-
- if (db->put(db, &key, &data) != 0) {
- dolog(LOG_INFO, "db->put failed\n");
- free(rbt);
- return -1;
- }
-
- free(rbt);
}
+
RB_FOREACH_SAFE(n, domaintree, &db->head, nx) {
rs = n->datalen;
- if ((rbt = calloc(1, rs)) == NULL) {
- dolog(LOG_INFO, "calloc: %s\n", strerror(errno));
- exit(1);
- }
+ rbt = (struct rbtree *)n->data;
- memcpy((char *)rbt, (char *)n->data, n->datalen);
-
p = rbt->zone;
len = rbt->zonelen;
@@ -3935,7 +3864,6 @@ determine_glue(ddDB *db)
while (! (rbt0->flags & RBT_APEX)) {
if (rbt0->flags & RBT_GLUE) {
/* repeat */
- free(rbt0);
p = rbt->zone;
len = rbt->zonelen;
rbt0 = find_rrset(db, p, len);
@@ -3943,23 +3871,6 @@ determine_glue(ddDB *db)
while (!(rbt0->flags & RBT_GLUE)) {
rbt0->flags |= RBT_GLUE;
- memset(&key, 0, sizeof(key));
- memset(&data, 0, sizeof(data));
-
- key.data = (char *)p;
- key.size = len;
-
- data.data = (void *)rbt0;
- data.size = sizeof(struct rbtree);
-
- if (db->put(db, &key, &data) != 0) {
- dolog(LOG_INFO, "db->put failed\n");
- free(rbt);
- return -1;
- }
-
- free(rbt0);
-
len -= (*p + 1);
p += (*p + 1);
@@ -3973,7 +3884,6 @@ determine_glue(ddDB *db)
break;
}
- free(rbt0);
len -= (1 + *p);
p += (1 + *p);
@@ -3986,7 +3896,6 @@ determine_glue(ddDB *db)
}
}
- free(rbt);
}
return 0;
@@ -4079,7 +3988,7 @@ setup_cortex(struct imsgbuf *ibuf)
}
if (n == 0) {
/* child died? */
- dolog(LOG_INFO, "sigpipe on child? exiting.\n");
+ dolog(LOG_INFO, "sigpipe on child? delphinusdnsd cortex process exiting.\n");
exit(1);
}
@@ -4200,7 +4109,7 @@ setup_cortex(struct imsgbuf *ibuf)
}
if (n == 0) {
/* child died? */
- dolog(LOG_INFO, "sigpipe on child? exiting.\n");
+ dolog(LOG_INFO, "sigpipe on child? delphinusdnsd cortex process exiting.\n");
exit(1);
}
blob - 228689e509963fde761e40ed84aa577d8d13bca4
blob + 2e8753580ad4e71f631a48810396520697116751
--- dnssec.c
+++ dnssec.c
@@ -27,7 +27,7 @@
*/
/*
- * $Id: dnssec.c,v 1.26 2020/04/11 07:15:22 pjp Exp $
+ * $Id: dnssec.c,v 1.27 2020/07/08 12:29:02 pjp Exp $
*/
#include <sys/types.h>
@@ -397,7 +397,6 @@ find_nsec(char *name, int namelen, struct rbtree *rbt,
free (nsecname);
free (humanname);
free (table);
- free (rbt0);
return (NULL);
}
@@ -418,7 +417,6 @@ find_nsec(char *name, int namelen, struct rbtree *rbt,
free (nsecname);
free (humanname);
free (table);
- free (rbt0);
return (NULL);
}
table = tmp;
@@ -434,20 +432,17 @@ find_nsec(char *name, int namelen, struct rbtree *rbt,
memcpy(tmpname, ((struct nsec *)rrp->rdata)->next_domain_name, ((struct nsec *)rrp->rdata)->ndn_len);
tmplen = ((struct nsec *)rrp->rdata)->ndn_len;
- free (rbt0);
rbt0 = find_rrset(db, tmpname, tmplen);
if (rbt0 == NULL) {
free (humanname);
free (table);
- free (rbt0);
return (NULL);
}
if ((rrset = find_rr(rbt0, DNS_TYPE_NSEC)) == NULL) {
free (humanname);
free (table);
- free (rbt0);
return (NULL);
}
@@ -482,7 +477,6 @@ find_nsec(char *name, int namelen, struct rbtree *rbt,
/* free what we don't need */
free (humanname);
- free (rbt0);
backname = dns_label(dn->name, &backnamelen);
free (table);
@@ -491,7 +485,6 @@ find_nsec(char *name, int namelen, struct rbtree *rbt,
rbt0 = find_rrset(db, backname, backnamelen);
if (rbt0 == NULL) {
free (backname);
- free (rbt0);
return (NULL);
}
@@ -685,16 +678,12 @@ find_closest_encloser(ddDB *db, char *name, int namele
if ((rrset = find_rr(rbt, DNS_TYPE_NSEC3)) != NULL) {
plen -= (*p + 1);
p = (p + (*p + 1));
- free (rbt);
continue;
}
return (rbt);
} while (*p);
- if (rbt)
- free (rbt);
-
return NULL;
}
@@ -920,11 +909,9 @@ find_nsec3_match_closest(char *name, int namelen, stru
hashname = hash_name(rbt0->zone, rbt0->zonelen, (struct nsec3param *)rrp->rdata);
if (hashname == NULL) {
dolog(LOG_INFO, "unable to get hashname\n");
- free (rbt0);
return NULL;
}
- free (rbt0);
#if DEBUG
dolog(LOG_INFO, "hashname = %s\n", hashname);
#endif
@@ -995,7 +982,6 @@ find_nsec3_wildcard_closest(char *name, int namelen, s
ret = snprintf(wildcard, sizeof(wildcard), "*.%s", p);
if (ret >= sizeof(wildcard)) {
dolog(LOG_INFO, "result was truncated\n");
- free(rbt0);
return NULL;
}
@@ -1004,7 +990,6 @@ find_nsec3_wildcard_closest(char *name, int namelen, s
hashname = hash_name(backname, backnamelen, (struct nsec3param *)rrp->rdata);
if (hashname == NULL) {
dolog(LOG_INFO, "unable to get hashname\n");
- free (rbt0);
return NULL;
}
@@ -1015,10 +1000,7 @@ find_nsec3_wildcard_closest(char *name, int namelen, s
dname = find_next_closer_nsec3(rbt->zone, rbt->zonelen, hashname);
/* found it, get it via db after converting it */
-
- /* free what we don't need */
- free (rbt0);
-
+
#ifdef DEBUG
dolog(LOG_INFO, "converting %s\n", dname);
#endif
@@ -1071,14 +1053,12 @@ find_nsec3_cover_next_closer(char *name, int namelen,
ncn = find_next_closer_name(name, namelen, rbt0->zone, rbt0->zonelen, &ncnlen);
if (ncn == NULL) {
- free(rbt0);
return NULL;
}
hashname = hash_name(ncn, ncnlen, (struct nsec3param *)rrp->rdata);
if (hashname == NULL) {
dolog(LOG_INFO, "unable to get hashname\n");
- free (rbt0);
return NULL;
}
@@ -1087,7 +1067,6 @@ find_nsec3_cover_next_closer(char *name, int namelen,
#endif
/* free what we don't need */
- free (rbt0);
dname = find_next_closer_nsec3(rbt->zone, rbt->zonelen, hashname);
if (dname == NULL)
@@ -1102,7 +1081,6 @@ find_nsec3_cover_next_closer(char *name, int namelen,
if ((rbt0 = find_rrset(db, backname, backnamelen)) == NULL) {
free (backname);
- free (rbt0);
return (NULL);
}
blob - 89df4d782446b7bcbae490fa8a8567cc1f3a96cc
blob + 4d8c5e0e4e9afc5fa9558e2d073b724c4781907f
--- forward.c
+++ forward.c
@@ -27,7 +27,7 @@
*/
/*
- * $Id: forward.c,v 1.14 2020/07/06 08:03:34 pjp Exp $
+ * $Id: forward.c,v 1.15 2020/07/08 12:29:02 pjp Exp $
*/
#include <sys/types.h>
@@ -120,11 +120,14 @@ struct forwardqueue {
int oldkeynamelen; /* old key name len */
char oldmac[32]; /* old mac */
struct forwardentry *cur_forwardentry; /* current forwardentry */
+ int dnssecok; /* DNSSEC in anwers */
SLIST_ENTRY(forwardqueue) entries; /* next entry */
} *fwq1, *fwq2, *fwqp;
struct fwdpq {
int rc;
+ int cache;
+ int tsigcheck;
struct tsig tsig;
char mac[32];
int buflen;
@@ -160,11 +163,13 @@ extern char * dns_label(char *, int *);
extern int find_tsig_key(char *, int, char *, int);
extern int memcasecmp(u_char *, u_char *, int);
extern char * expand_compression(u_char *, u_char *, u_char *, u_char *, int *, int);
-extern int expire_rr(ddDB *, char *, int, u_int16_t);
+extern int expire_rr(ddDB *, char *, int, u_int16_t, time_t);
+extern int expire_db(ddDB *, int);
extern void build_reply(struct sreply *, int, char *, int, struct question *, struct sockaddr *, socklen_t, struct rbtree *, struct rbtree *, u_int8_t, int, int, char *);
extern struct rbtree * Lookup_zone(ddDB *, char *, int, int, int);
extern struct rbtree * lookup_zone(ddDB *, struct question *, int *, int *, char *, int);
extern char *convert_name(char *, int);
+extern int cacheit(u_char *, u_char *, u_char *, struct imsgbuf *, int);
extern int reply_a(struct sreply *, ddDB *);
extern int reply_aaaa(struct sreply *, ddDB *);
@@ -186,6 +191,8 @@ extern int reply_ds(struct sreply *, ddDB *);
extern int reply_nsec(struct sreply *, ddDB *);
extern int reply_nsec3(struct sreply *, ddDB *);
extern int reply_nsec3param(struct sreply *, ddDB *);
+extern struct rbtree * create_rr(ddDB *, char *, int, int, void *, uint32_t);
+extern void flag_rr(struct rbtree *rbt);
/*
* XXX everything but txt and naptr, works...
@@ -224,45 +231,7 @@ static struct reply_logic rlogic[] = {
{ 0, 0, 0, NULL }
};
-extern int raxfr_a(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
-extern int raxfr_tlsa(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
-extern int raxfr_srv(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
-extern int raxfr_naptr(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
-extern int raxfr_aaaa(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
-extern int raxfr_cname(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
-extern int raxfr_ns(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
-extern int raxfr_ptr(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
-extern int raxfr_mx(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
-extern int raxfr_txt(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
-extern int raxfr_dnskey(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
-extern int raxfr_rrsig(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
-extern int raxfr_nsec3param(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
-extern int raxfr_nsec3(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
-extern int raxfr_ds(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
-extern int raxfr_sshfp(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
-extern int raxfr_soa(FILE *, u_char *, u_char *, u_char *, struct soa *, int, u_int32_t, u_int16_t, HMAC_CTX *);
-extern int raxfr_peek(FILE *, u_char *, u_char *, u_char *, int *, int, u_int16_t *, u_int32_t, HMAC_CTX *);
-static struct raxfr_logic supported[] = {
- { DNS_TYPE_A, 0, raxfr_a },
- { DNS_TYPE_NS, 0, raxfr_ns },
- { DNS_TYPE_MX, 0, raxfr_mx },
- { DNS_TYPE_PTR, 0, raxfr_ptr },
- { DNS_TYPE_AAAA, 0, raxfr_aaaa },
- { DNS_TYPE_CNAME, 0, raxfr_cname },
- { DNS_TYPE_TXT, 0, raxfr_txt },
- { DNS_TYPE_DNSKEY, 1, raxfr_dnskey },
- { DNS_TYPE_RRSIG, 1, raxfr_rrsig },
- { DNS_TYPE_NSEC3PARAM, 1, raxfr_nsec3param },
- { DNS_TYPE_NSEC3, 1, raxfr_nsec3 },
- { DNS_TYPE_DS, 1, raxfr_ds },
- { DNS_TYPE_SSHFP, 0, raxfr_sshfp },
- { DNS_TYPE_TLSA, 0, raxfr_tlsa },
- { DNS_TYPE_SRV, 0, raxfr_srv },
- { DNS_TYPE_NAPTR, 0, raxfr_naptr },
- { 0, 0, NULL }
-};
-
extern int debug, verbose;
extern int tsig;
extern int dnssec;
@@ -342,13 +311,15 @@ forwardloop(ddDB *db, struct cfg *cfg, struct imsgbuf
int max, sel;
int len, need;
int pi[2];
- int i;
+ int i, count;
u_int packetcount = 0;
ssize_t n, datalen;
fd_set rset;
pid_t pid;
+ dolog(LOG_INFO, "FORWARD: expired %d records from non-forwarding DB\n", expire_db(db, 1));
+
if (socketpair(AF_UNIX, SOCK_STREAM | SOCK_CLOEXEC, PF_UNSPEC, &pi[0]) < 0) {
dolog(LOG_INFO, "socketpair() failed\n");
ddd_shutdown();
@@ -410,10 +381,26 @@ forwardloop(ddDB *db, struct cfg *cfg, struct imsgbuf
FD_SET(fwq1->so, &rset);
}
- sel = select(max + 1, &rset, NULL, NULL, NULL);
+ /*
+ * set a timeout for idle periods, which we'll use to expire
+ * the db
+ */
+
+ tv.tv_sec = 10;
+ tv.tv_usec = 0;
+
+ sel = select(max + 1, &rset, NULL, NULL, &tv);
if (sel == -1) {
continue;
}
+ if (sel == 0) {
+ if (cache) {
+ count = expire_db(db, 0);
+ if (count)
+ dolog(LOG_INFO, "Forward CACHE expire_db: expired %d RR's\n", count);
+ }
+ continue;
+ }
SLIST_FOREACH_SAFE(fwq1, &fwqhead, entries, fwqp) {
if (FD_ISSET(fwq1->so, &rset)) {
@@ -431,7 +418,7 @@ forwardloop(ddDB *db, struct cfg *cfg, struct imsgbuf
goto drop;
need = ntohs(unpack16(buf));
- len = recv(fwq1->so, buf, need, MSG_WAITALL);
+ len = recv(fwq1->so, buf, need, MSG_WAITALL | MSG_PEEK);
if (len <= 0)
goto drop;
@@ -466,7 +453,7 @@ drop:
}
if (n == 0) {
/* child died? */
- dolog(LOG_INFO, "sigpipe on child? exiting.\n");
+ dolog(LOG_INFO, "sigpipe on child? forward process exiting.\n");
exit(1);
}
@@ -592,8 +579,8 @@ forwardthis(ddDB *db, struct cfg *cfg, int so, struct
/* check cache and expire it, then send if it remains */
if ((count = expire_rr(db, sforward->buf, sforward->buflen,
- ntohs(sforward->type))) != 0) {
- dolog(LOG_INFO, "forwarding cache expired %d records\n", count);
+ ntohs(sforward->type), now)) != 0) {
+ dolog(LOG_INFO, "Forward CACHE expired %d records\n", count);
goto newqueue;
}
/* sforward->type is in netbyte order */
@@ -656,6 +643,8 @@ forwardthis(ddDB *db, struct cfg *cfg, int so, struct
}
q->edns0len = sforward->edns0len;
+ if (dnssec && sforward->dnssecok)
+ q->dnssecok = 1;
build_reply(&sreply,
(istcp ? so : cfg->dup[sforward->oldsel]),
@@ -873,8 +862,9 @@ sendit(struct forwardqueue *fwq, struct sforward *sfor
/* additionals */
- if (dnssec && sforward->dnssecok)
+ if (dnssec && sforward->dnssecok) {
q->dnssecok = 1;
+ }
outlen = additional_opt(q, packet, 0xffff, len);
len = outlen;
@@ -912,28 +902,22 @@ sendit(struct forwardqueue *fwq, struct sforward *sfor
void
returnit(ddDB *db, struct cfg *cfg, struct forwardqueue *fwq, char *rbuf, int rlen, struct imsgbuf *ibuf)
{
+ struct rbtree *rbt = NULL;
struct timeval tv;
struct dns_header *dh;
struct tsig *stsig = NULL;
struct question *q;
struct fwdpq *fwdpq;
struct imsg imsg;
- struct raxfr_logic *sr;
+ struct rr_imsg ri;
static char *buf = NULL;
- char *p;
- char *estart, *end;
- char expand[DNS_MAXNAME + 1];
+ char *p, *rdata;
- int so, i, x;
+ int so;
int sel;
int len = 0;
int outlen;
- uint16_t rrtype;
- uint16_t rdlen;
- uint32_t rrttl;
- int elen;
- char *pb;
socklen_t tolen;
fd_set rset;
@@ -976,29 +960,42 @@ returnit(ddDB *db, struct cfg *cfg, struct forwardqueu
return;
}
- if (fwq->tsigkey) {
- if (rlen > 16300) { /* leave some space for struct */
+ /* send it on to our sandbox */
+ fwdpq = (struct fwdpq *)calloc(1, rlen + FWDPQHEADER);
+ if (fwdpq == NULL) {
+ dolog(LOG_INFO, "calloc: %s\n", strerror(errno));
+ return;
+ }
+
+ memcpy(&fwdpq->mac, &fwq->mac, sizeof(fwdpq->mac));
+
+ if (fwq->istcp) {
+ fwdpq->buflen = rlen;
+ } else {
+ if (rlen > (16384 - FWDPQHEADER)) { /* leave some space for struct */
dolog(LOG_INFO, "can't send packet to parser, too big\n");
return;
}
- fwdpq = (struct fwdpq *)calloc(1, rlen + FWDPQHEADER);
- if (fwdpq == NULL) {
- dolog(LOG_INFO, "calloc: %s\n", strerror(errno));
- return;
- }
-
memcpy(&fwdpq->buf, p, rlen);
fwdpq->buflen = rlen;
- memcpy(&fwdpq->mac, &fwq->mac, sizeof(fwdpq->mac));
- if (imsg_compose(ibuf, IMSG_PARSE_MESSAGE, 0, 0, -1, fwdpq, rlen + FWDPQHEADER) < 0) {
+ }
+
+ if (fwq->tsigkey)
+ fwdpq->tsigcheck = 1;
+
+ if (cache)
+ fwdpq->cache = 1;
+
+ if (imsg_compose(ibuf, IMSG_PARSE_MESSAGE, 0, 0, (fwq->istcp == 1) ? fwq->so : -1, fwdpq, fwq->istcp ? FWDPQHEADER : rlen + FWDPQHEADER) < 0) {
dolog(LOG_INFO, "imsg_compose: %s\n", strerror(errno));
free(fwdpq);
return;
- }
- msgbuf_write(&ibuf->w);
+ }
+ msgbuf_write(&ibuf->w);
+ for (;;) {
FD_ZERO(&rset);
FD_SET(ibuf->fd, &rset);
@@ -1026,17 +1023,15 @@ returnit(ddDB *db, struct cfg *cfg, struct forwardqueu
for (;;) {
if ((n = imsg_get(ibuf, &imsg)) == -1) {
- dolog(LOG_ERR, "returnit internal error around imsg_get, drop\n");
- free(fwdpq);
- return;
+ dolog(LOG_ERR, "returnit internal error around imsg_get, drop\n");
+ free(fwdpq);
+ return;
}
if (n == 0) {
- dolog(LOG_ERR, "returnit internal error (n == 0), drop\n");
- free(fwdpq);
- return;
+ break;
}
-
+
datalen = imsg.hdr.len - IMSG_HEADER_SIZE;
switch (imsg.hdr.type) {
case IMSG_PARSEREPLY_MESSAGE:
@@ -1048,100 +1043,68 @@ returnit(ddDB *db, struct cfg *cfg, struct forwardqueu
return;
}
+ if (fwq->istcp == 1)
+ fwq->so = imsg.fd;
+
+ imsg_free(&imsg);
+ goto endimsg;
break;
- }
+ case IMSG_RR_ATTACHED:
+ if (datalen > sizeof(ri)) {
+ dolog(LOG_ERR, "returnit RR reply was bogus\n");
+ imsg_free(&imsg);
+ break;
+ }
+ memcpy((void *)&ri, imsg.data, datalen);
- imsg_free(&imsg);
- break;
- } /* for (;;) */
-
- if (fwdpq->tsig.have_tsig && fwdpq->tsig.tsigverified == 0) {
- dolog(LOG_INFO, "FORWARD returnit, TSIG didn't check out error code = %d\n", stsig->tsigerrorcode);
- free(fwdpq);
- return;
- }
+ rdata = malloc(ri.unlen);
+ if (rdata == NULL) {
+ dolog(LOG_ERR, "returnit cache insertion failed\n");
+ imsg_free(&imsg);
+ break;
+ }
- NTOHS(dh->additional);
- dh->additional--;
- HTONS(dh->additional);
+ memcpy(rdata, &ri.un, ri.unlen);
- rlen = fwdpq->tsig.tsigoffset;
+ if ((rbt = create_rr(db, ri.name, ri.namelen,
+ ri.rrtype, (void *)rdata, ri.ttl)) == NULL) {
+ dolog(LOG_ERR, "returnit cache insertion failed 2\n");
+ imsg_free(&imsg);
+ break;
+ }
- free(fwdpq);
- }
-
- /* insert into the cache */
+ flag_rr(rbt);
- if (! cache)
- goto skipcache;
+ imsg_free(&imsg);
+ break;
+ default:
+ dolog(LOG_INFO, "received unexpected IMSG\n");
+ imsg_free(&imsg);
+ break;
+ }
- estart = (char *)&dh[0];
- end = &p[rlen];
+ break;
+ } /* for (;;) */
+ /* back to select */
+ } /* for (;;) */
- p = (char *)&dh[1];
-
- elen = 0;
- memset(&expand, 0, sizeof(expand));
- pb = expand_compression(p, estart, end, (u_char *)&expand, &elen, sizeof(expand));
- if (pb == NULL) {
- dolog(LOG_INFO, "expand_compression() failed -2\n");
+endimsg:
+
+ if (fwdpq->tsig.have_tsig && fwdpq->tsig.tsigverified == 0) {
+ dolog(LOG_INFO, "FORWARD returnit, TSIG didn't check out error code = %d\n", stsig->tsigerrorcode);
+ free(fwdpq);
return;
}
- i = (pb - estart);
- if (i > rlen) {
- return;
- }
- rrtype = ntohs(unpack16(pb));
+ NTOHS(dh->additional);
+ dh->additional--;
+ HTONS(dh->additional);
- /* our cache doesn't like ANY questions/replies */
- if (rrtype == DNS_TYPE_ANY)
- goto skipcache;
+ rlen = fwdpq->tsig.tsigoffset;
- pb += 4; /* skip type and class */
-
- /* we are now at the start of answer */
- for (x = 0; x < ntohs(dh->answer); x++) {
- elen = 0;
- memset(&expand, 0, sizeof(expand));
- pb = expand_compression(pb, estart, end, (u_char *)&expand, &elen, sizeof(expand));
- if (pb == NULL) {
- dolog(LOG_INFO, "expand_compression() failed X\n");
- return;
- }
- i = (pb - estart);
- if (i > rlen) {
- return;
- }
-
- if (pb + 10 >= end) {
- dolog(LOG_INFO, "malformed reply, drop\n");
- return;
- }
-
- rrtype = ntohs(unpack16(pb));
- rrttl = ntohl(unpack32(pb + 4));
- rdlen = ntohs(unpack16(pb + 8));
-
- pb += 10; /* skip answerd */
-
-
- for (sr = supported; sr->rrtype != 0; sr++) {
- if (rrtype == sr->rrtype) {
- if ((*sr->raxfr)(NULL, pb, estart, end, NULL, rdlen, NULL, expand, elen, rrttl, db) < 0) {
-#if DEBUG
- dolog(LOG_INFO, "error with rrtype %d\n", sr->rrtype);
-#endif
- }
- } /* if rrtype */
- } /* for (sr .. */
-
- pb += rdlen;
- } /* for (x... */
-
-skipcache:
-
+ free(fwdpq);
+
/* add new tsig if needed */
pack16((char *)&dh->id, fwq->oldid);
@@ -1626,7 +1589,8 @@ void
fwdparseloop(struct imsgbuf *ibuf)
{
int fd = ibuf->fd;
- int sel;
+ int sel, istcp = 0;
+ int rlen, tmp;
struct tsig *stsig = NULL;
struct fwdpq *fwdpq;
@@ -1634,11 +1598,12 @@ fwdparseloop(struct imsgbuf *ibuf)
struct dns_header *dh;
char *packet;
+ u_char *end, *estart;
fd_set rset;
ssize_t n, datalen;
#if __OpenBSD__
- if (pledge("stdio", NULL) < 0) {
+ if (pledge("stdio sendfd recvfd", NULL) < 0) {
perror("pledge");
ddd_shutdown();
exit(1);
@@ -1646,7 +1611,7 @@ fwdparseloop(struct imsgbuf *ibuf)
#endif
- fwdpq = (struct fwdpq *)calloc(1, MAX_IMSGSIZE);
+ fwdpq = (struct fwdpq *)calloc(1, 0xffff + FWDPQHEADER);
if (fwdpq == NULL) {
dolog(LOG_INFO, "calloc: %s\n", strerror(errno));
ddd_shutdown();
@@ -1681,22 +1646,54 @@ fwdparseloop(struct imsgbuf *ibuf)
}
datalen = imsg.hdr.len - IMSG_HEADER_SIZE;
+
+ if (imsg.fd != -1) {
+ istcp = 1;
+ }
+
switch (imsg.hdr.type) {
case IMSG_PARSE_MESSAGE:
/* XXX magic numbers */
if (datalen > MAX_IMSGSIZE) {
fwdpq->rc = PARSE_RETURN_NAK;
- imsg_compose(ibuf, IMSG_PARSEREPLY_MESSAGE, 0, 0, -1, fwdpq, sizeof(struct fwdpq));
+ imsg_compose(ibuf, IMSG_PARSEREPLY_MESSAGE, 0, 0, imsg.fd, fwdpq, sizeof(struct fwdpq));
msgbuf_write(&ibuf->w);
break;
}
memcpy(fwdpq, imsg.data, datalen);
- if (datalen - FWDPQHEADER < sizeof(struct dns_header)) {
+ if (istcp) {
+ packet = malloc(fwdpq->buflen);
+ if (packet == NULL) {
+ dolog(LOG_INFO, "malloc %s\n", strerror(errno));
+ fwdpq->rc = PARSE_RETURN_NAK;
+ /* send the descriptor back to them */
+ imsg_compose(ibuf, IMSG_PARSEREPLY_MESSAGE, 0, 0, imsg.fd, fwdpq, sizeof(struct fwdpq));
+ msgbuf_write(&ibuf->w);
+ break;
+ }
+
+ if (recv(imsg.fd, packet, fwdpq->buflen, 0) < 0) {
+ dolog(LOG_INFO, "recv in forward sandbox: %s\n", strerror(errno));
+ fwdpq->rc = PARSE_RETURN_NAK;
+ /* send the descriptor back to them */
+ imsg_compose(ibuf, IMSG_PARSEREPLY_MESSAGE, 0, 0, imsg.fd, fwdpq, sizeof(struct fwdpq));
+ msgbuf_write(&ibuf->w);
+ break;
+ }
+ }
+
+ if (istcp) {
+ tmp = fwdpq->buflen;
+ } else {
+ tmp = datalen - FWDPQHEADER;
+ }
+
+ if (tmp < sizeof(struct dns_header)) {
/* SEND NAK */
fwdpq->rc = PARSE_RETURN_NAK;
- imsg_compose(ibuf, IMSG_PARSEREPLY_MESSAGE, 0, 0, -1, fwdpq, sizeof(struct fwdpq));
+ imsg_compose(ibuf, IMSG_PARSEREPLY_MESSAGE, 0, 0, (istcp) ? imsg.fd : -1, fwdpq, sizeof(struct fwdpq));
msgbuf_write(&ibuf->w);
break;
}
@@ -1705,7 +1702,7 @@ fwdparseloop(struct imsgbuf *ibuf)
if (! (ntohs(dh->query) & DNS_REPLY)) {
fwdpq->rc = PARSE_RETURN_NOTAREPLY;
- imsg_compose(ibuf, IMSG_PARSEREPLY_MESSAGE, 0, 0, -1, fwdpq, sizeof(struct fwdpq));
+ imsg_compose(ibuf, IMSG_PARSEREPLY_MESSAGE, 0, 0, (istcp) ? imsg.fd : -1, fwdpq, sizeof(struct fwdpq));
msgbuf_write(&ibuf->w);
break;
}
@@ -1720,27 +1717,43 @@ fwdparseloop(struct imsgbuf *ibuf)
* question, so this is good
*/
fwdpq->rc = PARSE_RETURN_NOQUESTION;
- imsg_compose(ibuf, IMSG_PARSEREPLY_MESSAGE, 0, 0, -1, fwdpq, sizeof(struct fwdpq));
+ imsg_compose(ibuf, IMSG_PARSEREPLY_MESSAGE, 0, 0, (istcp) ? imsg.fd : -1, fwdpq, sizeof(struct fwdpq));
msgbuf_write(&ibuf->w);
break;
}
/* insert parsing logic here */
- stsig = check_tsig((char *)fwdpq->buf, fwdpq->buflen, fwdpq->mac);
- if (stsig == NULL) {
- dolog(LOG_INFO, "FORWARD parser, malformed reply packet\n");
- fwdpq->rc = PARSE_RETURN_MALFORMED;
+ /* check for cache */
+ if (fwdpq->cache) {
+ estart = packet;
+ rlen = fwdpq->buflen;
+ end = &packet[rlen];
- imsg_compose(ibuf, IMSG_PARSEREPLY_MESSAGE, 0, 0, -1, fwdpq, sizeof(struct fwdpq));
- msgbuf_write(&ibuf->w);
-
- break;
+ if (cacheit(packet, estart, end, ibuf, imsg.fd) < 0) {
+ goto skipcache;
+ }
}
- memcpy(&fwdpq->tsig, stsig, sizeof(struct tsig));
- fwdpq->rc = PARSE_RETURN_ACK;
+skipcache:
+ /* check to see if we tsig */
+
+ if (fwdpq->tsigcheck) {
+ stsig = check_tsig((char *)fwdpq->buf, fwdpq->buflen, fwdpq->mac);
+ if (stsig == NULL) {
+ dolog(LOG_INFO, "FORWARD parser, malformed reply packet\n");
+ fwdpq->rc = PARSE_RETURN_MALFORMED;
- imsg_compose(ibuf, IMSG_PARSEREPLY_MESSAGE, 0, 0, -1, fwdpq, sizeof(struct fwdpq));
+ imsg_compose(ibuf, IMSG_PARSEREPLY_MESSAGE, 0, 0, (istcp) ? imsg.fd : -1, fwdpq, sizeof(struct fwdpq));
+ msgbuf_write(&ibuf->w);
+
+ break;
+ }
+
+ memcpy(&fwdpq->tsig, stsig, sizeof(struct tsig));
+ }
+
+ fwdpq->rc = PARSE_RETURN_ACK;
+ imsg_compose(ibuf, IMSG_PARSEREPLY_MESSAGE, 0, 0, (istcp) ? imsg.fd : -1, fwdpq, sizeof(struct fwdpq));
msgbuf_write(&ibuf->w);
free(stsig);
blob - 1f4045e0e388b6e78d068fde51425fe2fd980108
blob + c0004b59b7cce99fbeb4cc9a404bbd466f882985
--- parse.y
+++ parse.y
@@ -21,7 +21,7 @@
*/
/*
- * $Id: parse.y,v 1.102 2020/07/06 07:17:40 pjp Exp $
+ * $Id: parse.y,v 1.103 2020/07/08 12:29:02 pjp Exp $
*/
%{
@@ -102,7 +102,6 @@ extern int mybase64_decode(char const *, u_char *, si
extern struct rbtree * create_rr(ddDB *, char *, int, int, void *, uint32_t);
extern struct rbtree * find_rrset(ddDB *db, char *name, int len);
extern struct rrset * find_rr(struct rbtree *rbt, u_int16_t rrtype);
-extern int add_rr(struct rbtree *rbt, char *name, int len, u_int16_t rrtype, void *rdata);
extern int display_rr(struct rrset *rrset);
extern void flag_rr(struct rbtree *);
extern int pull_rzone(struct rzone *, time_t);
@@ -2205,7 +2204,6 @@ fill_cname(ddDB *db, char *name, char *type, int myttl
if (converted_name)
free (converted_name);
- free (rbt);
return (0);
}
@@ -2258,7 +2256,6 @@ fill_ptr(ddDB *db, char *name, char *type, int myttl,
if (converted_name)
free (converted_name);
- free (rbt);
return (0);
@@ -2310,7 +2307,6 @@ fill_dnskey(ddDB *db, char *name, char *type, u_int32_
if (converted_name)
free (converted_name);
- free (rbt);
return (0);
@@ -2419,14 +2415,13 @@ fill_rrsig(ddDB *db, char *name, char *type, u_int32_t
if (db->put(db, &key, &data) != 0) {
return -1;
}
-
+
if (signers_name2)
free(signers_name2);
if (converted_name)
free (converted_name);
- free (rbt);
return (0);
@@ -2472,7 +2467,6 @@ fill_ds(ddDB *db, char *name, char *type, u_int32_t my
if (converted_name)
free (converted_name);
- free(rbt);
return (0);
@@ -2547,7 +2541,6 @@ fill_nsec3(ddDB *db, char *name, char *type, u_int32_t
if (converted_name)
free (converted_name);
- free (rbt);
return (0);
}
@@ -2591,7 +2584,6 @@ fill_nsec3param(ddDB *db, char *name, char *type, u_in
if (converted_name)
free (converted_name);
- free (rbt);
return (0);
}
@@ -2644,7 +2636,6 @@ fill_nsec(ddDB *db, char *name, char *type, u_int32_t
if (converted_name)
free (converted_name);
- free (rbt);
return (0);
@@ -2716,7 +2707,6 @@ fill_naptr(ddDB *db, char *name, char *type, int myttl
if (converted_name)
free (converted_name);
- free (rbt);
return (0);
@@ -2786,7 +2776,6 @@ fill_txt(ddDB *db, char *name, char *type, int myttl,
if (converted_name)
free (converted_name);
- free (rbt);
free (tmp);
@@ -2854,7 +2843,6 @@ fill_tlsa(ddDB *db, char *name, char *type, int myttl,
if (converted_name)
free (converted_name);
- free (rbt);
return (0);
@@ -2913,7 +2901,6 @@ fill_sshfp(ddDB *db, char *name, char *type, int myttl
if (converted_name)
free (converted_name);
- free (rbt);
return (0);
@@ -2971,7 +2958,6 @@ fill_srv(ddDB *db, char *name, char *type, int myttl,
if (converted_name)
free (converted_name);
- free (rbt);
return (0);
@@ -3022,7 +3008,6 @@ fill_mx(ddDB *db, char *name, char *type, int myttl, i
if (converted_name)
free (converted_name);
- free (rbt);
return (0);
@@ -3067,7 +3052,6 @@ fill_a(ddDB *db, char *name, char *type, int myttl, ch
if (converted_name)
free (converted_name);
- free (rbt);
return (0);
@@ -3114,7 +3098,6 @@ fill_aaaa(ddDB *db, char *name, char *type, int myttl,
if (converted_name)
free (converted_name);
- free (rbt);
return (0);
@@ -3165,7 +3148,6 @@ fill_ns(ddDB *db, char *name, char *type, int myttl, c
if (rrset == NULL)
nstype = NS_TYPE_DELEGATE;
- free(rbt);
}
if ((ns = (struct ns *)calloc(1, sizeof(struct ns))) == NULL) {
@@ -3201,7 +3183,6 @@ fill_ns(ddDB *db, char *name, char *type, int myttl, c
if (converted_name)
free (converted_name);
- free (rbt);
return (0);
@@ -3283,7 +3264,6 @@ fill_soa(ddDB *db, char *name, char *type, int myttl,
if (converted_name)
free (converted_name);
- free (rbt);
return (0);
blob - b72aa46a2e6b9eba034364174fc4a702ae99f647
blob + 5271e5cf53291de72350f4bf7041a9c12fc42c37
--- query.c
+++ query.c
@@ -27,7 +27,7 @@
*/
/*
- * $Id: query.c,v 1.5 2020/07/06 07:17:40 pjp Exp $
+ * $Id: query.c,v 1.6 2020/07/08 12:29:02 pjp Exp $
*/
#include <sys/types.h>
@@ -143,22 +143,22 @@ extern char * bin2hex(char *, int);
extern u_int64_t timethuman(time_t);
extern char * bitmap2human(char *, int);
-extern int raxfr_a(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
-extern int raxfr_tlsa(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
-extern int raxfr_srv(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
-extern int raxfr_naptr(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
-extern int raxfr_aaaa(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
-extern int raxfr_cname(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
-extern int raxfr_ns(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
-extern int raxfr_ptr(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
-extern int raxfr_mx(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
-extern int raxfr_txt(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
-extern int raxfr_dnskey(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
-extern int raxfr_rrsig(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
-extern int raxfr_nsec3param(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
-extern int raxfr_nsec3(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
-extern int raxfr_ds(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
-extern int raxfr_sshfp(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
+extern int raxfr_a(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
+extern int raxfr_tlsa(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
+extern int raxfr_srv(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
+extern int raxfr_naptr(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
+extern int raxfr_aaaa(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
+extern int raxfr_cname(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
+extern int raxfr_ns(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
+extern int raxfr_ptr(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
+extern int raxfr_mx(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
+extern int raxfr_txt(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
+extern int raxfr_dnskey(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
+extern int raxfr_rrsig(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
+extern int raxfr_nsec3param(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
+extern int raxfr_nsec3(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
+extern int raxfr_ds(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
+extern int raxfr_sshfp(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
extern u_int16_t raxfr_skip(FILE *, u_char *, u_char *);
extern int raxfr_soa(FILE *, u_char *, u_char *, u_char *, struct soa *, int, u_int32_t, u_int16_t, HMAC_CTX *);
extern int raxfr_peek(FILE *, u_char *, u_char *, u_char *, int *, int, u_int16_t *, u_int32_t, HMAC_CTX *);
@@ -669,7 +669,7 @@ skip:
} else {
for (sr = supported; sr->rrtype != 0; sr++) {
if (rrtype == sr->rrtype) {
- if ((len = (*sr->raxfr)(f, p, estart, end, mysoa, rdlen, NULL, NULL, 0, 0, NULL)) < 0) {
+ if ((len = (*sr->raxfr)(f, p, estart, end, mysoa, rdlen, NULL)) < 0) {
fprintf(stderr, "error with rrtype %d\n", sr->rrtype);
return -1;
}
blob - 5775a0dda79bf5f974081d1639629bf4b4bffc7f
blob + cadd7423b622b0d54d689d6d1588de77ce6bfd42
--- raxfr.c
+++ raxfr.c
@@ -26,7 +26,7 @@
*
*/
/*
- * $Id: raxfr.c,v 1.54 2020/07/07 14:22:38 pjp Exp $
+ * $Id: raxfr.c,v 1.55 2020/07/08 12:29:02 pjp Exp $
*/
#include <sys/types.h>
@@ -96,22 +96,22 @@ struct myschedule {
-int raxfr_a(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
-int raxfr_aaaa(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
-int raxfr_cname(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
-int raxfr_ns(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
-int raxfr_ptr(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
-int raxfr_mx(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
-int raxfr_txt(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
-int raxfr_dnskey(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
-int raxfr_rrsig(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
-int raxfr_nsec3param(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
-int raxfr_nsec3(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
-int raxfr_ds(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
-int raxfr_sshfp(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
-int raxfr_tlsa(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
-int raxfr_srv(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
-int raxfr_naptr(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
+int raxfr_a(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
+int raxfr_aaaa(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
+int raxfr_cname(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
+int raxfr_ns(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
+int raxfr_ptr(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
+int raxfr_mx(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
+int raxfr_txt(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
+int raxfr_dnskey(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
+int raxfr_rrsig(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
+int raxfr_nsec3param(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
+int raxfr_nsec3(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
+int raxfr_ds(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
+int raxfr_sshfp(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
+int raxfr_tlsa(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
+int raxfr_srv(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
+int raxfr_naptr(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
int raxfr_soa(FILE *, u_char *, u_char *, u_char *, struct soa *, int, u_int32_t, u_int16_t, HMAC_CTX *);
u_int16_t raxfr_skip(FILE *, u_char *, u_char *);
@@ -431,7 +431,7 @@ raxfr_soa(FILE *f, u_char *p, u_char *estart, u_char *
}
int
-raxfr_rrsig(FILE *f, u_char *p, u_char *estart, u_char *end, struct soa *mysoa, u_int16_t rdlen, HMAC_CTX *ctx, char *name, int namelen, uint32_t dnsttl, ddDB *db)
+raxfr_rrsig(FILE *f, u_char *p, u_char *estart, u_char *end, struct soa *mysoa, u_int16_t rdlen, HMAC_CTX *ctx)
{
struct rrsig rs;
char *save, *humanname;
@@ -506,26 +506,16 @@ raxfr_rrsig(FILE *f, u_char *p, u_char *estart, u_char
return -1;
}
- if (name == NULL) {
- if (f != NULL) {
- fprintf(f, "%s,%u,%u,%u,%llu,%llu,%u,%s,\"%s\"\n",
- get_dns_type(rs.type_covered, 0),
- rs.algorithm, rs.labels, rs.original_ttl,
- timethuman(rs.signature_expiration),
- timethuman(rs.signature_inception),
- rs.key_tag,
- (*humanname == '\0' ? "." : humanname), b);
- }
- } else {
- fill_rrsig(db, convert_name(name, namelen), "rrsig", dnsttl,
- get_dns_type(rs.type_covered, 0), rs.algorithm,
- rs.labels, rs.original_ttl,
- timethuman(rs.signature_expiration),
+ if (f != NULL) {
+ fprintf(f, "%s,%u,%u,%u,%llu,%llu,%u,%s,\"%s\"\n",
+ get_dns_type(rs.type_covered, 0),
+ rs.algorithm, rs.labels, rs.original_ttl,
+ timethuman(rs.signature_expiration),
timethuman(rs.signature_inception),
rs.key_tag,
(*humanname == '\0' ? "." : humanname), b);
}
-
+
free(humanname);
free(b);
@@ -537,7 +527,7 @@ raxfr_rrsig(FILE *f, u_char *p, u_char *estart, u_char
}
int
-raxfr_ds(FILE *f, u_char *p, u_char *estart, u_char *end, struct soa *mysoa, u_int16_t rdlen, HMAC_CTX *ctx, char *name, int namelen, uint32_t dnsttl, ddDB *db)
+raxfr_ds(FILE *f, u_char *p, u_char *estart, u_char *end, struct soa *mysoa, u_int16_t rdlen, HMAC_CTX *ctx)
{
struct ds d;
u_int16_t tmpshort;
@@ -561,15 +551,9 @@ raxfr_ds(FILE *f, u_char *p, u_char *estart, u_char *e
p += d.digestlen;
- if (name == NULL) {
- if (f != NULL) {
- fprintf(f, "%u,%u,%u,\"%s\"\n", d.key_tag, d.algorithm,
- d.digest_type, bin2hex(d.digest, d.digestlen));
- }
- } else {
- fill_ds(db, convert_name(name, namelen), "ds", dnsttl,
- d.key_tag, d.algorithm, d.digest_type,
- bin2hex(d.digest, d.digestlen));
+ if (f != NULL) {
+ fprintf(f, "%u,%u,%u,\"%s\"\n", d.key_tag, d.algorithm,
+ d.digest_type, bin2hex(d.digest, d.digestlen));
}
if (ctx != NULL)
@@ -579,7 +563,7 @@ raxfr_ds(FILE *f, u_char *p, u_char *estart, u_char *e
}
int
-raxfr_sshfp(FILE *f, u_char *p, u_char *estart, u_char *end, struct soa *mysoa, u_int16_t rdlen, HMAC_CTX *ctx, char *name, int namelen, uint32_t dnsttl, ddDB *db)
+raxfr_sshfp(FILE *f, u_char *p, u_char *estart, u_char *end, struct soa *mysoa, u_int16_t rdlen, HMAC_CTX *ctx)
{
struct sshfp s;
char *hex;
@@ -602,13 +586,8 @@ raxfr_sshfp(FILE *f, u_char *p, u_char *estart, u_char
hex = bin2hex(s.fingerprint, s.fplen);
- if (name == NULL) {
- if (f != NULL) {
- fprintf(f, "%u,%u,\"%s\"\n", s.algorithm, s.fptype, hex);
- }
- } else {
- fill_sshfp(db, convert_name(name, namelen), "sshfp", dnsttl,
- s.algorithm, s.fptype, hex);
+ if (f != NULL) {
+ fprintf(f, "%u,%u,\"%s\"\n", s.algorithm, s.fptype, hex);
}
if (ctx != NULL)
@@ -618,7 +597,7 @@ raxfr_sshfp(FILE *f, u_char *p, u_char *estart, u_char
}
int
-raxfr_dnskey(FILE *f, u_char *p, u_char *estart, u_char *end, struct soa *mysoa, u_int16_t rdlen, HMAC_CTX *ctx, char *name, int namelen, uint32_t dnsttl, ddDB *db)
+raxfr_dnskey(FILE *f, u_char *p, u_char *estart, u_char *end, struct soa *mysoa, u_int16_t rdlen, HMAC_CTX *ctx)
{
struct dnskey dk;
u_int16_t tmpshort;
@@ -657,14 +636,9 @@ raxfr_dnskey(FILE *f, u_char *p, u_char *estart, u_cha
b[len] = '\0';
- if (name == NULL) {
- if (f != NULL) {
- fprintf(f, "%u,%u,%u,\"%s\"\n", dk.flags, dk.protocol,
- dk.algorithm, b);
- }
- } else {
- fill_dnskey(db, convert_name(name, namelen), "dnskey", dnsttl,
- dk.flags, dk.protocol, dk.algorithm, b);
+ if (f != NULL) {
+ fprintf(f, "%u,%u,%u,\"%s\"\n", dk.flags, dk.protocol,
+ dk.algorithm, b);
}
free(b);
@@ -677,7 +651,7 @@ raxfr_dnskey(FILE *f, u_char *p, u_char *estart, u_cha
int
-raxfr_mx(FILE *f, u_char *p, u_char *estart, u_char *end, struct soa *mysoa, u_int16_t rdlen, HMAC_CTX *ctx, char *name, int namelen, uint32_t dnsttl, ddDB *db)
+raxfr_mx(FILE *f, u_char *p, u_char *estart, u_char *end, struct soa *mysoa, u_int16_t rdlen, HMAC_CTX *ctx)
{
u_int16_t mxpriority;
char *save, *humanname;
@@ -689,10 +663,8 @@ raxfr_mx(FILE *f, u_char *p, u_char *estart, u_char *e
BOUNDS_CHECK((q + 2), p, rdlen, end);
mxpriority = unpack16(q);
- if (name == NULL) {
- if (f != NULL)
- fprintf(f, "%u,", ntohs(mxpriority));
- }
+ if (f != NULL)
+ fprintf(f, "%u,", ntohs(mxpriority));
q += 2;
@@ -710,17 +682,11 @@ raxfr_mx(FILE *f, u_char *p, u_char *estart, u_char *e
return -1;
}
- if (name == NULL) {
- if (f != NULL) {
- if (*humanname == '\0')
- fprintf(f, ".\n");
- else
- fprintf(f, "%s\n", humanname);
- }
- } else {
- fill_mx(db, convert_name(name, namelen), "mx", dnsttl,
- ntohs(mxpriority),
- (*humanname == '\0' ? "." : humanname));
+ if (f != NULL) {
+ if (*humanname == '\0')
+ fprintf(f, ".\n");
+ else
+ fprintf(f, "%s\n", humanname);
}
free(humanname);
@@ -732,13 +698,13 @@ raxfr_mx(FILE *f, u_char *p, u_char *estart, u_char *e
}
int
-raxfr_ptr(FILE *f, u_char *p, u_char *estart, u_char *end, struct soa *mysoa, u_int16_t rdlen, HMAC_CTX *ctx, char *name, int namelen, uint32_t dnsttl, ddDB *db)
+raxfr_ptr(FILE *f, u_char *p, u_char *estart, u_char *end, struct soa *mysoa, u_int16_t rdlen, HMAC_CTX *ctx)
{
- return (raxfr_ns(f, p, estart, end, mysoa, rdlen, ctx, name, namelen, dnsttl, db));
+ return (raxfr_ns(f, p, estart, end, mysoa, rdlen, ctx));
}
int
-raxfr_nsec3(FILE *f, u_char *p, u_char *estart, u_char *end, struct soa *mysoa, u_int16_t rdlen, HMAC_CTX *ctx, char *name, int namelen, uint32_t dnsttl, ddDB *db)
+raxfr_nsec3(FILE *f, u_char *p, u_char *estart, u_char *end, struct soa *mysoa, u_int16_t rdlen, HMAC_CTX *ctx)
{
struct nsec3 n;
u_int16_t iter;
@@ -778,23 +744,13 @@ raxfr_nsec3(FILE *f, u_char *p, u_char *estart, u_char
bitmap2human(n.bitmap, n.bitmap_len);
- if (name == NULL) {
- if (f != NULL) {
- fprintf(f, "%u,%u,%u,\"%s\",\"%s\",\"%s\"\n", n.algorithm,
- n.flags, n.iterations,
- (n.saltlen == 0 ? "-" :
- bin2hex(n.salt, n.saltlen)),
- base32hex_encode(n.next, n.nextlen),
- bitmap2human(n.bitmap, n.bitmap_len));
- }
- } else {
-
- fill_nsec3(db, convert_name(name, namelen), "nsec3", dnsttl,
- n.algorithm, n.flags, n.iterations,
- (n.saltlen == 0 ? "-" : bin2hex(n.salt, n.saltlen)),
- base32hex_encode(n.next, n.nextlen),
+ if (f != NULL) {
+ fprintf(f, "%u,%u,%u,\"%s\",\"%s\",\"%s\"\n", n.algorithm,
+ n.flags, n.iterations,
+ (n.saltlen == 0 ? "-" :
+ bin2hex(n.salt, n.saltlen)),
+ base32hex_encode(n.next, n.nextlen),
bitmap2human(n.bitmap, n.bitmap_len));
-
}
if (ctx != NULL)
@@ -804,7 +760,7 @@ raxfr_nsec3(FILE *f, u_char *p, u_char *estart, u_char
}
int
-raxfr_nsec3param(FILE *f, u_char *p, u_char *estart, u_char *end, struct soa *mysoa, u_int16_t rdlen, HMAC_CTX *ctx, char *name, int namelen, uint32_t dnsttl, ddDB *db)
+raxfr_nsec3param(FILE *f, u_char *p, u_char *estart, u_char *end, struct soa *mysoa, u_int16_t rdlen, HMAC_CTX *ctx)
{
struct nsec3param np;
u_int16_t iter;
@@ -827,15 +783,9 @@ raxfr_nsec3param(FILE *f, u_char *p, u_char *estart, u
hex = bin2hex(np.salt, np.saltlen);
- if (name == NULL) {
- if (f != NULL) {
- fprintf(f, "%u,%u,%u,\"%s\"\n", np.algorithm, np.flags,
- np.iterations,
- (np.saltlen == 0 ? "-" : bin2hex(np.salt, np.saltlen)));
- }
- } else {
- fill_nsec3param(db, convert_name(name, namelen), "nsec3param",
- dnsttl, np.algorithm, np.flags, np.iterations,
+ if (f != NULL) {
+ fprintf(f, "%u,%u,%u,\"%s\"\n", np.algorithm, np.flags,
+ np.iterations,
(np.saltlen == 0 ? "-" : bin2hex(np.salt, np.saltlen)));
}
@@ -847,7 +797,7 @@ raxfr_nsec3param(FILE *f, u_char *p, u_char *estart, u
int
-raxfr_txt(FILE *f, u_char *p, u_char *estart, u_char *end, struct soa *mysoa, u_int16_t rdlen, HMAC_CTX *ctx,char *name, int namelen, uint32_t dnsttl, ddDB *db)
+raxfr_txt(FILE *f, u_char *p, u_char *estart, u_char *end, struct soa *mysoa, u_int16_t rdlen, HMAC_CTX *ctx)
{
u_int8_t len;
int i;
@@ -878,7 +828,7 @@ raxfr_txt(FILE *f, u_char *p, u_char *estart, u_char *
}
int
-raxfr_ns(FILE *f, u_char *p, u_char *estart, u_char *end, struct soa *mysoa, u_int16_t rdlen, HMAC_CTX *ctx, char *name, int namelen, uint32_t dnsttl, ddDB *db)
+raxfr_ns(FILE *f, u_char *p, u_char *estart, u_char *end, struct soa *mysoa, u_int16_t rdlen, HMAC_CTX *ctx)
{
char *save, *humanname;
u_char *q = p;
@@ -900,16 +850,11 @@ raxfr_ns(FILE *f, u_char *p, u_char *estart, u_char *e
return -1;
}
- if (name == NULL) {
- if (f != NULL) {
- if (*humanname == '\0')
- fprintf(f, ".\n");
- else
- fprintf(f, "%s\n", humanname);
- }
- } else {
- fill_ns(db, convert_name(name, namelen), "ns", dnsttl,
- (*humanname == '\0' ? "." : humanname));
+ if (f != NULL) {
+ if (*humanname == '\0')
+ fprintf(f, ".\n");
+ else
+ fprintf(f, "%s\n", humanname);
}
free(humanname);
@@ -922,14 +867,14 @@ raxfr_ns(FILE *f, u_char *p, u_char *estart, u_char *e
}
int
-raxfr_cname(FILE *f, u_char *p, u_char *estart, u_char *end, struct soa *mysoa, u_int16_t rdlen, HMAC_CTX *ctx, char *name, int namelen, uint32_t dnsttl, ddDB *db)
+raxfr_cname(FILE *f, u_char *p, u_char *estart, u_char *end, struct soa *mysoa, u_int16_t rdlen, HMAC_CTX *ctx)
{
- return (raxfr_ns(f, p, estart, end, mysoa, rdlen, ctx, name, namelen, dnsttl, db));
+ return (raxfr_ns(f, p, estart, end, mysoa, rdlen, ctx));
}
int
-raxfr_aaaa(FILE *f, u_char *p, u_char *estart, u_char *end, struct soa *mysoa, u_int16_t rdlen, HMAC_CTX *ctx, char *name, int namelen, uint32_t dnsttl, ddDB *db)
+raxfr_aaaa(FILE *f, u_char *p, u_char *estart, u_char *end, struct soa *mysoa, u_int16_t rdlen, HMAC_CTX *ctx)
{
char buf[INET6_ADDRSTRLEN];
struct in6_addr ia;
@@ -939,13 +884,8 @@ raxfr_aaaa(FILE *f, u_char *p, u_char *estart, u_char
unpack((char *)&ia, p, sizeof(struct in6_addr));
inet_ntop(AF_INET6, &ia, buf, sizeof(buf));
- if (name == NULL) {
- if (f != NULL)
- fprintf(f, "%s\n", buf);
- } else {
- fill_aaaa(db, convert_name(name, namelen), "aaaa", dnsttl,
- buf);
- }
+ if (f != NULL)
+ fprintf(f, "%s\n", buf);
p += sizeof(ia);
@@ -956,7 +896,7 @@ raxfr_aaaa(FILE *f, u_char *p, u_char *estart, u_char
}
int
-raxfr_a(FILE *f, u_char *p, u_char *estart, u_char *end, struct soa *mysoa, u_int16_t rdlen, HMAC_CTX *ctx, char *name, int namelen, uint32_t dnsttl, ddDB *db)
+raxfr_a(FILE *f, u_char *p, u_char *estart, u_char *end, struct soa *mysoa, u_int16_t rdlen, HMAC_CTX *ctx)
{
char buf[INET_ADDRSTRLEN];
struct in_addr ia;
@@ -967,12 +907,8 @@ raxfr_a(FILE *f, u_char *p, u_char *estart, u_char *en
inet_ntop(AF_INET, &ia, buf, sizeof(buf));
- if (name == NULL) {
- if (f != NULL)
- fprintf(f, "%s\n", buf);
- } else {
- fill_a(db, convert_name(name, namelen), "a", dnsttl, buf);
- }
+ if (f != NULL)
+ fprintf(f, "%s\n", buf);
p += sizeof(ia);
@@ -983,7 +919,7 @@ raxfr_a(FILE *f, u_char *p, u_char *estart, u_char *en
}
int
-raxfr_tlsa(FILE *f, u_char *p, u_char *estart, u_char *end, struct soa *mysoa, u_int16_t rdlen, HMAC_CTX *ctx, char *name, int namelen, uint32_t dnsttl, ddDB *db)
+raxfr_tlsa(FILE *f, u_char *p, u_char *estart, u_char *end, struct soa *mysoa, u_int16_t rdlen, HMAC_CTX *ctx)
{
struct tlsa t;
u_char *q = p;
@@ -1006,15 +942,9 @@ raxfr_tlsa(FILE *f, u_char *p, u_char *estart, u_char
memcpy(&t.data, p, t.datalen);
p += t.datalen;
- if (name == NULL) {
- if (f != NULL) {
- fprintf(f, "%u,%u,%u,\"%s\"\n", t.usage, t.selector,
- t.matchtype, bin2hex(t.data, t.datalen));
- }
- } else {
- fill_tlsa(db, convert_name(name, namelen), "tlsa", dnsttl,
- t.usage, t.selector, t.matchtype,
- bin2hex(t.data, t.datalen));
+ if (f != NULL) {
+ fprintf(f, "%u,%u,%u,\"%s\"\n", t.usage, t.selector,
+ t.matchtype, bin2hex(t.data, t.datalen));
}
if (ctx != NULL)
@@ -1024,7 +954,7 @@ raxfr_tlsa(FILE *f, u_char *p, u_char *estart, u_char
}
int
-raxfr_srv(FILE *f, u_char *p, u_char *estart, u_char *end, struct soa *mysoa, u_int16_t rdlen, HMAC_CTX *ctx, char *name, int namelen, uint32_t dnsttl, ddDB *db)
+raxfr_srv(FILE *f, u_char *p, u_char *estart, u_char *end, struct soa *mysoa, u_int16_t rdlen, HMAC_CTX *ctx)
{
u_int16_t tmp16;
struct srv s;
@@ -1061,17 +991,12 @@ raxfr_srv(FILE *f, u_char *p, u_char *estart, u_char *
return -1;
}
- if (name == NULL) {
- if (f != NULL) {
- if (*humanname == '\0')
- fprintf(f, "%u,%u,%u,.\n", s.priority, s.weight, s.port);
- else
- fprintf(f, "%u,%u,%u,%s\n", s.priority, s.weight,
- s.port, humanname);
- }
- } else {
- fill_srv(db, convert_name(name, namelen), "srv", dnsttl,
- s.priority, s.weight, s.port, humanname);
+ if (f != NULL) {
+ if (*humanname == '\0')
+ fprintf(f, "%u,%u,%u,.\n", s.priority, s.weight, s.port);
+ else
+ fprintf(f, "%u,%u,%u,%s\n", s.priority, s.weight,
+ s.port, humanname);
}
free(humanname);
@@ -1083,7 +1008,7 @@ raxfr_srv(FILE *f, u_char *p, u_char *estart, u_char *
}
int
-raxfr_naptr(FILE *f, u_char *p, u_char *estart, u_char *end, struct soa *mysoa, u_int16_t rdlen, HMAC_CTX *ctx, char *name, int namelen, uint32_t dnsttl, ddDB *db)
+raxfr_naptr(FILE *f, u_char *p, u_char *estart, u_char *end, struct soa *mysoa, u_int16_t rdlen, HMAC_CTX *ctx)
{
u_int16_t tmp16;
struct naptr n;
@@ -1410,14 +1335,12 @@ replicantloop(ddDB *db, struct imsgbuf *ibuf)
if (rrset == NULL) {
dolog(LOG_INFO, "%s has no SOA, removing zone from replicant engine\n", lrz->zonename);
SLIST_REMOVE(&rzones, lrz, rzone, rzone_entry);
- free(rbt);
continue;
}
rrp = TAILQ_FIRST(&rrset->rr_head);
if (rrp == NULL) {
dolog(LOG_INFO, "SOA record corrupted for zone %s, removing zone from replicant engine\n", lrz->zonename);
SLIST_REMOVE(&rzones, lrz, rzone, rzone_entry);
- free(rbt);
continue;
}
@@ -1433,7 +1356,6 @@ replicantloop(ddDB *db, struct imsgbuf *ibuf)
zonecount++;
tot_refresh += lrz->soa.refresh;
- free(rbt);
}
period = (tot_refresh / zonecount) / zonecount;
@@ -2119,7 +2041,7 @@ get_remote_soa(struct rzone *rzone)
} else {
for (sr = supported; sr->rrtype != 0; sr++) {
if (rrtype == sr->rrtype) {
- if ((len = (*sr->raxfr)(f, p, estart, end, &mysoa, rdlen, (dotsig == 1) ? ctx : NULL, NULL, 0, 0, NULL)) < 0) {
+ if ((len = (*sr->raxfr)(f, p, estart, end, &mysoa, rdlen, (dotsig == 1) ? ctx : NULL)) < 0) {
dolog(LOG_INFO, "error with rrtype %d\n", sr->rrtype);
close(so);
free(reply); free(dupreply);
blob - b2a706e6f94b040f539d8656994f92ab29800b9b
blob + 6018104cb3cc57ad88b0fa9008026158505b166d
--- reply.c
+++ reply.c
@@ -27,7 +27,7 @@
*/
/*
- * $Id: reply.c,v 1.104 2020/07/06 07:17:40 pjp Exp $
+ * $Id: reply.c,v 1.105 2020/07/08 12:29:02 pjp Exp $
*/
#include <sys/types.h>
@@ -1984,13 +1984,9 @@ reply_mx(struct sreply *sreply, ddDB *db)
outlen = tmplen;
}
- free(rbt0);
rbt0 = NULL;
}
- if (rbt0)
- free(rbt0);
-
addiscount = 0;
rbt0 = find_rrset(db, ad0->name, ad0->namelen);
if (rbt0 != NULL && find_rr(rbt0, DNS_TYPE_A) != NULL) {
@@ -2035,12 +2031,9 @@ reply_mx(struct sreply *sreply, ddDB *db)
outlen = tmplen;
}
- free(rbt0);
rbt0 = NULL;
}
- if (rbt0)
- free(rbt0);
}
out:
@@ -2151,7 +2144,6 @@ reply_ns(struct sreply *sreply, ddDB *db)
rbt1 = get_ns(db, rbt, &delegation);
if ((rrset = find_rr(rbt, DNS_TYPE_NS)) == NULL) {
- free(rbt1);
return -1;
}
@@ -2167,7 +2159,6 @@ reply_ns(struct sreply *sreply, ddDB *db)
outlen = sizeof(struct dns_header);
if (len > replysize) {
- free(rbt1);
return (retlen);
}
@@ -2223,7 +2214,6 @@ reply_ns(struct sreply *sreply, ddDB *db)
ad0 = malloc(sizeof(struct addis));
if (ad0 == NULL) {
- free(rbt1);
dolog(LOG_INFO, "malloc: %s\n", strerror(errno));
return -1;
}
@@ -2308,7 +2298,6 @@ reply_ns(struct sreply *sreply, ddDB *db)
} else {
rbt0 = get_soa(db, q);
if (rbt0 == NULL) {
- free(rbt1);
return -1;
}
@@ -2334,17 +2323,12 @@ reply_ns(struct sreply *sreply, ddDB *db)
odh->nsrr += retcount;
HTONS(odh->nsrr);
- free(nrbt);
}
- free(rbt0);
} /* nrbt != NULL */
} /* else tmplen != 0 */
} /* if delegation */
- if (delegation)
- free(rbt1);
-
/* tack on additional A or AAAA records */
SLIST_FOREACH(ad0, &addishead, addis_entries) {
@@ -2390,12 +2374,9 @@ reply_ns(struct sreply *sreply, ddDB *db)
outlen = tmplen;
}
- free(rbt0);
rbt0 = NULL;
}
- if (rbt0)
- free(rbt0);
addiscount = 0;
rbt0 = find_rrset(db, ad0->name, ad0->namelen);
@@ -2441,12 +2422,9 @@ reply_ns(struct sreply *sreply, ddDB *db)
outlen = tmplen;
}
- free(rbt0);
rbt0 = NULL;
}
- if (rbt0)
- free(rbt0);
}
out:
@@ -4814,7 +4792,6 @@ reply_nxdomain(struct sreply *sreply, ddDB *db)
uniq[rruniq++].len = rbt0->zonelen;
tmplen = additional_nsec3(rbt0->zone, rbt0->zonelen, DNS_TYPE_NSEC3, rbt0, reply, replysize, outlen, &retcount, q->aa);
- free (rbt0);
if (tmplen == 0) {
NTOHS(odh->query);
@@ -4849,8 +4826,6 @@ reply_nxdomain(struct sreply *sreply, ddDB *db)
addrec = 1;
}
- free (rbt0);
-
if (tmplen == 0) {
NTOHS(odh->query);
SET_DNS_TRUNCATION(odh);
@@ -4885,7 +4860,6 @@ reply_nxdomain(struct sreply *sreply, ddDB *db)
tmplen = additional_nsec3(rbt0->zone, rbt0->zonelen, DNS_TYPE_NSEC3, rbt0, reply, replysize, outlen, &retcount, q->aa);
addrec = 1;
}
- free (rbt0);
if (tmplen == 0) {
NTOHS(odh->query);
@@ -5540,7 +5514,6 @@ reply_noerror(struct sreply *sreply, ddDB *db)
rbt0 = Lookup_zone(db, q->hdr->name, q->hdr->namelen, DNS_TYPE_NSEC, 0);
if (rbt0 != NULL) {
tmplen = additional_nsec(q->hdr->name, q->hdr->namelen, DNS_TYPE_NSEC, rbt0, reply, replysize, outlen, q->aa);
- free(rbt0);
}
} else if (find_rr(rbt, DNS_TYPE_NSEC3PARAM)) {
rbt0 = find_nsec3_match_qname(q->hdr->name, q->hdr->namelen, rbt, db);
@@ -5551,7 +5524,6 @@ reply_noerror(struct sreply *sreply, ddDB *db)
uniq[rruniq++].len = rbt0->zonelen;
tmplen = additional_nsec3(rbt0->zone, rbt0->zonelen, DNS_TYPE_NSEC3, rbt0, reply, replysize, outlen, &retcount, q->aa);
- free (rbt0);
}
if (tmplen == 0) {
blob - 3364ec4c49499f34cc61a4532fa7e1d570efe11d
blob + dc6dc1b0f007100f3688b49076d3b0cfdf805963
--- sign.c
+++ sign.c
@@ -27,7 +27,7 @@
*/
/*
- * $Id: sign.c,v 1.5 2020/07/06 07:17:40 pjp Exp $
+ * $Id: sign.c,v 1.6 2020/07/08 12:29:02 pjp Exp $
*/
#include <sys/types.h>
@@ -1010,7 +1010,6 @@ dump_db(ddDB *db, FILE *of, char *zonename)
if (rbt->zonelen == rbt0->zonelen &&
memcasecmp(rbt->zone, rbt0->zone, rbt->zonelen) == 0) {
- free(rbt);
continue;
}
@@ -1019,8 +1018,6 @@ dump_db(ddDB *db, FILE *of, char *zonename)
return -1;
}
- free(rbt);
-
j++;
}
@@ -1752,7 +1749,6 @@ calculate_rrsigs(ddDB *db, char *zonename, int expiry,
}
- free(rbt);
j++;
}
@@ -6117,7 +6113,6 @@ construct_nsec3(ddDB *db, char *zone, int iterations,
TAILQ_INSERT_TAIL(&head, n1, entries);
}
- free(rbt);
} /* RB_FOREACH_SAFE */
/* check ENT's which we'll create */
@@ -6179,7 +6174,6 @@ construct_nsec3(ddDB *db, char *zone, int iterations,
} /* if len > rootlen */
- free(rbt);
} /* RB_FOREACH_SAFE */
@@ -6873,12 +6867,10 @@ notglue(ddDB *db, struct rbtree *rbt, char *zonename)
}
if (len > apexlen && find_rr(rbt0, DNS_TYPE_NS) != NULL) {
- free(rbt0);
free(zoneapex);
return 0;
}
- free(rbt0);
} while (*p && len > 0 && ! (len == apexlen && memcasecmp(p, zoneapex, len) == 0));
@@ -6947,6 +6939,5 @@ update_soa_serial(ddDB *db, char *zonename, time_t ser
((struct soa *)rrp->rdata)->serial = serial;
}
- free(rbt0);
}
blob - 771ecdaf40df42380f71ecd02d56d04ee07f1a68
blob + 1bbff3ba479ce6cb6eead1aea13203657ed0bf70
--- util.c
+++ util.c
@@ -27,7 +27,7 @@
*/
/*
- * $Id: util.c,v 1.65 2020/07/06 07:17:40 pjp Exp $
+ * $Id: util.c,v 1.66 2020/07/08 12:29:02 pjp Exp $
*/
#include <sys/types.h>
@@ -137,22 +137,22 @@ extern int check_ent(char *, int);
extern int find_tsig_key(char *, int, char *, int);
extern int mybase64_decode(char const *, u_char *, size_t);
-extern int raxfr_a(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
-extern int raxfr_tlsa(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
-extern int raxfr_srv(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
-extern int raxfr_naptr(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
-extern int raxfr_aaaa(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
-extern int raxfr_cname(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
-extern int raxfr_ns(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
-extern int raxfr_ptr(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
-extern int raxfr_mx(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
-extern int raxfr_txt(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
-extern int raxfr_dnskey(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
-extern int raxfr_rrsig(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
-extern int raxfr_nsec3param(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
-extern int raxfr_nsec3(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
-extern int raxfr_ds(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
-extern int raxfr_sshfp(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *, char *, int, uint32_t, ddDB *);
+extern int raxfr_a(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
+extern int raxfr_tlsa(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
+extern int raxfr_srv(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
+extern int raxfr_naptr(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
+extern int raxfr_aaaa(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
+extern int raxfr_cname(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
+extern int raxfr_ns(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
+extern int raxfr_ptr(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
+extern int raxfr_mx(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
+extern int raxfr_txt(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
+extern int raxfr_dnskey(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
+extern int raxfr_rrsig(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
+extern int raxfr_nsec3param(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
+extern int raxfr_nsec3(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
+extern int raxfr_ds(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
+extern int raxfr_sshfp(FILE *, u_char *, u_char *, u_char *, struct soa *, u_int16_t, HMAC_CTX *);
extern u_int16_t raxfr_skip(FILE *, u_char *, u_char *);
extern int raxfr_soa(FILE *, u_char *, u_char *, u_char *, struct soa *, int, u_int32_t, u_int16_t, HMAC_CTX *);
extern int raxfr_peek(FILE *, u_char *, u_char *, u_char *, int *, int, u_int16_t *, u_int32_t, HMAC_CTX *);
@@ -400,10 +400,8 @@ lookup_zone(ddDB *db, struct question *question, int *
}
if (rbt0->flags & RBT_GLUE) {
- free(rbt);
rbt = rbt0;
} else {
- free(rbt0);
/* answer the delegation */
snprintf(replystring, replystringsize, "%s", rbt->humanname);
*lzerrno = ERR_DELEGATE;
@@ -417,16 +415,9 @@ lookup_zone(ddDB *db, struct question *question, int *
*lzerrno = ERR_NODATA;
*returnval = -1;
- /* stop leakage */
- if (rbt != NULL)
- free(rbt);
-
return NULL;
}
- if (rbt != NULL)
- free(rbt);
-
/*
* We have a condition where a record does not exist but we
* move toward the apex of the record, and there may be
@@ -452,7 +443,6 @@ lookup_zone(ddDB *db, struct question *question, int *
return (rbt);
}
- free(rbt);
}
}
if (forward)
@@ -521,7 +511,6 @@ get_soa(ddDB *db, struct question *question)
p = (p + (*p + 1));
}
- free(rbt);
} while (*p);
return (NULL);
@@ -562,7 +551,6 @@ get_ns(ddDB *db, struct rbtree *rbt, int *delegation)
if ((rrset = find_rr(rbt0, DNS_TYPE_SOA)) != NULL) {
pack32((char *)delegation, 0);
- free(rbt0);
return (rbt);
}
@@ -586,8 +574,7 @@ Lookup_zone(ddDB *db, char *name, u_int16_t namelen, u
rrset = find_rr(rbt, type);
if (rrset != NULL) {
return (rbt);
- } else
- free(rbt);
+ }
}
return NULL;
@@ -2200,7 +2187,7 @@ lookup_axfr(FILE *f, int so, char *zonename, struct so
} else {
for (sr = supported; sr->rrtype != 0; sr++) {
if (rrtype == sr->rrtype) {
- if ((len = (*sr->raxfr)(f, p, estart, end, mysoa, rdlen, ctx, NULL, 0, 0, NULL)) < 0) {
+ if ((len = (*sr->raxfr)(f, p, estart, end, mysoa, rdlen, ctx)) < 0) {
fprintf(stderr, "error with rrtype %d\n", sr->rrtype);
return -1;
}
repomaster@centroid.eu