1 /*
2 * iterator/iter_delegpt.c - delegation point with NS and address information.
3 *
4 * Copyright (c) 2007, NLnet Labs. All rights reserved.
5 *
6 * This software is open source.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * Redistributions of source code must retain the above copyright notice,
13 * this list of conditions and the following disclaimer.
14 *
15 * Redistributions in binary form must reproduce the above copyright notice,
16 * this list of conditions and the following disclaimer in the documentation
17 * and/or other materials provided with the distribution.
18 *
19 * Neither the name of the NLNET LABS nor the names of its contributors may
20 * be used to endorse or promote products derived from this software without
21 * specific prior written permission.
22 *
23 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
24 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
25 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
26 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
27 * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
28 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
29 * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
30 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
31 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
32 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
33 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
34 */
35
36 /**
37 * \file
38 *
39 * This file implements the Delegation Point. It contains a list of name servers
40 * and their addresses if known.
41 */
42 #include "config.h"
43 #include "iterator/iter_delegpt.h"
44 #include "services/cache/dns.h"
45 #include "util/regional.h"
46 #include "util/data/dname.h"
47 #include "util/data/packed_rrset.h"
48 #include "util/data/msgreply.h"
49 #include "util/net_help.h"
50 #include "sldns/rrdef.h"
51 #include "sldns/sbuffer.h"
52
53 struct delegpt*
delegpt_create(struct regional * region)54 delegpt_create(struct regional* region)
55 {
56 struct delegpt* dp=(struct delegpt*)regional_alloc(
57 region, sizeof(*dp));
58 if(!dp)
59 return NULL;
60 memset(dp, 0, sizeof(*dp));
61 return dp;
62 }
63
delegpt_copy(struct delegpt * dp,struct regional * region)64 struct delegpt* delegpt_copy(struct delegpt* dp, struct regional* region)
65 {
66 struct delegpt* copy = delegpt_create(region);
67 struct delegpt_ns* ns;
68 struct delegpt_addr* a;
69 if(!copy)
70 return NULL;
71 if(!delegpt_set_name(copy, region, dp->name))
72 return NULL;
73 copy->bogus = dp->bogus;
74 copy->has_parent_side_NS = dp->has_parent_side_NS;
75 copy->ssl_upstream = dp->ssl_upstream;
76 copy->tcp_upstream = dp->tcp_upstream;
77 for(ns = dp->nslist; ns; ns = ns->next) {
78 if(!delegpt_add_ns(copy, region, ns->name, ns->lame,
79 ns->tls_auth_name, ns->port))
80 return NULL;
81 copy->nslist->cache_lookup_count = ns->cache_lookup_count;
82 copy->nslist->resolved = ns->resolved;
83 copy->nslist->got4 = ns->got4;
84 copy->nslist->got6 = ns->got6;
85 copy->nslist->done_pside4 = ns->done_pside4;
86 copy->nslist->done_pside6 = ns->done_pside6;
87 }
88 for(a = dp->target_list; a; a = a->next_target) {
89 if(!delegpt_add_addr(copy, region, &a->addr, a->addrlen,
90 a->bogus, a->lame, a->tls_auth_name, -1, NULL))
91 return NULL;
92 }
93 return copy;
94 }
95
96 int
delegpt_set_name(struct delegpt * dp,struct regional * region,uint8_t * name)97 delegpt_set_name(struct delegpt* dp, struct regional* region, uint8_t* name)
98 {
99 log_assert(!dp->dp_type_mlc);
100 dp->namelabs = dname_count_size_labels(name, &dp->namelen);
101 dp->name = regional_alloc_init(region, name, dp->namelen);
102 return dp->name != 0;
103 }
104
105 int
delegpt_add_ns(struct delegpt * dp,struct regional * region,uint8_t * name,uint8_t lame,char * tls_auth_name,int port)106 delegpt_add_ns(struct delegpt* dp, struct regional* region, uint8_t* name,
107 uint8_t lame, char* tls_auth_name, int port)
108 {
109 struct delegpt_ns* ns;
110 size_t len;
111 (void)dname_count_size_labels(name, &len);
112 log_assert(!dp->dp_type_mlc);
113 /* slow check for duplicates to avoid counting failures when
114 * adding the same server as a dependency twice */
115 if(delegpt_find_ns(dp, name, len))
116 return 1;
117 ns = (struct delegpt_ns*)regional_alloc(region,
118 sizeof(struct delegpt_ns));
119 if(!ns)
120 return 0;
121 ns->next = dp->nslist;
122 ns->namelen = len;
123 dp->nslist = ns;
124 ns->name = regional_alloc_init(region, name, ns->namelen);
125 ns->cache_lookup_count = 0;
126 ns->resolved = 0;
127 ns->got4 = 0;
128 ns->got6 = 0;
129 ns->lame = lame;
130 ns->done_pside4 = 0;
131 ns->done_pside6 = 0;
132 ns->port = port;
133 if(tls_auth_name) {
134 ns->tls_auth_name = regional_strdup(region, tls_auth_name);
135 if(!ns->tls_auth_name)
136 return 0;
137 } else {
138 ns->tls_auth_name = NULL;
139 }
140 return ns->name != 0;
141 }
142
143 struct delegpt_ns*
delegpt_find_ns(struct delegpt * dp,uint8_t * name,size_t namelen)144 delegpt_find_ns(struct delegpt* dp, uint8_t* name, size_t namelen)
145 {
146 struct delegpt_ns* p = dp->nslist;
147 while(p) {
148 if(namelen == p->namelen &&
149 query_dname_compare(name, p->name) == 0) {
150 return p;
151 }
152 p = p->next;
153 }
154 return NULL;
155 }
156
157 struct delegpt_addr*
delegpt_find_addr(struct delegpt * dp,struct sockaddr_storage * addr,socklen_t addrlen)158 delegpt_find_addr(struct delegpt* dp, struct sockaddr_storage* addr,
159 socklen_t addrlen)
160 {
161 struct delegpt_addr* p = dp->target_list;
162 while(p) {
163 if(sockaddr_cmp_addr(addr, addrlen, &p->addr, p->addrlen)==0
164 && ((struct sockaddr_in*)addr)->sin_port ==
165 ((struct sockaddr_in*)&p->addr)->sin_port) {
166 return p;
167 }
168 p = p->next_target;
169 }
170 return NULL;
171 }
172
173 int
delegpt_add_target(struct delegpt * dp,struct regional * region,uint8_t * name,size_t namelen,struct sockaddr_storage * addr,socklen_t addrlen,uint8_t bogus,uint8_t lame,int * additions)174 delegpt_add_target(struct delegpt* dp, struct regional* region,
175 uint8_t* name, size_t namelen, struct sockaddr_storage* addr,
176 socklen_t addrlen, uint8_t bogus, uint8_t lame, int* additions)
177 {
178 struct delegpt_ns* ns = delegpt_find_ns(dp, name, namelen);
179 log_assert(!dp->dp_type_mlc);
180 if(!ns) {
181 /* ignore it */
182 return 1;
183 }
184 if(!lame) {
185 if(addr_is_ip6(addr, addrlen))
186 ns->got6 = 1;
187 else ns->got4 = 1;
188 if(ns->got4 && ns->got6)
189 ns->resolved = 1;
190 } else {
191 if(addr_is_ip6(addr, addrlen))
192 ns->done_pside6 = 1;
193 else ns->done_pside4 = 1;
194 }
195 log_assert(ns->port>0);
196 return delegpt_add_addr(dp, region, addr, addrlen, bogus, lame,
197 ns->tls_auth_name, ns->port, additions);
198 }
199
200 int
delegpt_add_addr(struct delegpt * dp,struct regional * region,struct sockaddr_storage * addr,socklen_t addrlen,uint8_t bogus,uint8_t lame,char * tls_auth_name,int port,int * additions)201 delegpt_add_addr(struct delegpt* dp, struct regional* region,
202 struct sockaddr_storage* addr, socklen_t addrlen, uint8_t bogus,
203 uint8_t lame, char* tls_auth_name, int port, int* additions)
204 {
205 struct delegpt_addr* a;
206 log_assert(!dp->dp_type_mlc);
207 if(port != -1) {
208 log_assert(port>0);
209 sockaddr_store_port(addr, addrlen, port);
210 }
211 /* check for duplicates */
212 if((a = delegpt_find_addr(dp, addr, addrlen))) {
213 if(bogus)
214 a->bogus = bogus;
215 if(!lame)
216 a->lame = 0;
217 return 1;
218 }
219 if(additions)
220 *additions = 1;
221
222 a = (struct delegpt_addr*)regional_alloc(region,
223 sizeof(struct delegpt_addr));
224 if(!a)
225 return 0;
226 a->next_target = dp->target_list;
227 dp->target_list = a;
228 a->next_result = 0;
229 a->next_usable = dp->usable_list;
230 dp->usable_list = a;
231 memcpy(&a->addr, addr, addrlen);
232 a->addrlen = addrlen;
233 a->attempts = 0;
234 a->bogus = bogus;
235 a->lame = lame;
236 a->dnsseclame = 0;
237 if(tls_auth_name) {
238 a->tls_auth_name = regional_strdup(region, tls_auth_name);
239 if(!a->tls_auth_name)
240 return 0;
241 } else {
242 a->tls_auth_name = NULL;
243 }
244 return 1;
245 }
246
247 void
delegpt_count_ns(struct delegpt * dp,size_t * numns,size_t * missing)248 delegpt_count_ns(struct delegpt* dp, size_t* numns, size_t* missing)
249 {
250 struct delegpt_ns* ns;
251 *numns = 0;
252 *missing = 0;
253 for(ns = dp->nslist; ns; ns = ns->next) {
254 (*numns)++;
255 if(!ns->resolved)
256 (*missing)++;
257 }
258 }
259
260 void
delegpt_count_addr(struct delegpt * dp,size_t * numaddr,size_t * numres,size_t * numavail)261 delegpt_count_addr(struct delegpt* dp, size_t* numaddr, size_t* numres,
262 size_t* numavail)
263 {
264 struct delegpt_addr* a;
265 *numaddr = 0;
266 *numres = 0;
267 *numavail = 0;
268 for(a = dp->target_list; a; a = a->next_target) {
269 (*numaddr)++;
270 }
271 for(a = dp->result_list; a; a = a->next_result) {
272 (*numres)++;
273 }
274 for(a = dp->usable_list; a; a = a->next_usable) {
275 (*numavail)++;
276 }
277 }
278
delegpt_log(enum verbosity_value v,struct delegpt * dp)279 void delegpt_log(enum verbosity_value v, struct delegpt* dp)
280 {
281 char buf[LDNS_MAX_DOMAINLEN+1];
282 struct delegpt_ns* ns;
283 struct delegpt_addr* a;
284 size_t missing=0, numns=0, numaddr=0, numres=0, numavail=0;
285 if(verbosity < v)
286 return;
287 dname_str(dp->name, buf);
288 if(dp->nslist == NULL && dp->target_list == NULL) {
289 log_info("DelegationPoint<%s>: empty", buf);
290 return;
291 }
292 delegpt_count_ns(dp, &numns, &missing);
293 delegpt_count_addr(dp, &numaddr, &numres, &numavail);
294 log_info("DelegationPoint<%s>: %u names (%u missing), "
295 "%u addrs (%u result, %u avail)%s",
296 buf, (unsigned)numns, (unsigned)missing,
297 (unsigned)numaddr, (unsigned)numres, (unsigned)numavail,
298 (dp->has_parent_side_NS?" parentNS":" cacheNS"));
299 if(verbosity >= VERB_ALGO) {
300 for(ns = dp->nslist; ns; ns = ns->next) {
301 dname_str(ns->name, buf);
302 log_info(" %s %s%s%s%s%s%s%s", buf,
303 (ns->resolved?"*":""),
304 (ns->got4?" A":""), (ns->got6?" AAAA":""),
305 (dp->bogus?" BOGUS":""), (ns->lame?" PARENTSIDE":""),
306 (ns->done_pside4?" PSIDE_A":""),
307 (ns->done_pside6?" PSIDE_AAAA":""));
308 }
309 for(a = dp->target_list; a; a = a->next_target) {
310 char s[128];
311 const char* str = " ";
312 if(a->bogus && a->lame) str = " BOGUS ADDR_LAME ";
313 else if(a->bogus) str = " BOGUS ";
314 else if(a->lame) str = " ADDR_LAME ";
315 if(a->tls_auth_name)
316 snprintf(s, sizeof(s), "%s[%s]", str,
317 a->tls_auth_name);
318 else snprintf(s, sizeof(s), "%s", str);
319 log_addr(VERB_ALGO, s, &a->addr, a->addrlen);
320 }
321 }
322 }
323
324 void
delegpt_add_unused_targets(struct delegpt * dp)325 delegpt_add_unused_targets(struct delegpt* dp)
326 {
327 struct delegpt_addr* usa = dp->usable_list;
328 dp->usable_list = NULL;
329 while(usa) {
330 usa->next_result = dp->result_list;
331 dp->result_list = usa;
332 usa = usa->next_usable;
333 }
334 }
335
336 size_t
delegpt_count_targets(struct delegpt * dp)337 delegpt_count_targets(struct delegpt* dp)
338 {
339 struct delegpt_addr* a;
340 size_t n = 0;
341 for(a = dp->target_list; a; a = a->next_target)
342 n++;
343 return n;
344 }
345
346 size_t
delegpt_count_missing_targets(struct delegpt * dp,int * alllame)347 delegpt_count_missing_targets(struct delegpt* dp, int* alllame)
348 {
349 struct delegpt_ns* ns;
350 size_t n = 0, nlame = 0;
351 for(ns = dp->nslist; ns; ns = ns->next) {
352 if(ns->resolved) continue;
353 n++;
354 if(ns->lame) nlame++;
355 }
356 if(alllame && n == nlame) *alllame = 1;
357 return n;
358 }
359
360 /** find NS rrset in given list */
361 static struct ub_packed_rrset_key*
find_NS(struct reply_info * rep,size_t from,size_t to)362 find_NS(struct reply_info* rep, size_t from, size_t to)
363 {
364 size_t i;
365 for(i=from; i<to; i++) {
366 if(ntohs(rep->rrsets[i]->rk.type) == LDNS_RR_TYPE_NS)
367 return rep->rrsets[i];
368 }
369 return NULL;
370 }
371
372 struct delegpt*
delegpt_from_message(struct dns_msg * msg,struct regional * region)373 delegpt_from_message(struct dns_msg* msg, struct regional* region)
374 {
375 struct ub_packed_rrset_key* ns_rrset = NULL;
376 struct delegpt* dp;
377 size_t i;
378 /* look for NS records in the authority section... */
379 ns_rrset = find_NS(msg->rep, msg->rep->an_numrrsets,
380 msg->rep->an_numrrsets+msg->rep->ns_numrrsets);
381
382 /* In some cases (even legitimate, perfectly legal cases), the
383 * NS set for the "referral" might be in the answer section. */
384 if(!ns_rrset)
385 ns_rrset = find_NS(msg->rep, 0, msg->rep->an_numrrsets);
386
387 /* If there was no NS rrset in the authority section, then this
388 * wasn't a referral message. (It might not actually be a
389 * referral message anyway) */
390 if(!ns_rrset)
391 return NULL;
392
393 /* If we found any, then Yay! we have a delegation point. */
394 dp = delegpt_create(region);
395 if(!dp)
396 return NULL;
397 dp->has_parent_side_NS = 1; /* created from message */
398 if(!delegpt_set_name(dp, region, ns_rrset->rk.dname))
399 return NULL;
400 if(!delegpt_rrset_add_ns(dp, region, ns_rrset, 0))
401 return NULL;
402
403 /* add glue, A and AAAA in answer and additional section */
404 for(i=0; i<msg->rep->rrset_count; i++) {
405 struct ub_packed_rrset_key* s = msg->rep->rrsets[i];
406 /* skip auth section. FIXME really needed?*/
407 if(msg->rep->an_numrrsets <= i &&
408 i < (msg->rep->an_numrrsets+msg->rep->ns_numrrsets))
409 continue;
410
411 if(ntohs(s->rk.type) == LDNS_RR_TYPE_A) {
412 if(!delegpt_add_rrset_A(dp, region, s, 0, NULL))
413 return NULL;
414 } else if(ntohs(s->rk.type) == LDNS_RR_TYPE_AAAA) {
415 if(!delegpt_add_rrset_AAAA(dp, region, s, 0, NULL))
416 return NULL;
417 }
418 }
419 return dp;
420 }
421
422 int
delegpt_rrset_add_ns(struct delegpt * dp,struct regional * region,struct ub_packed_rrset_key * ns_rrset,uint8_t lame)423 delegpt_rrset_add_ns(struct delegpt* dp, struct regional* region,
424 struct ub_packed_rrset_key* ns_rrset, uint8_t lame)
425 {
426 struct packed_rrset_data* nsdata = (struct packed_rrset_data*)
427 ns_rrset->entry.data;
428 size_t i;
429 log_assert(!dp->dp_type_mlc);
430 if(nsdata->security == sec_status_bogus)
431 dp->bogus = 1;
432 for(i=0; i<nsdata->count; i++) {
433 if(nsdata->rr_len[i] < 2+1) continue; /* len + root label */
434 if(dname_valid(nsdata->rr_data[i]+2, nsdata->rr_len[i]-2) !=
435 (size_t)sldns_read_uint16(nsdata->rr_data[i]))
436 continue; /* bad format */
437 /* add rdata of NS (= wirefmt dname), skip rdatalen bytes */
438 if(!delegpt_add_ns(dp, region, nsdata->rr_data[i]+2, lame,
439 NULL, UNBOUND_DNS_PORT))
440 return 0;
441 }
442 return 1;
443 }
444
445 int
delegpt_add_rrset_A(struct delegpt * dp,struct regional * region,struct ub_packed_rrset_key * ak,uint8_t lame,int * additions)446 delegpt_add_rrset_A(struct delegpt* dp, struct regional* region,
447 struct ub_packed_rrset_key* ak, uint8_t lame, int* additions)
448 {
449 struct packed_rrset_data* d=(struct packed_rrset_data*)ak->entry.data;
450 size_t i;
451 struct sockaddr_in sa;
452 socklen_t len = (socklen_t)sizeof(sa);
453 log_assert(!dp->dp_type_mlc);
454 memset(&sa, 0, len);
455 sa.sin_family = AF_INET;
456 for(i=0; i<d->count; i++) {
457 if(d->rr_len[i] != 2 + INET_SIZE)
458 continue;
459 memmove(&sa.sin_addr, d->rr_data[i]+2, INET_SIZE);
460 if(!delegpt_add_target(dp, region, ak->rk.dname,
461 ak->rk.dname_len, (struct sockaddr_storage*)&sa,
462 len, (d->security==sec_status_bogus), lame, additions))
463 return 0;
464 }
465 return 1;
466 }
467
468 int
delegpt_add_rrset_AAAA(struct delegpt * dp,struct regional * region,struct ub_packed_rrset_key * ak,uint8_t lame,int * additions)469 delegpt_add_rrset_AAAA(struct delegpt* dp, struct regional* region,
470 struct ub_packed_rrset_key* ak, uint8_t lame, int* additions)
471 {
472 struct packed_rrset_data* d=(struct packed_rrset_data*)ak->entry.data;
473 size_t i;
474 struct sockaddr_in6 sa;
475 socklen_t len = (socklen_t)sizeof(sa);
476 log_assert(!dp->dp_type_mlc);
477 memset(&sa, 0, len);
478 sa.sin6_family = AF_INET6;
479 for(i=0; i<d->count; i++) {
480 if(d->rr_len[i] != 2 + INET6_SIZE) /* rdatalen + len of IP6 */
481 continue;
482 memmove(&sa.sin6_addr, d->rr_data[i]+2, INET6_SIZE);
483 if(!delegpt_add_target(dp, region, ak->rk.dname,
484 ak->rk.dname_len, (struct sockaddr_storage*)&sa,
485 len, (d->security==sec_status_bogus), lame, additions))
486 return 0;
487 }
488 return 1;
489 }
490
491 int
delegpt_add_rrset(struct delegpt * dp,struct regional * region,struct ub_packed_rrset_key * rrset,uint8_t lame,int * additions)492 delegpt_add_rrset(struct delegpt* dp, struct regional* region,
493 struct ub_packed_rrset_key* rrset, uint8_t lame, int* additions)
494 {
495 if(!rrset)
496 return 1;
497 if(ntohs(rrset->rk.type) == LDNS_RR_TYPE_NS)
498 return delegpt_rrset_add_ns(dp, region, rrset, lame);
499 else if(ntohs(rrset->rk.type) == LDNS_RR_TYPE_A)
500 return delegpt_add_rrset_A(dp, region, rrset, lame, additions);
501 else if(ntohs(rrset->rk.type) == LDNS_RR_TYPE_AAAA)
502 return delegpt_add_rrset_AAAA(dp, region, rrset, lame,
503 additions);
504 log_warn("Unknown rrset type added to delegpt");
505 return 1;
506 }
507
delegpt_mark_neg(struct delegpt_ns * ns,uint16_t qtype)508 void delegpt_mark_neg(struct delegpt_ns* ns, uint16_t qtype)
509 {
510 if(ns) {
511 if(qtype == LDNS_RR_TYPE_A)
512 ns->got4 = 2;
513 else if(qtype == LDNS_RR_TYPE_AAAA)
514 ns->got6 = 2;
515 if(ns->got4 && ns->got6)
516 ns->resolved = 1;
517 }
518 }
519
delegpt_add_neg_msg(struct delegpt * dp,struct msgreply_entry * msg)520 void delegpt_add_neg_msg(struct delegpt* dp, struct msgreply_entry* msg)
521 {
522 struct reply_info* rep = (struct reply_info*)msg->entry.data;
523 if(!rep) return;
524
525 /* if error or no answers */
526 if(FLAGS_GET_RCODE(rep->flags) != 0 || rep->an_numrrsets == 0) {
527 struct delegpt_ns* ns = delegpt_find_ns(dp, msg->key.qname,
528 msg->key.qname_len);
529 delegpt_mark_neg(ns, msg->key.qtype);
530 }
531 }
532
delegpt_no_ipv6(struct delegpt * dp)533 void delegpt_no_ipv6(struct delegpt* dp)
534 {
535 struct delegpt_ns* ns;
536 for(ns = dp->nslist; ns; ns = ns->next) {
537 /* no ipv6, so only ipv4 is enough to resolve a nameserver */
538 if(ns->got4)
539 ns->resolved = 1;
540 }
541 }
542
delegpt_no_ipv4(struct delegpt * dp)543 void delegpt_no_ipv4(struct delegpt* dp)
544 {
545 struct delegpt_ns* ns;
546 for(ns = dp->nslist; ns; ns = ns->next) {
547 /* no ipv4, so only ipv6 is enough to resolve a nameserver */
548 if(ns->got6)
549 ns->resolved = 1;
550 }
551 }
552
delegpt_create_mlc(uint8_t * name)553 struct delegpt* delegpt_create_mlc(uint8_t* name)
554 {
555 struct delegpt* dp=(struct delegpt*)calloc(1, sizeof(*dp));
556 if(!dp)
557 return NULL;
558 dp->dp_type_mlc = 1;
559 if(name) {
560 dp->namelabs = dname_count_size_labels(name, &dp->namelen);
561 dp->name = memdup(name, dp->namelen);
562 if(!dp->name) {
563 free(dp);
564 return NULL;
565 }
566 }
567 return dp;
568 }
569
delegpt_free_mlc(struct delegpt * dp)570 void delegpt_free_mlc(struct delegpt* dp)
571 {
572 struct delegpt_ns* n, *nn;
573 struct delegpt_addr* a, *na;
574 if(!dp) return;
575 log_assert(dp->dp_type_mlc);
576 n = dp->nslist;
577 while(n) {
578 nn = n->next;
579 free(n->name);
580 free(n->tls_auth_name);
581 free(n);
582 n = nn;
583 }
584 a = dp->target_list;
585 while(a) {
586 na = a->next_target;
587 free(a->tls_auth_name);
588 free(a);
589 a = na;
590 }
591 free(dp->name);
592 free(dp);
593 }
594
delegpt_set_name_mlc(struct delegpt * dp,uint8_t * name)595 int delegpt_set_name_mlc(struct delegpt* dp, uint8_t* name)
596 {
597 log_assert(dp->dp_type_mlc);
598 dp->namelabs = dname_count_size_labels(name, &dp->namelen);
599 dp->name = memdup(name, dp->namelen);
600 return (dp->name != NULL);
601 }
602
delegpt_add_ns_mlc(struct delegpt * dp,uint8_t * name,uint8_t lame,char * tls_auth_name,int port)603 int delegpt_add_ns_mlc(struct delegpt* dp, uint8_t* name, uint8_t lame,
604 char* tls_auth_name, int port)
605 {
606 struct delegpt_ns* ns;
607 size_t len;
608 (void)dname_count_size_labels(name, &len);
609 log_assert(dp->dp_type_mlc);
610 /* slow check for duplicates to avoid counting failures when
611 * adding the same server as a dependency twice */
612 if(delegpt_find_ns(dp, name, len))
613 return 1;
614 ns = (struct delegpt_ns*)malloc(sizeof(struct delegpt_ns));
615 if(!ns)
616 return 0;
617 ns->namelen = len;
618 ns->name = memdup(name, ns->namelen);
619 if(!ns->name) {
620 free(ns);
621 return 0;
622 }
623 ns->next = dp->nslist;
624 dp->nslist = ns;
625 ns->cache_lookup_count = 0;
626 ns->resolved = 0;
627 ns->got4 = 0;
628 ns->got6 = 0;
629 ns->lame = (uint8_t)lame;
630 ns->done_pside4 = 0;
631 ns->done_pside6 = 0;
632 ns->port = port;
633 if(tls_auth_name) {
634 ns->tls_auth_name = strdup(tls_auth_name);
635 if(!ns->tls_auth_name) {
636 free(ns->name);
637 free(ns);
638 return 0;
639 }
640 } else {
641 ns->tls_auth_name = NULL;
642 }
643 return 1;
644 }
645
delegpt_add_addr_mlc(struct delegpt * dp,struct sockaddr_storage * addr,socklen_t addrlen,uint8_t bogus,uint8_t lame,char * tls_auth_name,int port)646 int delegpt_add_addr_mlc(struct delegpt* dp, struct sockaddr_storage* addr,
647 socklen_t addrlen, uint8_t bogus, uint8_t lame, char* tls_auth_name,
648 int port)
649 {
650 struct delegpt_addr* a;
651 log_assert(dp->dp_type_mlc);
652 if(port != -1) {
653 log_assert(port>0);
654 sockaddr_store_port(addr, addrlen, port);
655 }
656 /* check for duplicates */
657 if((a = delegpt_find_addr(dp, addr, addrlen))) {
658 if(bogus)
659 a->bogus = bogus;
660 if(!lame)
661 a->lame = 0;
662 return 1;
663 }
664
665 a = (struct delegpt_addr*)malloc(sizeof(struct delegpt_addr));
666 if(!a)
667 return 0;
668 a->next_target = dp->target_list;
669 dp->target_list = a;
670 a->next_result = 0;
671 a->next_usable = dp->usable_list;
672 dp->usable_list = a;
673 memcpy(&a->addr, addr, addrlen);
674 a->addrlen = addrlen;
675 a->attempts = 0;
676 a->bogus = bogus;
677 a->lame = lame;
678 a->dnsseclame = 0;
679 if(tls_auth_name) {
680 a->tls_auth_name = strdup(tls_auth_name);
681 if(!a->tls_auth_name) {
682 free(a);
683 return 0;
684 }
685 } else {
686 a->tls_auth_name = NULL;
687 }
688 return 1;
689 }
690
delegpt_add_target_mlc(struct delegpt * dp,uint8_t * name,size_t namelen,struct sockaddr_storage * addr,socklen_t addrlen,uint8_t bogus,uint8_t lame)691 int delegpt_add_target_mlc(struct delegpt* dp, uint8_t* name, size_t namelen,
692 struct sockaddr_storage* addr, socklen_t addrlen, uint8_t bogus,
693 uint8_t lame)
694 {
695 struct delegpt_ns* ns = delegpt_find_ns(dp, name, namelen);
696 log_assert(dp->dp_type_mlc);
697 if(!ns) {
698 /* ignore it */
699 return 1;
700 }
701 if(!lame) {
702 if(addr_is_ip6(addr, addrlen))
703 ns->got6 = 1;
704 else ns->got4 = 1;
705 if(ns->got4 && ns->got6)
706 ns->resolved = 1;
707 } else {
708 if(addr_is_ip6(addr, addrlen))
709 ns->done_pside6 = 1;
710 else ns->done_pside4 = 1;
711 }
712 log_assert(ns->port>0);
713 return delegpt_add_addr_mlc(dp, addr, addrlen, bogus, lame,
714 ns->tls_auth_name, ns->port);
715 }
716
delegpt_get_mem(struct delegpt * dp)717 size_t delegpt_get_mem(struct delegpt* dp)
718 {
719 struct delegpt_ns* ns;
720 size_t s;
721 if(!dp) return 0;
722 s = sizeof(*dp) + dp->namelen +
723 delegpt_count_targets(dp)*sizeof(struct delegpt_addr);
724 for(ns=dp->nslist; ns; ns=ns->next)
725 s += sizeof(*ns)+ns->namelen;
726 return s;
727 }
728